惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

B
Blog RSS Feed
Google DeepMind News
Google DeepMind News
罗磊的独立博客
Martin Fowler
Martin Fowler
博客园_首页
Stack Overflow Blog
Stack Overflow Blog
Last Week in AI
Last Week in AI
The GitHub Blog
The GitHub Blog
B
Blog
C
Check Point Blog
WordPress大学
WordPress大学
G
Google Developers Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
量子位
月光博客
月光博客
U
Unit 42
Engineering at Meta
Engineering at Meta
有赞技术团队
有赞技术团队
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
大猫的无限游戏
大猫的无限游戏
博客园 - 聂微东
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Y
Y Combinator Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Vercel News
Vercel News
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - 【当耐特】
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Jina AI
Jina AI
S
Secure Thoughts
aimingoo的专栏
aimingoo的专栏
D
Darknet – Hacking Tools, Hacker News & Cyber Security
I
Intezer
Latest news
Latest news
V
Vulnerabilities – Threatpost
D
Docker
Attack and Defense Labs
Attack and Defense Labs
Help Net Security
Help Net Security
S
Security @ Cisco Blogs
Forbes - Security
Forbes - Security
MongoDB | Blog
MongoDB | Blog
云风的 BLOG
云风的 BLOG
L
LINUX DO - 热门话题
P
Palo Alto Networks Blog
Cloudbric
Cloudbric
Spread Privacy
Spread Privacy

The Register - Security: CSO

Anthropic's Mythos has The Kettle crew curious, skeptical 'People's Panel' to check if UK wants controversial Digital ID will cost £630K Top npm package backdoored to drop dirty RAT on dev machines Lightning-fast exploits mean patch fast, says Cisco Talos Lightning-fast exploits mean patch fast, says Cisco Talos Smooth criminals talking their way into cloud environments, Google says Cybercrime up 245% since the start of the Iran war Scattered Lapsus$ Hunters seeks women to defraud helpdesks Every day in every way, passwords are getting worse CISA quietly updated ransomware flags on 59 flaws last year Deepfake job seeker applied to work for an AI security firm Deepfake job seeker applied to work for an AI security firm AI-powered cyberattack kits are 'just a matter of time' AI-powered cyberattack kits are 'just a matter of time' FortiGate SSO bug still exploitable despite December patch FortiGate SSO bug still exploitable despite December patch Judge tosses CrowdStrike shareholder suit over 2024 outage DRAM shortage may drive firewall prices higher: analysts Ransomware attacks kept climbing in 2025 as gangs refused to stay dead Around 1,000 systems compromised in ransomware attack on Romanian water agency 1,000 systems pwned in Romanian Waters ransomware attack Half of exposed React servers remain unpatched amid attacks CISA warns spyware crews are breaking into Signal and WhatsApp accounts FCC guts Salt Typhoon telco rules despite espionage risk CISA orders feds to patch Oracle Identity Manager zero-day SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere SEC bails on SolarWinds lawsuit Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood Palo Alto kit sees massive surge in malicious activity Countries use cyber targeting to plan strikes: Amazon CSO UK's Cyber Security and Resilience Bill makes Parliamentary debut Cyber insurers paid out over twice as much for UK ransomware attacks last year Cyberpunks mess with Canada's water, energy, and farm systems Trump's workforce cuts blamed as America's cyber edge dulls Feds flag active exploitation of patched Windows SMB vuln How malware vaccines could stop ransomware's rampage Salesforce refuses to pay ransomware crims' extortion demand Germany slams brakes on EU's Chat Control snoopfest Germany slams brakes on EU's Chat Control snoopfest Employees regularly paste company secrets into ChatGPT Oracle tells Clop-targeted EBS users to apply July patch Red Hat repos raided, claims cybercrew, files stolen Suspected Chinese spies broke into 'numerous' enterprises UK gov acknowledges 'strong case' for JLR financial support JLR extends shutdown – again – as toll on workers laid bare UK chancellor blames cyberattacks on Russia despite evidence Fortra discloses 10/10 severity bug in GoAnywhere MFT Entra ID bug could have granted access to every tenant UEFI Secure Boot for Linux Arm64 – where do we stand? JLR says cyber cleanup to take additional week Insider blamed for FinWise data breach affecting nearly 700K Nork snoops whip up fake military ID with help from ChatGPT UK government dragged for incomplete security reforms Church of England abuse victims exposed by lawyer's email US spy chief claims UK backdown on Apple backdoor demand Workday confirms CRM breach via social engineering Black Hat/DEF CON: AI more useful for defense than hacking Ex-White House cyber guru talks Microsoft security fails CISA releases malware analysis for Sharepoint Server attack China: US spies used Microsoft Exchange 0-day to steal info Security pros drowning in threat-intel data Identity attacks surge 156% as phishermen get craftier Organizations can’t keep up with supply chain security musts Amazon CISO: Iranian hacking crews ‘on high alert’ UK data watchdog fines 23andMe £2.3M over 2023 breach Employers are demanding too much from junior cyber recruits FCA warned four staffers who pocketed regulator data Ransomware just wrecked your network – now what? Ivanti RCE attacks 'ongoing,' exploitation hits clouds Ex-NSA listened to Scattered Spider's calls: 'They're good' Snowflake CISO talks lessons learned from breaches, improv Why CVSS is failing us and what we can do about it Infosec pros still aren't nailing the basics of AI security Ransomware crims targeting systems between IT and operations Why aggregating asset inventory leads to better security NCSC and industry at odds over how to tackle shoddy software Powerschool extortionists may not have deleted stolen data CrowdStrike trims workforce by 5 percent, aims to rely on AI NSO Group must pay Meta $168M in WhatsApp spy case Ghost in the shell script: Boffins seek code correctness How Intruder finds what others miss in cloud security Linux malware can avoid syscall-based endpoint protection Infosec pro blabs about alleged malware mishap on LinkedIn The future of AI in cybersecurity in a word – optimistic CVE board 'kept in the dark' on funding, members say Security snafus caused by third parties up from 15% to 30% Blue Shield shared 4.7M people's health info with Google Ads Who needs phishing when your login's already in the wild? US cyber defenses are being dismantled from the inside Bug hunter obtains an SSL cert for Alibaba Cloud in 5 steps
Overconfidence is the new zero-day as teams stumble through cyber simulations
2025-11-17 · via The Register - Security: CSO

