A US-based construction materials provider was acquired by a global company in the same field. A ransomware attack on the parent company in 2022 had minimal immediate impact on the US subsidiary as their systems were not integrated at the time. However, the incident impaired the global cyber insurance program.
The US firm contacted AWS Partner Marsh LLC to seek its own cyber insurance coverage, which it did not have in place at the time of the attack. Marsh helped the US company navigate the cyber insurance underwriting process and obtain the coverage desired while also improving its resilience to cyber risks.
The US company is a leading producer of building materials. Like many of its peers, the company did not have a standalone cyber insurance policy in place when it approached Marsh. The ransomware event at the parent company impaired the entire global cyber program. The C-suite at the US subsidiary became concerned about its lack of cyber insurance and approached Marsh to better understand its coverage needs and options.
Marsh cyber risk and insurance specialists worked with the company to understand their overall cybersecurity posture, network segregation, and previous global cyber insurance program.
Marsh recognized that the US subsidiary was a new buyer of cyber insurance and spent the necessary time to familiarize them with the types of cyber services available and how the insurance underwriting process works. At the same time, Marsh supported the parent company in the wake of the ransomware event and kept its leadership aware of the US cyber insurance marketing strategy.
Marsh connected the US company with all facets of Marsh’s cyber risk management capabilities. This included access to external scanning support and analysis of the top cybersecurity controls. Insurers now typically insist that certain controls be in place before they even offer coverage.
A main goal of Marsh’s approach was to identify cybersecurity concerns and prioritize remediation efforts. One critical result was the establishment of projects to improve domain hygiene and reduce domain admin/service accounts. Because Marsh knew the value that underwriters placed on such cyber controls, these steps were accomplished before Marsh approached the insurance market in order to present the company in the best light possible to underwriters.
Over the past few years, cyber insurers have asked for increasingly specific and detailed information regarding a potential insured’s cybersecurity posture. When it was time to market the program, Marsh guided the company through its first underwriting meeting, with advice that ranged from presentation coaching to Q&A preparation.
Following meetings with several cyber insurers, two major ones presented options to the US construction materials company. Both proposals met the company’s desired retention and limits levels, which allowed the company to choose the insurer that appeared to be the best partner based on its risk management approach. The final program included a total limit of US$35 million, which was higher than the company had anticipated to be available within their budget target.
Marsh’s marketing effort met the goal of the client — a first-time buyer under heavy leadership scrutiny — to build a standalone cyber program. Marsh successfully placed a cyber insurance program with the desired limit/retention as directed by the company’s executive leadership, vetted by its global risk management, and within financial budgeting goals. This is but one way in which Marsh’s cyber specialists help businesses manage the risks of a digitized world.
Marsh is part of Marsh McLennan, the world’s leading insurance broker and risk advisor. Marsh’s Cyber Practice helps corporate and public sector clients navigate an increasingly dynamic environment for cyber risks. We have a deep understanding of cyber risk and insurance issues, having been engaged with cyber insurance since its inception some 25 years ago. We work with clients to analyze their risk exposures and help them implement solutions to address and mitigate the financial impact of a cyber incident.