Cyber incident response planning a key control in reducing cyber risk: Marsh

Cyber incident response planning has emerged as a key cybersecurity control in reducing the likelihood of a breach-related claim, according to a new report from the Cyber Risk Intelligence Center (CRIC) of Marsh McLennan.

The report found that organisations that regularly engage in tabletop exercises and scenario-based breach response drills are 13% less likely to experience a material cyber event than those that do not.

In 2025, cyber incident response planning ranked as the fourth most effective control in decreasing the probability of a breach-related claim, behind endpoint detection and response (EDR), logging and monitoring, and cybersecurity awareness training and phishing testing.

Tom Reagan, Global Cyber Practice Leader at Marsh, said, “Marsh has long advocated proactive cyber incident response planning as a tool to help organisations effectively and efficiently respond to and recover from a cyberattack.

“What our latest research confirms is that thoughtful planning also drives secondary benefits like positive security behaviours and strong control implementations, which help build more organisational resilience and reduce breach incidents.”

Facebook

Twitter

Pinterest

WhatsApp

Previous articleNevada Dental Practice Notifying 1.2 Million of Hack

Next articleQualys Secures FedRAMP® High Authorization for Its Comprehensive Risk Management Platform

riskacademy

RELATED ARTICLESMORE FROM AUTHOR

What Is Cybersecurity Risk? 2026 Threats Explained for India

Cloudsmith Raises $72M for Software Supply-Chain Security

KnowBe4 to highlight importance of securing the human, AI workforce at ITWeb Security Summit 2026