June 11, 2025
CISOs who have been through cyberattacks share the hard-earned lessons that have changed their approach to cybersecurity.
Several security leaders reflect on the lessons from real-world incidents and why it’s vital to share them with the community to strengthen collective resilience, while also breaking down the stigma around breaches and helping others who may face an incident themselves.
Todd Thorsen, CISO at CrashPlan, agrees that tactical lessons that come with being involved in an incident are valuable. Sometimes an incident is the perfect test case of what shouldn’t happen, says Thorsen, who was on the cybersecurity team during the Target data breach of 2013.
Thorsen’s approach is to conduct blameless post-mortems to understand root causes, create a safe environment for open discussion, and identify what could have been done better. The goal is to analyze processes without fear of repercussions. He encourages security people to share learnings with the community because “in the end everyone’s fighting the same battles.”
Sharing insights is also an important way to build support networks across the wider community and pay it forward, because a time may come when you need to turn to your peers. “You never know when you might need to ‘make withdrawals’ from the community later,” Thorsen says.
To learn what other cyber experts reported, read the full article here: https://www.csoonline.com/article/4002175/8-things-cisos-have-learnt-from-cyber-incidents.html
© 2025 CrashPlan® All rights reserved.
Privacy | Legal | Cookie Notice | Free Trial