The eco IT security survey highlights areas for improvement in the IT emergency management of many companies. Max Röttgermann, the new Leader of the eco Security Competence Group, warns of the growing professionalism of DDoS attacks.
eco – Association of the Internet Industry sees its assessment of a continuing tense cyber threat situation confirmed by the German Federal Criminal Police Office (BKA) report on cybercrime 2025 published on 12 May 2026. In particular, the sharp rise in DDoS attacks and the increasing professionalism of cybercriminals underscore, in the association’s view, the need for companies and public institutions to critically review their cybersecurity.
“The figures in the German Cybercrime Situation Report show that cyberattacks are a permanent risk to the economy, the state and critical infrastructure. DDoS attacks, in particular, are repeatedly used strategically to disrupt systems in a targeted manner, tie up security resources or generate public attention,” says Max Röttgermann, the new Leader of the eco Security Competence Group and Senior Product Manager for IP Transit and DDoS Defence at Deutsche Telekom.
According to the German Federal Criminal Police Office (BKA), the number of DDoS attacks rose by 25 per cent in 2025 to more than 36,700 cases. Public authorities, government bodies and companies in the transport and logistics sectors were particularly affected.
The latest eco IT Security Survey 2026 also highlights a need for improvement in the cyber resilience of many organisations. In the survey of 100 IT security experts, only 17 per cent of the companies surveyed stated that they had fully tested incident response plans for various attack scenarios such as ransomware, supply chain failures or DDoS attacks. 41 per cent have established corresponding processes for selected scenarios. A further 23 per cent have basic structures in place, whilst 11 per cent have no such contingency plans at all.
“Many companies are now investing in technical protective measures, but organisational preparedness is still lagging behind in some cases. Particularly with DDoS attacks, the speed and quality of the response determine whether services remain stable or whether significant outages occur. Companies should therefore regularly test their crisis and escalation processes and implement concrete protective measures,” Röttgermann continued.
AI-based tools now enable attacks that are faster, more targeted and harder to detect. At the same time, the technology also opens up new possibilities for automated attack detection and effective defence measures. From the perspective of the Internet industry, there is a need for clear, transparent laws, regulations and guidelines that are free from political influence and enforced by neutral supervisory authorities such as an independent Federal Office for Information Security (BSI). Small and medium-sized enterprises in particular require greater support in establishing robust security and crisis management structures to strengthen their digital resilience in a sustainable manner.
About the eco survey
Data collection for the 2026 IT security Survey took place between September and December 2025. A total of 100 IT security experts were surveyed via online formats and at live events. The publication of the full results is scheduled for early July.
