In the event of a cyber incident, the first people who should be notified are usually the members of the Incident Response Team, including the incident manager, IT security and infrastructure staff, and any other stakeholders who need to be involved in the response effort. The Incident Response Team should then follow their established protocols for assessing the incident, containing the damage, and communicating with any external third parties, such as customers or regulatory agencies.