When you get breached, every minute
costs ₹15,000. Have a plan before it happens.
Pre-paid retainer for on-call breach response. CERT-In compliant 6-hour notification. AI-accelerated forensics. Because the worst time to find an IR team is during an active breach.
What the retainer covers
End-to-end breach response — from containment to recovery to regulatory compliance.
Breach Containment
First 2 hours are critical. Our IR team isolates compromised systems, blocks lateral movement, and preserves evidence — before the attacker can exfiltrate more data.
Digital Forensics
AI-accelerated log analysis across cloud, endpoint, and network. Root cause identification in hours, not weeks. Chain of custody maintained for legal proceedings.
CERT-In Notification
India's CERT-In mandates breach reporting within 6 hours. We draft and file the notification with all required details — incident type, systems affected, data compromised, containment steps taken.
Recovery Planning
Structured recovery plan: system restoration priority, data integrity verification, service-by-service bring-up sequence. Get back to operations safely, not just quickly.
Post-Incident Report
Comprehensive report documenting timeline, root cause, impact scope, remediation steps, and recommendations. Board-ready executive summary included.
Legal & Board Communication
Draft communications for board notification, customer disclosure (DPDP Act requirement), regulatory filings, and media response. You handle the crisis — we handle the paperwork.
Why Indian businesses need an IR retainer now
India's regulatory landscape has changed. Breaches without response plans carry compounding penalties.
CERT-In 6-Hour Rule
CERT-In Direction 28 April 2022: All organizations must report cyber incidents within 6 hours of detection. Failure to report is a separate violation with penalties.
CERT-In, April 2022DPDP Act Breach Obligations
Under DPDP Act 2023, Data Fiduciaries must notify the Data Protection Board and affected individuals of any personal data breach. No timeframe specified yet — but the obligation is absolute.
DPDP Act 2023, Section 8(6)₹250Cr Penalty Context
A breach that could have been contained with proper incident response but wasn't — that's a "failure to implement reasonable security safeguards" under Schedule I. Maximum penalty: ₹250 crore per incident.
DPDP Act 2023, Schedule IHow AI accelerates incident response
Traditional IR relies on manual log analysis. AI cuts investigation time from days to hours.
- Manual log review: 2–5 days
- Root cause: often inconclusive
- CERT-In notification: scrambled together
- Board report: weeks after incident
- AI log analysis: 2–4 hours
- Root cause with evidence chain
- Auto-drafted CERT-In notification
- Board report generated same day
Retainer plans
Pay a predictable monthly fee. Use the hours when you need them. Unused hours roll over for 3 months.
5 hours IR support included. 2-hour SLA. CERT-In notification drafting. Post-incident report.
15 hours included. 1-hour SLA. Full forensics. Board communication support. Quarterly IR drills.
Unlimited hours. Dedicated IR lead. 24/7 SOC integration. Custom playbooks. On-site support.
Average breach cost in India: ₹22 crore (IBM Cost of Data Breach 2025). A ₹9,999/mo retainer is insurance, not an expense.
The best time to get an IR plan was before the breach
The second best time is now. Set up your retainer, define your playbooks, and know exactly who to call when it happens.