Skip to Main Content

Impacted by wildfires or winter weather? Whether you have a business that's been affected or your personal home and assets are damaged, know that you have a team of people to support you. Find resources here.

Marsh McLennan Agency logo

Cybersecurity Resource Hub

As technology plays a key role in both personal and work life, learning about cybersecurity is important, no matter how you use it. MMA’s Cybersecurity Resource Hub offers a variety of resources designed to give you the knowledge needed to address cybersecurity challenges. Whether you’re starting with the basics or looking for practical tips, MMA’s cybersecurity team is here to help improve your personal and organizational awareness and readiness.

Learn More

Claims assistance

Report your claim to your insurance carrier as outlined in your policy. If you need help, just reach out to your local MMA office.

Contact Us

Understanding cybersecurity

Cybersecurity is the practice of protecting systems, networks, and programs from digital threats that often target sensitive information, demand money, or disrupt services. As organizations use technology in more ways, strong cybersecurity measures help protect data and support organizational stability. Common threats include malware, phishing, ransomware, and denial-of-service attacks.

Malware is malicious software that harms systems, while phishing tricks people into sharing sensitive information through fraudulent messages.

Ransomware locks files and demands payment to release them. Denial-of-service attacks overwhelm servers, making them unavailable.

The effects of cybersecurity breaches can include financial losses, legal issues, and a drop in customer trust. Studies suggest that data breaches can cost millions, considering both immediate damage and long-term harm to a company’s reputation.

Investing in solid cybersecurity plans helps keep businesses running and guards against growing cyber threats.

 

Cyber & AI Risks with Marsh

Stay up to date on what's trending with our partners at Marsh. Learn about cyber risk trends like ransomware attacks, privacy risks, and more.

Know more. Protect more.

Preparing for cyber threats

Getting started with cybersecurity

Cyberattacks are no longer a question of “if.” They’re more a question of “when.”

Assessing your cybersecurity posture is important for protecting your assets. Start by performing a thorough audit of your systems to find vulnerabilities and potential threats. This evaluation will give you a clear picture of your strengths and areas that need improvement.

With this foundation, create a cybersecurity plan that includes clear goals, risk management steps, and incident response plans. Ensure your strategy aligns with industry standards and regulations to improve security and build trust with clients and stakeholders.

Ongoing education and training are key to keeping your cybersecurity framework strong. There are many resources available to help you stay updated on the latest threats and best practices. Consider online courses, webinars, and subscribing to cybersecurity publications. By committing to continuous learning, you can help strengthen your personal and organizational security and better prepare for cyber threats.
 

Protecting your business and employees

Cybercrime has become one of the fastest-growing threats to businesses in the U.S. and abroad. Each year, organizations of all sizes lose billions to stolen data, ransomware, and business disruptions. Small and midsize businesses often face more risk because they’re seen as easier entry points compared to large corporations with stronger cybersecurity.

Marsh McLennan Agency (MMA) helps organizations of all sizes invest in cybersecurity and offers many cyber solutions that could improve resilience against attacks.

Cybersecurity isn’t a one-time project. It’s a business priority that should be regularly reviewed and updated. It’s normal to feel overwhelmed and unsure where to start. The good news is—you don’t have to do this alone.

Here are a few ways to start preparing your business for a possible cyberattack:

  • Make cybersecurity part of your executive strategic planning.
  • Security tools and employee education are key to staying resilient. It’s a good idea to allocate funding to these areas. 
  • Create response plans for if/when a cyberattack happens. Make sure leaders from every department help create these plans. 
  • Human error is one of the biggest risks to a company’s cyber exposure. Build a culture where every employee understands their role in defense and feels empowered to protect the company.

Attackers often exploit the weakest link, which is usually human error. Stolen credentials, phishing emails, and weak passwords account for more than 80% of breaches.

Questions to consider:

  • Do key leaders in your organization know where sensitive data is stored?
  • Are employees trained on phishing risks? How strong are your defenses?
  • Are your vendors and third parties secure? Cyber risk isn’t isolated—anyone you work with can put your organization at risk.

