We're sorry but your browser is not supported by Marsh.com

For the best experience, please upgrade to a supported browser:


Risk in Context

How to Stress Test your Cyber Risk Management

Posted by Peter Mason 01 December 2015

Public sector organisations hold and process a vast amount of information, including personal data about individuals. Most commit significant resource to ensuring their IT network and working practices have been updated to reflect a modern business landscape.  However, there remains little real understanding of the limitations their insurance programmes may have if it all goes wrong:

  • General liability policies traditionally require there to be bodily injury or physical damage to property. Will there be any cover if you have lost data or transferred a virus?
  • Business interruption policies do not typically trigger unless there has been a physical damage event. Increased costs you incur to manage a data breach are unlikely to be covered. Who pays to contact every person who has been affected and who pays for supporting those people once their data is being used illegally?

The unbudgeted costs emanating from a breach will inevitably impact on front line services and a public sector organisation will need to work hard to repair reputation with its customer base. 

Marsh's Cyber Risk Self-Assessment Tool will help you understand:

  • How relevant the consequences of a cyber-event would be to your organisation.
  • Which financial losses can be covered within new cyber insurance policies.
  • To what degree of complexity are cyber risk scenarios fully recognised and measured by your organisation.

Related to:  Cyber Risk , Cyber Risk

Peter Mason

Peter is UK Practice Leader for Marsh’s Public Sector Practice. He has 26 years of insurance and risk management experience and joined Marsh in 2000. Based in Bristol, he is a strong advocate of the Total Cost of Risk approach and the development of robust risk financing strategies to support corporate ambition.