Blog – EN

The Human in an AI-Driven Threat Landscape – AI did overpass the human in writing phishing emails in 2024 – already two years ago[1]. It is therefore not surprising that nowadays, virtually all phishing attacks are created by AI agents. They write more convincing phishing, in a personalized way and they can process huge volumes of messages at almost no cost. There will always be malicious messages that outsmart even the best filters and end up in your mailbox. And these will be all the more dangerous.

So, organizations must empower the employees and IT-engineers and they should respond with the same level of AI-enabled automation. That’s why Cyberdise applies AI where it matters most

CYBERDISE 3.0 contains significant new functionality in AI phishing, LMS and training, threat reporting and message analysis and even architectural enhancements. That’s why it’s a great release!

Version 3.0 since early 2026. Those who want to know what’s exactly in the release, please check out the release-notes. But here I’d like to cover the three to four features we love most.

The University of Osnabrück receives the “Awareness Customer of the Year 2026” award for the exemplary implementation of CYBERDISE in an on-premise configuration. No other customer has deployed our platform productively at a comparable speed: only a few weeks elapsed between order and the first productive campaign.

We were particularly impressed by the lean, efficient, and largely independent implementation – as well as the consistently professional, proactive, and prompt communication. This combination makes the University of Osnabrück a true showcase customer. We are all the more pleased that the university has agreed to become one of our reference customers.

In CYBERDISE AWARENESS, two concepts are often used interchangeably – attitude and behavior. They are related, but they are not the same. Confusing them is one of the main reasons why many awareness programs fail to deliver lasting risk reduction.

Attitude is shaped primarily through information, communication, and training. Traditional awareness programs focus heavily on this layer: policies, videos, e-learning, and explanations of “what could go wrong.”

Research confirms that training can indeed influence attitude. Employees often report higher awareness, stronger responsibility, and better understanding after training interventions.

In CYBERDISE AWARENESS, two concepts are often used interchangeably – attitude and behavior. They are related, but they are not the same. Confusing them is one of the main reasons why many awareness programs fail to deliver lasting risk reduction.

Attitude is shaped primarily through information, communication, and training. Traditional awareness programs focus heavily on this layer: policies, videos, e-learning, and explanations of “what could go wrong.”

Research confirms that training can indeed influence attitude. Employees often report higher awareness, stronger responsibility, and better understanding after training interventions.

What features were we able to roll out? A review.

Modern attacks happen in seconds, but awareness teams often work in days or weeks. We wanted to close this gap. CYBERDISE 2025 brings together AI reconnaissance, autonomous campaign components, multi-organizational management, and a revamped content ecosystem. It’s a platform that not only trains, but also systematically scales security culture—from medium-sized businesses to MSSPs. At the end of the year, we will showcase the features developed this year that will help you achieve this goal. Which ones are you not familiar with yet? Take a look for yourself at the end of this article!

Recent discussions around the effectiveness of cybersecurity awareness have been reignited by high-profile media coverage. Most prominently, a Wall Street Journal article drawing on the study “Understanding the Efficacy of Phishing Training in Practice” questions whether phishing simulations and awareness training lead to meaningful risk reduction.

The debate itself is healthy. The conclusions drawn from it, however, require more nuance.

A growing body of empirical research shows that well-designed cybersecurity awareness programs do improve real-world cyber risk behavior. What often fails is not awareness as such, but narrow interpretations of what awareness is, how it should be embedded organizationally, and how success should be measured.

How many phishing simulations should be conducted and how frequently users should be confronted with cybersecurity eLearning is a recurring topic in consulting for awareness programs and campaigns.
This topic is far from academic – it’s highly relevant for practical application.
A sensitization effect, once achieved, begins to crumble after about three months, and after six months, maximum erosion has essentially been reached. There are solid studies on this, and our latest scientific research shows a very similar result.
However, the statements made about the quantity and timing of awareness measures must be considered with nuance. It would be dangerous to derive simple, universally applicable rules from them.

Common possible missteps on customer-side in implementing Security Awareness projects

It’s like any other project: you think it’s too easy, you don’t listen or listen to the wrong experts, you think you’ll master it, or you think you can do it alone, you don’t talk to each other enough and the goals and requirements are not as clear as they should be. If you then start with an inappropriate mindset and management fails to recognize the purpose, value and benefits of awareness, then the project can get off to a very bumpy start.

Phishing emails are becoming harder to detect, even for humans. A recent study tested various large language models (LLMs) for their ability to recognize malicious intent in emails, revealing significant differences in performance.

One standout was Claude 3.5 Sonnet, which scored over 90% at low false positive rates and even flagged suspicious emails that humans overlooked. When explicitly asked to assess suspicion, it correctly classified all phishing emails while avoiding false alarms on legitimate messages. However, it struggled with conventional phishing emails, achieving only an 81% true-positive rate in that category…