There are some typical roles in this type of activity, such as the incident response team, which aims to perform the tasks needed in carrying out this activity, including collecting evidence, studying incidents and reporting when certain types of incidents occur. Depending on the size of the organization, there will be one or more incident response teams, with their own respective focus on different parts of the ecosystem. Moreover, there are other types of common security roles that should play an important part in this process, such as the CISO (Chief Information Security Officer), the CTO (Chief Technology Officer) and the CSO (Chief Security Officer) who should be involved in the high-level decisions that are made, especially when the incident is severe. In addition, the rest of the stakeholders that interact with the Big Data ecosystem should be involved in the incident response process, since they can be the first to detect that something is going wrong with the system.