I agree with the premise that report writers usually lack an ability to tell the story. It's tough though because I know a lot of SOCs and IT dept's will take any detail they can get if an incident happens in their own vertical and there is a lot of desire to help the community in IT/security culture.. but these reports really are for business partners more than anyone else and in that context, people could learn a lot by taking the advice into account.

The post does use cyber industry terminology inconsistently though, noted in another comment, and I fear that's going to make every technologist exit the page before getting the point.