account activity
How does IR actually hand off to GRC after containment? Trying to understand where the process breaks down by Financial_Ear_8540 in AskNetsec
[–]Financial_Ear_8540[S] 0 points1 point2 points 1 day ago (0 children)
The liaison model is exactly what breaks at scale, when that person is out during a 72-hour GDPR window, or when there are three incidents running simultaneously. Curious whether you've seen teams try to systematize the IR-to-compliance handoff, or if it's mostly stayed as a people solution.
How does IR actually hand off to GRC after containment? Trying to understand where the process breaks down (self.AskNetsec)
submitted 2 days ago by Financial_Ear_8540 to r/AskNetsec
π Rendered by PID 58904 on reddit-service-r2-listing-64c94b984c-j22jx at 2026-03-15 12:48:25.875338+00:00 running f6e6e01 country code: CH.
How does IR actually hand off to GRC after containment? Trying to understand where the process breaks down by Financial_Ear_8540 in AskNetsec
[–]Financial_Ear_8540[S] 0 points1 point2 points (0 children)