Cyber Risk Handbook 2015

Cyber risk mitigation is not just a challenge for the IT department. It is a board-level governance issue that demands the engagement of the full executive leadership team to address. Effectively managing cyber risk today requires a comprehensive, multidimensional approach that encompasses people, processes, and vendors – and includes response and recovery plans in addition to prevention tactics.

Companies should anticipate cyber-attacks, ensuring plans are in place to consider not only an effective technology response but also messages to stakeholders, alternative supply routes, and other factors that will depend on the attack scenario. And they’ll need to continually invest in training, stress testing, and evolving their response strategies.

With this mind, Marsh & McLennan Companies has compiled Cyber Risk Handbook 2015: Perspectives on Prevention, Preparation & Response. The report is a compendium of 20 articles from Marsh & McLennan Companies and its businesses, Marsh, Guy Carpenter, Oliver Wyman, Mercer, and NERA, as well as outside experts with whom we collaborate.

Cyber risk is a race without a finish line. We hope this publication will help connect the dots on some of the essential elements of this dynamic issue, as well as increase awareness and understanding on how to approach this significant and persistent threat.