Cyber Self-Assessment

Identify your organisation’s cyber risk gaps and insurability with Marsh’s free cybersecurity risk assessment and report.

Request the assessment

Cyber claims in Asia have increased by nearly 50% from 2022 to 2024, according to Marsh data. Most of these incidents are due to ransomware and security breaches as businesses face higher cyber risks. Globally, the frequency of large cyber claims (>EUR1 million) in the first six months of 2024 was up 14% while severity increased by 17%.

Understanding which actions and investments to prioritise is crucial for businesses looking to reduce their risks. But in a fast-changing threat environment, many businesses find it hard to assess their cybersecurity, organise their resources, and gather the right information to make quick decisions.

The Marsh Cyber Self-Assessment simplifies that process. Now available in Japanese, Korean, Traditional and Simplified Chinese, Vietnamese, Thai, and Bahasa Indonesian, this free digital tool helps organisations efficiently assess their cyber risk exposure. By leveraging Marsh’s proprietary data and analytics capabilities, the assessment delivers a clear picture of your cyber risk maturity and insurability — highlighting strengths, identifying gaps, and accelerating your cyber insurance application.

Why take the Cyber Self-Assessment?

The Marsh Cyber Self-Assessment is the only broker diagnostic accepted by insurers for quoting and binding and is free for all organisations.

In 2024 alone, more than 500 organisations benefited from the insights drawn from Cyber Self-Assessments to enhance their cyber strategies.

The assessment provides your organisation with:

A universal cyber insurance application that helps you stand out.

Accepted by all cyber insurers, Marsh’s Cyber Self-Assessment accelerates and simplifies your insurance placement process. It also gives you the opportunity to showcase your cybersecurity controls, differentiate your risk profile, and demonstrate your commitment to cyber resilience.

A baseline evaluation of your cybersecurity maturity and how you compare to peers.

Our cybersecurity maturity rating and top controls analysis report identify specific gaps in your cybersecurity controls, helping you prioritise areas for improvement before, during or after your insurance application. You also gain insight into how your organisation compares against peers.

A fast, data-driven way to assess your risk exposure and inform insurance decisions.

The assessment models the impact of three critical cyber threat scenarios on your organisation. By quantifying potential losses, you can better understand the financial implications and take proactive steps to mitigate risk.

A secure digital tool to streamline internal collaboration.

Access to the Cyber Self-Assessment is centrally controlled with multi-factor authentication. All responses are encrypted and securely stored. You can organise assessments by business unit and assign sections to stakeholders across risk, privacy and cybersecurity teams.

How the Cyber Self-Assessment works

Step 1: Collaborate across your cyber risk ecosystem to complete the assessment

To complete the Cyber Self-Assessment, involve key stakeholders across your organisation, including risk management, IT/information security, and finance to gauge diverse perspectives.

The questionnaire covers a broad range of cybersecurity domains such as network security, data protection, and incident response. It is designed to evaluate the most critical cyber risks your business faces today, while accounting for current insurance market dynamics.

Step 2: Gain access to your tailored insights and benchmarking

Once you complete the Cyber Self-Assessment, Marsh provides the following value-added reports:

Cybersecurity maturity rating: Evaluates your maturity across the five functions of the NIST Cybersecurity Framework.
Top cybersecurity controls analysis: Provides ratings for your key cybersecurity controls, assessed from the perspective of insurers.
Peer benchmarking: Compares your cybersecurity maturity and control ratings against industry peers who have also completed the assessment.
[New] Cyber insurance placement analytics: Uses industry and revenue data to model potential losses from ransomware, business interruption and privacy breach events. You can apply different insurance scenarios to assess the effectiveness of various strategies and inform your purchasing decisions.

For deeper insights, advanced or tailored analyses are also available through Marsh’s Cyber Risk Quantification service.

Step 3: Apply for cyber insurance with confidence

Once you’ve completed the assessment, Marsh helps you apply for cyber insurance with multiple insurers. As a Marsh cyber client, you also gain access to additional tools:

Cyber incident platform: Provides a secure means to communicate with stakeholders, orchestrate incident response activities, and segment access to communications and documents when a cyber incident occurs.

Why Marsh

Marsh is the region’s leading specialist in cyber risk, drawing on unique insights gained from over 25 years of extensive insurance broking and risk advisory experience, we support more than 700 organisations with risk transfer solutions and program development. Our team, Asia’s largest, comprises over 25 dedicated cyber professionals, including brokers, former underwriters, actuaries, cybersecurity advisors, claims advocates and policy and security specialists.