{"id":126149,"date":"2023-03-27T15:00:00","date_gmt":"2023-03-27T22:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=126149"},"modified":"2024-06-26T08:27:11","modified_gmt":"2024-06-26T15:27:11","slug":"microsoft-incident-response-retainer-is-generally-available","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/03\/27\/microsoft-incident-response-retainer-is-generally-available\/","title":{"rendered":"Microsoft Incident Response Retainer is generally available"},"content":{"rendered":"\n
The task of securing organizations is constantly changing and getting more complex. Many organizations don\u2019t have the time, resources, or expertise to build an in-house incident response program. For customers that want help remediating an especially complex breach (or avoiding one altogether), Microsoft Incident Response<\/a> offers an end-to-end portfolio of proactive and reactive incident response services. We operate in 190 countries and our incident responders are seasoned veterans with more than a combined 1,000 years of career experience resolving attacks from ransomware criminals to the most sophisticated nation-state threat actor groups.<\/p>\n\n\n\n Customers face persistent attacks from a growing number of vectors that cost time and money and impact reputation. Companies that are unprepared to respond to an incident saw a global average breach cost USD4.3 million (USD9.44 million in the United States) in 2022. This compares to USD3.05 million (USD1.3 million or 30 percent less) for companies with incident response and AI automation.1<\/sup> Companies that put these proactive measures in place also detected breaches 74 days faster than those without support (249 days compared to 323 days). Compounding these challenges, only 41 percent of chief executive officers (CEOs) believe they are prepared for cybersecurity crises.2<\/sup> What this tells us is that customers need incident response help, and they need to engage this help proactively before a crisis happens\u2014and Microsoft has taken note.<\/p>\n\n\n\n \u201cMy team lives and breathes incident response. I literally have to pull them away from work and make them take breaks\u2014they love what they do, and it shows in the quality of their work,\u201d said Dan Taylor, Head Coach of Microsoft Incident Response. \u201cWe are excited for the continued expansion of Microsoft Incident Response and the launch of our service via retainer, which improves the customer purchase experience and allows for deeper, more meaningful customer engagement.\u201d<\/p>\n\n\n\n The Incident Response Retainer provides pre-paid hours for highly specialized incident response and recovery services before, during, and after a cybersecurity crisis. It\u2019s contracted on an annual basis and the retainer hours can be used in any combination of proactive and reactive services. If additional hours are needed, customers can easily uplift extra hours as requirements change.<\/p>\n\n\n\n This service provides our fastest response times and direct access to our global team of experts. It was designed to work with cyber insurance vendors and has flexible delivery options that meet the unique needs of each customer.<\/p>\n\n\n\n Capabilities<\/strong>:<\/p>\n\n\n\n We hope you never have to experience a breach. But if you do, you can rest assured that we will do everything we can to help your organization get back to business as usual. In alignment with Microsoft\u2019s mission to empower every person and every organization on the planet to achieve more, we help every organization we can, including:<\/p>\n\n\n\n One of our core principles at Microsoft Security is security for all. Meeting the needs of all kinds of organizations means offering choice\u2014not only in the types of services customers buy but in who they buy them from. At the end of the day, we know that a single provider can\u2019t meet the unique needs of every organization. That\u2019s why Microsoft is fully committed to working with an ecosystem of partners and technologies that provide customers the flexibility to choose what fits their needs. <\/p>\n\n\n\n Microsoft has an extensive security services partner ecosystem for customers across the globe to choose from. Our incident response and Microsoft-verified MXDR solution partners have world-class capabilities and domain expertise, each offering a broad portfolio of specialized solutions across the Microsoft security product portfolio. If you are looking for partner services, please go to the Microsoft Intelligent Security Association<\/a> member directory to find a solution to meet your needs.<\/p>\n\n\n\n In alignment with the expansion of our Incident Response portfolio, we are also announcing a new partnership with incident response provider, Kivu. Microsoft and Kivu will jointly work together to utilize existing relationships with cyber insurance providers in responding to customers\u2019 cyber incidents. Kivu will regard Microsoft as the premier option for post-breach remediation services when Kivu clients need them, and Microsoft will regard Kivu as a trusted partner to handle ransomware negotiations for customers seeking that service.<\/p>\n\n\n\n \u201cCybercrime will never stop. We have to partner, pool talent, combine intelligence and work together with our public sector colleagues to protect organizations from cyber threats. Our alliance with Microsoft Security combines our strengths to have more impact on almost any imaginable cybersecurity issue,\u201d said Shane Sims, CEO, Kivu Consulting, Inc. <\/p>\n\n\n\n \u201cOur mission is to secure the world so our customers can thrive. Security is a team sport, and incident response is one of the most important areas for industry leaders to come together in collaboration,\u201d said Kelly Bissell, Corporate Vice President of Security Services, Microsoft. \u201cWe look forward to working with Kivu and other partners to help customers be safe and secure against all cyberattacks. Customers can be confident that their incident response needs will be addressed so their business can thrive.\u201d<\/p>\n\n\n\n To learn more, please\u202fvisit our website<\/a>\u202for read our blogs in the\u202fMicrosoft Security Experts series<\/a>. For more information on purchasing the service on Unified, contact your account manager.\u00a0<\/p>\n\n\n\n To learn more about Microsoft Security solutions, visit our website<\/a>. Bookmark the Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security<\/a>) and Twitter (@MSFTSecurity<\/a>) for the latest news and updates on cybersecurity.<\/p>\n\n\n\n 1<\/sup>Cost of a Data Breach Report 2022<\/a>, IBM. 2022.<\/p>\n\n\n\nIncident response retainers are increasingly valuable due to market dynamics <\/h2>\n\n\n\n
Overview of the Microsoft Incident Response Retainer service<\/h2>\n\n\n\n
\n
Who Microsoft Incident Response helps<\/h2>\n\n\n\n
\n
Ecosystem partnership<\/h2>\n\n\n\n
Learn more<\/h2>\n\n\n\n
\n\n\n\n