Sarah Chen works as a security analyst at Midwest Financial. At 2:00 AM, the SOC detects unusual data exfiltration patterns and evidence of lateral movement across multiple servers containing sensitive customer data. The activity appears sophisticated and may require forensic analysis and system restoration. Which team should take primary responsibility for managing this complex security incident?
Submit