Explore NIST’s Cybersecurity Framework and CISA’s Cyber Essentials to find practical steps for assessing and managing your organization’s risk.

Although it might feel like these things won’t happen to you or your organization, it’s important to prepare as if an attack could happen at any time. Building resilience now can help prevent serious losses to your organization. Remember, no cyberattack is worth risking the well-being of your organization and its people.

Human error contributes to 95% of cybersecurity breaches, according to recent research from the World Economic Forum.

Here are some best practices you can use to help prepare:

  • Enable multi-factor authentication (MFA) on company devices. MFA blocks 99% of account compromise attempts.
  • Use strong password policies and update software regularly.
  • Back up critical data using the 3-2-1 rule (3 copies, 2 media types, 1 offsite).
  • Train employees to recognize phishing and social engineering. Your people are your first line of defense.

It’s important to include your IT leaders and team members in these conversations when you’re ready to start a new initiative.

MMA’s Cyber Resiliency Network offers vetted partner resources to help with all three areas of cyber risk management: proactive information security, privacy law compliance, and risk management and employee cybersecurity training and education.

When the unthinkable happens, every minute matters. It’s important to know your organization has a team ready to support your employees through the event.

Here are a few immediate steps to take if you’re facing a cyberattack:

  • Disconnect all affected devices from your network. If employees work remotely, this might require extra steps. 
  • Activate the incident response plan you created while preparing for an attack. Remember, all employees should be familiar with the plan before an event occurs. 
  • Notify your internal response team—IT, legal, compliance, and all leadership personnel.

Contact MMA’s Cyber Consulting team to guide you through these steps and more.

Take a deep breath—the worst is over. But the work doesn’t end when the attack stops. How you respond can affect how quickly your business recovers.

Here are some post-incident priorities:

  • Document damage and preserve evidence for forensic review.
  • File insurance claims directly with your carrier and consult legal counsel.
  • Communicate openly with employees, customers, and regulators.
  • Restore all systems using clean backups.
  • Conduct a post-mortem to identify gaps and strengthen defenses. Treat every incident as a chance to learn and improve your response plans.

Besides these steps, it’s important to have the right amount of cyber coverage for your organization’s size and needs. Insurance carriers often prefer organizations that actively engage in cybersecurity prevention and preparedness. If you haven’t started yet, now’s a good time. It could save you money and help protect your business.

Protecting your home and valuables

In today’s digital world, protecting your data from sophisticated cyber threats can feel overwhelming. But with proactive steps—like using strong passwords and staying alert to common scams—you can safeguard your identity, finances, and personal information. Explore the resources below to discover how you can stay one step ahead of cybercriminals, and learn what to do if you ever become a victim. Together, we can build a safer, more secure future online!

Cyber scams are a significant threat, costing individuals billions of dollars each year. The most common scams are:

  • AI - Deepfakes
  • Charitable Fraud
  • Investment Scams
  • Online Shopping Scams
  • Phishing Scams
  • Ransomware and Extortion
  • Romance Schemes
  • Social Engineering
  • Spoofing, Smishing, and Vishing

Dive into our blog, where we break down real-life examples, reveal what to watch for, and share practical tips to keep everyone—from kids and teens to seniors—safe in the digital world. We even spotlight a phone scam you might recognize! 

To safeguard your wealth and protect yourself from potential cyberthreats, it is crucial to understand the importance of personal cyber insurance. In this article, we will explore the evolving landscape of cyber risks and the steps you can take to mitigate them.

If you should ever suffer a covered loss, a dedicated claims analyst will be available to file a claim with your insurer on your behalf and provide support and guidance throughout the entire claims settlement process.

File a personal lines claim

A message from Mario

“In today’s digital world, cybersecurity is not just a necessity, it’s a critical enabler of trust and resilience. At MMA, we are committed to empowering organizations with the insights, strategies, and resources they need to proactively manage cyber risks and safeguard their future.”

Mario Paez
Executive Vice President, National Cyber Risk Leader