Most cybersecurity workers have been told to conceal a breach, report finds
Most cybersecurity workers have been told to conceal a breach, report finds
https://www.cybersecuritydive.com/news/data-breach-coverups-ai-bitdefender/824331/
Publish Date: 2026-07-02 10:53:00
Source Domain: www.cybersecuritydive.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
Dive Brief:
Slightly more than half of cybersecurity professionals think AI is helping attackers more than defenders, the security firm Bitdefender found in a new report.
Malware improvements, social-engineering techniques and attack behavior (such as lateral movement and automatic vulnerability scanning) topped the list of AI-related threat vectors worrying respondents to Bitdefender’s survey.
The report also highlights shadow AI concerns, breach cover-ups and security confidence gaps between leaders and workers.
Dive Insight:
One of the most striking findings in Bitdefender’s annual report is the fact that 55% of workers said they were told to keep quiet about a breach. That number rose from 42% in 2024 to 58% in 2025 before plateauing this year. “That plateau is arguably just as troubling as the initial spike,” Bitdefender analysts wrote.
The security firm posited that while organizations are working to incorporate U.S. and European breach-disclosure regulations, “cultural change lags behind policy change.”
“Changing behavior may require making disclosure feel less punishing,” analysts wrote. “Or perhaps the opposite: making secrecy impossible to justify.”
Bitdefender’s report is based on a survey of 1,200 IT and cybersecurity professionals in the U.S. and five other countries between April and June, with respondents representing frontline workers, mid-level managers and executives.
More than half of respondents reported experiencing data breaches or other cybersecurity incidents over the 12 months leading up to the survey period, with 42% citing unauthorized cloud access, 36% citing business email compromise (BEC) and 26% citing ransomware. BEC was most common in the U.S., while unauthorized cloud access predominated in the other five survey countries: the U.K., France, Germany, Singapore and Italy.
The shadow AI problem also exhibited regional differences. Respondents in the U.S. were most likely to report having full visibility into their organizations’ AI usage (63%), followed by the U.K. (58%) and Germany (52%).
That finding matched a broader confidence gap between organizations in the U.S. and those elsewhere. “U.S. respondents are simultaneously the most strained and the most confident in our entire dataset,” Bitdefender said. “They report higher rates of breach concealment, more AI-driven attacks, and greater tool complexity. And yet they also report higher confidence in their security posture, stronger vendor relationships, and greater willingness to invest.”
In one of the report’s more troubling findings, managers were significantly more confident in their cybersecurity practices than frontline employees were. The biggest gap — 12 percentage points — appeared on the issue of full AI visibility, while smaller but still significant gaps also appeared on other issues, including alignment between cybersecurity defenders and the broader business (7.4 points).