Immersive Labs - Experts & Thought Leaders

Immersive, the pioneer in cyber resilience, announced the general availability of Dynamic Threat Range, a groundbreaking new capability within its Immersive One platform that transforms how organisations validate and improve cyber readiness. Dynamic Threat Range runs authentic, full-chain live-fire attacks within supported enterprise environments, delivering a level of realism that traditional log replays cannot match. Powered by a new Infrastructure-as-Code foundation, it enables complex, real-world simulations at scale and provides measurable insight into how teams detect and respond under pressure. Continuous cyber resilience Dynamic Threat Range provides the optimal environment for developing cyber readiness and achieving lasting resilience. By transforming performance into measurable insights, it ensures every exercise strengthens capability and confidence across people, process, and technology. Key benefits include: Train under real conditions: Conduct investigations and detection drills within supported enterprise SIEMs such as Elastic and Splunk to ensure training relevance and transferability. Measure what matters: Quantify readiness through objective, evidence-based metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), providing clear proof of progress and ROI. Focus on the right threats: Access scenarios curated to mirror the techniques and threat actors most relevant to your organisation’s environment. Prepare teams for resilience: Build the confidence and coordination required to respond decisively when incidents occur, accelerating overall organisational readiness. “For years, security teams have been forced to train in environments that don’t reflect their real-world and ever-evolving attack surface,” said Aniket Menon, Chief Product Officer at Immersive. “Dynamic Threat Range changes that. By enabling exercises within an organisation’s actual SIEM and network technologies, we’re giving leaders and technical teams verifiable, data-backed proof of readiness, and finally moving the industry from ‘we think we’re ready’ to ‘we know we’re ready.’” Dynamic Threat Range capability With this launch, Immersive reinforces its dominance as the only platform delivering continuous, evidence-based cyber resilience. The Dynamic Threat Range capability empowers CISOs and security champions to confidently prove and improve readiness, while offering new revenue opportunities for partners through services like pre-sales readiness assessments and post-incident benchmarking. Upcoming roadmap milestones include support for Microsoft Sentinel, advanced custom exercise creation, and AI-driven communication analysis—expanding the platform’s benchmarking and automation capabilities in early 2026. 

Immersive, the pioneer in cyber resilience, is revealing a widening gap between confidence and capability in cybersecurity. Despite record investment, heightened board oversight, and nonstop training, measurable readiness has flatlined. While nearly every organisation believes it can handle a major incident, the data tells a different story. According to Immersive’s analysis, average decision accuracy is just 22%, and the average containment time is 29 hours. Meanwhile, Resilience Scores remain statistically flat to lower year-over-year (with an average decline of -3%) since 2023, showing that belief in preparedness continues to outpace proven performance. “Readiness isn’t a box to tick, it’s a skill that’s earned under pressure,” said James Hadley, Founder and Chief Innovation Officer at Immersive. “Organisations aren’t failing to practice; they’re failing to practice the right things. True resilience comes from continuously proving and improving readiness across every level of the business, so when a real crisis hits, your confidence is backed by evidence, not assumption.” Most significant findings The findings reveal that readiness breaks down in predictable ways. From how teams measure success, to what they choose to practice, and who they involve in the process, Immersive’s data exposes systemic patterns that prevent organisations from achieving demonstrable resilience. These are the fault lines where confidence diverges from capability, and where the work to truly be ready must begin. Among the report’s most significant findings: Confidence without capability 94% of organisations believe they could effectively detect, respond to, and recover from a major incident. In practice, teams achieved only 22% decision accuracy and took 29 hours to contain simulated attacks. Resilience Scores have remained statistically flat since 2023, and the median response time of 17 days to complete the latest cyber threat intelligence labs hasn’t improved despite increased spending and executive oversight. Confidence is climbing. Capability isn’t. Practicing the past 60% of all training still focuses on vulnerabilities more than two years old, leaving teams overprepared for yesterday’s threats. The most common exercises remain fundamental-level labs (36%), limiting progression into intermediate and advanced readiness. The result: stalled maturity and shrinking adaptability as organisations master outdated playbooks while new attack techniques evolve. Excluding the business Only 41% of organisations include non-technical roles (such as Legal, HR, Communications, or Executives) in simulations, even though 90% believe cross-functional coordination is strong. The data proves otherwise: when crises hit, unpracticed collaboration slows response and amplifies impact. True readiness demands rehearsed coordination across every function, not just the security team. New risks, old habits Veteran practitioners outperform newcomers on known threats, achieving roughly 80% accuracy in classic incident-response labs. But when faced with AI-enabled or novel attacks, those same experts lag behind. Senior participation in AI-scenario labs dropped 14% year over year, exposing a growing adaptability gap as adversaries weaponise AI. “Experience teaches what to do next, until the next thing has never happened before,” added Hadley. “Even the most seasoned teams must evolve as fast as the threats they face.” Methodology Immersive’s report draws from: An Immersive commissioned survey with Osterman Research of 500 cybersecurity pioneers and practitioners in the U.S. and U.K. (August–September 2025), capturing how organisations perceive and measure readiness. Anonymised performance data within the Immersive One platform (July 2024–June 2025), representing millions of hands-on labs across industries. Results from Immersive’s “Orchid Corp” crisis simulation, involving 187 professionals across 11 drills in 9 cities, measuring real-world decision-making and containment under pressure. Analysis of the Immersive Resilience Score, a benchmark that quantifies readiness across people, process, and technology by measuring decision accuracy, response time, framework alignment, and adaptability to new threats. The score applies to all Immersive users, subject to eligibility, as customers must have the relevant product to be evaluated on each corresponding factor.

