Opinion

Tower proves there is no shame in being the victim of a cyberattack

The companies that should really be ashamed are the ones that think that they can hide the breach, not understanding that it will be revealed in retrospect or while it's ongoing

Meir Orbach 13:3206.09.20
Israel-based and Nasdaq-listed wireless chip and camera sensors manufacturer Tower Semiconductor Ltd. (TSEM) announced this morning that it is under a cyberattack. After rumors spread during the weekend regarding the damages the company suffered and the systems it was forced to shut down, the company was quick to notify the Tel Aviv Stock Exchange on Sunday morning that it is tending to an incident that was forced upon it and discussing the issue with professionals and the company's insurance agents. Israeli surveillance company Verint and cruise giant Carnival Cruise Line are two other examples of companies that acted in a similar manner in recent months following a cyberattack.

 

All of these incidents prove what is plainly clear. Serious cyberattacks can’t be completely prevented. You can lessen their damage and you can minimize the opportunities for hackers, but if a hacker is looking for a way in, they will ultimately find the breach. Attackers have an endless number of vulnerable sites to target and no matter what defense mechanisms companies may use, they will nearly always be left with a tiny hole in the defenses or be forced to pay the price for the negligence of a single employee.

Tower Semiconductor CEO Russell Ellwanger. Photo: Amit Shaal Tower Semiconductor CEO Russell Ellwanger. Photo: Amit Shaal

But this is not the end of the world and there is no shame in being attacked. On the contrary, the companies that should really be ashamed are the ones that think that they can hide the breach, not understanding that it will be revealed in retrospect or while it's ongoing and the company won’t be able to control the media coverage.

 

Many companies are prepared for the day of the breach with an insurance policy and security advisors that are quick to react to the incident and try to minimize its damage. Even a ransomware attack in which a company is required to pay a large sum in order to prevent irreparable damage is not a disaster. The damage is painful from a business, technological and image standpoint, but on the other hand, transparency and the ability to give investors, employees and the rest of the public information is just as important and its benefits to a company’s credibility could grow significantly down the line.