Cyber incidents can have a huge impact on organisations, damaging reputation, incurring significant costs, and preventing critical operations. Being able to quickly respond and mobilise stakeholders helps to limit the impact of an incident and build resilience. Our Cyber Incident Management practitioners are available to work collaboratively with you and provide active support and professional guidance to help align your team’s incident management approach and necessary resources before, during, and/or after an incident.
Pre-incident
- Prepare for cyber incidents by incorporating the Marsh CIM service into internal response plans
- Identifying, vetting, and selecting appropriate incident response vendors
- Providing access to the safe and secure virtual cyber incident preparation platform
During an incident
- Support with the triage of the incident and providing in-the-moment guidance as to engagement of vendors, communication with internal and external stakeholders and other immediate next steps.
- If Marsh has placed the Client’s Cyber insurance policy, support the incident notification to insurers.
- Assist in the activation and co-ordination of relevant third party vendors, factoring in vendor panel requirements, expertise, and capacity
- Schedule and/or attend coordination calls with internal incident response stakeholders and nominated external vendors, and track progress against key milestones.
- Provide access to the safe and secure virtual cyber incident management platform
Post-incident
- Conducting end of incident review workshops to feedback on actions taken, lessons learned, and any key takeaways, providing initial suggestions for improving incident readiness for the future.
- Provide feedback on potentials to improve future incident response and related plans.
In addition, Marsh’s consultancy and claims teams can offer a wide range of Incident Management related cyber resiliency services, such as:
- Review incident response, disaster recovery, crisis management or business continuity plans, provide written guidance on recommended changes and augmentation, or enhance existing plans or draft plans from scratch.
- Test incident response and related plans by facilitating table-top exercises or in depth cyber simulations.
- Helping to maximise insurance recovery and minimising coverage disputes under all applicable coverages (cyber, kidnap and ransom, property, and others).
- Quantifying proof of loss for business interruption coverage and overall support of financial recovery.
To discuss your specific needs contact one of our cyber specialists here.