Skip to main content

Solution

Board and Executive Cyber Risk Management Training from Marsh Cyber Advisory

Marsh cyber risk management and resilience training identifies and focuses on the key elements of boardroom risk relating to cyber security.

Benchmark

Benchmark the effectiveness of your organisations information and cybersecurity capabilities against international standards.

Identify

Identify cyber security red flags with recommendations and a roadmap to improve controls and process maturity.

Demonstrate

Demonstrate to customers, partners, insurers your organisation is committed to maintaining international best practices.

Continually

Continually improve the suitability, adequacy, and effectiveness of ISMS and effectively reduce the risk to cyber threats.

The threat of cyber attacks is a growing concern for organisations across the globe, and it is becoming increasingly important for executives and boards of directors to understand and manage the risks associated with cyber security. Cyber risk management is a key enterprise risk and requires structured and comprehensive board and executive level focus.

The board of directors is ultimately responsible for ensuring the long-term success and stability of the company, and must therefore understand and manage the risks associated with cyber security. We will work with you to raise awareness of the liability of directors and executives in relation to cyber risk and help you create a strategy around managing that risk at an executive level.

What is cyber risk management and resilience training?

Marsh cyber risk management and resilience training identifies and focuses on the key elements of boardroom risk relating to cyber security. It outlines board responsibilities, key risks of a cyber-incident to solve for and addresses the steps to be taken at an executive level to build resiliency around cyber risk management.

Delivery method

This training session is delivered as an interactive experience between Marsh Cyber Advisory leaders and your executive and board. It involves updates in relation to cyber and a discussion of the questions that the board and executive should be asking in relation to cyber security.

In our interactive workshop, we will help you:

  • Gain an understanding of the roles and responsibilities of the board and executive team in the context of cyber risk management
  • Understand the cyber threat landscape and specific industry vulnerabilities your organisation may face
  • Provide insight into the current cyber risk trend, cyber landscape and cyber risk management options
  • Discuss steps to be taken in building a cyber strategy to improve resilience and respond to cyber events
  • Create a list of questions for the board to utilise in communicating about cyber risk and to enable informed cyber risk decisions

Board and Executive Cyber Risk Management Training from Marsh Cyber Advisory

FAQs

A cyber incident response plan is a set of instructions that helps an organisation to identify, respond to and recover from cybersecurity incidents.

The 5 step approach to creating an incident response plan:
  1. Document the common types of security incidents that can occur in the organisation.
  2. Prioritise security incidents based on the severity. Incidents that impact organisational data and operational availability should be addressed as priority.
  3. Create an incident response flowchart with the steps to follow. Use a RACI matrix to list the personnel who will be involved at different stages of the incident response.
  4. Conduct mock up (simulation) exercises to train staff in the incident response plan.
  5. Update the incident response based on findings from the mock-up (simulation) exercises.

A cybersecurity incident response plan includes the security measures that an organisation should follow to respond to a cyberattack as it happens. The plan is broken up into 3 segments

  • Pre-incident: the plan documents the tools, resources and  personnel required to react to the incident
  • Incident response: the main segment that lists the step by step approach to be taken in response to an incident and restore the organisation back to regular business operations.
  • Post-incident: This segment documents the requirements for incident forensics and investigation to identify the failures that resulted in the incident occurring and the lessons learnt during the incident response stage.

Why Marsh

As experts in enterprise and cyber risk, we help you take an enterprise wide, scalable approach in building your cyber resilience.

Together, we identify your risks, and develop a best-for-you program and team of partners to help manage it.

Informing your approach and decision-making process with our 25 years of cyber expertise and data-driven insight. So that your path to cyber resilience is more productive and predictive; and your outcomes are more efficient and effective.

Article

Cyber resilience: 12 key controls to strengthen your security

Take practical steps to build your cyber resiliency with Marsh’s series on the 12 recommended cybersecurity controls, including their characteristics and requirements.

Our people

This publication is not intended to be taken as advice regarding any individual situation and should not be relied upon as such. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Marsh shall have no obligation to update this publication and shall have no liability to you or any other party arising out of this publication or any matter contained herein. LCPA 23/167.