Final answer:
Investigations into security incidents should not solely focus on the incidents themselves but should include information gathering, root cause analysis, and expert consultation. This multi-faceted approach helps understand and manage incident responses effectively, as seen in human factors psychology research.
Step-by-step explanation:
When approaching the issue of incident investigation within an information security context, it is not always best practice to start the investigation directly from incidents. This statement is false. Investigations typically involve a multi-faceted approach including gathering information from various stakeholders, conducting in-depth root cause analysis, and seeking expert information. In the context of human factors psychology, studies like Bruno & Abrahão (2012) highlight the importance of cognitive load in decision-making during security operations. They found that a high volume of decisions could lead to more errors in incident identification, stressing the importance of thorough analysis rather than quick incident-based investigation.
Moreover, the massive data breach at Target in 2013 underscores the pitfalls of not interpreting security signals correctly, suggesting that a robust investigation must precede any action taken on incidents. Exploratory research is vital, as it allows incident response teams to understand the nuances of each situation and the human factors involved, which is key to preventing and managing data breaches effectively.