After a hack many firms still say nothing, and that’s a problem

Attackers are more inclined to “log in rather than break in,” using stolen credentials, legitimate tools, and native access to stealthily blend into their target’s environment, according to Bitdefender’s 2025 Cybersecurity Assessment Report.

Attack surface reduction is a top priority

68% of security leaders are focusing on reducing the number of tools and applications running in their environments. Why? Because every unused admin account, unnecessary app, or extra permission is a potential doorway for attackers, and a place for them to hide once they’re in. By turning off what’s not needed, organizations give attackers fewer options.

Today’s threats often come from within the environment, not from outside perimeters. That’s why shrinking the attack surface has become such a priority. Every extra credential or forgotten piece of software can be used against you.

Attackers have caught on. Instead of bringing in their own tools, they now use what’s already there, like PowerShell or WMI. This tactic, known as Living Off the Land, has become one of the most common ways they operate. It’s a clear sign that traditional defenses aren’t enough anymore, and that a more proactive approach is needed.

Why cybersecurity breaches are still being kept quiet

In cybersecurity, timing is everything. When a breach happens, how quickly and openly an organization responds can make a big difference in the outcome. Being upfront early can speed up recovery, reduce legal risk, and help maintain customer trust.

Yet in many companies, the instinct is to stay quiet. Transparency often takes a back seat. In fact, 6 out of 10 people say they’ve been told not to talk about a cybersecurity incident at their workplace.

CISOs and CIOs often feel the most pressure to stay quiet. 69% of C-level executives say they’ve been told not to speak up about a cybersecurity incident, compared to 46% of mid-level managers. This isn’t just a one-off problem, it points to a broader, systemic issue.

What’s emerging is a culture where silence is the norm, even in situations where disclosure might be required. One reason for this trend could be the growing pressure to meet complex regulatory requirements. If a breach exposes non-compliance, the fallout, financial, legal, and reputational, can be significant. So, for many organizations, the instinct is to avoid that risk by keeping things under wraps.

Leadership confidence outpaces frontline reality

C-level executives tend to be the most confident about their organization’s ability to manage risk. But their view often comes from strategy and planning, while frontline teams see daily threats, unpatched systems, and alert fatigue.

This disconnect can lead to underinvestment in key areas like staffing, processes, and tools. It also shows up in priorities: leaders are focused on adopting AI for threat detection, while managers are more concerned with cloud security and identity access.

Believing in AI, living a different reality

When asked about the biggest threats to their organizations, many pointed to AI-generated attacks like deepfakes and automated malware. Phishing and social engineering were also top concerns, along with software vulnerabilities and ransomware. A lot of people see AI-powered social engineering as a serious issue, and many believe their organizations have faced attacks involving AI in the past year.

Advanced AI-driven attacks might still be uncommon, but many agree they’re becoming more frequent. More organizations are noticing AI-powered cyber threats, and many find it harder to spot harmful messages when AI can create almost perfect text.

The key takeaways from recent research are clear: the AI-driven cyber landscape is still changing and uncertain. Also, real cyber resilience isn’t just about using AI tools. It requires strong basic security practices, understanding normal behavior patterns, and keeping humans involved.

Organizations that combine smart automation with skilled analysts and build on a solid, well-maintained security foundation have a much better chance of success than those relying on simple “set-it-and-forget-it” solutions.

Escalating burnout

Even with ongoing efforts to train and hire more people, the shortage of cybersecurity talent seems to be getting worse. It’s not just about finding enough staff, but finding experts in areas like threat hunting, AI-driven detection, and advanced techniques, skills that are both rare and increasingly important.

At the same time, the pressure on existing teams is wearing them down. Many cybersecurity professionals feel burned out from constantly monitoring and responding to threats in real time. This burnout leads to more mistakes, less focus, and more people leaving their jobs. In fact, a large number of professionals are considering looking for new roles soon.

When turnover rises, organizations struggle to keep up with important proactive tasks like managing assets, applying patches, and improving security overall. Instead, they end up stuck reacting to problems as they come, rather than building stronger defenses for the future.

“Businesses face mounting challenges and pressures as the attack surface expands and becomes harder to defend—from hardening environments and optimizing security solutions to navigating regulatory compliance and retaining skilled professionals,” said Andrei Florescu, president and GM of Bitdefender Business Solutions Group.

“The findings in this report make it clear that organizations must adopt modern security strategies that address a new reality where adversaries use AI to exploit vulnerabilities, sharpen social engineering, and accelerate the speed of attacks. Effective cybersecurity not only stops attacks but also continuously reduces risk and ensures ongoing compliance across the organization, ” Florescu concluded.