According to the report, 42% of the total IT/security professionals surveyed said they have been told to keep a breach confidential when they knew it should be reported and 30% said they have kept a breach confidential. The U.S. had the highest rate with 71% of IT/security professionals saying they have been told to keep quiet, followed by the U.K. at 44%, Italy at 36.7%, Germany 35.3%, Spain 34.8% and France 26.8%.

Other key findings from the report included:



• 52% of global respondents said they have experienced a data breach or data leak in the last 12 months. The U.S. led at 75% (or 23% higher than average) followed by the U.K. at 51.4% and Germany at 48.5% rounding out the top three. More than half (55%) of respondents agree they are worried about their company facing legal action due to a breach being handled incorrectly. 
• When asked about the security threats that pose the greatest concern, respondents indicated they are most concerned about software vulnerabilities and/or zero-days threats (53%), phishing/social engineering threats (52%) and attacks targeting the supply chain coming in at third (49%).
• More than two in five (43%) of IT/security professionals surveyed said extending capabilities across multiple environments (on-premises, cloud, and hybrid) is the greatest challenge they face which tied with complexity of security solutions also at 43%. Not having the security skill set to drive full value came in as a strong second at 36%. Italy and France cited lack of security skill set as their biggest challenge at 49% and 45%.
• 99% of respondents stated that using a managed security provider, such as a managed detection and response (MDR) service, is a critical element of their security programs with almost all (99%) of respondents stating they are either currently using or considering using a managed security provider. The top reason respondents gave include the ability to have 24x7 security coverage (45%), followed by the ability to free up internal IT/cybersecurity resources (35%). Ninety-three percent of respondents identified proactive threat hunting as important.