The time will come: don’t let the attacker have the upper hand. Become a Certified Incident Responder
Master Incident Response and Protect Your Clients
Incident Response Certification
March 19-20, 2026
Hosted on GoToWebinar
Limited Seats Remaining!
Why is becoming a Galactic Certified Incident Responder so Critical?
In today’s world, without a solid incident response (IR) plan, your clients are at risk. Hackers get past security tools all the time. Incidents WILL happen but the question is, will you be ready? We've managed thousands of real-world incidents and conducted numerous tabletop exercises. The companies that survive and thrive are the ones with a well-practiced plan. Without one, you’re left trying for the best and trying is not a strategy.
Protect Your Future
With the Galactic IR Certification, you’ll gain the knowledge and tools to master incident response, keeping your business and clients safe from catastrophic failure when an incident strikes. It’s time to stop relying on trying, hope and luck.
Security isn’t just about putting tools in place; it is about planning and strategy. Success tomorrow begins today!
Our Program: Hands-On, Real-World, Immediate Impact
This intensive two-day course is designed for MSPs and IT professionals looking to take their incident response to the next level. We’ll teach you everything you need to:
- Effectively respond to security incidents and limit damage.
- Integrate incident response into your clients’ compliance frameworks to ensure they meet legal and regulatory standards.
- Create and refine Incident Response Plans and Playbooks that protect both your business and your clients.
- Generate, protect and gather the evidence you will need to properly protect your client’s future after the event from a legal perspective.
- Communicate effectively during and post-incident
Certification That Sets You Apart
After successfully completing the course and a rigorous hands-on exam, you’ll earn your Galactic IR Certification, proving to clients and prospects alike that you’re prepared for anything.
Why Becoming a Galactic Certified Incident Responder is a Game Changer
With a plan, you survive. Without one, you won't.
In an industry where downtime can destroy a business, the ability to respond to incidents isn’t optional, it’s essential. The GIRC ensures that you have more than just a plan, you have a practiced, battle-tested response framework.
What’s in it for You?:
Increase Your Revenue
This certification positions you to offer Incident Response Plans and deliver Annual Tabletop Exercises (TTEs) which are essential services for any compliance-driven business.
Open New Doors
Help your clients meet regulatory requirements, enhance their cybersecurity posture, and be the go-to expert in IR and compliance.
Future-Proof Your Business
As security incidents increase, companies are looking for MSPs who are certified, prepared, and proactive. This certification proves that your business is ready for whatever comes.
Don’t Wait Until It’s Too Late
Incidents aren’t a question of "if", they’re a question of "when." Take action now, get certified, and ensure your business and your clients can weather any storm.
Become a Galactic Certified Incident Responder
and start protecting your future today.
Sessions
Day 1 – March 19, 2026
Session 01: State of Security
Get oriented to the security reality MSPs and IT teams are dealing with right now: how attackers operate, what’s changed, and where organizations keep getting caught off guard. Walk away with sharper context for interpreting incidents quickly, setting priorities early, and making security decisions based on today’s threat conditions. Not yesterday’s assumptions.
Session 02: Introduction to Incident Response
Build the incident response foundation required to lead, not just participate, when things go sideways. Leave with a clear understanding of the IR lifecycle, what “good” response looks like under pressure, and how to move response efforts from improvisation to a structured, repeatable approach that holds up when the stakes rise.
Session 03: Assessing Threats to Organizations
Learn how to decide what matters first when everything feels urgent. Take away a practical method for evaluating threats using impact, likelihood, and business risk so response energy goes where it counts— and decisions remain defensible when timelines are tight and information is incomplete.
Session 04: Initial Analysis and Documentation
Start incidents correctly, because early mistakes become expensive later. Develop the ability to run initial analysis with discipline, capture the details that actually matter, and document actions in a way that supports continuity, accountability, and clean handoffs when incidents stretch beyond a single person or shift.
Session 05: Recovery and Eradication
Recover without inviting a repeat incident. Leave with the decision-making framework to eradicate threats thoroughly, validate what “clean” really means, and restore operations safely: balancing speed with confidence so the business comes back online without reopening the same wound.
