Weak Alerting And Slipping Prevention Raise Risk Levels For CISOs
HelpNet Security, Monday, August 18th, 2025
Prevention effectiveness is falling, detection gaps remain wide, and attackers are exploiting weaknesses in data protection and credentials. Data theft prevention has dropped to 3 percent, password cracking success rates have nearly doubled, and new threat groups are bypassing defenses.
The latest Blue Report from Picus Security shows that prevention effectiveness against cyberattacks has dropped for the first time in two years, falling from 69% in 2024 to 62% in 2025. Detection capabilities remain weak, with less than one in seven simulated attacks triggering an alert.
Researchers analyzed over 160 million attack simulations conducted between January and June 2025. The findings show that while some areas have improved, key weaknesses remain across industries, regions, and attack types.