Review of IT security 2025

From ransomware to AI risks

2025 was another intense year for the IT and information security industry. The threats became more diverse, More professional attacks - and the reactions to it required a rethink. Companies, authorities and security teams have made significant progress, but the challenges remain high.

In this review of IT security in 2025, we show the key developments, risks and perhaps also lessons learned from the past year - with facts and figures that illustrate where companies need to be particularly vigilant.

1. the threat situation is intensifying

The same speech over and over again, but unfortunately it's true! A cyberattack can really affect anyone. 

A key feature of 2025 was the increase in professional cyber attacks:

• Ransomware: 6,330 incidents between January and September - an increase of 47 % compared to 2024*.
• DDoS attacks: Botnets with compromised IoT devices generated traffic spikes of over 29 terabits per second**.
• AI-supported attacks: Automated phishing campaigns and deepfakes make it difficult to distinguish between legitimate and malicious actions.

Conclusion

Attackers are becoming faster, more professional and more automated. Companies therefore need to Design resilient and consistently implement defense mechanisms.

2. geopolitics & state-sponsored attacks

It was not only classic cybercrime that shaped 2025 - it was also State-motivated attacks increased:

• Complex malware operations secured long-term access to critical infrastructures.
• International tensions were reflected in cyber activities.
• NATO member states carried out the largest ever simulation of a digital conflict in Tallinn to test hybrid attacks on civilian and military systems.

What do we learn from this?

Cybersecurity is no longer a purely technical issue, but a strategic issue at state and corporate level.

3. supply chains, cloud & third-party risks

In 2025, the Securing supply chains and third-party providers increasingly in focus:

• Attackers exploited vulnerabilities in Third-party components, to penetrate deep into target networks.
• Several high-profile supply chain attacks had a measurable impact on companies in Europe (see SolarWind attack).
• Companies must minimize risks beyond your own network evaluate and control - through risk management, contracts and continuous monitoring.

Mnemonic

Security does not end at the corporate network - vulnerabilities can affect partners directly.

4th People & Insider-Threats

Unfortunately, technology alone does not protect us! 2025 also showed that Employees the critical safety component are.

• Insider Threats are caused by carelessness, errors or deliberate manipulation.
• Awareness programs and a Strong safety culture significantly increase the effectiveness of technical measures.

5. regulation & standards

Legal requirements moved further into focus:

• The NIS2 Directive presented companies with new requirements regarding reporting obligations, risk management and security controls.
• International conferences, such as escar Europe 2025, enabled the exchange of information on Best practices and new standards.

Conclusion

Compliance must be proactively embedded in security processes, not just reactively.

6 AI as risk & opportunity

AI technologies were doubly relevant in 2025:

• For attackers: Automated phishing campaigns, deepfakes and attack scripts make it difficult to distinguish between legitimate and malicious actions.

• For the defense: Security teams rely on AI-supported solutions such as DEFENDERBOX, to efficiently analyze alerts, detect anomalies and trigger prioritized responses making defense faster, more precise and scalable.

Key Fact

Start-ups for AI-based cyber defense received in 2025 Financing - The trend towards intelligent, automated protection mechanisms will continue to grow.

However advanced AI models can themselves create new risks - a clear governance model remains mandatory.

7. facts for companies

2025 made clear: Cybersecurity is a dynamic, continuous process. Successful companies pursue a holistic approach, that incorporates technology, processes and people.

Fields of action:

• Resilience: Systems and processes must be able to withstand incidents.
• Holistic risk management: consider supply chains, cloud and third-party providers.
• Awareness & safety culture: sensitize employees.
• Compliance: Actively integrate requirements such as NIS2 into processes.
• AI & technology: seizing opportunities, controlling risks.

8. outlook for 2026

What does all this mean for 2026? The threats will even more professional and complex. Today, companies need to act, not just observe:

• Training courses and practical training secure the knowledge within the team.
• Security culture and awareness are becoming crucial to ward off social engineering.
• Tools like the DEFENDERBOX enable automated, AI-supported security analyses with fast, prioritized responses.

Conclusion

Cybersecurity is no longer an IT task - it is a An integral part of corporate responsibility.

Are you prepared for cyber attacks?

With the DEFENDERBOX you are one step ahead of cyber threats: Strengthen your company's resistance to hacker attacks - even in your own environment!

Stay vigilant - your IT will stay that way with us!