Low-tech cyber threats. They’re everywhere. Sometimes threat actors walk right through the door.

All the firewalls, double encryption and passwords in the world can’t protect organizations from physical cyber vulnerabilities. That's why cyber security is no longer viewed strictly as a technology risk, but an enterprisewide issue.

FM Global's client Cyber Risk Assessment for clients that earned a United States Patent this year is now recognized with an Innovation Award from Business Insurance magazine. The award-winning service—the insurance industry’s first comprehensive cyber readiness assessment—provides organizations greater insight into cyber exposure at both the location and enterprise levels.

"This comprehensive tool assesses the potential impact of cyber risk beyond an it perspective."

Jeff Tilley, FM Global vice president and manager of cyber hazards

"Many people think of cyber risk solely as theft of information, but there is a very real physical property component that businesses need to consider," says Jeff Tilley, FM Global vice president and manager of cyber hazards. "This comprehensive tool assesses the potential impact of cyber risk beyond an IT perspective and provides recommendations to mitigate against that cyber threat with an overall outcome of improved resilience to protect business revenue, reputation, market share and ultimate viability."

The 70-question online survey covers six broad categories and helps measure cyber risk posture and overall cybersecurity reliance. The assessment accounts for inherent cyber risk, mitigating security controls and ability to respond to and recover from the cyber incident.

Upon completion, an overall score is received in the four categories below, identifying each as a low, medium or high risk to the organization.

  • Governance—Ability of executive management to provide strategic direction, align information security with the organization and ensure that cyber risk is managed appropriately.
  • Insider Threat—Ability to protect against, detect and mitigate internal human threats to the organization.
  • IT Security—Ability to protect against, detect and mitigate technology threats to the organization.
  • Response and Recover—Ability to respond to a cyber event in a timely and organized fashion and minimize the time to return to normal business operations.

The survey immediately provides feedback. A more detailed report, provided later, identifies gaps and offers recommendations to address these gaps.

The Business Insurance Innovation Awards program recognizes the industry’s best "innovative products and services" as assessed by their end users—professional risk managers from a variety of backgrounds and industries. This year Business Insurance received nearly 70 entries submitted by 45 different organizations. All nominations were assessed by an independent panel of judges.

Find out more about FM Global’s Cyber Risk Assessment and Cyber Resilience Solutions, part of its Advantage Policy ® all risk policy.