Cybersecurity In-Depth: Digging into data about the latest attacks, threats, and trends using charts and tables.

Effective Incident Response Relies on Internal and External Partnerships

Dark Reading research finds increased collaboration between security incident responders and groups within the HR, legal, and communications functions.

Edge Editors, Dark Reading

January 17, 2024

2 Min Read
Bar chart from Dark Reading's Incident Response survey
Source: How Enterprises Are Responding to the Incident Response Challenge, Dark Reading

Enterprise security teams are increasingly collaborating with members of other internal business functions and with external partners when responding to a security incident, according to a Dark Reading research report on incident response (IR).

Security teams appear to recognize the importance of coordinating IR with other business groups, such as human resources (HR), communications, and legal. The survey found that 63% of IR teams currently coordinate with their internal communications groups to keep employees updated on a security incident. In addition, 44% said they know who to contact within the HR function when an incident happens, 39% have dedicated resources for handling external communications, and 38% have a contact within the legal function.

Security experts have long considered cross-functional collaboration and partnerships as fundamental to mounting an effective IR. The main reason is that the impact of a security breach often extends far beyond the IT security realm. A security incident that affects customer or employee data, for instance, can trigger breach notification requirements and have legal and financial consequences that are the responsibility of other groups with the organization. A lack of coordination with these groups can negatively affect an organization's ability to respond to an incident.

But efforts to bolster IR capabilities don't end with better coordination with internal business groups. Dark Reading's survey data showed that many organizations are aware of threats to enterprise security from external service providers, technology suppliers, and other third parties, and have a plan for addressing the risks as well. Thirty-six percent — or more than one in three — of survey respondents said their IR team knew exactly who they needed to work with in the event of a breach or vulnerability involving an external entity.

Some organizations are outsourcing IR, as one in five (22%) currently rely on an external service provider for incident response.

About the Author

Edge Editors

Dark Reading

The Edge is Dark Reading's home for features, threat data and in-depth perspectives on cybersecurity.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights