Turns out incident response is way more than half the IT security battle