Why trust matters more than ever after a cybersecurity attack

The aftermath of a cyber attack is messy. Technical clean-up, damage assessment, the scramble to patch up vulnerabilities. But beyond putting out fires, there’s a deeper and incredibly fragile issue that you have to manage carefully: trust. 

We already wrote about the recent, headline-hitting attack against Coinbase; and the crypto platform’s response to that attack is a reminder of just how important trust is in the cybersecurity world. 

In a sector like crypto, which is still working to establish public confidence, the way an organisation handles a breach can have a serious impact on the wider sector. 

We spoke to Philip Martin (CSO at Coinbase) last year about the importance of transparency in crypto security. At the time, he told us:

“While cryptocurrency has reached major milestones in the last few years, the truth is that it’s still early days where a lot of education and trust-building needs to happen. 

“Security is the bedrock of trust. That’s why crypto leaders must be open about their security measures. By doing this, we can establish protocols and best practices that set the industry standard, and – more importantly – hold each other accountable.”

And in May 2025, he showed us exactly what that looks like in practice.

The attack response from Coinbase 

Everyone heard about it: an attack that targeted Coinbase and its users, with insider threat actors stealing customer data. After getting a $20 million ransom demand from the attacker, Coinbase took a refreshingly open stance. 

In a public statement, they clarified that no passwords, private keys, or funds were exposed. More importantly, they committed to reimbursing any customers who were tricked into sending funds to the attacker.

“Security and transparency are core to Coinbase. Consistent with that commitment, we’re publicly detailing an extortion attempt against us and our customers. Instead of funding criminal activity, we have investigated the incident, reinforced our controls, and will reimburse customers impacted by this incident.”

The statement doesn’t gloss over the issue. It walks people through what happened, what the company is doing about it, and what customers can expect next. It’s written clearly and candidly, with no technical jargon, and with Coinbase taking full responsibility for their role in the breach – instead of writing ‘we apologise,’ for example, they wrote ‘we’re sorry’. 

Trust is a bridge connecting two shores 

This kind of approach is exactly what industry leaders like Lakshmi Hanspal (Strategic Advisor and Investor at Silicon Valley CISO Investments) advocate for. Before Hanspal came to Riyadh to speak at Black Hat MEA 2024, we spoke to her about the power of trust. 

She said: 

“In the interconnected world of cybersecurity, trust isn't just a feeling – it's a foundation. Like a bridge connecting two shores, trust enables secure connections, facilitates commerce, and builds lasting relationships. But what happens when that bridge collapses?”

She’s right. A breach isn’t just a technical failure. It’s an emotional blow for customers and partners – and it threatens the very foundation that digital services are built on.

“When trust is broken in the security context, the impact reverberates far beyond the immediate epicentre,” Hanspal said. “It's like a stone thrown into a pond – the initial splash might be contained, but the ripples touch every shore.”

That’s why the way an organisation responds to a breach matters just as much as how they prevent one. As Lakshmi put it, “Not only is it possible [to rebuild trust] – it can emerge stronger than before. I've witnessed organisations transform security incidents into powerful catalysts for positive change.”

She calls it the Phoenix Effect; rising from the ashes of an attack. And there are three things organisations need to do to tap into it:

1. Communicate with immediate and honest acknowledgement of the event.
2. Provide clarity on remediation steps.
3. Demonstrate tangible long-term commitments to security improvements.

Importantly, Hanspal urged leaders to stop treating security as a compliance checkbox, and instead integrate it as a cornerstone of their organisation’s culture. Because a tick-box approach might make you feel covered, but it’s often a veneer – one that won’t hold when something goes wrong. Security needs to be part of the DNA, not an afterthought.

The action behind the headlines 

So when the next breach hits the news, we hope Coinbase’s recent response will help the public understand that they need to look beyond the headlines. Look at how organisations respond, how they communicate, and how they treat their customers. 

Because trust isn’t just about preventing problems. It’s about showing up, being honest, and doing the right thing when the worst happens. 

Coinbase proves that being transparent doesn’t put you at a disadvantage. The opposite, in fact – it creates the conditions you need to respond to attacks with strength, because your customers know you’re acting in their best interests.