• Home
  • Advertising
    • Why Advertise
    • Create Your Campaign
  • About
    • About Security on Screen
    • Privacy Policy
  • Webinars
  • Social Wall
  • Contact Us
Saturday, July 2, 2022
No Result
View All Result
  • Login
  • Register

No products in the basket.

Submit News
Submit video
  • Create Your Campaign
  • Product Groups
    • Access Control
    • Biometrics
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Cyber-Security
  • Industry sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
  • Create Your Campaign
  • Product Groups
    • Access Control
    • Biometrics
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Cyber-Security
  • Industry sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
No Result
View All Result
No Result
View All Result

Outpost24 releases 2021 Web Applications for Insurers Report

by Zoe Deighton Smythe
30/06/2021
in Cyber Security, PRESS RELEASE
Outpost24 releases 2021 Web Applications for Insurers Report

Outpost24 has announced the results of its 2021 Web Application Security for Insurers Report, which analysed the web applications of the top 10 European insurance providers, as listed by ADV Rating. Using its attack surface discovery and assessment tool, Scout, Outpost24 examined the digital footprint of some of the EU’s largest insurers to uncover potential security weaknesses and found that every insurer had some degree of vulnerability in its web application. 

The findings revealed that Top EU insurers run a total of 7,611 internet exposed web applications over 1,920 domains, with 3% of them considered suspicious (e.g. testing environments). Furthermore, nearly one in four (23%) of the applications identified are found to be using old components containing known vulnerabilities that could be exploited. This is particularly concerning as web applications remain the biggest source of data breaches. It’s no surprise as they carry a plethora of complexities from a variety of attack vectors presenting potential for serious vulnerabilities.

The Outpost24 report highlights the most common attack vectors affecting insurers through aggregated risk scoring. This enables insurance security teams and developers to compare and benchmark their attack surfaces and take the necessary steps to mitigate threats in their application footprint.

Of the criteria examined, the top three attack vectors identified are:

  1. Page Creation Method – This depends on the code the web app has been developed in. Developing websites with insecure code or outdated software increases the risks of potential vulnerabilities for hackers to exploit
  2. Degree of Distribution – The more pages you have, the more risks there are, all pages must be identified, and code vulnerabilities uncovered at all levels
  3. Active Contents – When an application runs scripts the content becomes active and depending on the way those scripts have been implemented, the attack surface could increase if a website has been developed using vulnerable active content technologies.

The report also highlights several other security and compliance issues including basic SSL, cookie consent and privacy policy defects. 

With cyber insurance premiums becoming big business during the pandemic, insurers themselves, who store and process vast amount of sensitive customer data, remain a soft target for cyber attacks. Recent ransomware hits on big names include AXA’s 3TB sensitive data leak and US CNA Financial which was forced to pay $40m to regain network control. There is no better time for insurers to take a magnifying glass to examine their own application attack surface.

“As attacks targeting insurance companies increase, visibility is key. It is essential for insurance security professionals to have continuous insights of their digital footprint and attack surface, as very often they are in the dark about how many publicly exposed web apps are out there and their security posture”, said Stephane Konarkowski, Security Consultant of Outpost24. 

“We hope that this research will help insurance providers better understand the underlying attack vectors that could impact their application security and take a more proactive approach to improving cyber hygiene by closing off potential backdoor access, before hackers find them, with continuous assessment and monitoring.” said Nicolas Renard, Security Consultant of Outpost24.

In this 2021 study, Outpost24 analysed how the insurance sector fared on application security but how does this compare against other industries? Top EU insurers have an average attack surface score of 38.10 (out of 58.24) vs online retailers at 42.37 and Credit Unions at 16.39, making them more at risk than credit unions, but less risky than retailers.

Download the 2021 Web Application Security for Insurance Report or visit https://outpost24.com/

Tags: ADV ratingcyber insuranceCybersecurityinsurancenew reportOutpost24web applications
ShareTweetShare

Related Posts

British Security Awards announces 2022 winners
Education & Events

British Security Awards announces 2022 winners

OneQode teams with up Corero Network Security to protect customers from malicious DDoS attacks
Cyber Security

OneQode teams with up Corero Network Security to protect customers from malicious DDoS attacks

Seagate and Secure Logiq release recording of surveillance industry storage webinar
PRESS RELEASE

Seagate and Secure Logiq release recording of surveillance industry storage webinar

Euralarm releases revised study on False Fire Alarms in Europe
PRESS RELEASE

Euralarm releases revised study on False Fire Alarms in Europe

KnowBe4 kicks off ransomware awareness month with resource kit
Cyber Security

KnowBe4 kicks off ransomware awareness month with resource kit

Panasas teams up with MLCommons for advanced machine learning
PRESS RELEASE

Panasas teams up with MLCommons for advanced machine learning

Load More

The Tannery, 3a John Street, Tunbridge Wells,
Kent TN4 9RU
All enquiries: +44 (0)1892 525141

  • Home
  • Advertising
  • About
  • Webinars
  • Social Wall
  • Contact Us
No Result
View All Result
  • Login
  • Sign Up
  • Cart
  • Home
  • Why Advertise
  • Create Your Campaign
  • About Security on Screen
    • Privacy Policy
  • Webinars
  • Social Wall
  • Contact Us
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
  • Product Groups
    • Access Control
    • Biometrics
    • Cyber Security
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Industry Sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities

© 2020 SecurityOnScreen.com

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.