Published in News

Companies still keep quiet about security breaches

by on12 April 2023


No one dares disturb the sounds of silence

Despite what corporates are telling shareholders, more than 40 per cent of surveyed IT security professionals say they've been told to keep network breaches secret.

This will not inconsiderably hack off governments who have been doing their best to write laws that “encourage” companies to spin the beans if they are hacked, and shareholders who can see their investments plummet if a company is hacked.

Bitdefender's 2023 Cybersecurity Assessment report asked security experts from large companies in the US, EU, and Britain, about the issue and found half of the organisations have experienced a data leak in the past year. America was even worse with three-quarters of respondents saying they experienced an intrusion and for some reason giving everyone guns to fix the problem didn’t help.

To make matters worse 40 per cent of IT infosec said they were told to not report security incidents. The problem was worse in the US where 70.7 per cent were told to keep attacks secret.

A third of global respondents said they followed through and obeyed those orders when they knew it should have been reported. In the US, that number climbs to 54.7 per cent of the total.

Globally, 54.3 per cent of respondents said they were worried their organisation was at risk of legal action due to incorrect handling of a security breach. Unsurprisingly, that number also spikes among US respondents, 78.7 per cent of whom said they were worried their companies were open to legal action due to a bad breach response.

Despite these insane numbers more than 94 per cent believed that they were confident in their organisation's ability to respond to cybersecurity threats. Apparently, they were not asked if they believed that they could bounce bullets off their chests.

Bitdefender Business Solutions Group deputy GM and SVP of product Andrei Florescu said: "The findings in this report depict organisations under tremendous pressure to contend with evolving threats such as ransomware, zero-day vulnerabilities and espionage while struggling with complexities of extending security coverage across environments and ongoing skills shortage."

 

Last modified on 12 April 2023
Rate this item
(0 votes)

Read more about: