Anyone who believes that the risk of a cyber attack has decreased in view of the falling numbers is deceiving themselves. Currently, attackers are increasingly gaining access to companies via unsecured remote access or vulnerabilities in publicly available services, as the attack by the Hafnium group via a vulnerability in Exchange servers has shown. Trained staff, along with established processes, are needed to improve IT security in companies. In this regard, those in charge need to act quickly. Otherwise, it is only a matter of time before they fall victim to an attack.