Every third person responsible for cyber security in a company has already been instructed to conceal a reportable attack. The study shows: 14,7 percent then concealed the incident. The global Bitdefender 2023 Cybersecurity Assessment Report proves that GDPR, GDPR and other regulations are too often broken in favor of a good image.
Bitdefender has published its 2023 Cybersecurity Assessment Report. The report is based on an independent and anonymous survey of more than 400 IT and cybersecurity professionals from IT manager to CISO in the US, UK, Germany, France, Italy and Spain at companies with 1.000 or more employees. The report asks about their concerns, challenges and the cybersecurity practices for organizations in their IT environments.
The most important results of the report
Cybersecurity professionals are instructed not to disclose a data breach
Globally, 42 percent of respondents said they were asked to keep security breaches private even though they should have been reported. The results vary considerably depending on the region. In the EU countries surveyed, Italy (36,7%), Germany (35,3%), Spain (34,8%) and France (26,8%), the proportion is lower than in Great Britain (44%). At 71%, IT/security professionals in the US were the most likely to say they were told by higher authority to remain silent. In Germany, 14,7% confirmed that they had actually deliberately treated such an incident, which they should have reported, as confidential.
Privacy and security leaks in more than half of all companies
🔎 The many unpatched vulnerabilities are among the most common causes of cyber attacks worldwide (Image: Bitdefender).
52% of study participants have confirmed that there has been a data breach and data disclosure in their company in the last 75 months. Again, the US leads the way with a percentage of 23% (3% above average). Germany is in third place with 48,5% behind Great Britain with 51,4%.
With the frequency of data breaches and the overwhelming pressure to keep them private, IT and security professionals face a difficult situation. More than half (55%) of respondents say they are concerned their organization could be prosecuted for a data breach that is not properly addressed. For Germany, 45,6% of the participants shared this concern.
Software-related vulnerabilities as the main problem
The top security threat for respondents is software vulnerabilities or zero-day threats for 53% (57,3% in Germany), closely followed by phishing/social engineering threats (with 52% - 57,3% in D) and attacks on the software supply chain, which rank third (49% - 45,6% in D). Ransomware is only in fourth place (48,5% - 44% in Germany). This is in line with the Bitdefender Labs assessment, which in 2023 found that hackers were increasingly exploiting known software vulnerabilities with proof-of-concept (PoC) attacks.
First challenges: Different environments and complexity:
43% of IT and security professionals see expanding their IT security capabilities across different environments (on-premises, cloud and hybrid) as the biggest challenge. Just as many participants see the biggest problem in the complexity of security solutions. In Germany, too, both challenges are at the top with 45,6% each. 36% (35,3% in Germany) of those surveyed feel that they do not have the necessary skills to extract the optimum value from IT security applications. This figure is highest in Italy and France, at 49% and 45% respectively.
Continuous cybersecurity monitoring
Study participants were convinced of the need for a managed detection and response (MDR) service. Above all, the participants hope for around-the-clock monitoring of IT security - 45% of those surveyed worldwide, 44,1% in Germany. 35% - in Germany even 42,7% - hope to free up IT and cyber security resources with this support.
“Organizations around the world are under tremendous pressure to keep up with constantly evolving threats such as ransomware, zero-day and espionage. At the same time, they are struggling with the complexities that arise from playing IT security in different environments. Add to that the lack of skills,” said Andrei Florescu, Deputy General Manager and Senior Vice President of Products, Bitdefender Business Solutions Group. “The results of our study demonstrate – more than ever – the importance of multi-layered security that provides prevention, detection and mitigation across all business processes while improving efficiency. This allows security teams to do more with less.”
Background to the study
The study commissioned by Bitdefender was conducted by market research company Censuswide. More than 400 IT professionals from various industries, from IT managers to CISOs, working in companies with more than 1.000 employees were surveyed. The survey was aimed at professionals and security leaders in the US, UK, Germany, France, Italy and Spain.
Directly to the report PDF at Bitdefender.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de