arXiv: SoK: A Taxonomy for Cybersecurity Incident Response Influence Factors
AI Analysis
This publication is a systematic academic review, not a regulatory change. It presents a taxonomy that categorizes the human, organizational, and technical factors influencing how organizations respond to cybersecurity incidents. The work is framed within the context of AI safety, examining how incident response decisions are shaped by factors such as team dynamics, automation reliance, and regulatory pressures. It does not introduce new legal obligations but provides a structured framework for analyzing response effectiveness.
The taxonomy is relevant to any organization subject to cybersecurity regulations, particularly those in critical infrastructure, finance, healthcare, and technology sectors that must demonstrate robust incident response under frameworks like NIS2, DORA, or the EU AI Act. Compliance teams in these sectors should review the taxonomy to identify gaps in their current incident response planning, especially regarding how human factors and AI-driven tools influence decision-making under pressure.
Compliance teams should use this taxonomy as a diagnostic tool during tabletop exercises and post-incident reviews. They should assess whether their current procedures adequately account for cognitive biases, communication breakdowns, and over-reliance on automated systems. While no immediate regulatory action is required, integrating these influence factors into existing incident response documentation and training will strengthen regulatory preparedness and audit readiness.
Get notified about AI_SAFETY changes
Subscribe to our free weekly digest covering 24 compliance frameworks.