External site link – Confirmation

You are leaving Marsh Japan's website.  Marsh Japan has provided this link for your convenience, but assumes no responsibility for the content, links, privacy policy or security policy of the website.

Do you wish to leave our website?

Skip to main content

Cyber Self-Assessment

Identify your organisation’s cyber risk gaps and insurability with Marsh’s free cybersecurity risk assessment and report.

The first step to mitigating increasingly frequent and severe cyber threats is knowing the right actions and investments to prioritise. The Marsh Cyber Self-Assessment harnesses proprietary data and analytics capabilities to provide a highly accurate overview of your organisation’s cyber risk maturity and insurability, including strengths, weaknesses and gaps in your cybersecurity controls

The Marsh Cyber Self-Assessment is the only broker diagnostic accepted by insurers for quoting and binding, and is free for all organisations

  • Based on the inputs, the Cyber Self-Assessment report benchmarks your organisation’s cybersecurity controls against your industry peers and highlights the critical improvements required. 
  • Along with a scorecard, you will receive a detailed evaluation of the maturity of your cybersecurity program across the five functions (Identify, Protect, Detect, Respond, Recover) established by US National Institute of Standards and Technology (NIST) Cybersecurity Framework.
  • Your responses to the questionnaire can be used directly on applications for cyber insurance coverage, streamlining the placement process by saving you time needed to fill additional proposal forms. 

How the Marsh Cyber Self-Assessment works

Consisting of a diagnostic questionnaire and report, the Cyber Self-Assessment process is designed to be highly streamlined, secure, and efficient.

The Cyber Self-Assessment questionnaire is designed with the following features:

  • Collaborative and flexible: Multiple participants in your organisation can contribute to the same form simultaneously, with changes tracked on an activity log. Centralising your stakeholders’ inputs into a single application and allowing them to respond at their own convenience helps eliminate inefficiencies, redundancies and version control errors.
  • Easy-to-use: The assessment interface is optimised for user-friendliness, with the ability to save progress and add commentary for additional detail if needed.
  • Highly secure: Access to the form is controlled and login requires multi-factor authentication. Responses are encrypted and securely stored, ensuring a high level of data security and privacy.

Contributors to the Cyber Self-Assessment should include the organisation’s risk management, IT/information security and treasury/finance functions. The process brings together different points of view and serves as a starting point for building an enterprise-wide cyber risk management strategy.

How the Cyber Self-Assessment works

Step 1: Collaborate across your cyber risk ecosystem to complete the assessment

To complete the Cyber Self-Assessment, involve key stakeholders across your organisation, including risk management, IT/information security, and finance to gauge diverse perspectives. 

The questionnaire covers a broad range of cybersecurity domains such as network security, data protection, and incident response. It is designed to evaluate the most critical cyber risks your business faces today, while accounting for current insurance market dynamics.

Step 2: Gain access to your tailored insights and benchmarking

Once you complete the Cyber Self-Assessment, Marsh provides the following value-added reports:

  • Cybersecurity maturity rating: Evaluates your maturity across the five functions of the NIST Cybersecurity Framework.
  • Top cybersecurity controls analysis: Provides ratings for your key cybersecurity controls, assessed from the perspective of insurers.
  • Peer benchmarking: Compares your cybersecurity maturity and control ratings against industry peers who have also completed the assessment.
  • [New] Cyber insurance placement analytics: Uses industry and revenue data to model potential losses from ransomware, business interruption and privacy breach events. You can apply different insurance scenarios to assess the effectiveness of various strategies and inform your purchasing decisions.

For deeper insights, advanced or tailored analyses are also available through Marsh’s Cyber Risk Quantification service.

Step 3: Apply for cyber insurance with confidence

Once you’ve completed the assessment, Marsh helps you apply for cyber insurance with multiple insurers. As a Marsh cyber client, you also gain access to additional tools:

  • Cyber incident platform: Provides a secure means to communicate with stakeholders, orchestrate incident response activities, and segment access to communications and documents when a cyber incident occurs.

Why Marsh

Marsh is the region’s leading specialist in cyber risk, drawing on unique insights gained from over 25 years of extensive insurance broking and risk advisory experience, we support more than 700 organisations with risk transfer solutions and program development. Our team, Asia’s largest, comprises over 25 dedicated cyber professionals, including brokers, former underwriters, actuaries, cybersecurity advisors, claims advocates and policy and security specialists. 

Take the first step, request for your free Cyber Self-Assessment today.