After a company has been hacked and the hack has been discovered to be a harmful one, top executives and IT leaders normally huddle in a room to assess the loss.
It's usually not a pretty scene.
It's not as if heads are exploding. It is more like what some might call a tense "come to Jesus" moment.
"It's not good," said cyber security expert Tyler Cohen Wood. She's participated in post-hack forensics sessions at companies and has witnessed the faces of panicked executives firsthand.
Tyler Cohen Wood is cyber security advisor to elearning company Inspired eLearning, and was previously a Defense Intelligence Agency cyber deputy division chief.
"People are scared, and a lot of times they don't even have logs of what happened in the hack and they still have to get the company up and running," Cohen Wood explained. "They have to have help as much as possible and [they have to] work quickly."
Cohen Wood is currently cyber security advisor for an online learning provider, Inspired eLearning, but has been part of cyber incident response teams in previous jobs. Before her current role, she spent 13 years as a Defense Intelligence Agency senior intelligence officer and deputy division chief for cybersecurity.
"I've never personally been hacked, but I've been through the trauma of incident response at companies to help them with their trauma," she said. "I understand the pain. People are worried about how to fix it and what do to. It's a terrible thing to go through. It's the feeling you have when something personal is stolen, but much worse -- that feeling of being vulnerable."
Those kinds of insights have influenced her blogs, presentations and curriculum materials to help companies protect against cyber attacks and beef up their cyber security.
In an era when private-sector and government cyber attacks are reported daily, Cohen Wood is worried that apathy has set in. In that sense, it helps to reflect on how it feels when a company gets hacked.
"Companies are getting hacked left and right. When you get to the point where every day you read about another major company getting hacked and your reaction is, like, 'OK,' then that's a really, really big problem. People are apathetic about cyber security. We have a serious problem.
"It's not like we use devices only as a tool. They have become part of daily life and we rely on them. We have shifted to where have so many different types of systems -- from banking to healthcare to transit and the power grid."
Cohen Wood believes companies need to educate workers about cyber threats and that IT shops need to assiduously stay on top of cyber threats with a shed of tools. She's also concerned that the major university computer science programs in the U.S. are failing to do nearly enough to prepare IT workers and coders with cyber security courses.
Sign up for CIO Asia eNewsletters.