The most significant advantage of open discussion is the increase in general awareness and the prevention of future attacks. Understanding what happened and its causes helps individuals and organizations to assess risks. For businesses, the more tangible benefit is a reputable image in the eyes of customers, partners, and employees. Acknowledging the victimization and showing the measures taken enhances the credibility of any organization.
Undoubtedly, there are cases where discussing a cyberattack may be the attackers’ intention. For instance, many distributed denial-of-service (DDoS) attacks against Estonian companies and public services originate from Russia. The aggressor’s interest is simply to show that attacks are happening, thereby raising the general level of fear in society. However, in such cases, these are typically simple and crude attacks that do not have extensive or long-lasting effects. Usually, these cybercriminals leave some distinctive mark, hoping to be mentioned somewhere. In such situations, my recommendation is to be concise – it happened, we dealt with it, and we emerged as winners.
If companies fear damage to their reputation, a similar trend exists in cyberattacks against individuals. For example, individuals who have fallen victim to romance scams or investment fraud often hesitate to confide in their loved ones out of fear of being labeled as “gullible.” Again, the victim is NOT at fault; the blame lies with the malicious cybercriminals. It is worth talking about the attack or even suspicion – it allows for timely assistance, raises general awareness, and, in the best-case scenario, helps fellow citizens avoid falling victim to a similar attack.
Of course, the most critical aspect is the prevention of attacks and creating an unfavorable environment for cybercriminals. However, it is understandable that smaller businesses may lack the resources for proactive cybersecurity measures or may not even consider it until a crisis arises. Upon discovering an attack, immediate response and swift notification of all affected parties are paramount. However, one of the most important things is discussing what happened. This helps both oneself and others better avoid future attacks.
Article first published here: ITnews
