Skip to main content

Cyber Self-Assessment

Marsh’s industry leading global unified cyber controls assessment and insurance application tool

Cyber is an enterprise-wide, strategic business risk that needs to be approached collectively by one team in an organisation, inclusive of business, security, operational, and risk experts. However, the average timeframe it can take an organisation to identify, assess, pilot, and appoint the various resources and capabilities needed across the firm to support its cyber programme is uncommercial in the fast-moving landscape of cyber. 

The Marsh Cyber Self-Assessment is a digital tool that examines your organisation’s cyber risks and streamlines and expedites the process of applying for cyber insurance — so you can make more informed, confident investments in cyber insurance and security. 

As the industry’s leading unified cyber controls assessment and insurance application tool, our Cyber Self-Assessment provides your organisation with:

A universal cyber insurance application that makes you stand out.

Our Cyber Self-Assessment is accepted by all cyber insurers. Beyond accelerating and simplifying your insurance placement experience, the Cyber Self-Assessment offers opportunities to highlight your controls, differentiate your risk profile, and demonstrate your commitment to cybersecurity. 

A baseline evaluation of your cybersecurity maturity and how you compare to peers.

Our cybersecurity maturity rating and top cybersecurity controls analysis reports enable you to identify specific gaps in your cybersecurity controls and prioritise areas that may need improvement​ before, during, or after the insurance application process. You can also gain insights into how your results compare to peers.

Means to efficiently assess your risk exposure, quantify potential losses, and inform risk transfer decisions.

The output of the assessment allows you to assess the potential impact of three different types of critical cyber threats on your organisation. By modelling potential losses, you can better understand the financial implications of cyber incidents and take proactive steps to mitigate risks.

A secure, digital collaboration tool for risk, privacy, and cybersecurity colleagues to complete.

Access to the Cyber Self-Assessment is centrally managed and controlled with multi-factor authentication. All responses are encrypted and securely stored at rest. In addition, assessments can be organised by business unit, and questions can be assigned or delegated to multiple stakeholders simultaneously. 

Top cybersecurity controls peer benchmarking

Marsh’s top cybersecurity controls and maturity peer benchmarking reports enable you to measure the maturity of your organisation's cybersecurity programme compared to your peers. The value-added insights are available once you complete the Marsh Cyber Self-Assessment. 

How does the process work?

Click on the buttons below to learn more about each step.
selected option

Work with your cyber risk ecosystem to complete the Cyber Self-Assessment.

Leaders in your organisation’s cyber risk ecosystem work together to fill out questions about your cybersecurity controls, technology, and people. The questions cover a wide range of cybersecurity domains, including network security, data protection, and incident response. They are designed to examine the most significant cyber risks organisations face and account for current insurance market dynamics.

Work with Marsh to access your value-added reports and insights.

The following reports and insights are available once the Cyber Self-Assessment is completed:

  • Cybersecurity maturity rating: Evaluates maturity for the five functions established by the NIST Cybersecurity Framework.
  • Top cybersecurity controls analysis: Provides a clear rating for each top cybersecurity control your organisation has implemented, based on how it would be perceived by insurers.
  • Top cybersecurity controls and maturity peer benchmarking: Compares your cybersecurity maturity and top cybersecurity controls analysis ratings against industry peers that have also completed the Cyber Self-Assessment.
  • Cyber insurance placement analytics: Provides scaled loss modelling based on industry and revenue for ransomware, cyber business interruption, and privacy breach events. Cyber insurance strategies can be applied to the generated losses to evaluate each strategy’s performance and to inform your insurance purchasing decisions.

Advanced and/or customised insurance analysis are also available via our Cyber Risk Financing Optimization and Cyber and E&O Financial Stress Test programmes.

Work with Marsh to apply for cyber insurance with multiple insurers.

In addition, you can access the following services to help assist in strengthening your cybersecurity maturity once you are a Marsh cyber client. These services are accessible on the same platform as our Cyber Self-Assessment:

  • Cyber incident platform: Provides a secure means to communicate with stakeholders, orchestrate incident response activities, and segment access to communications and documents when a cyber incident occurs.
  • Cyber Network Directory (Marsh CND): Lists pre-vetted cybersecurity, technology, and incident response vendors to help you navigate the complex vendor community.

One-on-one assistance can also be provided to help with efficient cybersecurity vendor identification, solution evaluation, and price negotiation.

Contact us

Want to learn more?

Our Cyber Self-Assessment is a comprehensive solution that can strengthen your cybersecurity profile and streamline the insurance application process. By effectively using industry best practices and engaging in proactive cyber risk management, you can protect your organisation from cyber threats and position it as a leader in the market.

Related insights