Teams that think they're ready for a major cyber incident are scoring barely 22 percent accuracy and taking more than a day to contain simulated attacks, according to new data out Monday.

Immersive's latest Cyber Workforce Benchmark, which draws on 1.8 million exercises from the Immersive One platform and a survey of 500 cybersecurity leaders, paints a picture of an industry that has become more confident but no more capable. Immersive says 94 percent of organizations believe they can "effectively detect, respond to, and recover from a major incident," yet real-world performance in controlled drills has remained stubbornly flat. 

According to the report, resilience scores haven't improved since 2023, with the median response time to complete critical cyber threat intelligence labs still coming in at 17 days – despite what Immersive describes as "record investment" and growing pressure from boards and cyber insurance carriers. 

James Hadley, Immersive founder and chief innovation officer, argues that organizations are failing not for lack of effort, but because they are training for the wrong fights. "Readiness isn't a box to tick, it's a skill that's earned under pressure," he says in the report. "Organizations aren't failing to practice; they're failing to practice the right things." 

Across the company's crisis-simulation drills, which involved 187 professionals in 11 global exercises, performance was consistently poor. Participants achieved just 22 percent accuracy, averaged 60 percent confidence, and took 29 hours to contain an infection, a combination the report describes as evidence that "when tested under pressure, most teams didn't fail for lack of knowledge, they failed for lack of practiced coordination." 

The data also shows no improvement in the industry's basic readiness metrics. Immersive says more than 60 percent of sectors actually experienced slower response times year-over-year, and that confidence scores for "OK," "Good," and "Great" answers averaged the same (around 42.5 percent), suggesting teams cannot accurately judge their own performance despite expressing strong self-belief.

Much of the stagnation, the report argues, comes from practicing outdated threat scenarios. Immersive found that 60 percent of all training activity still focuses on vulnerabilities more than two years old, leaving teams "over-prepared for yesterday's threats" while new attacker techniques continue to evolve. Fundamental-level labs remain the most common exercises at 36 percent of usage, which the company says limits progression to intermediate and advanced readiness.

Another systemic issue is participation. Only 41 percent of organizations include non-technical roles such as legal, HR, communications, or senior executives in their cyber-response simulations. This is despite 90 percent of respondents believing their cross-functional communication during an incident is effective. Immersive's data shows the opposite: when business functions aren't rehearsed under pressure, collaboration falters and response times worsen. 

Industry habits also contribute to the readiness illusion. Immersive reports that organizations overwhelmingly rely on training completion rates to measure preparedness even though completion "is not competence." Only 46 percent use resilience scores, and only 42 percent measure the number of simulations conducted, creating what the report calls "false metrics" that mask real-world capability gaps. 

The report highlights a widening adaptability problem as well. Experienced practitioners perform strongly on familiar threats (roughly 80 percent accuracy in classic incident-response labs) but fall behind when faced with AI-enabled or novel attacks. Senior participation in AI-scenario labs dropped 14 percent year-over-year, while non-technical managers increased participation by 41 percent.

As Immersive puts it: "Experience teaches what to do next – until the next thing has never happened before."

Training completion itself remains inconsistent. The report notes an average completion rate of 81 percent, meaning nearly one in five participants do not finish the exercises they start.

Hadley argues the industry must shift from confidence built on assumptions to readiness grounded in evidence. "True resilience comes from continuously proving and improving readiness across every level of the business, so when a real crisis hits, your confidence is backed by evidence, not assumption."

"Experience teaches what to do next, until the next thing has never happened before," added Hadley. "Even the most seasoned teams must evolve as fast as the threats they face." ®