Bitdefender: Over 57% of security professionals experienced a data breach in the past year

June 12, 2024
An astounding 96% of respondents found generative AI technology a threat.

Bitdefender released the 2024 Cybersecurity Assessment Report, based on an independent survey and analysis of cybersecurity professionals revealing top security concerns, practices, and key challenges businesses are facing across their environments.

“Businesses across every industry face unprecedented challenges posed by an increasing attack surface, zero-day vulnerabilities, cloud misconfigurations, and new emerging threats driven by AI,” said Andrei Florescu, president and general manager of Bitdefender Business Solutions Group. “The findings of this survey underscore a now vital approach to cybersecurity that layers threat prevention, protection, detection and response across all environments including cloud infrastructure, services, and supply chains. The goal of effective cybersecurity is not only stopping attacks at the door, but also to lower risk and optimize resources (technology and people) to help relieve pressure from security teams.”  

The report is based on an independent survey and analysis of over 1,200 IT and security professionals ranging from manager to chief information security officer (CISO) who work in companies with 1,000 or more employees in geographical regions across the world including France, Germany, Italy, Singapore, United Kingdom (U.K.) and the United States (U.S.).

Key findings from the 2024 Cybersecurity Assessment Report include:

  • The rise of generative artificial intelligence (GenAI) considered a threat by nearly all surveyed – When asked how much of a threat GenAI technology is to the overall cybersecurity landscape, a remarkable 96% of all respondents agreed it’s a threat with more than a third (36%) stating its use for manipulating or the creation of deceptive content (deepfakes) is a significant threat. Interestingly, confidence (or perhaps overconfidence) in the ability to spot a deepfake type of attack (audio/video) was high with 74% believing colleagues in their department could do so.
  • Data breaches continue to increase year-over-year – More than half of all respondents (57%) surveyed experienced a data breach or data leak in the last 12 months, up 6% from the previous year when asked the same question. At 73.5%, U.K. respondents experienced the most data breaches or leaks followed by Germany at 61%. Singapore experienced the least at 33% (24% below the average).
  • Tremendous pressure driving security professionals to look for new jobs – 64.3% of all respondents stated they will be looking for a new job in the next 12 months, up a considerable 25% when compared to last year’s result. This finding correlates with 70.2% of respondents agreeing they must work weekends due to security concerns their company faces. Respondents in the U.K. were most likely to work weekends at 81% and German respondents are most likely to look for new jobs at 76.6% (12.2% higher than the average).
  • Identity Access Management (IAM) and compliance are the top cloud challenges – When asked what the top security concerns are when it comes to managing cloud environments, 38.7% stated IAM followed closely by maintaining cloud compliance at 38%. Singapore respondents were well above the average (50.5%) saying IAM was their biggest challenge. At 36%, shadow IT came in as a strong third overall followed by risk of misconfigurations at 34%. Additionally, when asked how risk is monitored across cloud infrastructure, only 44.6% of overall respondents say they conduct regular audits and assessments.  
  • Over 74% agree phishing/social engineering have increased in sophistication – The top cybersecurity threats according to overall respondents are phishing/social engineering and software vulnerabilities and/or zero-days both at 32% followed closely by GenAI’s influence on cyber threats and ransomware (both at 29%) and insider threats at 28%. Over 74% of respondents say they have seen an increase in the sophistication of phishing attacks (likely correlating to the sudden rise of GenAI). Surprisingly, in the regions of France, U.S. and Germany, GenAI was seen as the top threat over ransomware at 35.5%, 34.3% and 32.8% respectively.
  • 24x7 cybersecurity coverage and access to elite talent critical for businesses – Respondents cited the top reasons for utilizing or contemplating the use of a managed detection and response (MDR) service. Over a third of respondents cited 24x7 security coverage as the number one reason followed by access to high-level security analysts and ability to proactively threat hunt both at 29%. Relating to managed services, an overwhelming 93% of respondents plan to increase investment in proactive cybersecurity measures (e.g. pen testing, red teaming) with 37% stating it’s very likely. Singapore respondents were most likely to invest in proactive cybersecurity at 97%.
  • Data compliance and regulations causing businesses to rethink their solutions strategy – When asked what the biggest challenge is about an organization’s current security solutions, adhering to data compliance and regulations was the number one challenge for 28% of all respondents. Extending capabilities across multiple environments was a close second at 27.5% followed by incompatibility with other security solutions at 25%. At 29%, respondents in the U.S. were most concerned about how secure third-party partners are or 5% above the average.

Data Sources

Bitdefender commissioned Censuswide, a leading international market research consultancy firm, to survey and analyze responses from 1,202 IT and security professionals who work in companies with 1,000 or more employees across various industries. The survey and analysis took place from March 2024 through May 2024. The respondents were geographically split equally between France, Germany, Italy, Singapore, U.K. and the U.S.

To download a complimentary copy of the full Bitdefender 2024 Cybersecurity Assessment Report, visit https://www.bitdefender.com/business/campaign/cybersecurity-assessment.html