Marsh, an insurance broker and risk management firm, and FireEye, a cyber-security firm, has announced a collaboration to offer clients a new service: Marsh Cyber OASIS (Objective Assessment Scorecard of Information Security). This service is designed to assists clients by providing an objective evaluation of their organization’s ability to detect and respond to cyber-attacks and the strength of their technical infrastructure.
“Large data breaches have led to pricing and capacity volatility in the cyber insurance market, especially in the retail and health care sectors,” said Thomas Reagan, Marsh’s Cyber Practice leader. “Although companies are spending millions of dollars on cyber-security controls and capabilities, the effectiveness of these investments is not always clear to underwriters. Through our collaboration with FireEye, we can help clients provide the objective and more detailed information that will help insurance markets to better understand their risk profile.”
The Marsh Cyber OASIS process begins with an onsite assessment by FireEye-Mandiant consultants, who, through a combination of interviews and technical tools, assess and compare existing security and incident-response capabilities, processes, and tools with leading practices. Once complete, clients receive a comprehensive report detailing their current state of cyber security readiness with recommendations for improvement.
“After the massive, public data breaches that came to define 2014, data security has become a board-level issue and organizations are moving quickly to better evaluate and manage their cybersecurity risk,” said Jurgen Kutscher, vice president of security consulting services at FireEye. “By working with Marsh, we’re able to help evaluate an organization’s threat profile and the efficacy of its current systems to provide recommendations on how to improve the firm’s overall posture across the risk spectrum.”