Incident response planning is a key cyber security control for reducing an organisation’s likelihood of a breach-related claim, according to analysis from Marsh McLennan. Research conducted by the company found that organisations that regularly conduct tabletop exercises and scenario-based breach drills are 13% less likely to experience a material cyber event than those that do not.

Marsh analysed proprietary cyber control data against claims. Incident response planning ranked fourth in effectiveness, according to the analysis, behind endpoint detection and response, logging and monitoring and cyber security awareness training.

Proactive cyber incident response planning has long been widely considered as a tool to help organisations effectively and efficiently respond to and recover from a cyber attack, but Tom Reagan, global cyber practice leader at Marsh, says this research proves that it also strengthens overall cyber security performance.

“What our latest research confirms is that thoughtful planning also drives secondary benefits like positive security behaviours and strong control implementations, which help build more organisational resilience and reduce breach incidents,” he noted.

Marsh's research also highlights the impact of other controls. Each 25% increase in EDR deployment across devices was linked to a 10% drop in breach likelihood, while phishing-resistant multi-factor authentication correlated with a 9% lower breach risk than non-resistant MFA, according to the data.

---