Suche
Mein Konto
DAX companies sound the alarm: risks from cyber attacks and bureaucracy!
The University of Hohenheim analyzes 134 DAX companies: risks such as cyber attacks and bureaucracy are the focus of the study.
DAX companies sound the alarm: risks from cyber attacks and bureaucracy!
On June 4, 2025, the University of Hohenheim and Crunchtime Communications published comprehensive results on the risk perception of 134 DAX companies. The research shows that the number of reported risks has increased by around 30% compared to two years ago. What is particularly noteworthy is that regulatory burdens and cyber attacks are rated as the greatest risks by 98% of the companies surveyed.
Companies have now become more sensitive to external threats. In addition to cyber risks and financial issues, which have become increasingly important, 86% of respondents also see geopolitical developments as significant risks. Prof. Dr. Frank Brettschneider points out that the perception of bureaucracy as a serious business risk has increased, which is hardly surprising given the new federal government's plans to reduce bureaucracy.
Risk assessment and CEO communication
The CEOs of DAX companies rarely address specific risks in their forewords; only 40% of the contributions contain references to this. On average, they mention 1.2 risks, with the most common topic – geopolitics – only mentioned in 37% of the forewords. The analysis also shows that 90% of companies carry out a systematic quantitative risk assessment, while only 9% describe risks qualitatively.
Risk perception has changed in recent years. A notable decrease in the naming of pandemics, energy crises and inflation as risks was noted. This shift suggests a concentration of concerns on regulatory and technological challenges, amplified by the wave of digitalization and innovation.
Cyber risks in focus
Cyber incidents are not just a threat to DAX companies. According to BaFin, cyber attacks are increasing worldwide, especially in the financial sector, where almost 20% of global cyber incidents in the last two decades have occurred. The damage caused by cyber crime has amounted to almost 12 billion US dollars since 2004. While 65% of companies fear that they could suffer cyber attacks that threaten their existence, the number of reports of payment incidents increased significantly in the first third of 2024.
The introduction of the DORA (Digital Operational Resilience Act) in January 2025 will help harmonize ICT incident reporting requirements. In response to the increasing risks, BaFin plans to hold cyber roundtables and crisis management exercises to strengthen resilience in the financial sector. At the same time, it is emphasized that outsourcing to IT service providers increases the attack surface for cyber attacks, and companies must constantly invest in IT security.
Risk management statistics
In addition to the risk assessment in the DAX study, an analysis by Secureframe shows that 41% of companies experienced three or more critical risk incidents in the last 12 months. Most risk managers identify cyber and information risks as the biggest threats to business growth. This shows a direct link between risk perception and risk mitigation measures, with 63% of executives citing lack of competitive advantage from their current risk management processes.
Overall, it is clear that companies in Germany must design their risk management strategies increasingly systematically and adapt them to the challenges of the new digital era. The results of the study make it clear that the effective management and communication of risks in these dynamic times is essential for future competitiveness.