Cyber attacks and data breaches are bound to happen: the key is to be able to stop hackers before they have the opportunity to inflict serious harm on your organization. That is why Marsh and FireEye are collaborating to provide clients with a new product, Marsh Cyber OASIS (Objective Assessment Scorecard of Information Security).
OASIS is designed to evaluate a company’s ability to detect and respond to cyber attacks, as well as the strength of the organization’s technical infrastructure.
According to Thomas Reagan, Marsh’s Cyber Practice leader, “large data breaches have led to pricing and capacity volatility in the cyber insurance market, especially in the retail and health care sectors. Although companies are spending millions of dollars on cybersecurity controls and capabilities, the effectiveness of these investments is not always clear to underwriters. Through our collaboration with FireEye, we can help clients provide the objective and more detailed information that will help insurance markets to better understand their risk profile.”
The Cyber OASIS process begins with an onsite visit assesment by FireEye’s Mandiant division. Experts then “use interviews and technical tools to assess and compare the company’s existing security and incident response capabilities, processes and tools with leading practices.” Following the assessment, the Mandiant team provides the client with a detailed report on the company’s current cybersecurity readiness with recommendations on how to improve.