In its latest report, HDI Global, an international industrial insurer based in Hannover, analyses how companies can better manage cyber exposure and strengthen resilience.
HDI Global’s analysis aligns with findings from the European Union Agency for Cybersecurity (ENISA), which examined almost 4,900 incidents between July 2024 and June 2025.
ENISA identified phishing, ransomware, and Distributed Denial of Service (DDoS) attacks as the most prevalent threats across sectors. Bartolini notes that cybercriminals are increasingly using generative AI to launch automated attacks and exploit weaknesses in a wider range of industries, making proactive risk management essential.
The first priority identified by Bartolini is continuous employee awareness. Human error remains a primary cause of cyber incidents, with ENISA reporting that roughly 60 percent of breaches result from mistakes such as falling for phishing emails or social engineering attempts. HDI Global recommends structured, ongoing training programmes that include simulated attacks and response workshops to help employees recognise and mitigate risks over the long term.
The second focus, according to Bartolini, is maintaining software and infrastructure. Outdated or unpatched systems are common entry points for attackers. HDI Global advises businesses to implement consistent patch management, conduct regular vulnerability assessments, and prioritise critical system updates to reduce the likelihood of compromise.
Third, Bartolini emphasise technical safeguards and network management. With hybrid and remote working expanding access points, businesses face increased exposure.
HDI Global recommends measures such as network segmentation, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), and the establishment of Security Operations Centres (SOCs) to identify and isolate threats quickly. Applying the principle of least privilege, granting users only the access required for their roles, further limits potential damage.
Fourth, supply chain and third-party risks require active management. ENISA data show that over ten percent of cyber incidents originate from vulnerabilities within partner networks or software providers. Bartolini recommends including cybersecurity requirements in contracts, verifying compliance with security standards, and performing joint testing of interconnected systems to prevent incidents from spreading.
Finally, he highlights the importance of operational preparedness. Complete prevention is impossible, but downtime and losses can be minimised through tested recovery strategies. ENISA reports that average operational downtime after a cyberattack is 4.2 days, rising to 5.5 days for small businesses.
HDI advises regular data backups, documented recovery plans, and crisis simulations to ensure organisations can resume operations efficiently after an incident. The report demonstrates that companies with comprehensive cybersecurity frameworks recover approximately 36 hours faster and incur up to ten percent lower costs per incident.
About the Author
