How can the cybersecurity community better support each other during incidents?
Stuart Seymour: In defence and aerospace, we understood there was no competitive advantage in security – if one suffers, we all suffer. Government security services over-classify things: by the time you get intelligence, you’ re four days into an attack. For vendors: we don’ t need you ambulance chasing so aggressively. I’ ve blocked seven vendors over their M & S reaction. Our peers need understanding and support, not wisdom-vomiting on social media.
Nick Godfrey: We share technical TTPs well, but we’ d benefit from sharing what actually happened – the real gory details. This would help normalise cyber attacks and reduce stigmatisation. It should be thought of as an inevitability rather than something that should never happen. More empathy would help CISOs understand the realities of this risk.
Justin Kuruvilla: Clients worry about market reactions to disclosure. When you’ re under pressure to restore operations and getting pushback about market impact, it’ s daunting to be transparent. But sharing lessons learnt serves the wider good, even at the risk of embarrassment.”
Stuart Seymour,
Chief Information Security Officer, Virgin Media O2
108 July 2025