Three out of four industrial companies in Germany view cyberattacks as a high or very high risk, according to a new survey released Tuesday by Diconium and techconsult. However, the study reveals a significant gap between perceived threat and strategic preparedness, with less than half of companies integrating cybersecurity as a central component of their overall corporate strategy.
The findings, based on a December 2025 poll of 200 IT managers and decision-makers within German industry, highlight a vulnerability despite widespread acknowledgement of the escalating cyber threat landscape. While the majority recognize the danger, consistent implementation of robust cybersecurity measures – including clearly defined responsibilities and regular testing – remains uneven.
Diconium, a digital business transformation partner and a subsidiary of the Volkswagen Group, emphasizes the importance of addressing this disconnect. The company states its mission is to help businesses generate sustainable value through software, data, and artificial intelligence. According to Diconium’s website, the firm works with multinational corporations including Volkswagen, Stihl, Bechtle, Trumpf, and Zeiss.
The survey underscores a broader trend of companies acknowledging cybersecurity risks without fully translating that awareness into effective action. Diconium’s stated values include courage, collaboration, and a commitment to transforming businesses through digital innovation. The company’s leadership believes that mastering complexity and fostering a culture of continuous improvement are crucial for navigating the evolving digital landscape.
Diconium employs over 2,500 experts globally, with locations in Europe, North America, and Asia, offering expertise in areas such as data and AI, software engineering, and cybersecurity. The company’s focus extends beyond simply identifying threats; it aims to provide comprehensive solutions that enhance competitiveness and drive sustainable growth.
The Diconium survey did not specify the nature of the cybersecurity testing being conducted, or the specific areas where companies were falling short in their strategic implementation. No further details were released regarding planned follow-up actions or industry-wide initiatives to address the identified vulnerabilities.
