You have to wonder why companies don’t learn from the mistakes of their predecessors. Cisco has been in hot water with its users and the media this last month over security problems in its software. The vendor released a boatload of fixes for various OS and applications problems last month and then recently and then issued a cease and desist order against a former employee who revealed a serious flaw in the IOS operating system at the Black Hat conference this month. User reaction was predictable. People wonder why Cisco is in denial over these problems instead of moving proactively to fix them. In the case of the IOS flaw, the patch had actually been available for months. Why not use the opportunity to tell users to upgrade their software?

Shades of Microsoft and Intel. When Microsoft became the target of security sleuths who pointed out vulnerabilities in Windows, the vendor first reacted by attacking its accusers. It was only after multiple reports of flaws emerged that Microsoft turned the problem into a PR advantage by announcing it would dedicate the company to making its products secure.

Similarly, when Intel was the subject of embarrassing revelations about flaws in Pentium chips in 1994, it waited six months to acknowledge the weaknesses. Much to Intel’s surprise, users and media who had pilloried Intel for months flocked to support the company once it fessed up. The Pentium problems are only a distant memory now.

Cisco should learn from Microsoft’s and Intel’s mistakes. Software is imperfect and prone to bugs. Good companies learn from their mistakes and are direct with their users. No one will criticize Cisco for admitting its problems and rededicating itself to do better. Why wait?