Using end-of-life software ‘increases risk of cyber claim’

Share
Catherine Lyle says there's a simple step companies can take to prevent phising.
Companies that continue to use software after support has been withdrawn by the developer are three times more likely to make a cyber claim, Coalition says

Companies who continue to use end-of-life software after their developers withdraw support for them are three times more likely to make a cyber claim, according to new research from cyber insurtech Coalition.

The latest edition of Coalition’s Cyber Claims Report also shows that policyholders who have just a single unresolved critical vulnerability are 33% more likely to experience a cyber claim, with human error or inaction being listed as the most exploited attack vector.

Phishing accounted for 76% of reported incidents, more than six times greater than the next most popular attack technique. Overall, phishing-related claims have increased by almost 30% since the beginning of 2022. This coincided with a 54% reduction in the frequency of ransomware attacks from 2021 to 2022, and a 17% decrease in the frequency of all claims over the same period.

The research appears to suggest that growing awareness of cybersecurity issues is making it harder for cyber criminals to find a route to attack – but that oft-overlooked vulnerabilities, like expired software, continue to leave the door open for attackers.

‘2FA would have stopped majority of phishing attacks’

Catherine Lyle, Coalition’s Head of Claims, says: “Threat actors are forever looking for targets with weak security controls or unprotected infrastructures; these are the paths of least resistance into a company’s network. Unfortunately, that’s why human inaction, such as not patching a publicised critical vulnerability or updating out-of-date software, is a high risk factor for a cyber incident or cyber claim.

Lyle says that there is a simple security measure that companies can introduce to make it harder for scammers to gain access to a network.

“Setting up multi-factor authentication is one of the best ways to prevent attackers from getting into an organisation’s network because it provides the person protection even when security is not top of mind. For the majority of Coalition’s phishing-related cases, multi-factor authentication would have stopped access and prevented a claim.”

Founded in 2017 by John Herring and Joshua Motta, Coalition offers so-called ‘active insurance’ that monitors businesses for security weaknesses and encourages clients to take a proactive approach to their cybersecurity setup. The company has raised over US$600mn since the beginning of 2021 and announced big-name partnerships with the likes of Allianz, Bluevine and Armorblox.

Share

Featured Articles

US Bank and One Inc Unite to Reshape Insurance Payments

Move aims to streamline claims processing through digital network, as insurers seek to modernise transaction systems amid rising digital payment adoption

Insurance Software Provider Fadata Expands Global Presence

Fadata opens offices in Malaysia and Peru as part of global growth strategy to deliver 24/7 support for insurance clients using its INSIS core platform

Top 10: Sustainability Leaders in InsurTech

This week's top 10 shines a spotlight on some of the insurance world's most sustainable practitioners, including execs from Convex, Previsico and Allianz

Allianz: Insurers Focus on Growth Despite Compliance Hurdles

Digital Strategy

Insurers Face Legacy System Exodus as Climate Risk Grows

Technology & AI

Study: Cyber Breach Recovery Times Exceed Insurance Coverage

Technology & AI