Cyber incident response planning has emerged as a key cybersecurity control in reducing the likelihood of a breach-related claim, according to a new report from the Cyber Risk Intelligence Center (CRIC) of Marsh McLennan.
The report found that organisations that regularly engage in tabletop exercises and scenario-based breach response drills are 13% less likely to experience a material cyber event than those that do not.
In 2025, cyber incident response planning ranked as the fourth most effective control in decreasing the probability of a breach-related claim, behind endpoint detection and response (EDR), logging and monitoring, and cybersecurity awareness training and phishing testing.
Tom Reagan, Global Cyber Practice Leader at Marsh, said, “Marsh has long advocated proactive cyber incident response planning as a tool to help organisations effectively and efficiently respond to and recover from a cyberattack.
“What our latest research confirms is that thoughtful planning also drives secondary benefits like positive security behaviours and strong control implementations, which help build more organisational resilience and reduce breach incidents.”
