Article

Cyber resilience: 12 key controls to strengthen your security

Take practical steps to build your cyber resiliency with Marsh’s four-part series on the 12 recommended cybersecurity controls, including their characteristics and requirements.

Eye, Cyborg, Eye, Human Eye

What can I do to better protect my company from a ransomware attack? Do we understand our critical assets and their vulnerabilities? As cyberattacks continue to increase, fueled by more sophisticated and persistent attackers, these are the questions being asked by many senior executives. Ransomware attacks alone have increased by staggering amounts. Multimillion-dollar ransom payment demands are no longer a rarity. As cyberattacks and related claims have skyrocketed, insurers are taking a much more cautious stance — requiring specific controls and placing insurability at stake.

Insurers are focusing closely on the controls organizations have in place to become cyber resilient. While these controls have been established best practices for several years, some organizations are still struggling to adopt them — most often because they have not been able to justify the cost or did not understand or see the need for controls.

But with their insurability — and potentially also their financial stability — at stake, organizations across the board need to make a concerted effort to adopt controls that mitigate ransomware risks and improve their cybersecurity posture and resilience.

In this comprehensive guide, Marsh identifies the top 12 cybersecurity controls considered as best practices by cybersecurity experts and insurance carriers alike. The practical guide offers straightforward guidance around each control, enabling organizations to answer the following critical questions:

  • What is the control?
  • Why should the control be adopted?
  • What do you need to adopt this control?