Cyber attacks appear to be proliferating around the world, and a major issue for companies is detecting the attacks before they wreak havoc with the organization's data. Companies with strong information technology departments and attentive risk managers often believe that they're well protected, but that may not be the case.
To help companies deal with this problem, Marsh, a global insurance broker and risk management consulting firm, and FireEye Inc., a company focused on stopping advanced cyber attacks before they happen, today announced a collaboration to offer clients Marsh Cyber OASIS (Objective Assessment Scorecard of Information Security). The service evaluates an organization's ability to detect and respond to cyber attacks and the strength of the technical infrastructure in use by the organization.
"Large data breaches have led to pricing and capacity volatility in the cyber insurance market, especially in the retail and health care sectors," says Thomas Reagan, Marsh's Cyber Practice leader. "Although companies are spending millions of dollars on cybersecurity controls and capabilities, the effectiveness of these investments is not always clear to underwriters. Through our collaboration with FireEye, we can help clients provide the objective and more detailed information that will help insurance markets to better understand their risk profile."
Onsite assessment is first step
FireEye's Mandiant division consultants begin the Marsh Cyber OASIS process with an onsite assessment. They use interviews and technical tools to assess and compare the company's existing security and incident response capabilities, processes and tools with leading practices. When the onsite assessment is complete, the consultants provide the clients with a comprehensive report that details the organization's current state of cyber security readiness with recommendations for improvement.
"After the massive, public data breaches that came to define 2014, data security has become a board-level issue and organizations are moving quickly to better evaluate and manage their cybersecurity risk," says Jurgen Kutscher, vice president of security consulting services at FireEye. "By working with Marsh, we're able to help evaluate an organization's threat profile and the efficacy of its current systems to provide recommendations on how to improve the firm's overall posture across the risk spectrum."
John Drzik, president of Marsh Global Risk and Specialties, adds: "Cyber OASIS is the latest in a number of offerings from Marsh that are part of our commitment to combine insurance and risk advisory expertise with best-in-class cyber specialists and analytics to offer the risk management community the tools and resources it needs to manage their cyber exposures."
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.