The threat of cybercrime is the new reality for enterprises worldwide. It is not a matter of if you will be targeted, it is a matter of when. Unfortunately most organizations are not proactive in their approach to information security; until they have been breached. Herjavec Group has practical experience addressing and managing the most complex security breaches. Through timely and strategic response to security incidents, Herjavec Group reduces recovery time, costs and damage. We offer Incident Response Retainers as well as hourly rate packages to support your remediation efforts.

Experience HG Incident Response Services

Tech Image

Why Trust HG To Lead Your Incident Response?

  • When an incident occurs, we respond with a customized response team.
    We bolster your existing tools and processes with our state of the art networking, discovery and forensic tools. Our flexibility provides a faster, more effective response. We maintain a neutral perspective throughout our response delivery.
  • We are on site offering a high-touch response.
    While we can provide remote triage and expertise across multiple security domains, we believe that on-site presence is critical to managing an incident, interacting with management and ensuring the best outcome overall.
  • We do not abandon you once the incident is closed.
    When a complex incident occurs, Herjavec Group follows through on recommendations that are made and supports you through the entire cycle of remediation as required. This includes providing you with the consultation and technical expertise needed throughout the remediation process.
  • Our retainer hours are flexible and can be dedicated to additional cybersecurity services.
    Rest assured knowing that your investment with HG can be leveraged for incident response support as needed, or dedicated to additional services from advisory consulting, to identity, professional services and more.

Modeled after NIST SP800-61r2 and ISO 27035, Herjavec Group’s Incident Response team supports four activity phases:

Icon - Scoping


Detection & analysis

Icon - Incident Response

Incident response

Containment, evidence collection,
eradication or remediation

Icon - Recovery


Support in return to
normal operations

Icon - Post Incident Review

Post Incident Review

Including controls reviews,
actions for improvement

3-Tiered Incident Support Structure

Icon - Incident Commander

Incident Commander

Your first point of contact to understand the scale and scope of the incident. In contact with you and incident controller daily to understand status and support the overall team.

Icon - Incident Controller

Incident Controller

Onsite resource responsible for tracking activities and providing daily reporting on the progress of the incident handling.

Icon - Incident Handler

Incident Handler

The resources working on the incident itself. Specifically selected based on their skill and experience. The skills include incident detection/ analysis, incident control/ handling, containment, eradication/ recovery, and forensic investigation/ root cause analysis.

Why choose an HG Incident Response Retainer?

Herjavec Group offers incident response services upon request, as well as through a retainer package offering.

  • Ultimate Flexibility in Cybersecurity Services – Package can be dedicated to HG Incident Response or any of HG’s Professional Services including identity and advisory services
  • Budgeted line item with no surprises
  • Shortened SLA’s for incident response
Retainer Packages

Customer Success

Customer Success Story

Goldcorp Inc

“Within 12 hours we had Herjavec Group on-site helping us troubleshoot, taking control of the situation, and helping us with an incident response management plan.”

Luis Canepari — VP of Technology at Goldcorp

Examples of the incident response security support offered include:

  • Managed and monitored the customer’s incident bridge
  • Isolated the network from external threats
  • Disrupted communication channels used by threat actors
  • Architected security strategy involving Firewalls, IPS, SIEM, Anti-Virus, and APT appliances
  • Deployed all of the security technologies for remediation response
  • Developed custom reporting to highlight indicators of compromise
  • Provided technical consulting across multiple levels of the organization
  • Co-ordinated service restoration to key business functions
  • Guided the business on security incident response and remediation strategies

Additional Incident Response &
Emergency Preparedness Services

Response Readiness

A two-day service to assist the customer in their Incident Response plans. Herjavec Group will be on site to review the current state of the Incident Response plans and make recommendations for improvements. When used bi-annually, Herjavec Group can assist the customer to create a proper Incident Response plan.

Post Incident Executive Briefing

A half-day session with the Incident Commander, or a Herjavec Group Senior Vice President, to talk to the customer’s senior staff about the incident for which Herjavec Group has been enaged. In the Post Incident Executive Briefing, Herjavec Group will review the incident details, the incident handling process, and share recommendations for improvements to the customer process of incident handling.

Preparing for an Incident

A cyber attack is one of the biggest threats to your business in 2018.

As a security professional you’re balancing technology investment, internal process and access controls – but does your proactive defense include a comprehensive incident response plan?

Download the full guide to learn more about how your organization can prepare for a cyber incident and mitigate the impacts following an event to maintain business continuity.

Download the Service Brief

I subscribe to Herjavec Group News which includes Threat Advisories, Thought Leadership and information about products, services and events that may be of interest.