This is accompanied by an increased risk of falling victim to ransomware, phishing and other threats. The respondents also state that complex technical systems and a lack of awareness on the part of managers exacerbate the problem.

32% of German IT and business decision-makers surveyed by Trend Micro state that they have difficulties with risk assessment when managing their digital attack surface. As a result, 87 percent of respondents feel exposed to the risk of phishing attacks - closely followed by ransomware (86 percent) and cloud infrastructure outages (83 percent).

Companies' difficulties in assessing risk also leaves their board members in the dark: 51% of IT decision-makers see a challenge in quantifying the company's risk level for the management level. Only 4 percent believe that their board of directors currently fully understands cyber risk. This presents an opportunity for companies to call in external expertise.

41% of respondents have already invested in a platform-based approach to attack surface management within their company, while almost half (49%) say they plan to do so in the future. Those who already have a cybersecurity platform in place see improved transparency (32%), reduced costs (31%) and faster attack detection and response (31%) as the main benefits.

Many German companies (27%) still proceed manually when mapping the attack surface. 29% report complexity problems due to the existence of multiple tech stacks. This could explain why only some of the respondents are able to comprehensively present the following aspects of their risk assessment:

• Action plans to prevent the exploitation of specific vulnerabilities (47 percent)
• Impact of a security incident in a specific area (46 percent)
• Industry benchmarks (43 percent)
• Frequency of attack attempts (43 percent)
• Trends in attack attempts (39 percent)
• Risk rating of individual assets (37 percent)

"We already know from numerous discussions with customers that companies are concerned about a massively increased and non-transparent digital attack surface. The study results also show that they urgently need support with cyber risk assessment," says Richard Werner, Business Consultant at Trend Micro. "In many cases, the challenge is exacerbated by siloed individual solutions. A comprehensive platform approach, on the other hand, provides the required level of security."