SiliconAngle reports that organizations with one unpatched security vulnerability were 33% more likely to have cyber insurance claims, while those that continued leveraging old unsupported software had a threefold increased likelihood of claims.
Seventy-six percent of reported incidents were attributed to phishing, which was over six times more common than the next most prevalent attack method, according to a report from Coalition. Moreover, phishing-related cyber insurance claims by Coalition members were also noted to have a 29% increase from the start of last year although ransomware claims had a 54% year-over-year decline.
"Threat actors are forever looking for targets with weak security controls or unprotected infrastructures these are the paths of least resistance into a company's network. Unfortunately, that's why human inaction, such as not patching a publicized critical vulnerability or updating out-of-date software, is a high-risk factor for a cyber incident or cyber claim," said Coalition Head of Claims Catherine Lyle.
SiliconAngle reports that more companies have been conducting purple team cybersecurity threat evaluations, with security penetration testing firm SpecterOps being the latest to create a collaboration between its offensive and defensive cybersecurity teams in testing and defending corporate systems.