Incident Response
Readiness
The worst time to work out your incident response plan is during an incident. We help you prepare before it happens: building playbooks, running tabletop exercises, and getting your notification obligations straight, so that if the day comes you're not improvising. We respond hands-on too, and can provide staffed 24/7 monitoring where you need it.
- Incident response plan and playbook development
- Tabletop exercises for executives, IT, and response teams
- IR readiness assessment against your real environment
- Notification-obligation mapping - OAIC NDB, ACSC, SOCI Act, sector regulators
- Retainer-style first-responder advisory (best-effort, scoped honestly)
- Hands-on incident response and digital forensics
- Post-incident review and lessons-learned reporting
Common Questions
We're having an incident right now - what do we do?
Email contact@rtcs.au with URGENT in the subject line. Don't wait on a contact form.
Do we need a retainer before you'll help us?
No - we take direct incident engagements. We also offer IR retainers: we learn your environment and agree response procedures in advance, and you get priority response when the bad day arrives. A retainer makes the first hours dramatically faster, but it's never a precondition for helping you.
What are our notification obligations after a breach?
It depends on the data and your sector. The Notifiable Data Breaches scheme has a 30-day assessment clock for eligible breaches, SOCI entities have their own reporting windows, and sector regulators add more. Mapping your specific obligations is part of the engagement.