Cyber Loop: A Model For Sustained Cyber Resilience
There is Nothing Linear About Cyber Security
Each organization is unique and at a different place in its digital journey. It’s impossible to completely eradicate cyber risk or the potential consequential damage to reputation resulting from a cyber incident. The risk is pervasive. But resilience is possible for organizations that contemplate a circular approach to managing cyber risk, which Aon Cyber Solutions term the Cyber Loop.
This approach acknowledges that each organization will start its cyber security journey from one of the four entry points outlined below.
Assess
Quantifiable insight for better decisions.
Understand how security controls directly impact balance sheet exposure. Aon’s approach to assessment informs future decisions on the best strategies to manage cyber risk. By developing relevant quantified risk scenarios and assessing control effectiveness against these loss models, businesses can quickly decide how to best allocate budget to maximize resilience.
Mitigate
Build resilience and minimize impact.
Utilize targeted security controls and measurable industry standards to enhance security maturity, reduce exposure, and minimize financial impact from key cyber risks. Aon’s approach to mitigate bridges the gap between understanding the technical risk of an identified vulnerability and the related financial exposure so an organization can make risk informed decisions to implement changes, or fixes, and maximize ROSI.
Transfer
Optimize Cyber Insurance
If approached from a holistic, enterprise view, the cyber insurance and risk transfer process can serve as the bowtie to pull key stakeholders together.
Once engaged in this phase of cyber resilience preparation, companies will find more than one way to transfer and manage quantified cyber risk. Perhaps it does make sense to transfer a portion to the cyber insurance market, but maybe an alternative risk retention, or self-insurance financing strategy, is warranted.
Recover
Drive operational and financial loss recovery.
Receive tailored expert response for the business in the wake of a cyber event. Aon’s approach to recover encompasses expert and rapid incident response yet extends further and understands the need to effectively quantify impact and manage third party and insurance claims. This ensures maximum possible recovery of cost and helps businesses get to a cashflow neutral position.
Evolution Demands Revolution: Realizing the Full Potential of the Cyber Loop
The Cyber Loop calls for companies to actively participate in managing cyber risk in a greater cyber security data ecosystem. assess, mitigate, transfer and recover are four distinct yet interconnected entry points for managing the risk.