Immersive, the pioneer in cyber resilience, announced the appointment of Aniket Menon as Chief Product Officer (CPO) and Thanos Karpouzis as Chief Technology Officer (CTO) to its executive leadership team.  These critical additions will support innovation in Immersive One, the company’s unified cyber readiness platform, and reinforce Immersive’s mission to help organisations be ready for cyber threats through its AI-powered, evidence based Prove, Improve, Benchmark, and Report (PIBR) approach. Deep expertise Both c-suite pioneers bring deep expertise that aligns with Immersive’s vision for advancing enterprise cyber resilience: Aniket Menon is a cybersecurity product leader with over 15 years of experience at the intersection of security, technology, and infrastructure. Previously serving as VP of Product at Rapid7, Menon unified the company’s security operations platform and launched products spanning exposure management, detection and response, and cloud security, delivering measurable improvements in enterprise security programs. Thanos Karpouzis brings over 15 years of software industry experience, with a proven track record of innovation and delivering products that address critical customer needs. He previously served as Vice President of Engineering at Immersive, and before that was CTO at CoachHub, where he launched Aimy—the first commercial AI Leadership Coach—expanding the company’s personalised coaching capabilities. Prior to CoachHub, Karpouzis served as an engineering lead for Babbel and drove its learner apps product to become the world’s highest-grossing language-learning app, earning “Top Developer” and “Best Apps of the Year” recognition from Google Play and the App Store. Accelerating Immersive One’s technology Immersive is accelerating innovation in Immersive One’s role-specific training, simulations, ranges “Aniket and Thanos are visionary leaders who bring the expertise we need to accelerate Immersive One’s technology and platform, ensuring organisations are prepared for whatever threats may arise,” said Mark Schmitz, CEO of Immersive. “Their leadership will be pivotal as we scale our capabilities and expand our product portfolio to deliver solutions that help customers transform cybersecurity from a reactive necessity into a proactive, data-driven business function, equipping teams at every level to measure, improve, and prove their readiness.” With these appointments, Immersive is accelerating innovation in Immersive One’s role-specific training, simulations, ranges, and cyber drills, helping organisations protect their business, prove resilience to stakeholders, and adapt faster than the threats they face. Immersive One platform Immersive One is a unified platform that equips organisations to Prove, Improve, Benchmark, and Report their cyber resilience. The platform allows cyber pioneers to prove whether their technical teams, business leadership, and wider workforce are prepared for the next cyber incident with upskilling and exercises that benchmark readiness while also addressing compliance with regulations. Improving individual skill With the data and insights that come from these exercises, pioneers can then improve individual skill levels with targeted programs, rooted in individual performance data.  Aligned with MITRE ATT&CK and other frameworks, Adaptive Intelligence Programs ensure organisations can prove cyber resilience with reports that back it up. Whether facing new regulations, board scrutiny, or real-world attacks, Immersive One turns people-readiness into a continuous, evidence based practice.