Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now
A recent analysis by Immersive Labs of 35,000 cybersecurity team members inside 400 large organizations found that it takes over three months (96 days) on average to develop the knowledge, skills and judgment to defend against breaking threats. One particular breaking threat took, on average, more than six months (204 days) to master, causing concerns for organizations that are forced into swift action.
On the flip side, four of the top five fastest-developed skills in 2021 revolved around the Log4j vulnerability. The increase in sophisticated threats is forcing organizations to find ways to ramp-up skills faster and more efficiently; however, unfortunately, a large gap still exists. Development of knowledge, skills and judgment was also faster against high-profile threat groups. The top five of interest are UNC2452 (Solarwinds), Iranian Threat Groups, Fin 7, Hafnium and Darkside.
However, the frequency in which organizations conduct cybersecurity crisis exercises varies significantly across sectors. An analysis of 6,400 crisis response decisions shows that technology and financial services companies prepare the most for cyberattacks, running nine and seven exercises per year respectively. On the other hand, critical national infrastructure organizations prepare the least, with just one exercise per year.
The report also took a look at application security and found that overall, AppSec teams develop human cyber capabilities faster than cybersecurity teams. Seventy-eight percent of all application security skills are developed faster than the expected completion time, as opposed to just 11% of cybersecurity labs. Furthermore, the average application security lab is completed 2.5 minutes under expected complete time, whereas the average time to complete cybersecurity labs is 17 minutes over. This continues to put a spotlight on the much-needed strategic alignment between AppSec and security teams to keep organizations secure.
AI Scaling Hits Its Limits
Power caps, rising token costs, and inference delays are reshaping enterprise AI. Join our exclusive salon to discover how top teams are:
- Turning energy into a strategic advantage
- Architecting efficient inference for real throughput gains
- Unlocking competitive ROI with sustainable AI systems
Secure your spot to stay ahead: https://bit.ly/4mwGngO
Immersive Labs’ Cyber Workforce Benchmark report analyzed cyber knowledge, skills and judgment from over half a million exercises and simulations run by more than 2,100 organizations in the last 18 months. These were broken down to understand the workforce cyber capabilities of cybersecurity, application security and crisis response teams.
Read the full report by Immersive Labs.
