In Berlin, symbolic gravestones mark the trauma of the Holocaust. In Bosnia, bullet-ridden buildings and war museums preserve the memory of past conflict. These reminders serve a crucial purpose: ensuring that history is not forgotten, that mistakes are not repeated, and that resilience is built through collective reflection. But what if organisations treated cyberattacks in a similar way—acknowledging and learning from them rather than erasing their memory?
Cyberattacks as Organisational Trauma
A cyberattack is not just a technical failure; it is a psychological event that impacts employees, leadership, and the organizational culture. The immediate aftermath of an attack often brings stress, uncertainty, and a loss of confidence in systems and leadership. Employees may feel:
- Betrayed—if security measures were inadequate or leadership mishandled the response.
- Anxious—about job security, blame, or future breaches.
- Disempowered—as they realize how little control they had over the situation.
Many organizations attempt to forget and move on, seeing cyber incidents as embarrassing failures rather than learning opportunities. However, this avoidance can lead to:
❌ Repeating the same mistakes due to lack of reflection. ❌ Unresolved psychological impact, leading to disengagement. ❌ A weakened security culture, where lessons are not embedded into organizational memory.
Instead of treating cyberattacks as something to be hidden, organizations can integrate a memorialization & learning approach into their cyber resilience strategy.
Turning Cyber Incidents into Lessons: A Memorialization Approach
Rather than erasing the past, organizations can incorporate memory as a resilience tool. Here’s how:
1️⃣ “Scar Tissue” as a Learning Tool Just as Bosnia’s war-torn buildings serve as visible reminders of history, organisations could create symbolic markers of past cyber incidents. This could include anonymized internal case studies, plaques in security operations centers, or dashboards visualizing past breaches. Keeping the memory alive normalizes cybersecurity discussions and prevents complacency.
2️⃣ Annual Cyber Reflection Events Many societies hold memorial events to remember national traumas, ensuring that history is not forgotten. Organisations could establish Cyber Reflection Days where employees revisit past breaches, discuss lessons learned, and assess improvements in resilience. This reinforces cybersecurity as an ongoing cultural priority.
3️⃣ Cyber Resilience Archives or Museums Companies already maintain incident reports, but what if they created internal “Cyber Resilience Archives”? These could document past security failures, responses, and long-term effects, serving as resources for onboarding, training, and cultural reinforcement.
4️⃣ Storytelling & Oral History of Cyber Incidents In many cultures, storytelling is a primary method of passing down survival knowledge. Organisations could establish a “Cyber War Stories” initiative—an internal podcast or forum where employees share firsthand experiences from past incidents. This promotes transparency and helps new employees understand the organisation’s resilience journey.
Why This Matters for Cyber Resilience
Memorialization is more than just history; it’s about behaviour, trust, and preparedness. Here’s why integrating past cyber incidents into organizational memory works:
🔹 Emotional Processing – Helps employees psychologically integrate the incident rather than suppressing it. 🔹 Cultural Strengthening – Cyber resilience becomes part of an organization’s identity, not just a compliance checklist. 🔹 Behavioural Reinforcement – Employees internalize security lessons rather than forgetting them. 🔹 Long-Term Trust Restoration – Leadership demonstrates commitment to learning and applying past lessons, increasing workforce confidence.
Moving Forward: Implementing a Cyber Resilience Memory Strategy
Just as nations remember past traumas to prevent history from repeating, organisations can create a Cyber Resilience Memory Strategy to embed security lessons into corporate culture. By acknowledging, documenting, and learning from cyber incidents, businesses can foster stronger resilience and a security-aware workforce.
We believe that organisational resilience is not just about recovery—it’s about transformation. A cyberattack is not just an IT problem; it’s a cultural moment that shapes the future of security. Let’s make sure we remember.