For decades, the goal of Incident Response in IT has been increased user productivity. Get them back up and running as fast as possible. But, truthfully, Incident Management is usually more of a band-aid than a cure. We know how to eliminate existing incidents using root cause analysis & Kaizen.
We know how to reduce incidents up front by improving the quality of changes. But what IT still struggles with is cyber or security-related incidents. Most service desks function as the frontline reporting structure for ALL types of incidents, but without a specific process for handling security issues.