Skip to content
Tech News
← Back to articles

Why a 'Near Miss' Database Is Key to Improving Information Sharing

2026-03-25 | original
read original get Cybersecurity Threat Intelligence Tool → more articles
Why This Matters

The article highlights the importance of sharing near-miss cybersecurity incidents to improve industry-wide defenses. By fostering transparency around these close calls, organizations can learn from potential vulnerabilities before they are exploited, ultimately strengthening cybersecurity resilience for consumers and businesses alike.

Key Takeaways

RSAC 2026 CONFERENCE – San Francisco – When people talk about transparency in cybersecurity, they are usually referring to organizations disclosing breaches and incidents. At RSAC Conference this week, two security experts made the case for why success stories deserve equal attention, and why focusing on near-misses can strengthen security defenses. Wendy Nather, senior research initiatives director at 1Password and Bob Lord, head of consumer working group at hacklore.org, emphasized how the industry needs to prioritize transparency, and outlined ways to do so – starting with sharing near-misses.

Information sharing, which encompasses threat intelligence, indicators of compromise, and reports of vulnerability exploitation, is an essential component to combat and stay ahead of cyber threats. The victim blame game, shame, finger-pointing, and regulatory punishments contribute to a lack of transparency, particularly when it comes to ransomware. But that needs to change if organizations want to be proactive, even when it feels daunting.

Related:With Government's Role Uncertain, Businesses Unite to Combat Fraud

Getting Down to the Root Cause

Exposure without exploitation or an identity compromise attempt stopped by architecture are two examples of a near miss, explained Nather. The former is something she frequently observed because many companies struggle to implement sufficient logging capabilities.

"A near miss is anything that almost happened, that makes you say, 'wow if it wasn't for that thing, it would have been really bad'," Nather said.

Companies celebrate moments of heroics or good luck happenstances. They recognize that a threat or attempt was a close call, but they simply return to work, explained Lord, noting how everyone does the same thing, especially management.

That mindset leads to a lack of conversations around near misses in the wild, he said.

"Not trying to use a near miss as an opportunity to run through the full incident response plan is a big waste of time," he warned.

To promote transparency around near misses, the industry needs to eliminate the blame game, he urged. Particularly because human error relates to the proximate cause of an issue and not the root cause, the speakers explained.

... continue reading

Explore topics: 1password rsac 2026 hacklore.org cybersecurity near-misses
Related:
Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks
FCC bans new routers made outside the USA over security risks
FCC Bans Imports of New Foreign-Made Routers, Citing Security Concerns
iPhone Owners, Do This Now to Secure Your Phone From 'DarkSword' Hackers
Databricks enters cybersecurity market with Lakewatch launch, bulking up ahead of IPO

© 2026 GoKawiil

About | Editorial Policy | Contact