If you have knowledge, let others light their candles in it.

Summary

Ralph B of the NCSC makes the case for sharing lessons learned from cyber security incidents and near misses. He argues that openness — where done responsibly — helps other organisations learn what works and what doesn’t, improving collective resilience. The post urges public sharing when safe, using trusted cross-sector channels when it isn’t, and warns against revealing details that could aid attackers. It also highlights that near misses are as instructive as full incidents and that breaking out of sector-only sharing increases the usefulness of those lessons.

Key Points

Sharing post-incident lessons helps other organisations strengthen defences and responses.
Public disclosure is encouraged where responsible; if not possible, share in trusted groups.
Near misses provide valuable, actionable insights and should be documented and shared.
Cross-sector sharing often delivers lessons that are widely applicable beyond a single industry.
Share responsibly to avoid giving attackers actionable details about vulnerabilities.
Governments and regulators are increasingly promoting transparency around incidents.
Public-sector examples show how lesson-sharing can be done constructively and safely.

Why should I read this?

Short and frank: if you deal with cyber security or run an organisation, this is a useful poke to stop hoarding incident knowledge. It explains why sharing lessons — safely — speeds up learning across the board and helps everyone avoid the same mistakes.

Author style

Punchy: the author cuts straight to the point and pushes a practical, actionable message. It’s concise but important — a quick read with clear takeaways that matter for operational security.

Source

Source: https://www.ncsc.gov.uk/blog-post/let-others-light-candles