Intercast November 2025 – Anthropic vs Humans

Welcome to the November 2025 edition of Intercast’s monthly newsletter for cybersecurity professionals. As always, we’ll bring you the latest news and views to bring you up to speed.

In This Issue:

  • Client Insight
  • China Imposes One-Hour Breach Notification Deadline
  • Stroke Study Shows Power Of Machine Learning
  • Was Professionalising Cybersecurity A Mistake?
  • Three Machine Learning Lessons
  • Best of the Rest

Client Insight: AI versus Cyber Pros

This month we’re still getting feedback about a revelation by Anthropic: It entered its AI tool Claude in multiple cybersecurity competitions where it competed anonymously against human entrants. Although Anthropic reports Claude often finishing in the top 25% of entrants, it admits the tool was often some way behind the human winners. Its limitations ranged from not being able to keep track of more complex tasks to being utterly baffled by a competition server that played an aquatic animation on a loading screen!

 

Was Professionalising Cybersecurity A Mistake?

Penny Harwood of Computing has a controversial theory: making cybersecurity a profession in its own right has left the industry less well protected against attacks. It’s a bold claim but with a surprising underlying logic.

Harwood and her interviewees explain the problem is that defined career paths and accreditation means cybersecurity staff are more likely to fit a specific pattern. That’s in contrast to cybercrime where the low barrier to entry thanks to rentable attack tools means a wider range of skills, approaches and tactics.

She notes that high profile arrests for cyberattacks are increasingly of young people with no formal cyber qualifications: exactly the type of people companies aren’t hiring. There is one potential drawback to her logic however: the type of people who are arrested for cyberattacks are not necessarily representative of those who are carrying it out successfully and avoiding detection.

 

China Imposes One-Hour Breach Notification Deadline

China has introduced incredibly tough breach notification deadlines for network operators. It means some cases must be reported to the government within 60 or even 30 minutes.

The one-hour rule will apply to any incident that impacts “key infrastructure”, with the 30-minute limit affecting any “major or particularly important” incident. Less critical breaches will have a deadline of two to four hours.

The rules have a somewhat different definition of network security incident to other countries. For example, an attack that hijacks news sites to show content not approved by the government is considered a serious incident.

It’s likely no coincidence that the new rules follow widespread attention on operations by Salt Typhoon, a threat group linked to China’s military. That’s raised the possibility of retaliatory strikes against China’s tech assets.

 

Stroke Study Shows Power Of Machine Learning

A study in Nature shows a great real-world example where machine learning is particularly effective. It looks at analysis of medical datasets to try to figure out ways to predict strokes, a task plagued by the problem of imbalanced data, an inherent flaw in analysing such research.

The problem is that because strokes are thankfully relatively rare, most datasets cover far more cases where somebody doesn’t have a stroke than when they do, making it harder to reliably isolate causal factors.

The analysis showed the most successful machine learning approach was “random forest”, which tries to organize individual results to create decision trees where branches isolate specific combinations of varying factors. A model using this approach achieved an F1 score for accuracy of 90%. F1 means the score takes account not just of correctly identifying positive cases but also avoiding false positives.

 

 

Best of the Rest

 

Here’s our round up of what else you need to know:

Back to Blog