Overview
Incident response capabilities with flexibility
When faced with a cyber incident, your organisation must be ready to respond quickly and effectively to protect your operations, reputation and financial security. Timely response and notification for cyber incidents is also required under many privacy and consumer protection laws.
Our flexible and customisable cyber risk retainers provide elite digital forensics, incident response and offensive capabilities on demand to help your organisation plan for, and take swift, appropriate action in the event of a security incident. Our services are flexible and configurable to the needs of your environment, regardless of the technologies you use.
Benefits
Incident response retainer benefits
A cyber risk retainer guarantees expedited response as well as notification and proactive services to minimise the impact of an incident. Our retainer options help you maximise the value of your cyber security investments with transparent pricing and service structure, delivering:
- Prompt access to an elite global team of 300+ incident response and breach notification experts
- Rapid response service levels for peace of mind in the event of a security incident
- Robust preparedness services, including tabletop exercises, risk assessments and pen testing
- The flexibility to choose from a wide range of services
- The ability to roll over 20% of unused credits upon renewal
- Technology-agnostic services that can be catered to your specific security stack
- Rate discounts for hourly cyber security services offered by Kroll
- No minimum hourly usage requirements or lead times
Packages
Retainer options tailored to meet your needs
Premier | Plus | |
---|---|---|
Response Time Service Levels |
Incident support contact within 4 hours (24/7/365) | Incident support contact within 6 hours (24/7/365) |
Service Credits Application |
In transit within 24 hours of request or scope of work signature (for additional services) | In transit within 24 hours of request or scope of work signature (for additional services) |
Rollover Credits | Up to 20% of unused services credit may be applied to the following year upon renewal | Up to 20% of unused services credit may be applied to the following year upon renewal |
Rate Discount | 15% discount on any additional hourly-based proactive or incident response cyber risk service | 10% discount on any additional hourly-based proactive or incident response cyber risk service |
Service options
Customise your IR retainer for optimal security coverage
Our retainer service is unique because we give you the opportunity to customise your cyber risk retainers with a wide variety of proactive, response and notification services best suited for your situation and goals. Some examples of the options available are:
Get more information
Get in touchA trusted partner
Kroll - A cyber security partner you can trust
Kroll manages over 3,000 cyber investigations every year for clients of all sizes across the globe. We also have decades of experience helping clients notify customers affected by breaches. We can help you determine the right incident response retainer for your organisation.
With cyber insurance playing an integral role in mature cyber security programs, Kroll is also an approved vendor for over 50 cyber insurance carriers worldwide, with a dedicated insurance team to help you handle your claims quickly and efficiently.
Retainer FAQ
Frequently asked questions
- What is an incident response retainer service?
-
An incident response retainer provides organisations with a structured form of expertise and support through a security partner, ensuring that they are able to respond quickly and effectively in the event of a cyber incident. An incident response retainer allows businesses to benefit from proactive support for protecting their operations, reputation and bottom line.
Timely response and notification for cyber incidents is also a key aspect of many privacy and consumer protection laws. Another advantage of a cyber incident response is that it removes the risk of having to find expert support in the event of a major attack that affects many organisations at the same time.
- What is included in an incident response retainer?
-
The specifics of an incident response retainer will vary according to your organisation’s requirements and the scope of a potential provider. This means, it is essential to take time to assess which provider will best suit your requirements. A good incident response retainer should be both robust and flexible, with the capacity to deliver expert support to successfully contain and remediate an incident.
A good incident response retainer will offer a wide choice of services and be adaptable to your priorities and environment, regardless of the technologies you use. It should provide all the rapid response services required to respond effectively in the event of an emergency.
- How can an incident response retainer help your organisation?
-
An incident response retainer offers some important advantages to help enhance organisations’ cyber security. Critically, it helps them become better prepared so that they can act fast in the event of an incident.
A cyber incident retainer ensures that companies can manage their cyber security costs more efficiently because it provides a structured way for them to pay, giving them better value for money. It also means that organisations benefit from swift response and expert advice when they need it.
- What is the first step to engaging an incident response retainer service?
-
A key first step in engaging an incident response retainer service is to identify a reliable security partner with a proven track record. Look at the company’s experience and approach and assess the specifics of what they offer.
It is also important to consider whether the company’s services are flexible enough and if they have the scope to support your company across a range of locations. You should also explore specific aspects such as payment options, minimum hourly usage requirements and whether the company’s services are technology-agnostic.
- How does an incident response retainer work?
-
An incident response retainer establishes clear parameters for the provision of incident response services. Apart from specific actions associated with responding to an incident, this type of retainer can also cover more strategic support to help enhance long-term security planning.
However, it is important to be aware that the quality and scope of support varies widely between providers. At Kroll, we offer an unrivalled incident response retainer by bringing together elite digital forensics and incident response capabilities with maximum flexibility for proactive and notification services.
- What should be considered when choosing a retained incident response service?
-
There are a number of key elements to consider when choosing a retained incident response service. Check whether the provider offers the scope of services you require, from proactive incident response to more strategic advice and help.
It is also important to assess the provider’s capacity to offer 24/7 support in a wide range of locations, depending on your requirements and the provider’s technical expertise. You should also check how quickly and easily a provider is able to work with your organisation in the event of an incident.
- What are the different types of cyber incident response retainers?
-
An incident response retainer is a structured agreement made between an organisation and a security services provider. One option is a no-cost retainer in which a service provider outlines how they will help the organisation respond to an incident.
Another type is a prepaid retainer. In this arrangement, the organisation pays in advance for an agreed number of hours, which can then be used to respond to cyber incidents. At Kroll, our incident response retainers enable companies to achieve the greatest impact with the highest level of flexibility.
- How can incident response retainers enhance security?
-
Responding to a cyber incident is fraught with unknowns and potential risks. Having expert support in place allows organisations to respond more effectively to cyber security incidents because they have the right expertise on hand when it’s required, instead of having to find it when an incident does take place.
An incident response retainer can also include strategic planning support, which can help to significantly enhance security and provide even greater peace of mind. A Kroll incident response retainer guarantees expedited response as well as high quality notification and proactive services.
Get in touch
Complete the form for a prompt response from our team.
Resources