CYBERSECURITY experts are urging a cultural shift toward greater breach transparency, arguing that organisations should disclose how and why incidents occur to drive real risk reduction, according to Dark Reading. At RSAC Conference, a session titled “A Failure Is a Terrible Thing to Waste: The Case for Breach Transparency” on 23 March 2026 will feature threat researchers Adam Shostack and Adrian Sanabria, who say the field lacks formal post‑breach feedback loops.
They contend that breaches are often treated as liabilities rather than learning opportunities, a stance reinforced by comparisons to safety‑critical industries such as aviation and medicine. The article notes factors hindering transparency include legal fears and a lack of federal regulatory requirements, pointing to the now‑unfilled Cyber Safety Review Board after it was disbanded by the Trump administration during investigations into Salt Typhoon‑related outages.
It also highlights publicly available breach data from sources like the British Library and Canadian privacy commissioners as examples of deeper narratives that remain underexploited, urging structured, possibly anonymised, reporting to foster collective learning. According to Dark Reading, the goal is not shaming but improving future resilience through better data and governance.