Skip to main content

Cyber Risk Management

WTW takes an integrated, comprehensive approach to cyber risk management to help you manage people, capital and technology risks across your enterprise. Any plan that fails to consider each of these dimensions will likely fall short.

Contact Us

Cybersecurity today is no longer simply a technology risk for the IT department to handle. A cyber breach can affect your ability to operate and cost millions. It can also have far-reaching consequences that affect your reputation and brand long after the breach itself is resolved.

WTW takes an integrated, holistic approach to cyber risk management to help you manage all aspects of the exposure across your enterprise. We take a three-step approach toward helping our clients evaluate and manage their cyber risk.

  1. 01


    We implement a range of tailored services to identify and analyze an organization’s core risks across the entire enterprise, focusing on cyber risks affecting people, capital and technology. We identify the gaps and provide practical solutions to reduce risk, achieve business goals and ensure a cyberresilient organization.

  2. 02


    We leverage our global experience, incident data and customized assessment tools to provide a strategic suite of best-in-class solutions designed to quantify, inform and mitigate cyber risk exposures.

    • Cyber Risk Quantification
    • Data-driven analytics

  3. 03


    Utilizing our leading team of global risk advisors, consultants and insurance specialists, we create tailored risk transfer solutions, ensuring balance sheet protection alongside a range of services to protect our clients after a cyber incident occurs including post incident support, claims advocacy and post incident review and analysis.

    • Insurance Advisory, Broking and Placement
    • Claims Advocacy

A comprehensive plan for cyber protection across:


Two-thirds of cyber incidents are the direct result of employee behaviors – from lost devices to actions by disgruntled insiders. Our proprietary Workforce Cyber Culture Assessment and Cyber Risk Culture Survey can help you assess employees’ attitudes and behaviors to uncover vulnerabilities, create awareness and design action steps that can help reduce insider risk.

Our Cyber Work Readiness Diagnostic can help you create and optimize a cyber workforce by defining roles and identifying talent and skills gaps. This entails assessing potential sources of cyber risk to establish a needs-based hiring and retention plan amid a perpetual “war” for cyber talent. Our market-leading human capital consultants and risk advisors provide customized solutions based on each client’s unique business operations and priorities.


According to The Cybersecurity Imperative Study conducted by ESI ThoughtLab and sponsored by WTW, to cope with rising cyber risks, companies increased their cybersecurity investments by 7% in 2018 over the previous year, and plan to nearly double that percentage increase to 13%. Our risk transfer solutions, especially in insurance advisory and placement, provide the protection your balance sheet needs to account for residual risk following the application of appropriate safeguards and practices.

Our proprietary Cyber Quantified and Cyber Risk Profile Diagnostic tools can help you make strategic decisions on how to effectively allocate capital to high priority areas, including risk transfer decisions. Our post-breach solutions include insurance claims advocacy and forensic accounting to ensure maximum capital recovery under relevant insurance policies.


In 2019, companies will allocate 39% of their cybersecurity budget to technology, 31% to process, and 30% to people. To help combat untrained general staff, today’s biggest threat to cybersecurity, the fastest growing technology tool is user behavior analytics. Only about 4% currently employ it, but 73% plan to start using it by 2020 —a growth rate of more than 1,700%.1 Our advisory teams assess the level of technological risk specific to each client’s situation, and in conjunction with our preferred technology partners, work to mitigate and manage cyber risk across the enterprise.

IT solutions cannot be adopted or implemented in a vacuum. It’s critical for People and Technology to have a symbiotic relationship to ensure cyber strategies are connected to the business and its functions.

Our holistic approach to cybersecurity evaluates all potential cyber threats – from people to capital to technology – to ensure your enterprise is aware of the risks and taking all necessary precautions to mitigate harm.

1 The Cybersecurity Imperative, conducted by ESI ThoughtLab, in conjunction with WTW and other organizations, 2018.

Cyber Risk Profile Diagnostic (CRPD)

WTW’s Cyber Risk Profile Diagnostic (CRPD) helps organizations identify and analyze their cyber risks and vulnerabilities by measuring their current cyber resilience.

Contact us