The analysis, based on Marsh’s Cyber Self-Assessment data and claims records, looked at the effectiveness of 12 core security controls commonly used by cyber insurers when assessing risk. Incident response planning ranked fourth in reducing breach-driven claims, behind endpoint detection and response (EDR), logging and monitoring, and staff awareness training.