Cyber risk assessment

Recognise risk. Reduce exposure.


Managing cyber risk has never been more complex.

As your business becomes increasingly reliant on technology, malicious intent becomes more profitable, and more prevalent. We understand your concerns, and we're here to help.

Our cyber risk assessment uses an in-depth approach that covers the entire exposure chain. The assessment: 

  • Identifies your cyber exposures and pinpoints areas of greatest concern 
  • Provides practical loss prevention recommendations 
  • Helps you select tailored solutions that can enhance your cyber resilience 

Already an FM client? Contact your client service team to discuss your cyber risk assessment. 

Industrial control systems

Modern industrial control systems range from building automation to complex manufacturing systems. These systems are increasingly network-connected to enhance efficiencies and improve reliability. But more connectivity also means higher exposure—and greater potential property risks.

FM brings extensive knowledge and expertise in equipment-based property risks to cyber risk mitigation. Our location-based boiler and machinery evaluations target the potential for resulting physical damage and business interruption by examining risks that may expose facilities' systems and equipment to malicious actions locally or via network intrusion.

We then leverage and apply proven loss prevention concepts to review industrial control systems management programmes, identify vulnerabilities, and develop practical, cost-effective solutions.

  • Information security

    Working together with risk managers and their IT colleagues, our client service teams evaluate risk to your data, software and intellectual property. The strength of the assessment comes from our threat-informed approach to assessing cyber risk. Leveraging our research capabilities and cyber loss data, we evaluate your mitigating security controls to determine resilience against common cyber-attacks impacting organisations today.

    The cyber risk assessment critically evaluates the most common entry vector, the IT environment, into the operational technology environment where industrial control systems and the potential for resulting physical damage are often overlooked.

  • Physical security

    To truly protect your information security and industrial control systems, we must prevent unauthorised physical access to data, workstations and networks. As part of our assessments, field engineering site visits allow us to evaluate who has access to your facilities, what they have access to, and how to monitor that activity.

    Our unique combination of risk assessment and risk engineering allows us to take a multifaceted approach to manage your cyber risk.

Cyber Resilience

Watch this short video to understand why you should make cyber resilience a priority.

  • Cyber resilience solutions

    Cyber exposure is business exposure. Here’s what you can do to avoid business interruption.

    Cyber resilience