Computers involved in an incident need to be fully analyzed: memory, disks and logs. Those assets are precious as they give a clear and complete view on what happened on analyzed systems.
As computer communicates between them and to Internet, being able to handle network traces allows to trace the attacker and eventually identified all the systems involved in the incident.
Forensic often lead to finding unknown binaries which are armfull. Being able to handle, analyse and fight them is then a key ressource to control an incident.
An IT security incidents involved processing a huge amount of data: logs, timelines, indicators of compromise (IOC)... Correlation, data mining are activities required.