Incident Response
Cyber-attacks targeting industrial organizations, including a recent spike in ransomware, have the potential to severely disrupt operations and can pose real safety risks if not swiftly mitigated. The Dragos Incident Response (IR) Service helps organizations prepare for, respond to, and recover from cyber incidents in industrial environments. Our team of experienced incident responders–backed by Dragos’ ICS threat intelligence and the industrial-specific focus of the Dragos Platform–offers both rapid response availability and retainers to help security personnel resolve crisis situations as quickly as possible.
Benefits
- Rapid onsite and offsite incident response support
- Experienced team of responders backed by advanced threat hunting & detection technology delivered by the Dragos Platform
- Create effective IR strategies across your business units based on Dragos expert assistance
- Understand industrial adversaries based on in-depth ICS threat intelligence and frontline expertise
- Apply retainer hours to other proactive professional services
- Tailored incident response strategy to quickly mitigate incidents
- Best-practice response guidance based on our team’s experience responding to hundreds of industrial cyber incidents
- Strategic recommendations to strengthen security posture
- Detailed analysis of incident response measures
- Root cause analysis to learn from & prevent future incidents
Lessons Learned from the Front Lines

Incident Response Options
400 | 160 | 120 | Rapid Response | |
---|---|---|---|---|
Annual Hours | 400+ | 160-399 | 120–159 | As Accrued |
Hourly Discount | 35% | 31% | 27% | N/A |
24/7 Hotline | √ | √ | √ | √ |
Contact Established Within | 8 Hours | 8 Hours | 8 Hours | Best Effort |
Enroute Within | 48 Hours | 48 Hours | 48 Hours | Best Effort |
Optional Readiness Assessment* | √ | √ | √ | N/A |
Proactive Prep & Planning | √ | √ | √ | N/A |
Post-Engagement Reports | √ | √ | √ | √ |
Want to see Dragos in Action?