Even the most skilled cyber professionals can be susceptible to “reverting to type” under stress. This is why continuous and effective cyber resilience training is essential.

In this post, we’ll explore the psychological phenomenon of reverting to type and why overcoming this reflexive response is vital to building cyber resilience.

Understanding “reverting to type”

In psychology, reverting to type refers to the tendency of individuals to fall back on their default behaviors or responses when faced with stress or pressure. This phenomenon can also occur in the context of cyber defense teams. When under stress, team members may rely on their default approaches or habits – this can be very problematic, as cyber threats are constantly evolving, and what may have worked in the past may not represent the best approach against new and sophisticated attack techniques. Simply stated, reverting to type can have significant implications for the effectiveness of cyber defense teams.

An “unrestrained” opponent

Although most of us are working diligently within the constraints of our particular organization, attackers aren’t inhibited by policy or internal politics. Most organizational hierarchies make it difficult for a junior security analyst to challenge the decision of the CISO – which only becomes more complicated as the CISO also reverts to type.

However, the attacker doesn’t need to worry about “rocking the boat” or making a “career-limiting move;” he simply applies his nefarious trade uninhibitedly. This scenario is even more concerning when considering the mounting evidence that junior cyber professionals are often the best able to handle attacks.

The need for continuous exercising

Continuous cyber exercise plays a vital role in building cyber resilience within organizations. By regularly exposing teams to realistic scenarios and allowing them to practice their skills, organizations can enhance their ability to detect, respond to, and recover from cyber incidents. Here are some key reasons why continuous exercising is crucial:

Keeping pace with evolving threats

Cyber threats constantly evolve, becoming more sophisticated and challenging to detect and mitigate. Continuous exercising ensures that cyber defense teams stay up-to-date with the latest threat landscape, attack techniques, and defensive strategies. By regularly exposing teams to realistic scenarios and allowing them to practice their skills, organizations can enhance their ability to detect, respond to, and recover from cyber incidents.

Reinforcing best practices

Exercising and upskilling programs provide an opportunity to reinforce best practices and standard operating procedures. Cyber defense teams can develop muscle memory and improve response times by regularly practicing these procedures. This helps teams execute their roles and responsibilities effectively during high-pressure situations, reducing the likelihood of reverting to ineffective or outdated approaches.

Fostering collaboration and communication

Effective cyber defense requires seamless collaboration and communication among team members. Continuous exercising programs provide a platform for teams to work together, practice coordination, and enhance their communication skills. By simulating real-world scenarios, exercises can help identify gaps in teamwork and facilitate the development of effective communication protocols.

Building resilience to stress

Stress is an inherent part of cybersecurity operations. Continuous exercising exposes teams to high-pressure situations, allowing them to develop resilience and adaptability. By regularly challenging teams with realistic scenarios, organizations can help teams become more comfortable and confident in handling stressful situations. This reduces the likelihood of reverting to default behaviors, empowering teams to make better decisions under pressure.

Measuring and improving performance

Continuous exercising programs provide organizations with valuable insights into their team’s performance. Through assessments, simulations, and after-action reports, organizations can identify strengths, weaknesses, and areas for improvement. This data-driven approach enables targeted training interventions, allowing organizations to optimize their team’s capabilities and enhance overall cyber resilience.

Organizations must prioritize continuous and effective training to build cyber resilience in today’s dynamic cyber landscape. By understanding the theory of “reverting to type” and its implications for cyber defense teams, organizations can design training programs that address their unique challenges. Continuous exercising helps teams stay ahead of evolving threats, fosters collaboration, reinforces best practices, builds resilience to stress, and enables organizations to measure and improve performance. By investing in continuous training, organizations can empower their cyber defense teams to effectively respond to emerging threats and protect critical assets.

To learn more about continuous exercising, click here.

Check Out Immersive Labs in the News.


September 14, 2023


Gregg Ogden

Dan Potter