The stigma needs to be removed from cyberattacks

Written by Sam Trendall on 13 July 2021 in Opinion

The secrecy and shame associated with cyber incidents needs to be rethought, believes PublicTechnology editor Sam Trendall

Credit: Adobe Stock

It would seem a little harsh to question whether a business that had recently been the victim of an armed robbery had also incurred ‘reputational damage’ as a result of the incident.

And yet, when businesses or public bodies are hit by cyber assaults, this is often one of the first considerations of the organisation in question, as well as onlookers in media and the wider tech sector.

The accepted wisdom that suffering a cyberattack will harm public perception can result in a culture of secrecy and shame. The first instinct for many organisations is to downplay – or, better still, conceal from public view – any breaches.

Studies have repeatedly found that well over half of firms hit by ransomware attacks end up paying their attacker; many do so without the incident ever coming to light. For most, the payment may be thousands – or, at most, tens of thousands of pounds.

But, in the last year alone, there have been three cases in which ransom payments of more than $4m have been made in light of a cyberattack.

Related content

The largest of these, $4.5m (£3.2m), was paid out last summer by business travel specialist CWT Global. This has been followed in 2021 by $4.4m ransoms being paid by both the US Colonial Pipeline oil firm, and German chemical distributor Brenntag.

When asked, the vast majority of businesses and public sector outfits insist that they would never pay a ransom. In the majority of cases, this would seem to be an inaccurate projection.

Perhaps a little more honesty about the frequency with which organisations – all organisations – suffer cyberattacks, and the severity of their consequences, might remove a little of the stigma. And, with it, the fears over what is seen as the inevitable reputational damage.

A greater culture of openness, including a willingness to share details of attacks and the vulnerabilities exploited, would not only help remove the shame and secrecy that currently accompanies cyber incidents, it would also help bring the perpetrators to justice, and prevent future attacks.

To go back to the opening analogy of this piece: if a criminal gang had committed a string of armed robberies, authorities would seek to publicise as much information as widely as possible concerning the details of the incidents, and the modus operandi of the perpetrators. This work would, no doubt, be gladly assisted by the victims. In most cases this would be both out of the wish to see the culprits brought to justice and, perhaps, to recover some of their losses, but also out of the more altruistic desire to save other businesses from suffering as they had.

But, in the cyber world, the stigma of having suffered an incursion means that organisations are all-too-often happy to allow attackers to get away with their ill-gotten gains if it means the incident receives the minimum of publicity – ideally none at all. This means that crucial intelligence on attackers’ methods and vulnerabilities exploited – information that could prevent or, at least, mitigate future incidents – is lost.

The volume and sophistication of attacks these days is such that suffering the occasional breach is an inevitability. But, at the same time, almost all successful attacks could have been prevented, either through slightly modified or bolstered defences or, invariably, through increased awareness and diligence on the part of staff.

A more open culture, one in which organisations shared information on attacks and attackers – ideally in as close to real time as possible – would not only assist in alleviating the stigma around suffering a cyber breach but, crucially, could seriously hamper attempts to launch similar assaults in the future.

There is no shame in suffering a cyberattack. But it is a shame that so many are swept under the carpet, meaning so many more are allowed to follow in their wake.



This article forms part of PublicTechnology Cyber Week, in assocation with Akamai. Throughout this week, the site will bring you a range of content looking at the major security issues facing the public sector, and the country as a whole - as well as insights on how these challenges are being met, and how government and regulators can support this. We will also be hosting an exclusive webinar discussion in which NHS Digital will discuss the challenges it has faced in the past 18 months, ensuring the resilience of its services in the face of unprecedented demand. All content from Cyber Week can be accessed here.



About the author

Sam Trendall is editor of PublicTechnology

Share this page




Please login to post a comment or register for a free account.

Related Articles

ICO urges Capita customers to ‘check their position’ after 90 organisations report data breaches
31 May 2023

Technology services firm has revealed two data-compromising incidents in recent week


MoJ reprimanded by ICO after ‘bags of confidential documents’ exposed for over two weeks
25 May 2023

Sensitive data was left unsecured in prison holding area, according to data watchdog

‘Extremely concerned and disappointed’ – more councils caught up in Capita breach
24 May 2023

Authorities have complained about the lack of time taken to be notified by IT firm and wrongly being told personal data was not put at risk 

Rochford District Council pins data breach on Capita’s ‘unsafe storage’
17 May 2023

Authority claims it is taking ‘swift and decisive action’ in response to incident it claims affected several councils

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...