A hot potato: Security breaches are apparently far more common than public disclosures and news reports suggest. As part of its 2023 Cybersecurity Assessment, Bitdefender found that more than half of those surveyed (51.7%) have experienced a data breach or data leak in the last 12 months.
Leading concerns include software vulnerabilities / zero-days (53.9 percent), phishing / social engineering (52.2 percent), supply chain attacks (49 percent) and ransomware (48.5 percent).
Arguably even more alarming is the number of organizations that would like to sweep a breach under the rug and act like it never happened. Among those surveyed, 42 percent said they have been told to keep a security breach confidential when they knew they were obligated to disclose it. Nearly one in three - 29.9 percent - said they complied with orders to keep a breach under wraps.
Hush requests vary depending on geographical location. In the US, a whopping 70.7 percent of those surveyed said they have been asked to hide a breach and 54.7 percent of them did the deed. On the opposite end of the spectrum, only 26.9 percent of IT pros in France have been asked to do the same.
It is no surprise that companies would like to keep a security breache confidential. A public security disclosure can tarnish a brand's reputation, erode customer trust and even lead to legal action and costly fines. Last summer, for example, T-Mobile agreed to pay $350 million to settle a class action lawsuit relating to a previous data breach.
Despite the growing threat landscape, the overwhelming majority of IT pros surveyed (94 percent) said they were very / somewhat confident that they have the tools, strategies and people in place to respond to the next cybersecurity threat.
Bitdefender surveyed 400 IT pros working at large companies (1,000+ employees) across a range of industries in the US, the UK, Germany, Italy, Spain and France. The full report is available for download for those interested in learning more.