More Than Half of Cybersecurity Workers Say They Were Told to Hide a Breach That Should Have Been Reported

More Than Half of Cybersecurity Workers Say They Were Told to Hide a Breach That Should Have Been Reported

More Than Half of Cybersecurity Workers Say They Were Told to Hide a Breach That Should Have Been Reported

https://the420.in/bitdefender-2026-report-breach-concealment-shadow-ai-cybersecurity/

Publish Date: 2026-07-02 15:46:00

Source Domain: the420.in

Slightly more than half of cybersecurity professionals think AI is helping attackers more than defenders, according to Bitdefender’s newly released 2026 Cybersecurity Assessment Report. But the report’s most striking finding concerns not technology at all, but organisational behaviour: 55.2 per cent of respondents who experienced a security incident or breach in the previous twelve months said they were told to keep it confidential, even though they believed it should have been reported to authorities.

The trajectory of that figure is what makes it genuinely alarming. It rose sharply from 42 per cent in 2023 to 57.6 per cent in 2025, before plateauing this year at 55.2 per cent, essentially unchanged. Bitdefender’s own analysts described that plateau as arguably just as troubling as the initial spike, since it suggests the surge in concealment pressure has now become entrenched rather than reversing. The United States led every region measured, with 68.6 per cent of American respondents reporting they were told to conceal a reportable breach, compared with 57.2 per cent in both Germany and the United Kingdom. Notably, the pressure to stay silent was not confined to any single organisational tier: managers reported facing this pressure at 56.8 per cent, closely mirrored by practitioners at 53.5 per cent, indicating the culture of concealment runs through entire organisations rather than being imposed top-down or bottom-up alone.

A Regulatory Paradox: Stricter Rules, Same Behaviour

What makes this finding particularly notable is the regulatory backdrop against which it is occurring. Bitdefender’s analysts pointed out that while organisations are working to incorporate US and European breach-disclosure regulations, cultural change has not kept pace with policy change, an acknowledgement that tightening legal requirements alone have not been sufficient to shift entrenched organisational instincts around disclosure.

The report’s authors were candid…

Source