Simply put, any company that regularly uses, stores, or facilitates its business using computers or via the internet (in other words, pretty much everybody) must have policies and procedures in place in the case of a cybercrime. This could involve a security breach, information theft, or other illegal activity. Those procedures should include either an in-house digital forensics team or an ongoing relationship with digital forensics experts, who can be called upon to quickly assess and address the situation.
Unfortunately, cybercrime is inevitable. We see it on the news with increasing regularity. What were once threats primarily for billion-dollar companies are now reaching ever smaller institutions. For example, school districts are subjected to ransomware attacks, with huge payouts to the attackers to free the affected networks. Hospitals and healthcare systems are repeatedly subject to thefts of massive amounts of private patient data.