Reading the key findings from the Committee of Inquiry's (COI) investigation into the SingHealth cyber attack, I feel that the report could have used a more strongly worded description of why the breach took place (Probe report on SingHealth data breach points to basic failings; Jan 10).

The COI's findings can be summed up in two observations - complacency on the part of management, which believed that SingHealth was well-protected against cyber attacks, and incompetence by the staff tasked with cyber security, who failed to do their jobs properly.

There seems to be a tendency for official statements, whether from government agencies or the private sector, to use words that make a situation seem less serious than it actually is.

The COI's report is one such example, as is the recent case of the SMRT worker who had to have his foot amputated after it was run over by a maintenance train (SMRT worker was checking for oil leaks just before accident; Dec 22).

The official word from SMRT was that he was "injured", which would have given readers the impression that it was nothing serious.

Yes, harsh words hurt and nobody likes to hear or read negative news reports. But the only way for organisations and even the country to improve is to accept the hard truth and learn real lessons from it.

Gabriel Cheng Kian Tiong