In view of the dynamic cybersecurity threat land-scape and the increasingly interconnected information technol-ogy (IT) and operational technology (OT) environments, the management of security risks to both IT and OT systems becomes paramount, including efficient and comprehensive risk assessment. Such risk assessments, however, require extensive manual work, the availability of trained security personnel as well as considerable time and financial resources. Additionally, a consistent quality of results often cannot be guaranteed due to a dependency on individual expert knowledge and experience. A promising approach to alleviate these challenges is to use software-based support to automate risk assessment processes and increase efficiency and consistency. This work proposes a con-cept for software-supported automated security risk assessments with a focus on industrial components and the manufacturing industry. It presents key challenges, solution approaches, and further research directions that need to be considered in order to practically implement the concept. Additionally, current research that is already in process towards a practical implementation and a preliminary software prototype are presented.