Cyber Self-Assessment

Marsh's new cyber risk tool enables you to identify and evaluate the cyber risk scenarios your organisation faces.

As the impact, frequency, and magnitude of cyberattacks continue to increase, identifying, evaluating, and understanding your cyber exposures is critical. Delivering data-driven insights to inform risk management strategies and insurance investments, the Marsh Cyber Self-Assessment is a digital tool that examines your organization’s cyber risks — and streamlines the cyber insurance application process itself.

Analyzing your organization’s cybersecurity controls, technology, and people, the Marsh Cyber Self-Assessment provides a comprehensive view of cyber risks and cybersecurity program maturity, backed by advanced data and analytics. Aligned to the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework, the Cyber Self-Assessment includes a risk scoring mechanism that enables you to proactively address vulnerabilities prior to underwriting discussions. The self-assessment also includes controls benchmarking to help you understand your cybersecurity controls relative to peers, better informing internal stakeholder discussions on where to focus energy and resources.

Beyond identifying potential exposures, the Marsh Cyber Self-Assessment supports and streamlines the process of applying for cyber insurance. Typically, when applying for cyber insurance, an organization must complete lengthy questionnaires that enable underwriters to understand its cybersecurity practices and assess its cyber risk. Rather than completing each insurer’s application when approaching multiple insurers, which can be labor intensive and time-consuming, insurers accept the Marsh Cyber Self-Assessment as the mainform application.

Insurer applications are frequently in the form of unprotected spreadsheets, which can expose sensitive corporate data and create additional information risk. Housed on an easy-to-use web platform, the Marsh Cyber Self-Assessment allows for simultaneous contributions by multiple organizational stakeholders — and centralizes all inputs into a single application. The tool employs industry-leading security protocols, such as time-restricted multifactor authentication client access, active directory controls, and data encryption in transit and at rest, to protect your sensitive data.

Eliminating inefficiencies, redundancies, and often version control errors, the Marsh Cyber Self-Assessment is accepted as a single application by all insurers — saving you valuable time and resources.