Incident Readiness Consulting

Create cyber security incident policies, procedures, and runbooks

While there are universal concepts, there’s no generic Incident Response blueprint. Each company has unique needs. Our decades of experience in IR—handling incidents for start-ups to Fortune 200 companies—means we know how to help you craft a custom-built, systemic, cross-discipline approach to handling incidents. You will reduce the number of incidents, and their severity.

You can’t just outsource to some consultant the creation of the policies, procedures, and runbooks that your company will use to manage how you handle cyber security incidents. Evertas incident experts can guide your organization to optimal incident handling readiness, placing you confidently in control.


  • Identify your core incident response team from among your legal, security communications, business units, and technical stakeholders.
  • Interviews and workshops with the CIT to discuss what each team commits to bring to handling of each incident, then memorialization of this in terms of written policies and procedures.
    • This is not a set of commands, it’s a carefully negotiated construct so that the whole team understands where they fit in to your organization’s incident handling infrastructure
  • Policies and procedures are critical, but they don’t set forth the how of incident response; incident runbooks give examples, order of operations, and serve as a living reference—updated after every incident—to help your teams know what to do next.
  • Your teams need to conduct regular exercises against these policies, procedures, and runbooks so that your incident responses are familiar. Evertas can help you prepare for tabletop exercises, drills, and simulations to test each aspect of your responses.