A new summary of the MITRE ATT&CK Enterprise Round 7 evaluation reveals that the highest protection score any tested vendor achieved was a mere 31 percent — meaning that 69% of attacks went entirely undetected by even the best-performing vendor in the field. But the more significant finding was buried beneath that number. Across every identity-specific attack scenario in the evaluation, all vendors scored zero blocking — not partial detection, not near misses, but zero. The tools enterprises invest in to stop modern attacks did not intercept a single identity attack, which is precisely the class of threat that now defines the modern threat landscape.

For years, security leaders have debated frameworks, tools, awareness programs, and incremental improvements to authentication workflows, while attackers continued to succeed through the same predictable path: logging in with stolen or relayed credentials rather than breaking through hardened infrastructure.

The Betterment breach should not have surprised anyone paying attention, and it certainly should have ended the long-running argument about whether modern MFA is sufficient against today’s attacks. Instead, it became just another entry in a growing list of incidents that organizations explain away as bad luck, poor training, or unfortunate human error.

In a landscape where cybersecurity threats are ever-present, informed awareness is key. To support this need for ongoing education, we're making available a notable article from the Harvard Business Review, "The Devastating Business Impacts of a Cyber Breach," as a complimentary resource.