Report: Cybersecurity teams need nearly 100 days to develop threat defenses

A recent analysis by Immersive Labs of 35,000 cybersecurity team members inside 400 large organizations found that it takes over three months (96 days) on average to develop the knowledge, skills and judgment to defend against breaking threats. One particular breaking threat took, on average, more than six months (204 days) to master, causing concerns for organizations that are forced into swift action.

On the flip side, four of the top five fastest-developed skills in 2021 revolved around the Log4j vulnerability. The increase in sophisticated threats is forcing organizations to find ways to ramp-up skills faster and more efficiently; however, unfortunately, a large gap still exists. Development of knowledge, skills and judgment was also faster against high-profile threat groups. The top five of interest are UNC2452 (Solarwinds), Iranian Threat Groups, Fin 7, Hafnium and Darkside.

However, the frequency in which organizations conduct cybersecurity crisis exercises varies significantly across sectors. An analysis of 6,400 crisis response decisions shows that technology and financial services companies prepare the most for cyberattacks, running nine and seven exercises per year respectively. On the other hand, critical national infrastructure organizations prepare the least, with just one exercise per year.

The report also took a look at application security and found that overall, AppSec teams develop human cyber capabilities faster than cybersecurity teams. Seventy-eight percent of all application security skills are developed faster than the expected completion time, as opposed to just 11% of cybersecurity labs. Furthermore, the average application security lab is completed 2.5 minutes under expected complete time, whereas the average time to complete cybersecurity labs is 17 minutes over. This continues to put a spotlight on the much-needed strategic alignment between AppSec and security teams to keep organizations secure.

Immersive Labs’ Cyber Workforce Benchmark report analyzed cyber knowledge, skills and judgment from over half a million exercises and simulations run by more than 2,100 organizations in the last 18 months. These were broken down to understand the workforce cyber capabilities of cybersecurity, application security and crisis response teams.

Read the full report by Immersive Labs.