Predictable drills fail because employees quickly learn the pattern of the exercise and stop treating it as a real threat. That creates a false pass rate. AI-crafted phishing is more personalised, so the training environment must be harder to recognise and more relevant to the user’s actual working context.
Why This Matters for Security Teams
Predictable phishing drills create measurement noise, not resilience. Once employees recognise a simulation pattern, their behaviour improves inside the exercise while real-world judgement may stay unchanged. Modern phishing is also more adaptive: attackers use context, timing, and AI-generated variation to make lures harder to spot. The practical risk is a training program that rewards pattern recognition instead of threat recognition, especially when executives, finance, and help desk staff face tailored impersonation attempts. NHI Management Group’s research on broader identity abuse shows how quickly attacker behaviour can shift once credentials or trusted access paths are exposed; the 52 NHI Breaches Analysis and the Ultimate Guide to NHIs — Key Challenges and Risks both reinforce that identity abuse is often operational before it is visible. Current threat reporting from CISA cyber threat advisories also shows that social engineering is rarely static. In practice, many security teams encounter the gap only after a convincing campaign has already bypassed a “successful” drill.
How It Works in Practice
Effective awareness programs need to test decision-making under realistic pressure, not just whether someone can identify a familiar template. That means varying sender context, channel, timing, business events, and request type so the drill resembles the kinds of lures users actually receive. The goal is to measure whether people verify, escalate, and report suspicious requests when the message looks plausible.
Practical programs usually combine three layers:
- Role-specific scenarios that mirror finance, HR, IT support, sales, and executive workflows.
- Adaptive difficulty, so repeated simulations do not become predictable, while still avoiding unnecessary blame.
- Fast reporting paths and feedback, so users learn the correct response, not just the “gotcha.”
This is where evidence matters. The The State of Secrets in AppSec report highlights a persistent gap between confidence and actual practice, which is a useful reminder that perceived readiness often diverges from operational readiness. For phishing specifically, Anthropic — first AI-orchestrated cyber espionage campaign report illustrates how AI can scale persuasion and variation in ways traditional training content does not anticipate. Best practice is evolving toward continuous, risk-based simulations rather than quarterly exercises with obvious branding or timing. These controls tend to break down when simulations are reused too often in the same departments because employees learn the drill pattern instead of the attack pattern.
Common Variations and Edge Cases
Tighter simulation design often increases operational overhead, requiring organisations to balance realism against legal, HR, and communications constraints. That tradeoff is real: highly realistic tests can improve behavioural fidelity, but they also raise the risk of confusion if incident handling and employee support are not aligned.
There is no universal standard for how deceptive a phishing drill should be. For some organisations, the right approach is low-friction nudges and broader awareness; for others, especially high-risk sectors, more advanced impersonation testing may be justified. The key is to avoid turning training into a game that users learn to pass. Current guidance suggests measuring several outcomes together: report rate, time to report, escalation quality, and whether the user followed verification steps before sharing credentials or approving payment.
Edge cases matter. Remote work, multilingual teams, and heavy use of collaboration tools can make phishing look less like email and more like chat, ticketing, or shared document requests. AI-generated content can also mimic internal tone well enough that static examples age quickly. For broader context on how identity abuse and tool-based compromise evolve, the DeepSeek breach and the Top 10 NHI Issues both show how quickly trust can be exploited once an attacker has a foothold. The practical limit appears when simulations are too simple for modern lures or too complex for the organisation’s reporting process to support them.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | Phishing often targets stolen identities and trust paths, central to NHI exposure. |
| NIST CSF 2.0 | PR.AT-1 | Security awareness and training must measure real behaviour, not drill familiarity. |
| NIST AI RMF | AI-assisted phishing changes the risk profile and requires ongoing governance. |
Review where human trust signals enable identity abuse and harden verification steps before access is granted.
