Global Cyber Facility

Proprietary Global Cyber Facility Assessment Process

With cyber risk, the threat landscape changes constantly. Basic applications don’t capture enough information to truly assess a company’s risk profile – or offer recommendations on how to address potential weaknesses. Chubb’s Global Cyber Facility assessment process transforms this process, capturing both objective and subjective criteria to provide an interactive view of exposures.

Benefits

  • Designed to assess an organization’s risk profile
  • Provides interactive view of an organization’s cyber exposures
  • Identifies potential areas of concern or deficiency that can be proactively addressed to reduce risk
  • Based on a new foundation for cyber risk underwriting, Cyber COPE®

Sample Measurements

Components

  • Number of endpoints
  • Number of network connections
  • Software versions
  • Data center locations

Organization

  • Policyholder’s industry
  • Quality of IT and security related policies
  • Percent of budget allocation for security
  • Use of industry standards
  • Quality of information governance
  • Percent of outsourced services
  • Board level risk appetite

Protection

  • Data retention
  • Firewalls
  • Incident response/response readiness
  • Monitoring
  • Encryption

Exposures

  • Political or criminal motivation
  • Types of outsourcing
  • Common threat vulnerability
  • Type and amount of sensitive information
  • Reliance on network for operations
  • Compliance and regulatory requirements