A new report from global cybersecurity firm Bitdefender, based on an independent survey of over 1,200 IT and security professionals, reveals critical insights into the evolving cybersecurity landscape, including widespread pressure to conceal breaches, the rise of AI-driven threats, and significant discrepancies between leadership confidence and operational realities.Bitdefender has released its 2025 Cybersecurity Assessment Report, an annual publication derived from an independent survey and analysis of cybersecurity professionals. The report aims to identify the most urgent concerns, key challenges, and threat perceptions influencing enterprise security strategies. The findings are based on responses from over 1,200 IT and security professionals, ranging from IT managers to Chief Information Security Officers (CISOs), employed at companies with 500 or more employees across France, Germany, Italy, Singapore, the United Kingdom, and the United States. The survey and analysis were conducted by Censuswide, an international market research consultancy firm, between April and May 2025.One of the report’s notable findings is that over half (57.6%) of surveyed IT and security professionals reported being pressured to keep a breach confidential, even when they believed it warranted disclosure to authorities. This figure represents a 38% increase compared to Bitdefender’s 2023 report. Regionally, Singapore exhibited the highest rate at 75.7%, followed by the U.S. at 73.8%, the U.K. at 58.1%, Italy at 52.8%, Germany at 48.4%, and France at 35.4%.Reducing the cyberattack surface by disabling unnecessary tools or applications is a top priority for 67.7% of professionals. The U.S. (75%) and Singapore (71%) showed the highest emphasis on this trend, with Italy at 69%, and Germany and the U.K. both at 64%. This priority aligns with Bitdefender’s internal research, which indicates that 84% of major attacks now involve legitimate tools already present in the environment, often referred to as Living-Off-the-Land (LOTL) tactics. When asked about the most at-risk surfaces, cloud infrastructure and services were cited by 21.4% of respondents, followed by network infrastructure (18.6%) and endpoints/user devices (16.8%).A significant disconnect exists between leadership confidence and frontline realities. While 45% of C-level executives express high confidence in managing cyber risk, only 19% of mid-level managers share this sentiment. This disparity extends to strategic priorities: 41% of C-level executives prioritize adopting AI tools, whereas 35% of mid-level managers focus on strengthening cloud security and identity management, highlighting a growing gap between high-level strategy and operational needs.More than two-thirds (67%) of all respondents perceive an increase in AI-driven cyberattacks. Concern was highest in France (73.5%), the U.S. (71%), and Singapore (70%). Notably, 20.3% view AI-powered malware as an extremely significant risk, with this concern rising to 25% among senior management compared to 15% of middle management. However, industry research, including investigations by Bitdefender, indicates limited evidence of sophisticated malware entirely created by AI; instead, adversaries are employing AI tools like chatbots to refine or troubleshoot malicious code.When asked about their most concerning threats, 51% of organizations cited AI-generated threats, encompassing deepfakes, automated malware, and malicious code. This was closely followed by phishing/social engineering (44.7%), software vulnerabilities and zero-days (37%), and ransomware (35%). Furthermore, 51% of respondents view AI-enhanced social engineering as a significant concern, and 63.3% believe their organization experienced an attack involving some element of AI within the past 12 months.The complexity of security solutions poses a mounting challenge, cited by 31% of respondents as their biggest hurdle. Extending protection across diverse environments (29%) and internal skills shortages (28%) were also significant challenges. Germany reported the highest difficulty with complexity at 41%, while Singapore reported the highest concern regarding a lack of in-house expertise at 39%. Additionally, one in four (25%) flagged navigating compliance as a major challenge with their current security solutions.The cybersecurity skills gap continues to worsen, with 49% of respondents indicating a deterioration within their organizations over the past 12 months. The U.S. reported the highest rate at 63.5%, significantly above the average, followed by Singapore (59%) and Germany (51%). This trend correlates with job satisfaction, as 49% of respondents experience burnout due to the constant need to monitor and respond to evolving cyberthreats. Fifty percent of professionals in the U.S. and Singapore plan to seek new jobs within the next year. Paradoxically, 95% of C-level and senior executives believe their organization effectively manages risk, further highlighting the disconnect with frontline cybersecurity teams.Andrei Florescu, president and general manager of Bitdefender Business Solutions Group, stated, “Businesses face mounting challenges and pressures as the attack surface expands and becomes harder to defend—from hardening environments and optimizing security solutions to navigating regulatory compliance and retaining skilled professionals. The findings in this report make it clear that organizations must adopt modern security strategies that address a new reality where adversaries use AI to exploit vulnerabilities, sharpen social engineering, and accelerate the speed of attacks. Effective cybersecurity not only stops attacks but also continuously reduces risk and ensures ongoing compliance across the organization.”