Survey finds half of cyber leaders withhold breach reports

Nearly half of cybersecurity leaders withheld reports of "material" incidents from their boards or executive teams in the past year, according to a new survey by VikingCloud, CFO Dive reports.

The findings reveal that 40% feared punitive responses from leadership, while 44% cited worries about financial or reputational fallout. VikingCloud's Jon Marler urged companies to foster a culture of accountability that allows safe disclosure without fear of job loss.

Legal experts cautioned that the study's scope was narrow and lacked details about company size or whether respondents were bound by U.S. Securities and Exchange Commission rules requiring disclosure of material breaches within four days.

Still, Scott Kimpel of Hunton Andrews Kurth said the research underscores the need for tailored response plans aligned with laws and market expectations.

BreachRx CEO Andy Lunsford warned that avoiding disclosure "will actually result in the opposite outcome," exposing executives to greater liability. VikingCloud also noted AI-driven phishing and nation-state threats as growing concerns.