From helpnetsecurity.com
No company is immune to cyberattacks, but when the inevitable happens, too many companies still try to maintain a wall of silence. In fact, over half of security professionals admit their organizations maintain a culture of security through obscurity, with over one-third admitting they are completely secretive about their cybersecurity activities.
While many organizations may fear reputational or monetary damage from proactively sharing findings from vulnerabilities and incidents, I’ve found the contrary to be true: Embracing a culture of cybersecurity transparency is good for business and for the broader security of the internet.
The benefits of cyber transparency
For individual organizations, transparency and accountability can be a significant differentiator that dictates conversations with customers, the C-Suite, the media, and other key stakeholders.
Clear visibility into a company’s vulnerability management, disclosures, and reporting procedures communicates a thorough understanding and grasp of security processes and that the organization knows what’s required to keep the infrastructure intact. Instead of eroding trust, cybersecurity practices strengthen an organization’s external perception.