Prepare for a security incident before you are in the middle of one.
A focused review of your ability to detect, respond to, communicate, and recover when a cybersecurity incident occurs.
Starting Price
USD $4,500 / CAD $6,000
Typical Timeline
7 to 12 business days
Engagement Snapshot
Best For
Businesses that want to prepare before a breach, ransomware event, account compromise, or operational disruption
Primary Outcome
A practical incident response readiness plan
Standard Scope
One company or business unit, up to 4 stakeholder interviews
Key Exclusions
No active incident response, forensics, legal advice, or breach notification
The Problem
Most businesses do not want to build their incident response plan during a crisis.
A cybersecurity incident does not wait for a business to be prepared. When ransomware hits, an account is compromised, or data is exposed, the decisions made in the first hours matter enormously. This review identifies gaps in roles, communication, escalation, backups, logging, vendor contacts, insurance coordination, and recovery readiness before an incident forces you to discover them under pressure.
What You Get
Defined deliverables
- check_circleIncident response readiness scorecard
- check_circleRoles and responsibilities recommendations
- check_circleEscalation and communication checklist
- check_circleEvidence and logging readiness notes
- check_circleBackup and recovery readiness review
- check_circlePractical incident response improvement plan
What Is Included
Standard scope
- checkOne company or business unit
- checkUp to 4 stakeholder interviews
- checkReview of existing incident response plans, backup process, logging sources, escalation paths, cyber insurance contacts, and key vendors
- checkOne readiness report
- checkOne findings presentation
What Is Not Included
Scope exclusions
- removeActive incident response
- removeForensics
- removeMalware analysis
- removeLegal advice
- removeBreach notification
- removeTabletop exercise facilitation unless separately scoped
- removeOngoing monitoring
The Process
How this engagement works
Fit Call
We confirm the business context, current incident response state, and primary concerns.
Scope Confirmation
Stakeholders, materials, deliverables, and timeline are confirmed before work begins.
Interviews and Document Review
Stakeholders are interviewed and existing plans, contacts, and backup processes are reviewed.
Readiness Review
Readiness is assessed across detection, response, communication, escalation, backup, and recovery dimensions.
Findings and Plan
Readiness scorecard, improvement plan, and checklists are delivered and walked through on a findings call.
Who This Is For
For businesses that want to be prepared before an incident happens
This review is a strong fit for small and midsized businesses that have not gone through a structured incident response readiness exercise. It is particularly relevant for businesses handling sensitive customer data, operating in regulated industries, carrying cyber insurance, or that have recently grown their technology footprint. It is also appropriate for businesses that have recently experienced a minor incident and want to improve their readiness before a more serious event occurs.
If your business does not yet have a clear picture of its security posture more broadly, consider pairing this with the Cybersecurity Readiness Snapshot.
Pricing note: Pricing shown is starting pricing for standard-scope engagements. Final pricing depends on environment size, number of systems, complexity, urgency, and any requested work outside the standard scope.
These starter engagements are intentionally scoped to produce useful outcomes without turning into open-ended consulting projects. If your environment is larger, more complex, or requires hands-on implementation, SullySoft can provide a separate estimate before any additional work begins.
Incident Response Readiness Review
Starting at USD $4,500 / CAD $6,000 • 7 to 12 business days
Book a 30-minute fit call to confirm the scope and get started.
Book a 30-Minute Fit Call