Skip to main content


Using data to prioritize cybersecurity investments

Evaluate the effectiveness of cybersecurity controls and prioritize cyber investments with analytic research.

New cybersecurity analytics data could be key to understanding the impact of cyber events — and unlocking cyber resilience.

In an industry first, Marsh McLennan’s report Using data to prioritize cybersecurity investments shows how the use of proprietary claims and incident datasets can help organizations evaluate the impact of their cybersecurity controls. This groundbreaking approach has practical applications in how companies prioritize cyber investments, develop strategic roadmaps on cybersecurity, and obtain cyber insurance.

The report pairs Marsh McLennan’s Cyber Risk Analytics Center’s extensive proprietary dataset of cyber events with hundreds of responses from Marsh Cybersecurity Self-Assessment questionnaires. The two cybersecurity analytics datasets highlight which cybersecurity controls have the greatest effect on decreasing the likelihood of a cyber event. 

Use this report to:

  • Identify and prioritize the controls that are most effective, including automated hardening techniques, which showed the greatest ability of any control studied to decrease the likelihood of a successful cyberattack.
  • Gain a comprehensive understanding of why it’s critical to implement cybersecurity controls broadly, and how tools like multi-factor authentication (MFA) only have a strong positive impact when implemented fully. 
  • Measure the impact of key cyber risk controls and better inform your cyber resilience strategy with Marsh McLennan’s extensive proprietary claims and incident datasets.

Interested in exploring exclusive information not included in the report? Contact us!