Skip to main content
Marsh logo

Solution

Cyber Incident Response Plan

Respond and recover quicker from cyberattacks with a comprehensive incident response plan

Download now Contact us

Identify

Identify and validate cyber incident response procedures. 

Uplift

Uplift response procedures with a best-for-you plan

Recover

Recover and restore to “business-as-usual” operations quicker

Marsh’s team of cyber risk advisors can create a best-for-you incident response plan, so that you can respond and recover from attacks quicker.

As cyberattacks increase in both volume and sophistication, many businesses are adopting a “when, not if” approach to cybersecurity.

Now, more than ever, proactive planning is critical to effectively and efficiently respond to and recover from a cyberattack. Having an appropriate framework to respond and recover from attacks, will help avoid chaos and stress.

Why is it important to have a Cyber Incident Response Plan?

Identifying your resilience plan in the event of a cyber incident will allow you to develop your response procedures, reducing the impact of a cyber incident on your business activities.

Businesses must evaluate the potential impacts of a cyberattack, and be prepared to pivot their operations, assets, and people in its aftermath. Thoughtful planning can help ensure your organisation has the right strategies, processes, and communications in place during a crisis.

How it works

Marsh’s team of cyber risk advisors can help develop or update your incident response plan in line with today’s best practices based on real world events.

Using our experience in managing cyber incidents we are able to review your existing response procedures and business continuity documentation, as well as carrying out a workshop with your key stakeholders to understand your vulnerabilities and agree on cyber scenarios to build response procedures around.

Part of planning for the impacts of a potential cyberattack can also include testing the plan. Marsh will run through and simulate scenarios to develop an appropriate plan.

The output is a Cyber Incident Response Plan with a set of concise response procedures for key cyber risks. A best-for you plan designed and tested to enable your business to respond, recover and restore to business-as-usual operations quicker.

Respond and recover from attacks quicker

By working with our team of cyber risk advisors your organisation will be able to adopt a set of concise response procedures for key cyber risks.

Focused on the core elements of incident response from incident detection and triggering to business impact mapping, communication strategies and longer term business recovery– enhancing your response time and minimising the impact of an attack.

Cyber Incident Response Plan from Marsh Cyber Advisory

Download now

FAQs

A cyber incident response plan is a set of instructions that helps an organisation to identify, respond to and recover from cybersecurity incidents.

A cybersecurity incident response plan includes the security measures that an organisation should follow to respond to a cyberattack as it happens. The plan is broken up into 3 segments

  • Pre-incident: the plan documents the tools, resources and  personnel required to react to the incident
  • Incident response: the main segment that lists the step by step approach to be taken in response to an incident and restore the organisation back to regular business operations.
  • Post-incident: This segment documents the requirements for incident forensics and investigation to identify the failures that resulted in the incident occurring and the lessons learnt during the incident response stage.

Why Marsh

As experts in enterprise and cyber risk, we help you take an enterprise wide, scalable approach in building your cyber resilience.

Together, we identify your risks, and develop a best-for-you program and team of partners to help manage it.

Informing your approach and decision-making process with our 25 years of cyber expertise and data-driven insight. So that your path to cyber resilience is more productive and predictive; and your outcomes are more efficient and effective.

Article

Cyber resilience: 12 key controls to strengthen your security

Take practical steps to build your cyber resiliency with Marsh’s series on the 12 recommended cybersecurity controls, including their characteristics and requirements.

Learn more

Our people

Placeholder Image

Gill Collins

Head of Cyber Incident Management and Cyber Consulting, Pacific

This publication is not intended to be taken as advice regarding any individual situation and should not be relied upon as such. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Marsh shall have no obligation to update this publication and shall have no liability to you or any other party arising out of this publication or any matter contained herein. LCPA 23/167

Marsh Pty Ltd (ABN 86 004 651 512, AFSL 238983) (“Marsh”) arrange this insurance and is not the insurer. The Discretionary Trust Arrangement is issued by the Trustee, JLT Group Services Pty Ltd (ABN 26 004 485 214, AFSL 417964) (“JGS”). JGS is part of the Marsh group of companies. Any advice in relation to the Discretionary Trust Arrangement is provided by JLT Risk Solutions Pty Ltd (ABN 69 009 098 864, AFSL 226827) which is a related entity of Marsh. The cover provided by the Discretionary Trust Arrangement is subject to the Trustee’s discretion and/or the relevant policy terms, conditions and exclusions. This website contains general information, does not take into account your individual objectives, financial situation or needs and may not suit your personal circumstances. For full details of the terms, conditions and limitations of the covers and before making any decision about whether to acquire a product, refer to the specific policy wordings and/or Product Disclosure Statements available from JLT Risk Solutions on request. Full information can be found in the JLT Risk Solutions Financial Services Guide.”