{"id":44993,"date":"2022-01-26T15:00:00","date_gmt":"2022-01-26T15:00:00","guid":{"rendered":"https:\/\/www.darkreading.com\/vulnerabilities-threats\/why-it-s-time-to-rethink-incident-response"},"modified":"2022-01-26T15:00:00","modified_gmt":"2022-01-26T15:00:00","slug":"why-its-time-to-rethink-incident-response","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/","title":{"rendered":"Why It&#8217;s Time to Rethink Incident Response"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blte0f9169d7cc2f4fa\/61ba23f74b727d376d0c480a\/Alert_Skorzewiak_Alamy.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>It&#8217;s time to prepare for tomorrow&#8217;s incident response. It&#8217;s not like yesterday&#8217;s, and companies that don&#8217;t embrace the difference could find themselves in dire straits when disaster strikes. <\/p>\n<p>The <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/what-s-essential-to-a-incident-response-plan-security-leaders-weigh-in\" target=\"_blank\" rel=\"noopener\">incident response<\/a> landscape has changed drastically in the last year. This is partly due to the shift in working patterns as people migrated to hybrid working. The bigger change stems from shifting attitudes among insurance companies, and to some extent, business customers. <\/p>\n<p><strong>Insurers, Customers Are Scrutinizing Security<br \/><\/strong>Insurers spooked by rising numbers of <a href=\"https:\/\/www.darkreading.com\/risk\/ransomware-losses-drive-up-cyber-insurance-costs\" target=\"_blank\" rel=\"noopener\">cyber-related payouts<\/a> are taking a more active role in incident response. We&#8217;ve seen some demanding to bring in their own preferred cybersecurity partner when a customer reports an incident as a condition of making a claim. Others are limiting their liability, introducing clauses that exclude clients from coverage during the first hours or days of an incident. <\/p>\n<p>Companies are also facing pressure from their own business customers, who are demanding a greater focus on cybersecurity. <a href=\"https:\/\/www.darkreading.com\/edge-articles\/5-key-questions-when-evaluating-software-supply-chain-security\" target=\"_blank\" rel=\"noopener\">Supply chain security<\/a> has become a focus for more companies since the <a href=\"https:\/\/www.nytimes.com\/2021\/02\/10\/us\/politics\/biden-russia-solarwinds-hacking.html?searchResultPosition=11\" target=\"_blank\" rel=\"noopener\">SolarWinds<\/a> and <a href=\"https:\/\/www.nytimes.com\/2021\/07\/06\/technology\/kaseya-cyberattack-ransomware-revil.html?searchResultPosition=2\" target=\"_blank\" rel=\"noopener\">Kaseya debacles<\/a>, in which compromised products created problems for thousands of downstream users. This has led more companies to demand proof of adequate round-the-clock cybersecurity coverage from their suppliers, and it&#8217;s created a wider pool of liability for insurers to consider when determining coverage.<\/p>\n<p><strong>Incident Response Plans Must Adapt<br \/><\/strong>What does this mean for <a href=\"https:\/\/www.darkreading.com\/endpoint\/how-behavioral-psychology-can-strengthen-your-incident-response-team\" target=\"_blank\" rel=\"noopener\">incident response teams<\/a>? The most critical element is an increased focus on speed. This in turn emphasizes the need to focus on earlier stage incidents that can be a precursor to a major breach. Responding to &#8220;small&#8221; incidents before they become &#8220;large&#8221; events is the goal.<\/p>\n<p>Attack victims not covered during the first hours of an incident must respond quickly to limit the financial impact. Unfortunately, attackers are making it harder. <\/p>\n<p>Ransomware criminals are most active outside office hours. They know that security teams will be poorly staffed at these times, if they&#8217;re in the office at all. Nuspire&#8217;s partner Cybereason recently <a href=\"https:\/\/www.cybereason.com\/ebook-ransomware-attackers-dont-take-holidays\" target=\"_blank\" rel=\"noopener\">surveyed<\/a> 1,200 companies that had suffered a ransomware attack out of regular working&nbsp;hours. Half of them suffered a slower response as a result, partly because it was difficult assembling team members on weekends or holidays, even with an incident response plan in place. That often led to increased revenue losses from a ransomware attack, respondents said. <\/p>\n<p>Some skills, such as digital forensics, are difficult to bring in-house at all. These specialized skills are rarely used, but they&#8217;re critical when needed. <\/p>\n<p><strong>Companies Need an Incident Response Continuum<br \/><\/strong>There are two levels of incident response. The first is the one that most businesses understand: the response to big-ticket, show-stopping events. These are the things that keep you up at night: the theft of customer records, a ransomware disaster, or a business email compromise that siphons millions of dollars from company coffers. This can be thought of as traditional &#8220;Big Incident Response.&#8221;<\/p>\n<p>The other kind of incident response involves smaller, isolated events. This could be a ransomware infection on a single laptop, a single phishing email, or a one-off case of unauthorized access. People often treat these as everyday incidents&nbsp;\u2014 episodes that irritate administrators but which get dealt with sooner or later. Some see this as the small stuff that you don&#8217;t need to sweat. <\/p>\n<p>That&#8217;s no longer true. Ransomware and other forms of malware now move more quickly than ever. Tonight&#8217;s isolated incident could be tomorrow morning&#8217;s disaster.