""Marsh has long advocated proactive cyber incident response planning as a tool to help organisations effectively and efficiently respond to and recover from a cyber attack," said Tom Reagan, global cyber practice leader at Marsh McLennan. "What our latest research confirms is that thoughtful planning also drives secondary benefits like positive security behaviours and strong control implementations, which help build more organisational resilience and reduce breach incidents," he said."
"Two years have elapsed since Marsh McLennan's CRIC first started tracking the correlation between the core security controls that cyber insurers take into account and the likelihood of making a claim. To do this, it has been drawing data from thousands of organisations using Marsh McLennan's Cyber Self Assessment service to examine their risk levels and help them prepare better for investing in cyber insurance, and analysing this information against claims histories to derive relationships between security practice and claim likelihood."
Cyber incident response plans, while focused on post-breach mitigation and remediation, also reduce overall cyber risk and the likelihood of insurance claims. Organisations that conduct regular tabletop wargame exercises and scenario-based breach response drills are 13% less likely to suffer material cyber incidents. Thoughtful incident response planning fosters positive security behaviours and stronger control implementations, increasing organisational resilience and reducing breach incidents. Two years of tracking correlations between core security controls and claim likelihood used data from thousands of organisations' Cyber Self Assessment entries compared against claims histories, revealing relationships between security practice and claim probability. Incident response planning ranks as the fourth most effective control.
Read at ComputerWeekly.com
Unable to calculate read time
Collection
[
|
...
]