Marsh McLennan, through its Cyber Risk Intelligence Center, examines which cybersecurity measures actually reduce risk and pushes the conversation on how controls should be evaluated across the industry. The report explores how the cybersecurity control landscape has evolved over the past two years to keep defenses relevant, identifies which controls are most widely adopted and which truly deliver the greatest risk reduction, and pinpoints the five control areas proven to have the biggest impact on lowering organizational risk exposure.
Building on its 2023 report, Using Data to Prioritize Cybersecurity Investments, which delivered one of the first large-scale, evidence-based analyses of control effectiveness, Marsh McLennan’s study draws on data from thousands of organizations’ cyber control implementations. The results highlight a critical shift as the question is no longer whether a control exists but how well it is deployed.
The Marsh McLennan study found that most of the controls analyzed in the 2023 report are now even more widely adopted, shifting the focus from whether a control is in place to how effectively it is deployed. Incident response planning…
