We've all experienced that dreaded feeling.
I just can't do it myself. It hurts to admit. You realize the time spent trying to remediate the problem is lost and things are worse than when they started.
Unfortunately, when it comes to cybersecurity and incident response, there isn't the luxury of time to learn from mistakes.
However, with a well-developed and up to date incident response plan, organizations can clearly define internal roles and responsibilities and determine where a third party can extend capabilities. The question is how do you determine when to engage a third party?