Cyber Risk and Incident Response Retainers

Gain peace of mind in a crisis with guaranteed response times, proactive consulting, and specialist support just a phone call away.
Contact Us

Every organisation must be prepared to respond quickly and effectively to a cyber incident to ensure continuity of operations and protect their reputations. Privacy and consumer protection regulations also require timely response and notification for cyber incidents.

Kroll’s cyber risk retainer offers maximum flexibility and transparent pricing to ensure our clients get tangible value for their money and have peace of mind knowing they can depend on our prioritised response and global resources in a crisis.

Our cyber risk retainer can adapt to and maximise a company’s existing security stack, so there’s no need to buy new tech. Clients can also leverage our comprehensive slate of cyber risk solutions to strengthen their overall resiliency.  

Incident Response Retainers

Customisable Incident Response Retainer

Kroll understands that the prospect of preparing for and responding to a cyber incident is fraught with unknowns. Our robust but flexible cyber risk retainer can be adapted to any business, ensuring our clients have the comfort of knowing Kroll’s cyber risk experts will respond immediately to contain and remediate any incident. Whether it is for taking proactive security measures or responding to a breach, Kroll’s cyber risk retainer services are configurable to the needs and environment of any organisation, regardless of the technologies they use. 

Our retainer options help alleviate the pressure organisations feel to maximise the value of their cybersecurity investments with an upfront service and pricing structure.  

How Flexible is the Cyber Risk Retainer?

Unlike most providers, you can customise retainer packages to include a wide range of services:

Digital Forensics
Incident Response
Breach Notification
Testing & Assessments
Tabletop Exercises
Litigation Support

Client Testimonials

“As a Cyber Risk Retainer client, we have appreciated Kroll’s expedited response for potentially critical issues. Their subject matter expertise allowed us to contain a situation prior to it developing into a significant issue.” – Option Care Health

“Kroll's Cyber Risk Retainer program gave us the flexibility to utilise our retainer credits to help us accomplish some of our IT security goals during the year, while having the peace of mind that we had a Tier 1 partner to quickly respond if we had some type of cyber incident.” – Netscout Systems, Inc

Incident Response Retainer Service Features


  • Ability to roll over a portion of unused retainer credits
  • No minimum hourly usage or lead time requirements
  • Tech-neutral services that can be catered to any client’s security stack
  • Discounted rates for hourly cybersecurity services offered by Kroll
  • Compatibility and pre-negotiated rates with over 60 major cyber insurance carriers

Cyber insurance plays an integral role in mature cybersecurity systems. Fortunately, Kroll is an approved vendor for more than 60 cyber insurance carriers around the world. We have a dedicated insurance team to help our clients handle claims effectively.

Choose the Incident Response Retainer Option That Fits Your Organization’s Posture and Need

Response Time Service Levels
Incident support contact within two hours (24/7/365)
Incident support contact within four hours (24/7/365)
Service Credits Application
100% of retainer credits can be applied towards any cyber risk consulting service
Rollover Credits
Up to 20% of unused services credit may be applied to the following year upon renewal
Rate Discount
15% discount on any additional hourly-based proactive or incident response cyber risk service
10% discount on any additional hourly-based proactive or incident response cyber risk service

Customise Your Incident Response Retainer for Optimal Coverage

Unlike most cyber risk firms, Kroll lets clients customise their cyber risk retainers to meet their unique security needs by choosing from a wide range of proactive, response and notification service options. Available services include:


Peace of Mind and Expert Support Just a Call Away

Kroll manages over 3,000 cyber investigations every year for clients of all sizes and complexities. We also have decades of experience helping clients notify customers affected by breaches. We can help you determine the right cyber risk retainer for you, beyond incident response. For peace of mind and support before and during an incident, speak with one of our cyber experts today.

Talk to a Cyber Expert

Kroll is ready to help, 24x7. Use the links on this page to explore our services further or speak to a Kroll expert today via our 24x7 cyber hotlines or our contact page.

Frequently Asked Questions

An incident response retainer provides organisations with structured expertise and support to help them respond quickly and effectively to a cyber incident. With an incident response retainer, a company can obtain proactive support to secure their operations, reputation and bottom line and meet any legal response and notification mandates. In the event of major cyber incident impacting multiple organisations, a retainer reduces the challenges of identifying and obtaining expert support and response services in the midst of a crisis. 

Incident Response Tabletop Exercises

Kroll’s field-proven incident response tabletop exercises provide a customised test of every aspect of an organisation’s cyber response plan.

Incident Response Plan Development

Today, you learn your company is experiencing a serious cyber incident. It could be a ransomware attack, a hacked O365 email account, the theft of PII or PHI, data exposure from misconfigured network settings. What is the first step you should take?

Optimised Third-Party Cyber Risk Management Programmes

Manage risk, not spreadsheets. Identify and address cyber threats in third-party relationships to ensure compliance with regulations such as NYDFS, FARS, GDPR, etc.

Third Party Cyber Audits and Reviews

Kroll’s cyber audits and reviews ensure third parties handle sensitive data according to regulatory guidelines and industry standards.

Cyber Governance and Risk

Manage cyber risk and data security governance with Kroll’s defensible cybersecurity strategy framework.

FAST Attack Simulation

Safely perform attacks on your production environment to test your security technology and processes.