In any organization, the incident response cycle is implemented only if there are any unpredictable events occur that lead to data loss and security breaches. In any indecent response, end-users play an important role as a valuable resource of data. End users serve as evidence and can give a lot of important information. End users are supposed to deliver maximum information regarding the events to reserve connected facts and to make themselves accessible to give support as the incident response improves.
End users necessarily need to offer consistent interaction, and material evidence to their primary Point of Contact (POC) in the incident that they are absent in the workplace.
End-user should be encouraged to report suspicious occurrences. End-users must be treated as a part of the organization, assist them by offering any technical training needed and make them prepare on how to respond if they encounter any suspicious activity. End users with safety awareness training can aid to lessen or probably remove data security breaches or any vulnerabilities in any company.
Most security breaches occurred only because of end-user failed to identify the threat. All the hackers can successfully exploit because of the lack of end user knowledge. End users are the best resources to help CSIRT in understanding and analyzing the incident clearly.so, it is always requested that end-users to understand the effects of computer security incidents, and company networks. When the end-users are unaware of security breaches, and how security places an important role in organization success can delay end-users from responding to incidents on time.
There are several factors that influence the end-user decision to report (or not report) a potential incident. The incident response team should be always available to report any suspicious action encountered by the end-user. If the incident response team is approachable, then the end-users will derive to them with their requests. If the incident report team is not reactive, then the end-users may not show interest in reporting the datils of the issue. End users get influenced based on the reply they get from the Incident reporting team if the incident team gives an appropriate solution then End-user will be satisfied. Whereas if the users are not getting proper response or solution, it can resist them from reporting next time.