Cyberattacks will continue to be one of the greatest threats to the performance and infrastructure of companies in 2025. This is shown by SoSafe’s new Cybercrime Trends Report 2025, for which 500 security experts and 100 SoSafe customers from ten countries were surveyed.
This year, IT security managers are particularly faced with the challenge of increasingly diverse attack methods: Companies in the DACH region are increasingly confronted with AI-driven cyberattacks and are experiencing an increase in multichannel cyberattacks. Uncontrolled access to sensitive company infrastructures via personal devices and employee accounts is also particularly critical. Cybercriminals are also increasingly attacking supply chains and testing their resilience.
Rising AI threat
While AI systems help companies fend off cyber threats, criminals use the same technology for targeted attacks. 91% of the security experts surveyed expect a drastic increase in AI-supported attacks in the next three years. At the same time, only 26% of organizations feel sufficiently prepared to detect such threats. Deepfake technologies and automated, comprehensively personalized phishing campaigns in particular pose an increasing danger.
“AI is scaling the speed and sophistication of cyberattacks at an unprecedented scale. Organizations need to ensure that their defense strategies keep pace with this evolution,” warns Andrew Rose, Chief Security Officer at SoSafe.
Multichannel attacks on the rise
Technological advances make it easier for criminals to combine different channels. In the report, 98% of cybersecurity professionals said that multichannel attacks – i.e. combined attacks via email, SMS, social media or collaboration platforms – have increased noticeably.
Supply chains in the sights
Almost all companies surveyed (99%) rely on external service providers. This dependency opens additional gateways for cybercriminals, as a vulnerability in the supply chain is often enough to compromise multiple organizations and cause massive economic damage.
Private devices as a risk factor
Last year, 91% of companies in the DACH region recorded attacks via private devices or accounts. In times of home office and flexible working time models, the boundaries between private and professional digital environments are becoming increasingly blurred and the attack surface is growing beyond company boundaries.
“The rapid increase in AI-driven and multichannel cyberattacks shows that traditional security measures alone are no longer enough. Companies are also more dependent than ever on the security culture of their partners and service providers. In addition, cybercriminals deliberately exploit the blurred boundaries between private and professional digital use. Cybersecurity has long been a shared responsibility – and that’s where a real opportunity lies: If companies equip not only their security teams, but also all employees and partners with the necessary knowledge and tools, they can build a resilient human firewall. The better we train, sensitize and empower employees, the more difficult we make it for attackers to be successful.” says Dr. Niklas Hellemann, CEO of SoSafe.
The complete Cybercrime Trends Report 2025 can be downloaded here: https://sosafe-awareness.com/de/ressourcen/reports/cybercrime-trends/
About SoSafe
SoSafe, founded by a team of behavioral scientists and technology experts, is the largest provider of security awareness and human risk management in Europe. SoSafe enables more than 5,500 customers worldwide to effectively mitigate cyber risks. With a human-centered behavioral psychology approach, SoSafe ensures that safe behavior becomes intuition.
The company’s goal is to strengthen digital self-defense and sustainably reduce human security risks. To this end, they focus on building robust safety cultures and actively involving employees in the reduction of human safety risks. Based on behavior-based data and powered by innovative technologies and AI, SoSafe enables security leaders to identify, prioritize and effectively reduce human safety risks. The SoSafe team now consists of more than 500 employees at ten locations: Cologne (headquarters), Amsterdam, Berlin, Chemnitz, Dublin, London, Paris, Lisbon, Munich and since Sydney.
Website: www.sosafe-awareness.com/de/
LinkedIn: www.linkedin.com/company/sosafe-cyber-security/mycompany/
