Marsh will work with an IT firm specializing in cyber attacks to help clients evaluate their technology security and boost their ability to respond when a breach hits.
The New York-based insurance broker and risk management firm said it will collaborate with FireEye, Inc. to launch a new service dubbed Marsh Cyber OASIS (Objective Assessment Scorecard of Information Security).
How it works: FireEye-Mandiant consultants will come onsite and assess a client’s existing cybersecurity and response processes and abilities, by way of interviews and technical tools. Once that’s complete, then clients get a detailed report/evaluation as well as recommendations for improvement.
Thomas Reagan, Marsh’s cyber practice leader, said in prepared remarks that the FireEye collaboration will give clients “objective and more detailed information that will help insurance markets to better understand their risk profile.”
Reagan explained he sees the service addressing the problem of large data breaches leading to pricing and capacity volatility in the cyber insurance market, especially for retail and health care.
“Although companies are spending millions of dollars on cybersecurity controls and capabilities, the effectiveness is not always clear to underwriters,” Reagan said.