Let’s face it. No one likes to air their dirty laundry in public, especially if your job is in the area of cyber security. Be that as it may, research suggests that those who acknowledge and learn from their security breaches and share the insights could actually be a benefit to a company – not a liability.
I’d go as far as saying firms are better off hiring a CISO who has experienced an avoidable breach, as opposed to someone who hasn’t. As long as they’re not looking to repeat the same mistakes, there’s a lot to gain from someone who has bounced back from an incident that has occurred on their watch. It changes the way they think, feel and behave. Having already been through the experience, security professionals tend not to be haunted by the stress of regulation, the feeling of burnout, and they are more likely to share their learnings with others.