1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Are cyber pros fooling themselves with skills development?

    From TechnologyDaily@1337:1/100 to All on Tue May 26 11:15:25 2026
    Are cyber pros fooling themselves with skills development?

    Date:
    Tue, 26 May 2026 10:01:26 +0000

    Description:
    With the wrong direction and metrics for success, skills development often builds confidence faster than it builds real readiness.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Cybersecurity teams have never been more confident in their ability to respond to a major incident. Boards are engaged, training programs are expanding, and investment continues to rise.

    On the surface, this looks like progress. However, that confidence can be misleading. Dan Potter Social Links Navigation

    VP of Cyber Resilience at Immersive. Our benchmark data shows that while 94% of organizations believe they would be effective in a cyber incident, actual decision-making accuracy drops drastically in a crisis situation. During breach exercises, decision makers are making the right calls just 22% of the time on average, with incidents taking hours to contain. Latest Videos From You may like When confidence becomes a risk: The gap between cyber resilience readiness and reality The new cyber gap is response latency How to meaningfully measure the effectiveness of cyber resilience

    The gap between confidence and capability isnt down to a lack of effort, but misjudged focus. With the wrong direction and metrics for success, skills development often builds confidence faster than it builds real readiness.
    When confidence outpaces capability The gap between perception and
    performance is widening. Despite more training exercises being completed and
    a stronger involvement from the executive layer, were barely seeing a shift
    in the indicators that matter most. Decision-making accuracy, response times, and resilience scores remain largely flat, even as confidence grows.

    Part of the problem is how progress is measured. Many organizations track
    what is easy to track, such as completion rates or attendance. However, programs can be active and well-attended but not necessarily aligned to the threats that need the most attention.

    Immersives data shows that 36% of completed labs focus on fundamental skills. While the basics matter, staying at that level limits progression. Teams can complete exercises successfully without ever being pushed into more complex, realistic scenarios. Are you a pro? Subscribe to our newsletter Sign up to
    the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners
    or sponsors By submitting your information you agree to the Terms &
    Conditions and Privacy Policy and are aged 16 or over.

    Connected to this is a tendency to focus on familiar or outdated threats, particularly the early stages of an attack. Over time, this creates a model where success is measured more by completion rather than challenge.

    Focusing on foundations and familiarity also means development programs dont fully assess how teams perform under pressure. Activities like phishing simulations and annual training sessions tend to take place in calm, controlled environments nothing like the unpredictable chaos, pressure and anxiety of a real incident.

    So you have participants failing to develop the essential muscle memory they need to react to a crisis and make snap decisions with a cool head. What to read next 76% of UK organizations have faced deepfake attacks. Most werent ready The building blocks to construct a cyber-first culture No Decision is the new breach: Why inaction is becoming a career risk for CISOs in 2026

    The result is visibility without validation: dashboards that look reassuring but dont reflect how teams respond when something goes wrong. Beware the Dunning-Kruger effect This situation is a well-worn psychological issue in many walks of life. Psychologists call it the Dunning-Kruger effect the tendency for people to overestimate their ability when they have limited exposure to a complex area. Its a risky mindset in most circumstances, but especially unhelpful when facing a cyber crisis.

    When teams spend most of their time on foundational tasks, they build familiarity and confidence, but not depth. Combined with metrics that reward completion, this creates a feedback loop where confidence rises while capability stalls.

    The result is the trend were seeing in our benchmarking data, with high confidence in cyber response capabilities sitting alongside low decision-making accuracy when skills are tested in crisis simulations.

    Many organizations that have invested considerable capital and time into
    cyber skills development are in for a rude awakening when an attack hits and the pressure is on. Why experience alone is no longer enough All of these issues add up to a hamstrung cyber response. Processes are slow and disjointed, and decision makers lack the confidence to act decisively.

    This isnt just a front-line issue either, in many organizations, the gap is more pronounced at the top.

    Were seeing a move away from uncertainty and towards more familiar training scenarios.

    For example, our data shows participation by senior staff in AI-focused scenario labs has fallen by 14% year on year, even as concerns about AI -powered threats are dominating the cybersecurity agenda.

    Awareness is increasing, but engagement with more advanced training is not. Any level of engagement and experience is better than none, but it has to evolve to stay useful.

    Todays attacks are more complex, less predictable, and often driven by new technologies. Without exposure to those scenarios, even experienced teams can struggle when incidents dont follow familiar patterns. Making the change from activity to capability Closing this gap requires enterprises to be honest about their level of skill development and cyber readiness. Rather than feel-good metrics and participation trophies for simply completing modules, companies need to ask themselves some tough questions.

    Are their teams and processes ready to contain a threat? Can their leaders keep a cool head and call the right shots in a crisis? How long does it take to make a decision, let alone put it into action?

    The goal isnt more activity, but ensuring the outcome is always set on building stronger capabilities. That starts with measuring the right things. Decision accuracy, response speed, and containment time give a far clearer view of readiness than completion rates ever will.

    Training also needs to reflect real conditions. High-pressure simulations
    help teams understand how they actually perform, not just what they know.
    Data can be analyzed on a granular level to understand performance on the level of departments, teams and individuals.

    Poor results in these scenarios are not failures, but useful signals of where improvement is needed.

    Development plans and future exercises can then be tailored to match.

    Programs should also build progressively, moving from foundational skills
    into more complex, adversary-led scenarios. Regular practice, with increasing difficulty, helps develop the consistency needed in a real incident. Confidence is not a control Confidence is valuable, but it is not a measure
    of cyber readiness. When training prioritizes familiarity and metrics focus
    on activity, organizations risk building a sense of assurance that wont hold up when it matters most.

    Teams may feel prepared, but struggle when faced with the pressure and complexity of a real attack.

    Improving resilience means changing how success is defined. Its not about how much training is completed, but how teams perform when it matters. Only by focusing on real threats and testing capability under realistic conditions
    can organizations ensure their confidence is justified. We've featured the best encryption software. This article was produced as part of TechRadar Pro Perspectives , our channel to feature the best and brightest minds in the technology industry today.

    The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit



    ======================================================================
    Link to news story: https://www.techradar.com/pro/are-cyber-pros-fooling-themselves-with-skills-de velopment


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)