Incident Response Plans & Playbooks
Turn uncertainty into action with tailored response guides
An incident response plan is more than a compliance checkbox; it’s your organisation’s playbook for surviving the worst days in cyber. At Lykos Defence, we help you design practical IR plans and playbooks that guide your team with clarity and confidence when every minute counts.
Whether you're starting from scratch or refining existing documentation, we work with your team to create response materials that are easy to follow, aligned to your environment, and built to support fast, coordinated action.
What We Deliver
Strategic IR Plans
High-level frameworks that define your objectives, escalation paths, roles, communication protocols, and legal/regulatory obligations during a cyber event.
Technical & Operational Playbooks
Step-by-step guides for specific scenarios like ransomware, business email compromise, insider threats, data breaches, cloud compromise, and more. Tailored to your systems, tools, and team structure.
Communication & Crisis Management Plans
Templates and guidance for internal and external communications, including legal, executive, and media response.
Tabletop-Ready Documentation
All content is designed for use in tabletop exercises and real incidents alike. Testable, actionable, and aligned to your real-world risks.
An incident response planning engagement might look like this:
| Date | Milestone |
|---|---|
| Sep 11 | Kickoff Meeting: Discovery & scoping |
| Sep 18 | RFI Return Deadline: Provide any relevant documentation to Lykos Defence for review |
| Sep 25 | IR Planning Workshops: We facilitate a series of workshops with your teams and collaboratively develop or iterate your plans |
| Oct 02 | Delivery: Deliverables finalised and submitted |
NB: Use this indicative timeline as a general guide; projects can take more or less time depending on factors such as your teams' availability, turnaround of RFI materials, number of documents being created or revised, etc.
Why It Matters
- Reduces response time and confusion during incidents
- Aligns technical, business, and executive stakeholders
- Helps meet compliance and audit requirements (ISO 27001, NIST, ASD Essential Eight, etc.)
- Provides legal defensibility and improves breach notification readiness
- Supports continuous improvement through post-incident reviews
Built With You, For You
Our consultants don’t drop generic templates and walk away. We work collaboratively with your team to understand your systems, capabilities, and constraints, then tailor documentation you’ll actually use.
When incidents strike, your team shouldn’t be improvising. Let’s build the playbooks you’ll trust when the pressure’s on.
Frequently Asked Questions
An incident response plan provides a high-level framework: your objectives, roles, escalation paths, legal/regulatory obligations, and overall response structure.
Playbooks are scenario-specific: step-by-step guides tailored to incidents like ransomware, email compromise, insider threats, or data breaches. Both are important. One sets your strategy, the other guides your tactical response.
Absolutely, in fact it's helpful. Many clients come to us with partial documentation, legacy plans, or outdated templates. We review what you have, identify gaps, and build from there. We recommend keeping what works and improving what doesn’t.
A typical engagement runs for three to four weeks depending on your teams' availability, the number of documents involved, and how much existing material we’re working from. We’ll provide a clear project timeline at the start and keep things on track throughout.
Deliverables are provided in editable formats (typically Word and PDF), ready for review, approval, and distribution. If you need integration into a particular platform (e.g. Confluence, SharePoint), we can support that too.
Yes. Everything we deliver is designed to be used in both simulated and real-world incidents. We avoid theory and boilerplate in favour of practical, testable guidance you can validate through regular exercises.
Pricing depends on the size and complexity of the engagement, e.g., how many scenarios are covered, whether you want to revise existing material or build from the ground up, and how many stakeholder groups are involved.
As a guide, a full IR plan and two to three tailored playbooks typically start from AUD$35,000–$45,000. This type of engagement includes significant time spent with your teams during discussion-based workshops to collaboratively tailor plans to your specific requirements.
We’ll provide a fixed quote after a short discovery call to understand your needs.
Organisations that want to move beyond compliance checklists and prepare their teams to respond with clarity and confidence. We've worked with critical infrastructure providers, government, education, finance, tech startups, and large enterprises across all regions.