Insight Archive  | Subscribe to our insights >>

Aon  |  Professional Services Practice
Aon’s 2023 Cyber Resilience Report Released in August

Release Date: August 2023
pdf download Implications for D&O Litigation From Climate-Related Risk

Aon’s 2023 Cyber Resilience Report is a guide that company leaders can use to help benchmark their organization's risk maturity against peer companies and build their cyber resilience.

The Aon Cyber Resilience Report is based on Aon CyQu assessment scores collected from 2,946 unique Aon clients globally and complemented by supplemental questionnaire data collected from 1,933 unique Aon U.S. and UK clients.

The respondents represent the full spectrum of Aon clients, but nearly 50% fall into the $100M - $2B revenue range and approximately 10% are professional services firms.

This report presents valuable insights into the key factors driving cyber resilience in the face of an increasingly dangerous and active threat environment. Professional service firms have shown material improvement with an increase in overall CyQu score from 2.6 to 2.9 (out of 4), against a score of 2.7 for the revenue segment $100M - $2B.

The professional service sector’s improvement in cyber maturity is all the more impressive given that most firms allocate less than the global average of 10% of the IT budget to security.

Why is this report important?

Apart from providing insight into how an individual client benchmarks against the global numbers, the report provides information about the changing environment and how firms are constantly playing catch-up with the evolving and increasing threats.

Above all, increasing cyber maturity scores reflect increased resilience against the devastating impact of cyber threats. The importance of resilience is demonstrated by the findings of the IBM Ponemon “Cost of a Data Breach 2023 Report” that found:

  • Among firms with a high level of specific cost-mitigating factors (including “IR Planning & Testing” and “Employee Training”) the average cost of a breach was reduced by over $1M
  • “Phishing” and “Stolen Credentials” are the highest frequency and among the highest severity threats

This report provides valuable context for individual CyQu respondents and insight into the reasons for using the results of the CyQu evaluation to continue the cyber-resilience journey.

Read more articles by Tom here.

Aon is not a law firm or accounting firm and does not provide legal, financial or tax advice. Any commentary provided is based solely on Aon’s experience as insurance practitioners. We recommend that you consult with your own legal, financial and/or tax advisors on any commentary provided by Aon. The information contained in this article and the statements expressed are of a general nature and are not intended to address the circumstances of any particular individual or entity.

Tom Ricketts


The Professional Services Practice at Aon values your feedback. To discuss any of the topics raised in this article, please contact Tom Ricketts.

Tom Ricketts
Managing Director
New York

Bryan Hurd

The Cyber Solutions team at Aon can help you understand and quantify your cyber risks. Please contact Bryan Hurd.

Bryan Hurd
Managing Director, Aon Cyber - Stroz Friedberg