A new report from cybersecurity firm Bitdefender highlights a significant increase in pressure on security professionals to conceal data breaches. The study, which surveyed over 1,200 IT and security experts, found that 58% were instructed to keep a breach confidential, marking a sharp rise from previous years. This trend is coupled with a growing disconnect between company leadership and technical teams on cyber risk management.
The Bitdefender 2025 Cybersecurity Assessment also analyzed 700,000 cyber incidents, revealing that attackers overwhelmingly favor methods that use a target's own software against them. These findings paint a complex picture of the modern security landscape, where internal pressures and evolving attack methods challenge corporate defenses.
Key Takeaways
- Increased Secrecy: 58% of security professionals were told to keep a data breach quiet, a 38% increase since 2023.
- Prevalent Attack Method: 84% of severe cyberattacks use "Living-Off-the-Land" (LOTL) techniques, leveraging legitimate system tools.
- Leadership Disconnect: 45% of C-level executives feel "very confident" in managing cyber risk, compared to only 19% of mid-level managers.
- Top Priority: 68% of organizations now consider reducing their digital attack surface a primary security goal.
A Growing Trend of Silence Following Security Breaches
One of the most significant findings from the 2025 report is the cultural shift towards non-disclosure of security incidents. The data shows that 58% of surveyed security professionals have been instructed by their organizations to keep a breach confidential, even when they believed it should be disclosed.
This represents a substantial 38% jump from the figures reported in 2023, suggesting a rapidly growing trend where reputational management may be prioritized over transparency. Such directives can place companies at odds with regulatory compliance and erode trust with customers and partners.
Why Secrecy is a Risk
Keeping breaches quiet can have severe long-term consequences. It prevents other organizations from learning about new threats, hinders law enforcement efforts, and can lead to larger fines if regulatory bodies later discover the non-disclosure. It also undermines the trust of stakeholders, including employees, customers, and investors.
The pressure to remain silent is not evenly distributed across organizations. According to the report, senior leaders like Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) report experiencing this pressure more intensely than their frontline staff. This indicates a top-down directive aimed at controlling the narrative following a security failure.
Attackers Increasingly Use Existing System Tools
The technical analysis conducted by Bitdefender Labs on 700,000 high-severity incidents uncovered a dominant attack strategy. An overwhelming 84% of these attacks utilized what are known as Living-Off-the-Land (LOTL) techniques.
LOTL attacks involve malicious actors using legitimate, pre-installed software and tools within a target's network to carry out their objectives. Because these tools are trusted and native to the environment, this method makes detection by traditional security systems extremely difficult.
"By leveraging legitimate tools already present inside environments, attackers can operate invisibly and bypass many conventional defenses. This is a fundamental shift from relying on external malware."
In response to this trend, organizations are shifting their defensive priorities. The survey found that 68% of companies now list attack surface reduction as a top goal. This proactive approach focuses on minimizing the number of potential entry points for attackers.
Specific regions show even greater urgency. In the United States, 75% of organizations prioritize attack surface reduction, while in Singapore, the figure is 71%. This involves practical steps like disabling unused services, removing unnecessary applications, and limiting pathways for lateral movement within a network.
Disconnect Between Leadership and Technical Teams Hinders Defense
The report exposes a critical misalignment between the perceptions of executives and the reality experienced by operational security teams. This gap in understanding can create significant blind spots and slow down an organization's ability to respond to threats effectively.
Confidence Gap by the Numbers
- 45% of C-level executives reported being "very confident" in their organization's ability to manage cyber risks.
- Only 19% of mid-level managers and technical staff shared that same level of confidence.
This disparity suggests that senior leadership may not have a complete or accurate picture of the day-to-day security challenges their teams face. The confidence at the executive level often contrasts with the on-the-ground reality of resource constraints, tool complexity, and persistent threats.
Diverging Strategic Priorities
The misalignment extends to strategic focus areas as well. Executives are more likely to prioritize forward-looking initiatives like the adoption of Artificial Intelligence. In contrast, frontline managers are more concerned with immediate operational needs, such as strengthening cloud security and managing digital identities.
When leadership and technical teams have different priorities, it can lead to a misallocation of resources. Budgets may be directed toward high-profile projects while fundamental security controls remain underfunded, leaving the organization vulnerable to common but effective attack methods.
Artificial Intelligence in Cybersecurity Perception Versus Reality
Artificial Intelligence is a major topic of discussion within the cybersecurity community, but the report indicates that fears may be slightly ahead of the current threat landscape. While AI-powered attacks are a growing concern, the data suggests a need for a balanced perspective.
According to the survey:
- 67% of security professionals believe AI-driven attacks are on the rise.
- 58% name AI-powered malware as their single greatest concern for the coming year.
However, the report's analysis of actual incidents suggests that while AI is enhancing certain aspects of attacks, its prevalence as the primary driver of breaches is not yet as high as feared. Traditional methods, particularly LOTL attacks, remain the most common and effective tools for adversaries.
This highlights the importance of maintaining strong foundational security practices. While preparing for future AI-based threats is crucial, organizations cannot afford to neglect the defenses needed to stop the prevalent attacks of today. A balanced strategy addresses both current and emerging threats without allowing hype to divert focus from essential security measures.