Cyber Emergency Incident Response Service – Rapid, governance-friendly, and defensible

Protect your organisation with our expert-led incident response, adhering to NIST 800-61(r2) guidelines.

For emergencies:

 Call 1300 123 099 or +61 1300 123 099. If that is not answered, send us a message here (make sure you mention its an emergency) and we will get back to you within one-two business hours. 

Note: If you need a gauranteed response product with a Service Level Agreement for your business or your MSP/MSSP, please ask us for retainer pricing.

Key Features

      1. Up to 40 hours of rapid cyber incident response support

      1. Service delivered by experienced professionals following NIST 800-61(r2), GPN-EXPT (Federal Court of Australia and equivalent expert witness standards in the relevant jurisdiction) and other relevant standards

      1. Secure incident response team website for evidence sharing and real-time updates

      1. Flexible pricing with two milestones and an “early finishing” provision so you can opt out if the case is small.

      1. Comprehensive reporting and recommendations to prevent future breaches

      1. Online delivery with optional in-person services available

    How It Works

        1. Engagement: Our team will work closely with your staff, technical personnel, and witnesses to gather information and assess the situation.

        1. Secure Collaboration: We provide a secure incident response team website, allowing for the safe sharing of evidence, real-time updates on the response process, and access to our comprehensive checklist and draft report fragments.

        1. Investigation: We collect forensic data from your network using specialized software and techniques, and examine breached machines in our lab if necessary.

        1. Containment & Eradication: We help contain and eradicate the breach using expert forensic methods.

        1. Business Continuity: Our team assists in getting your key business functions running as quickly as possible.

        1. Reporting: We provide a detailed, explainable report on the damage done, information taken, and recommendations to prevent future breaches.

      Why Choose Notion Digital Forensics?

      In the face of a cyber breach, it’s crucial to have a trusted partner who can help you navigate the incident response process effectively and defensibly. Here’s why Notion Digital Forensics is your best choice:

          1. Proven Track Record: If you’re in Australia or New Zealand, we have worked on businesses you have heard of. While we prioritise our clients’ confidentiality and won’t name them without permission or unless the case becomes public, you can trust that we have the experience and expertise to handle your incident response needs.

          1. Industry and Community Commitment: Notion is dedicated to solving the cyber crime problem by sharing anonymised case information and intelligence with industry partners and community groups. We believe in collaborating to strengthen the collective defense against cyber threats.

          1. Trusted by Leading Organisations:  We have a contract with Cloudflare, one of the world’s largest networking companies, accounting for around 20% of the world’s Internet traffic, to provide training and intelligence. If an industry leader like Cloudflare trusts us to talk with their customers, you can trust us to handle your incident response.

          1. Educational Partnerships: We license and provide training and intelligence to institutions such as UNSW Law, UNSW Business, UNSW Canberra (Australian Defence Force Academy), Imperial College London, and Singapore Polytechnic. Our expertise is sought after by top educational institutions to train the next generation of cyber defenders.

          1. Community Outreach: Our commitment to cybersecurity extends to the community. We work with Blind Citizens Australia and referred victims of domestic violence to help protect vulnerable populations from cyber threats.

          1. Court-Tested Expertise: Our incident response actions have withstood the rigors of cross-examination in court and close scrutiny by national cyber defense organisations. We have the experience and knowledge to ensure your response is thorough and defensible.

          1. Defensible Decision-Making: Society expects you to explain and justify your choices in preparing for and responding to a cyber breach. We specialize in providing comprehensive, written reports that integrate seamlessly with your GRC program, giving you the confidence to defend your actions.

          1. Tailored Support: We understand that every organization has unique needs. Whether you need us to support your tech team by providing expertise in areas like widespread forensic scans, or you want us to lead the entire incident response process, we adapt our approach to best serve you.

          1. Ideal for MSSPs and MSPs: If you’re a managed security service provider (MSSP) or managed service provider (MSP), you need a process that is defensible and demonstrates that you took the most reasonable steps to address the issue. Our services help you win your customers’ confidence and provide a shield for your business.

        Example pricing

        For 95% of cases with organisations from 10 to 1000 people, with a likely breach damage maximum of A$5M, who do not have unusual risks or technology:

            • Milestone 1: AUD 9,000 + GST (up to 16 hours)

            • Milestone 2: AUD 9,600 + GST (up to 24 hours)

            • Total: AUD 18,600 + GST (up to 40 hours)

            • Additional hours available at $465/hr, only with mutual agreement

          We can provide a customised quote for special risk organisations, smaller businesses, or larger organisations.

          Product outcomes

            1. Defendable decision log and investigators report (ask us for a sample)
            2. Expert guidance in executing the NIST 800-61 process
            3. Secure incident response team website for seamless collaboration
            4. Breach containment and eradication
            5. Assistance in restoring key business functions
            6. Detailed findings report for legal/PR teams and stakeholder communication
            7. Comprehensive written report with recommendations
            8. “Early finishing” provision for minor or no breach situations
            9. Optional ongoing monitoring for secondary breach (or for missed malware)


            “We tried a lot of other consultants before someone in-the-know recommended Notion [Digital Forensics] for our ongoing case. I have a governance/risk/compliance background so I was very comfortable with their approach. No one else could have responded like they did”. Compliance Officer, Consultancy in Canberra, Australia.

            “When it matters, we trust no one else.” – CEO of prominent Australian Managed Secure Service Provider.

            “[Notion Digital Forensics] always provides 110% effort.” – Prominent commercial litigator.

            About Notion Digital Forensics

            Notion Digital Forensics is a leading provider of cyber incident response services, committed to helping organisations effectively manage and recover from security breaches. Our experienced team combines cutting-edge forensic techniques with a deep understanding of industry standards to deliver rapid, reliable results.



            For emergencies: Call 1300 123 099 or +61 1300 123 099. If that is not answered, send us a message here (make sure you mention its an emergency ) and we will get back to you within one-two business hours.

            Note: If you need a gauranteed response product with a Service Level Agreement for your business or your MSP/MSSP, please ask us for retainer pricing.