Incident response

When it goes wrong, speed is everything.

A cyber incident is one of the most stressful things a business can face. Our incident response team is available when you need us — to contain the breach, preserve evidence, understand what happened, and get you back to operating as fast as possible. We also help you prepare before anything goes wrong, following the NIST CSF 2.0 Respond and Recover framework.

What's included

Incident response planning before an incident occurs
Tabletop exercises to test your team's readiness
On-call response team for active incidents
Containment, eradication, and evidence preservation
Communication guidance — staff, customers, and regulators
NZ Privacy Act 2020 breach notification guidance and support
Post-incident review and lessons-learned report
Liaison with CERT NZ and relevant authorities

Under attack right now? Email hello@kis.co.nz with URGENT in the subject line. We respond immediately.

Talk to us about IR planning →

The six phases of incident response

✓

Prepare — IR plan, contacts, and runbooks ready before anything happens

✓

Detect — Identify that something is wrong, as fast as possible

✓

Contain — Stop the spread. Isolate affected systems. Preserve evidence.

✓

Eradicate — Remove the threat from your environment completely

✓

Recover — Restore systems safely and return to normal operations

✓

Review — Understand what happened and prevent recurrence

Before, during, and after

We support you at every stage.

Most IR engagements start at the wrong time — during an incident. We help you prepare before anything happens, so that when it does, you're not starting from scratch.

Before an incident

IR planning & tabletop exercises

We build your IR plan, identify your response team, and run exercises that simulate a real attack. When an incident occurs, everyone knows exactly what to do.

During an incident

On-call response team

We contain the breach, preserve forensic evidence, investigate what happened, and communicate with staff, customers, and regulators including CERT NZ and the Privacy Commissioner.

After an incident

Post-incident review

A detailed lessons-learned report covering what happened, how it happened, what the impact was, and what changes to make to prevent recurrence. Documented for insurance and regulatory purposes.

Related services

Managed monitoring

Detection is faster when someone's already watching your environment 24/7.

View service →

Security training

Staff who know what to do in the first minutes of an incident make a measurable difference.

View service →

Compliance

NZ Privacy Act 2020 requires breach notification. We help you meet the obligation, including NIST CSF 2.0 Respond controls.

View service →

Our Workflow…

Free conversation
We talk about your business, your concerns, and your goals. No sales pitch.
We scope and quote
A clear proposal arrives within two business days. Exact scope, fixed price — no surprises.
We get to work
We handle the heavy lifting. We’ll only contact you when we need something or have something to show you.
We debrief clearly
Every engagement ends with a plain-English walkthrough of findings, recommendations, and next steps.

What you need to provide…

About an hour of your time
For the initial conversation and the final debrief. We do the rest.
Access to the right people
Usually your IT contact (or you, if that’s the same person) and whoever owns the systems in scope.
Read-only access where needed
For most assessments, we only ever need read access — never admin credentials or the ability to make changes.
An honest picture of where you are
The more candid you are about your current setup, the more useful our findings will be. There’s no judgement here.

That’s genuinely it. You don’t need a dedicated IT team, a security background, or any preparation beyond booking the first call.

Not sure which service you need?

Start here.

A free 30-minute conversation. We’ll tell you honestly what your business needs — and what it doesn’t.

Book a free conversation

What others say about us…

We’d always had a family member looking after our IT, and while we trusted them completely, we hadn’t realised how much risk we were quietly carrying. KIS came in and overhauled our entire security setup, got us properly configured with multi-factor authentication, and went through our Microsoft 365 environment to make sure the right people had the right access and licensing. It wasn’t just a technical fix, it was genuine peace of mind. We now know our systems are actually secure, not just looked after by someone who means well.

Jeremy T.Owner, Auto Services

As a financial services firm, protecting client data isn’t optional. We had no formal security management framework in place and knew we needed to get serious. KIS assessed where we stood and mapped out a practical path toward NIST and ISO 27001 compliance, grounded in what was realistic for our size and structure. Their advice was prioritised and clear, and we came away with a credible roadmap and the confidence that we’re taking the right steps in the right order.

Pam K.CIO, Financial Services Firm

We were rolling out AI across the organisation and our internal IT team is great, but this was new territory. We needed someone to close the gaps fast and set us up to manage things ourselves going forward. KIS delivered on all of it. They implemented data loss prevention, a document classification scheme, and Microsoft Purview, and the uplift in our security and compliance posture has been significant. The best part? They didn’t just fix things and leave. We came out of it actually understanding the system and capable of running it ourselves.

Abby S.Compliance Officer, Telecommunications Company

We’re a small non-profit focused on young people, and like many organisations like ours, we were running largely on goodwill and volunteers. We had a website collecting significant personal information and, honestly, we hadn’t fully grasped the risk we were sitting on. KIS conducted a penetration test, walked us through every finding, and worked through remediation of all critical vulnerabilities with our budget in mind the whole time. They treated our mission as if it mattered to them too, and that made all the difference.

Elizabeth C.Senior Leader, Youth Organisation

When it goes wrong, speed is everything.

We support you at every stage.

IR planning & tabletop exercises

On-call response team

Post-incident review

Managed monitoring

Security training

Compliance

Our Workflow…

What you need to provide…

Not sure which service you need?

What others say about us…

KIS

Services

Company

Useful links