Session 6: Using Incident Response Playbooks
Turn playbooks into something teams can actually use when pressure hits. Gain a repeatable approach to applying playbooks without becoming rigid: adapt to real conditions, keeping response consistent across people and clients, and reducing the chaos that slows everything down.
Day 2 – March 20, 2026
Session 7: Incident Communication
Control the message while the situation is still moving. Walk away with communication patterns that reduce confusion, protect trust, and keep stakeholders aligned—internally and externally—so the response doesn’t get derailed by mixed signals, over-sharing, or silence at the wrong time.
Session 08: Incident Compliance and Risk
Make response decisions with the risk and compliance realities in mind, not as an afterthought. Leave with a stronger understanding of how regulatory requirements, contracts, and liability influence IR actions so technical response stays aligned with obligations and doesn’t create avoidable exposure.
Session 9: Effective Post-Mortems
Convert incidents into measurable improvement instead of a one-time scramble. Take away a structured post-mortem approach that identifies root causes, produces actionable changes, and strengthens readiness—because organizations that “move on” without learning always relive the same incident later.
Session 10: Gaining Momentum & Building Incident Response Teams
Build an IR capability that works before the next incident tests it. Leave with practical guidance for defining roles, scaling the team, establishing operational readiness, and gaining internal buy-in, so incident response becomes an actual function, not a plan that exists only on paper.
Session 11: Incident Response & the vCSO
Position incident response as a leadership responsibility and a trust anchor—not just a technical event. Walk away with a clear model for integrating IR into the vCSO role, aligning it to business outcomes, and communicating its value in a way clients and stakeholders understand when pressure is highest.
Session 12: Wrap-Up
Tie the full IR lifecycle together into a single, usable operating model. Leave with clear next steps, reinforced decision points, and a path to keep maturing response capability, so leadership feels confident and coordinated when the next incident starts, not reactive and scattered.
Featured Speakers
Bruce McCully is on a mission to help protect a million people. He and his team at Galactic Advisors are helping MSPs use penetration tests and third-party audits to verify their cyber security tools are properly configured and actually working. You know what they say, you can't proofread your own work...the same goes for evaluating your own security.
Cody Kretsinger made worldwide headlines as a hacker— now he helps organizations stay out of them. He brings a battle-tested perspective to the real-world challenges organizations face, sharing actionable insights forged from his time on both sides of the digital fence. As a Principal Security Advisor at Galactic Advisors, his work is dedicated to helping organizations build smarter, more effective defenses by showing them how attackers think.
Jackson Stephens is an attorney dedicated to helping Galactic Advisors' partners and clients navigate the complexities of cyber liability. With 15 years of experience as a Navy JAG Officer, Assistant U.S. Attorney, and strategic communications consultant, he brings a unique mix of legal expertise and practical insight to the evolving world of cybersecurity.
Aidan Brown is a dynamic cybersecurity advisor at Galactic Advisors, specializing in threat intelligence, compliance, and client security strategy. With deep experience leading security research and penetration testing initiatives, Aidan plays a pivotal role in helping managed service providers (MSPs) and their clients strengthen their cybersecurity posture.
Collin Page, CISSP, is a Security Advisor at Galactic Advisors with over 10 years of experience in cybersecurity, specializing in regulated industries such as healthcare and finance. He helps MSPs uncover the deeper meaning behind penetration test findings, translating technical vulnerabilities into clear, actionable insights so they can better prioritize risk, strengthen their defenses, and confidently prepare for potential incidents.
Sebastian Vietor is a JD and Liability Defense Advisor at Galactic Advisors who helps MSPs turn cyber liability into clear coverage, contracts, and controls. With experience in data-privacy compliance, policy analysis, and navigating incident response, he brings pragmatic legal judgment and operational insight to the fast-moving cyber-insurance landscape.
Seth Loe, CISSP, is an incident response leader at Galactic Advisors with experience guiding hundreds of organizations through cybersecurity incident response preparedness. Formerly a CIO for a nationwide healthcare provider and director of an MSP’s security operations, he combines strategic leadership with hands-on technical expertise. As Director of Galactic's vCSO Enablement Program, Seth shares actionable lessons from the field. In his courses, he guides future responders with storytelling and real-world scenarios, helping them stick to the plan when it matters most.
