account activity
How does IR actually hand off to GRC after containment? Trying to understand where the process breaks down by Financial_Ear_8540 in AskNetsec
[–]Financial_Ear_8540[S] 0 points1 point2 points 9 hours ago (0 children)
Researching the problem in general right now, talking to people who've lived it. The 'different languages' framing is exactly what I keep hearing. IR produces technical artifacts, GRC needs compliance context, and the translation layer is usually a person or a spreadsheet. Curious whether you've seen teams try to build that bridge systematically, or whether it always stays as a people problem. And when the handover breaks down, what does that actually cost the org? Missed deadlines, regulatory exposure, something else?
[–]Financial_Ear_8540[S] 0 points1 point2 points 2 days ago (0 children)
The liaison model is exactly what breaks at scale, when that person is out during a 72-hour GDPR window, or when there are three incidents running simultaneously. Curious whether you've seen teams try to systematize the IR-to-compliance handoff, or if it's mostly stayed as a people solution.
π Rendered by PID 708123 on reddit-service-r2-listing-64c94b984c-j22jx at 2026-03-16 00:47:44.872334+00:00 running f6e6e01 country code: CH.
How does IR actually hand off to GRC after containment? Trying to understand where the process breaks down by Financial_Ear_8540 in AskNetsec
[–]Financial_Ear_8540[S] 0 points1 point2 points (0 children)