Bitdefender, the world's leading cybersecurity company, has released its 2023 Cybersecurity Assessment Report, which, based on independent surveys and analysis of IT and security managers, reveals the key security issues, practices and key challenges businesses face in their environments.
The results of this survey demonstrate more than ever the importance of layered security, which can deliver advanced threat prevention, detection and response across the enterprise, while increasing efficiency so that security teams can do more with less.
Across the globe, organizations are under intense pressure to respond to ever-evolving threats such as ransomware, zero-day exploits, and espionage, while also dealing with the complexities of extending security coverage across environments and ongoing skills shortages.
The results of this survey demonstrate more than ever the importance of layered security, which can deliver advanced threat prevention, detection and response across the enterprise, while increasing efficiency so that security teams can do more with less.
The report is based on independent survey and analysis of more than 400 IT and security professionals ranging from managers to Chief Information Security Officers (CISOs) with 1,000 or more employees in geographic regions such as France, Germany, Italy, Spain, United States Companies working in the United Kingdom (UK) and the United States (US).
Key findings from the 2023 Cybersecurity Assessment report include:
-
Cybersecurity professionals routinely told to keep breaches secret
Worryingly, more than two-fifths (42%) of the IT/security professionals surveyed said they were told to keep a breach confidential when they knew they should report it, 30% of people said they kept the breach a secret.
71% of US IT/security professionals are the most likely to say they have been told to keep quiet, followed by the UK at 44%, Italy at 36.7%, Germany at 35.3%, Spain at 34.8% and France at 26.8%.
-
More than half of businesses surveyed experienced a data breach in the past 12 months
At the same time, a large proportion of businesses are told to keep data breaches private, with 52 percent of global respondents saying they experienced a data breach or data breach in the past 12 months. The US leads with 75% (or 23% above average), followed by the UK at 51.4%, and Germany rounds out the top three at 48.5%.
Given the prevalence of data breaches and the intense pressure to keep silent, IT/security professionals face a dire situation. More than half (55%) of respondents said they were concerned their company would face legal action for mishandling a breach.
-
Software Vulnerabilities Are the Most Concerned Threats
When asked about their top security threats, respondents said they were most concerned about software vulnerabilities and/or zero-day threats (53%), followed closely by phishing/social engineering threats (52%) , attacks targeting the supply chain came in third (49%).
Software vulnerabilities as the top concern correlate with research from Bitdefender Labs, which shows that by 2023, cybercriminals using proof-of-concept (PoC) attacks to exploit known software vulnerabilities will increase significantly.
-
Scaling network security capabilities across environments is the biggest challenge
-
More than two-fifths (43%) of IT/security professionals surveyed said that scaling capabilities across multiple environments (on-premises, cloud, and hybrid) was their biggest challenge, matching the complexity of security solutions by 43%. Security skills that do not drive full value come in second at 36%. Interestingly, Italy and France cite lack of security skills as their biggest challenge with 49% and 45% respectively.
-
Continuous cybersecurity coverage deemed critical for businesses
Nearly all (99%) of global respondents said that using a managed security provider, such as a managed detection and response (MDR) service, is a key element of their security program, and nearly all (99%) of respondents said they currently Are using or considering using a managed security provider.
The top reasons cited by respondents included the ability to have 24×7 security coverage (45%), followed by the ability to free up internal IT/cybersecurity resources (35%). 93% of respondents believe proactive threat hunting is important.
In a recent report, Gartner® details the importance of threat and threat exposure management, stating: Organizations need to go beyond patching to manage broader security risks, including significantly increased attacks due to new hybrid efforts On the one hand, accelerating the use of cloud infrastructure and applications, more interconnected supply chains, expanding public-facing digital assets, and increasing exposure to the Internet of Things (IoT).
Bitdefender commissioned Censuswide, a leading international market research consultancy, to survey and analyze the responses of more than 400 IT and security professionals working in companies with 1,000 or more employees across a variety of industries.
The survey and analysis will be conducted from December 2022 to January 2023. Respondents were geographically evenly distributed in France, Germany, Italy, Spain, the United Kingdom and the United States.