Marsh, FireEye collaboration designed to enhance clients’ cyber security readiness

Marsh and FireEye, Inc. have teamed up to offer a new service to help Marsh clients better understand their cyber risk profiles as a result of improved evaluation of their organization’s ability to detect and respond to such attacks.

The availability of Marsh Cyber OASIS (Objective Assessment Scorecard of Information Security) was announced Monday, notes a joint statement from Marsh, a global provider of insurance broking and risk management solutions, and FireEye, the inventor of a purpose-built, virtual machine-based security platform that offers real-time threat protection against next-generation cyber attacks.

The service is designed to “assists clients by providing an objective evaluation of their organization’s ability to detect and respond to cyber attacks, and the strength of their technical infrastructure,” the joint press release states.

“Although companies are spending millions of dollars on cyber security controls and capabilities, the effectiveness of these investments is not always clear to underwriters,” suggests Thomas Reagan, Marsh’s cyber practice leader. The collaboration is meant to give clients “the objective and more detailed information that will help insurance markets to better understand their risk profile,” Reagan reports.

Pointing out that large data breaches have “led to pricing and capacity volatility in the cyber insurance market, especially in the retail and health care sectors,” he explains that the Marsh Cyber OASIS process will begin with an on-site assessment by FireEye-Mandiant consultants.

Using a combination of interviews and technical tools, the team will assess and compare existing security and incident-response capabilities, processes and tools with leading practices. Clients will then be provided a comprehensive report detailing their current state of cyber security readiness, as well as any recommendations for improvement.

“By working with Marsh, we’re able to help evaluate an organization’s threat profile and the efficacy of its current systems to provide recommendations on how to improve the firm’s overall posture across the risk spectrum,” says Jurgen Kutscher, vice president of security consulting services at FireEye.