Get to know the incident response lifecycle
Hang around security and incident management pros long enough, and you’ll notice a pattern. The smartest people in these industries think in cycles, not straight lines.
Why is that? What’s that even mean? That means every incident and outage isn’t an isolated event with a beginning and end point (though it may seem like that). Incidents are a learning opportunity.
Just because a service is “operational” again, doesn’t mean your team’s work is over. Post-incident activities should have you putting plans on future roadmaps, changing the way you prepare for future incidents, and discovering new things to build which will prevent more incidents in the future. It’s a never-ending cycle of improvement, and there are a few different ways to think about the various stages, depending on what school of thought you subscribe to.