The original post: /r/cybersecurity by /u/ProfessionalArmy6284 on 2025-03-13 12:44:10.

I’m a PhD student, looking at situational awareness in cyber incident response teams. *Situational awareness is the understanding of an organisation’s current cyber environment, including threats, vulnerabilities, and what needs to be done in order to address these.*

I’m looking specifically at how the design of systems used for communicating (such as JIRA, RTIR, OTRS, etc) are helping/hindering this. For example, if people find that their system is clunky, and has no good way of summarising important information, does this hinder them or do they find ways around it? For context, the categories I’ve made are lifecycle management, visualisation/reporting, prioritisation/categorisation, collaboration/communication, automation, threat intelligence integration, and user experience.

I wanted to see if anyone had any insight they would share. Do you think the system you use is well-designed in this regard, or is there work to be done? Does it easily allow you to understand everything happening, your tasks, and prioritise them? Are there any particularly useful features?