A new report has revealed phishing and ransomware attacks are on the rise with half of companies experiencing some form of cyber threat in the past year.

Last week, Bitdefender released the 2023 Cybersecurity Assessment Report. The report is based on an independent survey and analysis of more than 400 IT and security professionals ranging from manager to chief information security officer (CISO) who work in companies with 1,000 or more employees in geographical regions including France, Germany, Italy, Spain, United Kingdom and the United States.

According to the report, 42% of the total IT/security professionals surveyed said they have been told to keep a breach confidential when they knew it should be reported and 30% said they have kept a breach confidential. The U.S. had the highest rate with 71% of IT/security professionals saying they have been told to keep quiet, followed by the U.K. at 44%, Italy at 36.7%, Germany 35.3%, Spain 34.8% and France 26.8%.

Other key findings from the report included:

• 52% of global respondents said they have experienced a data breach or data leak in the last 12 months. The U.S. led at 75% (or 23% higher than average) followed by the U.K. at 51.4% and Germany at 48.5% rounding out the top three. More than half (55%) of respondents agree they are worried about their company facing legal action due to a breach being handled incorrectly.  
• When asked about the security threats that pose the greatest concern, respondents indicated they are most concerned about software vulnerabilities and/or zero-days threats (53%), phishing/social engineering threats (52%) and attacks targeting the supply chain coming in at third (49%).
• More than two in five (43%) of IT/security professionals surveyed said extending capabilities across multiple environments (on-premises, cloud, and hybrid) is the greatest challenge they face which tied with complexity of security solutions also at 43%. Not having the security skill set to drive full value came in as a strong second at 36%. Italy and France cited lack of security skill set as their biggest challenge at 49% and 45%.
• 99% of respondents stated that using a managed security provider, such as a managed detection and response (MDR) service, is a critical element of their security programs with almost all (99%) of respondents stating they are either currently using or considering using a managed security provider. The top reason respondents gave include the ability to have 24x7 security coverage (45%), followed by the ability to free up internal IT/cybersecurity resources (35%). Ninety-three percent of respondents identified proactive threat hunting as important.