Cybersecurity monitoring and assessments1
Our cybersecurity program undergoes internal and external reviews. In addition to the annual assessment of the program and its components, robust vulnerability assessment processes are in place, as well as penetration testing, red teaming, tabletop exercises and phishing drills conducted by internal and external teams. Results are continuously measured and assessed for possible improvements.
We contract reputable third parties to conduct annual external assessments of the cybersecurity program and its components. In 2022, these independent assessments included those by Alvarez & Marsal and BitSight2. Similarly, governmental agencies and their contracted agents conduct regular reviews in jurisdictions where we operate. Furthermore, insurance agents, clients and other market participants continually assess our security posture for their own needs. There were no material3 incidents related to data and cybersecurity breaches across our global operations in 2022.