Chrome 38+
Firefox 33+
Microsoft Edge+
Today, cyber risk presents a persistent and rapidly evolving threat to organizations across all industries. While the $150B cybersecurity marketplace offers many defenses, understanding the available products and solutions is critical to informing risk management strategies and investments.
Recognizing innovation and efficacy, the Cyber Catalyst by MarshSM program leverages the aggregated knowledge of leading cyber insurers to evaluate the effectiveness of cyber security products and solutions in reducing cyber risk.
Meeting An Important Market Need
As the complex cyber threat environment and business risk landscape continue to evolve, navigating the cybersecurity marketplace is increasingly challenging. The Cyber Catalyst by MarshSM program is designed to provide organizations with greater clarity and confidence in choosing cybersecurity products in the face of growing uncertainty.
Delivering valuable insight into the market and insurer responses to cyber incidents, the program brings together leading insurers, including Allianz; AXA XL, a division of AXA; AXIS; Beazley; CFC; Munich Re; Sompo International; and Zurich North America; to evaluate cybersecurity products and services – and designate “Cyber Catalysts.”
Evaluation Criteria And Process
Throughout a two-phase process, participating insurers evaluated over 90 cybersecurity products and solutions. Targeting the top five threats identified by the insurers – Ransomware; Supply Chain/Vendor Management; Cloud Migration & Management; Social Engineering; and Privacy Regulation/Data Collection – the solutions were evaluated along the following criteria:
- Reduction of cyber risk: demonstrated ability to address major enterprise cyber risk such as data breach, theft or corruption; business interruption; or cyber extortion.
- Key performance metrics: demonstrated ability to quantitatively measure and report on factors that reduce the frequency or severity of cyber events.
- Viability: client-use cases and successful implementation.
- Efficiency: demonstrated ability of users to successfully implement and govern the use of the product to reduce cyber risk.
- Flexibility: broad applicability to a range of companies/industries.
- Differentiation: distinguishing features and characteristics.
In designating the Cyber Catalysts, the insurers voted independently on each solution. Marsh did not participate in the Cyber Catalyst designation decisions.
Insurance Policies and Endorsement Wordings
Organizations that adopt Cyber Catalyst-designated solutions may be considered for enhanced terms and conditions on individually negotiated cyber insurance policies with participating insurers.
Marsh has worked with each participating insurer to establish endorsement wordings that reflect coverage enhancements that those insurers might offer to Marsh clients that adopt one or more Cyber Catalyst designated solution. For more information, contact cyber.risk@marsh.com.
Implementation Principles
When considering potential policy enhancements, participating insurers will expect organizations to implement Cyber Catalyst-designated products or services in a certain manner. To that end, participating insurers worked with vendors whose solutions are Cyber Catalyst-designated to develop “implementation principles” for each product or service.
Disclaimer:
The Cyber Catalyst designation is not a guarantee of performance or certification of cybersecurity prevention or protection. The “Cyber Catalyst" designation reflects the consensus view of Cyber Catalyst-participating insurers that the product or service can be effective in reducing cyber risk. Those insurers express no view on the scope, terms or pricing of those products or services. The decision to use a third-party vendor's product or service with the Cyber Catalyst designation is made solely by customers that purchase and/or use the product or service. Neither Marsh nor any participating insurer(s) shall be a party to, or be subject to any obligations or liabilities set forth in, any agreement entered into between any vendor and its customer. Third-party cybersecurity vendors are not agents of Marsh or any participating insurer. Marsh and participating insurers make no warranties or guarantees of any kind, express or implied, and assume no liability arising out of or relating to any service or product rendered or provided by any vendor to its customer.