<\/p>\n<p>Insurers and clients alike increasingly understand this and want proof that you&#8217;re tackling these issues to avoid large breaches later. That means incident response is no longer a discrete process; it&#8217;s a continuum that begins with the first incident alert (and hopefully ends there). <\/p>\n<p>We must also increase our understanding of what happens at the other end of the incident response spectrum, when insurance companies might get involved. This begins even before forensics professionals hit the ground. <\/p>\n<p>Clear communication with insurance carriers ahead of major incidents is crucial to understand their expectations. So is an understanding of the legalities around the incident response process, including who the victim contacts first. For example, insurers might demand that the victim contact them initially, but talking to an attorney first might make some information privileged to prevent discovery later. There are also nuances involving what the victim says. Even using the word &#8220;breach&#8221; in communication could trigger a deadline for informing regulators or customers. <\/p>\n<p>Companies must establish a strong team with a clear chain of command, so that everyone understands who has control in terms of a crisis. Then, these teams must conduct regular tabletop exercises to game out major breach scenarios. Knowing who does what is essential. <\/p>\n<p>This is a lot for companies to handle, especially given the need to be just as diligent outside regular working hours. Now more than ever, when it comes to handling cybersecurity problems, speed is of the essence.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/why-it-s-time-to-rethink-incident-response\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The incident response landscape has changed drastically, largely from shifting attitudes among insurance companies and, to some extent, business customers feeling the pain of security incidents.Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/why-it-s-time-to-rethink-incident-response\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-44993","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Why It&#039;s Time to Rethink Incident Response 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why It&#039;s Time to Rethink Incident Response 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-26T15:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blte0f9169d7cc2f4fa\/61ba23f74b727d376d0c480a\/Alert_Skorzewiak_Alamy.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Why It&#8217;s Time to Rethink Incident Response\",\"datePublished\":\"2022-01-26T15:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/\"},\"wordCount\":834,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blte0f9169d7cc2f4fa\\\/61ba23f74b727d376d0c480a\\\/Alert_Skorzewiak_Alamy.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/\",\"name\":\"Why It's Time to Rethink Incident Response 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blte0f9169d7cc2f4fa\\\/61ba23f74b727d376d0c480a\\\/Alert_Skorzewiak_Alamy.jpg\",\"datePublished\":\"2022-01-26T15:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blte0f9169d7cc2f4fa\\\/61ba23f74b727d376d0c480a\\\/Alert_Skorzewiak_Alamy.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blte0f9169d7cc2f4fa\\\/61ba23f74b727d376d0c480a\\\/Alert_Skorzewiak_Alamy.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/why-its-time-to-rethink-incident-response\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why It&#8217;s Time to Rethink Incident Response\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why It's Time to Rethink Incident Response 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/","og_locale":"en_US","og_type":"article","og_title":"Why It's Time to Rethink Incident Response 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-01-26T15:00:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blte0f9169d7cc2f4fa\/61ba23f74b727d376d0c480a\/Alert_Skorzewiak_Alamy.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Why It&#8217;s Time to Rethink Incident Response","datePublished":"2022-01-26T15:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/"},"wordCount":834,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blte0f9169d7cc2f4fa\/61ba23f74b727d376d0c480a\/Alert_Skorzewiak_Alamy.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/","url":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/","name":"Why It's Time to Rethink Incident Response 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blte0f9169d7cc2f4fa\/61ba23f74b727d376d0c480a\/Alert_Skorzewiak_Alamy.jpg","datePublished":"2022-01-26T15:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blte0f9169d7cc2f4fa\/61ba23f74b727d376d0c480a\/Alert_Skorzewiak_Alamy.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blte0f9169d7cc2f4fa\/61ba23f74b727d376d0c480a\/Alert_Skorzewiak_Alamy.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/why-its-time-to-rethink-incident-response\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Why It&#8217;s Time to Rethink Incident Response"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/44993","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=44993"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/44993\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=44993"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=44993"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=44993"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}