Insurance broker and risk management firm Marsh and FireEye Inc., a cyber-security company, have announced a collaboration to offer Marsh Cyber OASIS, which is designed to offer an objective evaluation of customers’ ability to detect and respond to cyber-attacks, and the strength of their technical infrastructure.
“Large data breaches have led to pricing and capacity volatility in the cyber insurance market, especially in the retail and health care sectors,” said Thomas Reagan, Marsh’s cyber practice leader. “Although companies are spending millions of dollars on cyber-security controls and capabilities, the effectiveness of these investments is not always clear to underwriters. Through our collaboration with FireEye, we can help clients provide the objective and more detailed information that will help insurance markets to better understand their risk profile.”
The Marsh Cyber OASIS process begins with an onsite assessment by FireEye-Mandiant consultants, the companies said. Through interviews and with technical tools, the consultants assess and compare security and incident-response capabilities, processes and tools with leading practices. Clients receive a report detailing their current state of cyber-security readiness, with recommendations for improvement, once complete, the companies said.
“After the massive, public data breaches that came to define 2014, data security has become a board-level issue and organizations are moving quickly to better evaluate and manage their cyber-security risk,” said Jurgen Kutscher, VP of security consulting services at FireEye. “By working with Marsh, we’re able to help evaluate an organization’s threat profile and the efficacy of its current systems to provide recommendations on how to improve the firm’s overall posture across the risk spectrum.”
