A large building materials company in Asia had the foresight to purchase cyber risk insurance, but felt it could use a more refined and integrated cyber crisis management strategy. They felt it was important to engage their senior leadership in the process, without overwhelming them.
The company engaged Marsh’s Advisory Solutions team to facilitate a cyber crisis management exercise, develop playbooks, and review incident response plans. The final step in this engagement was a simulation of a cyber crisis exercise for their executive leadership team.
Marsh’s Advisory specialists mapped out a work plan encompassing three main areas:
- Develop cyber incident scenarios and response playbooks
We helped the company work through a comprehensive set of cyber risk scenarios, with a particular emphasis on high-priority incidents, such as ransomware attacks and large data breaches. This phase of scenario development included the creation of playbooks for responding to these high-priority events. The playbooks were built within a framework that allows for continuous improvement over time.
- Provide education and training
Another key focus area involved educating and training staff and leadership on incident response best practices. The goal was to further cement the roles that various people and departments within the organizations would be expected to play during a “real life” situation.
- Conduct tabletop exercises with executives
Engaging Marsh’s Advisory cyber crisis management team as senior facilitators, the company’s executive leadership took part in a dedicated tabletop simulation to better understand the roles they would be expected to play during a cyber incident.
The client received a comprehensive set of cyber incident playbooks and the knowledge to adjust them over time as cyber risk—and the organization—evolves. The executive leadership was targeted to ensure they would have the training to be fully engaged during a potential incident.