Too little\, too late? Should we be faster to point the finger of blame at cyber attackers?