Incident Response is a highly advanced technological field that draws, ideally, from state-of-the-art scientific research in cyber security. Historically, incident response emerged from this scientific research field and for long there was a close bond between (national) cybersecurity and research in many countries across the world.
However, due to the growth of the field in cyber security, the close bond between national cyber security organizations, incident response, and scientific research has been gradually dissolving. At present, it is an urgent question how national cyber security organisations relate to scientific research in this field.
In this talk we present the findings of an international comparative study on how
national cyber security organisations cooperate with research institutions: how they set research agendas, learn from new findings and disseminate results.
We discuss what we learned from interviewing several organisations globally, how they deal with research and how they leverage this in hiring, personnel retention, staying up to date with current developments and insights, and how this improves international coordination.
