Incident Response Retainer Service | Redscan
Contact Us

Contact Us

Please get in touch using the form below

1000 characters left
View our privacy policy

Overview

Incident response capabilities with flexibility

When faced with a cyber incident, your organisation must be ready to respond quickly and effectively to protect your operations, reputation and financial security. Timely response and notification for cyber incidents is also required under many privacy and consumer protection laws.

Our flexible and customisable cyber risk retainers provide elite digital forensicsincident response and offensive capabilities on demand to help your organisation plan for, and take swift, appropriate action in the event of a security incident. Our services are flexible and configurable to the needs of your environment, regardless of the technologies you use.

Benefits

Incident response retainer benefits

A cyber risk retainer guarantees expedited response as well as notification and proactive services to minimise the impact of an incident. Our retainer options help you maximise the value of your cyber security investments with transparent pricing and service structure, delivering:

  • Prompt access to an elite global team of 300+ incident response and breach notification experts
  • Rapid response service levels for peace of mind in the event of a security incident
  • Robust preparedness services, including tabletop exercises, risk assessments and pen testing
  • The flexibility to choose from a wide range of services
  • The ability to roll over 20% of unused credits upon renewal
  • Technology-agnostic services that can be catered to your specific security stack
  • Rate discounts for hourly cyber security services offered by Kroll
  • No minimum hourly usage requirements or lead times

Packages

Retainer options tailored to meet your needs

Premier Plus
Response Time
Service Levels
Incident support contact within 4 hours (24/7/365) Incident support contact within 6 hours (24/7/365)
Service Credits
Application
In transit within 24 hours of request or scope of work signature (for additional services) In transit within 24 hours of request or scope of work signature (for additional services)
Rollover Credits Up to 20% of unused services credit may be applied to the following year upon renewal Up to 20% of unused services credit may be applied to the following year upon renewal
Rate Discount 15% discount on any additional hourly-based proactive or incident response cyber risk service 10% discount on any additional hourly-based proactive or incident response cyber risk service

Service options

Customise your IR retainer for optimal security coverage

Our retainer service is unique because we give you the opportunity to customise your cyber risk retainers with a wide variety of proactive, response and notification services best suited for your situation and goals. Some examples of the options available are:

Get more information

Get in touch

A trusted partner

Kroll - A cyber security partner you can trust

Kroll manages over 3,000 cyber investigations every year for clients of all sizes across the globe. We also have decades of experience helping clients notify customers affected by breaches. We can help you determine the right incident response retainer for your organisation.

With cyber insurance playing an integral role in mature cyber security programs, Kroll is also an approved vendor for over 50 cyber insurance carriers worldwide, with a dedicated insurance team to help you handle your claims quickly and efficiently.

A Redscan employee shakes hands with a partner

Retainer FAQ

Frequently asked questions

What is an incident response retainer service?

An incident response retainer provides organisations with a structured form of expertise and support through a security partner, ensuring that they are able to respond quickly and effectively in the event of a cyber incident. An incident response retainer allows businesses to benefit from proactive support for protecting their operations, reputation and bottom line.

Timely response and notification for cyber incidents is also a key aspect of many privacy and consumer protection laws. Another advantage of a cyber incident response is that it removes the risk of having to find expert support in the event of a major attack that affects many organisations at the same time.

What is included in an incident response retainer?

The specifics of an incident response retainer will vary according to your organisation’s requirements and the scope of a potential provider. This means, it is essential to take time to assess which provider will best suit your requirements. A good incident response retainer should be both robust and flexible, with the capacity to deliver expert support to successfully contain and remediate an incident.

A good incident response retainer will offer a wide choice of services and be adaptable to your priorities and environment, regardless of the technologies you use. It should provide all the rapid response services required to respond effectively in the event of an emergency.

How can an incident response retainer help your organisation?

An incident response retainer offers some important advantages to help enhance organisations’ cyber security. Critically, it helps them become better prepared so that they can act fast in the event of an incident.

A cyber incident retainer ensures that companies can manage their cyber security costs more efficiently because it provides a structured way for them to pay, giving them better value for money. It also means that organisations benefit from swift response and expert advice when they need it.

What is the first step to engaging an incident response retainer service?

A key first step in engaging an incident response retainer service is to identify a reliable security partner with a proven track record. Look at the company’s experience and approach and assess the specifics of what they offer.

It is also important to consider whether the company’s services are flexible enough and if they have the scope to support your company across a range of locations. You should also explore specific aspects such as payment options, minimum hourly usage requirements and whether the company’s services are technology-agnostic.

How does an incident response retainer work?

An incident response retainer establishes clear parameters for the provision of incident response services. Apart from specific actions associated with responding to an incident, this type of retainer can also cover more strategic support to help enhance long-term security planning.

However, it is important to be aware that the quality and scope of support varies widely between providers. At Kroll, we offer an unrivalled incident response retainer by bringing together elite digital forensics and incident response capabilities with maximum flexibility for proactive and notification services.

What should be considered when choosing a retained incident response service?

There are a number of key elements to consider when choosing a retained incident response service. Check whether the provider offers the scope of services you require, from proactive incident response to more strategic advice and help.

It is also important to assess the provider’s capacity to offer 24/7 support in a wide range of locations, depending on your requirements and the provider’s technical expertise. You should also check how quickly and easily a provider is able to work with your organisation in the event of an incident.

What are the different types of cyber incident response retainers?

An incident response retainer is a structured agreement made between an organisation and a security services provider. One option is a no-cost retainer in which a service provider outlines how they will help the organisation respond to an incident.

Another type is a prepaid retainer. In this arrangement, the organisation pays in advance for an agreed number of hours, which can then be used to respond to cyber incidents. At Kroll, our incident response retainers enable companies to achieve the greatest impact with the highest level of flexibility.

How can incident response retainers enhance security?

Responding to a cyber incident is fraught with unknowns and potential risks. Having expert support in place allows organisations to respond more effectively to cyber security incidents because they have the right expertise on hand when it’s required, instead of having to find it when an incident does take place.

An incident response retainer can also include strategic planning support, which can help to significantly enhance security and provide even greater peace of mind. A Kroll incident response retainer guarantees expedited response as well as high quality notification and proactive services.

Get in touch

Complete the form for a prompt response from our team.

Two Redscan team members analysing cyber security intelligence

1000 characters left
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
AI threat to rise in 2025, warns Google Cloud researchers
According to researchers at Google Cloud, the threat posed by AI will accelerate in 2025, with new sophisticated uses emerging.  
CISA warns manufacturers about critical software vulnerabilities in industrial devices
The US Cybersecurity and Infrastructure Security Agency (CISA) has advised manufacturers to apply mitigations after a number of key industrial control systems were found to be vulnerable to cyber-attacks.  
Government sector sees 236% rise in malware attacks
New research has shown that the government sector is increasingly being targeted with malware, with a significant rise in attempted attacks in the first three months of 2024.  
AI-powered attacks flooding retail websites
A new analysis has shown that retail websites were hit by over half a million AI-driven attacks per day in one six-month period alone. Types of threats included bots, distributed denial of service (DDoS) attacks and business logic abuse.