Organizations around the world face enormous pressure to address cybersecurity threats such as ransomware, zero-day exploits, and espionage. In addition, they must contend with the complexity of extending security coverage to all environments and with the continuing shortage of training.
This is highlighted in the Cybersecurity Assessment Report in 2023 of Bitdefenderwhich highlights the top security concerns, practices, and issues, as well as the biggest challenges businesses face in their environments.
“The results of this survey demonstrate, more than ever, the importance of layered security, which provides prevention, detection, and response to advanced threats across the enterprise, as well as increased efficiency, which allows security teams to more with less”, explains Andrei Florescu, Deputy General Manager and SVP of Products at Bitdefender Business Solutions Group.
Cybersecurity challenges and concerns
Among the main findings of the Cybersecurity Assessment Report in 2023, the following stand out:
- Cybersecurity professionals are often instructed not to disclose breaches. A third (34.8%) of the security and IT professionals surveyed in Spain state that they have received instructions not to disclose any security breach that should have been reported, a secret that 22.73% of Spanish professionals admit to having kept. These instances of requests for IT and security professionals not to disclose breaches occur most frequently in the United States (71%), followed by the United Kingdom (44%), Italy (36.7%), and Germany (35, 3 %). Globally, 30% of respondents admit to keeping a breach confidential when they knew it should be reported
Bitdefender has revealed the main challenges and concerns of companies in terms of cybersecurity
- Nearly three in four respondents will increase their security budget. 70% of professionals surveyed in Spain (74% in the rest of the world) plan to increase their security budget in 2023, while 20% (25% global) plan to reduce new purchases of cybersecurity technology and another 20% (23% global) plans to decrease new cybersecurity hires. Spain leads with 13.64% the percentage of respondents who affirm that economic uncertainty has not affected its security budget for 2023
- More than half of the companies surveyed have experienced a security breach in the past 12 months. In addition to the fact that a large percentage of professionals receive instructions to keep breaches secret, 52% of those surveyed globally admit to having suffered a data breach or breach in the last 12 months. These cases occur above all in the United States, with 75% (23% more than the average), followed by the United Kingdom (51.4%), Germany (48.5%) and Spain (43.94%). . Given the frequency of data breaches and the pressure to keep them secret, IT and security professionals face a tricky situation. More than half of those surveyed (55%) are concerned that their company will face legal problems due to improper handling of a security breach
- Ransomware is the most worrying threat for Spaniards. When asked which security threat causes them the most concern, Spanish professionals cite ransomware (60.61%) as their main concern, closely followed by phishing / social engineering (59%), software vulnerabilities and zero-day threats (50%), attacks against your supply channel (43.94%), insider threats (37.88%), espionage (21.21%) and privilege escalation (16, 67%). Globally, respondents say they are most concerned about software vulnerabilities or zero-day threats (53.38%), closely followed by phishing or social engineering threats (52%), and in third place, Targeted attacks against the supply chain (49%). The fact that software vulnerabilities are their number one concern is corroborated by Bitdefender Labs research that revealed a notable increase in 2023 in cybercriminals exploiting known software vulnerabilities through proof-of-concept (PoC) attacks.
- The main challenge for Spanish professionals is the complexity of security solutions. More than half of the security and IT professionals surveyed in Spain (56%) state that the biggest challenge they face is the complexity of security solutions (43% globally), followed by the expansion of security capabilities computing in multiple environments (50%), incompatibility with other security solutions (33.33%), lack of security skill set (27%), too many alerts (24%) and reporting capabilities ( 18%). In the rest of the world, with 43%, the main challenge for professionals lies in expanding information security capacity in all environments
- Continuous cybersecurity coverage is crucial for businesses. Almost all respondents (99%) say that having a managed security provider, such as a managed detection and response (MDR) service, is a key element of their security programs. In fact, almost all respondents (99%) say they currently use or are considering using a security managed service provider. The main reason is to have security coverage available 24/7 (45% globally and 42% in Spain), followed by the ability to free up internal IT or cybersecurity resources (35% globally and 36% in Spain). In addition, 95% of those surveyed in Spain (93% in the rest of the world) highlight the importance of proactively searching for threats