Small Businesses Fear Cyber Threats as Ransomware Risks Surge

Some 60% of SMBs fear cyber threats while only 23% feel prepared against ransomware attacks, Coalition reports.

By: R&I Editorial Team | March 13, 2025

Topics: Cyber | News

An Opened Lock Standing Out From Locked Locks

Ransomware attacks continue to pose an existential threat to organizations, particularly small and medium-sized businesses (SMBs), with cybersecurity concerns being a top threat for 60% of SMB owners while only 23% feel very prepared, according to Coalition’s Cyber Threat Index 2025.

The report — which offers insights into the ransomware landscape based on data from digital forensics, internet-wide scanning, and cyber insurance claims — noted that the first two months of 2024 underscored the scale of the cybersecurity challenge.

A series of zero-day vulnerabilities in Ivanti devices enabled both financially motivated criminals and nation-state actors to exploit businesses across various industries. Researchers who first discovered the flaws reported the victims ranged “from small businesses to some of the largest organizations in the world.”

Weeks later, the ransomware attack on Change Healthcare, which processes payments and health information, upended thousands of health care organizations of all sizes. The widespread event forced Change Healthcare’s parent company to issue $2 billion in advance payments and prompted a congressional hearing.

Scale of the Problem

The Coalition report reveals that the majority of ransomware claims started with threat actors compromising perimeter security appliances (58%) or remote desktop software (18%). These perimeter security appliances include products from vendors such as Fortinet, Cisco, SonicWall, and Palo Alto Networks, which typically offer both VPN and firewall functionality.

Remote desktop software was the second-most commonly exploited technology. The Remote Desktop Protocol (RDP), developed and maintained by Microsoft, was compromised in almost 80% of the incidents in this category, according to the report.

Across all ransomware claims, the most common initial access vectors were stolen credentials (47%) and software exploits (29%), the report noted. Compromised credentials typically targeted RDP and VPNs, which provide threat actors with privileged access to internal systems and networks. Investigators observed brute-force password guessing in just under half (42%) of these incidents.

Software exploits typically take advantage of a vulnerable system, ranging in complexity from simple commands that exploit a single vulnerability to advanced espionage software that chains together multiple vulnerabilities, Coalition reported. Social engineering was the third-most common initial access vector, typically involving email to communicate with victims.

Exposed Login Interfaces

Coalition detected more than 5 million internet-exposed remote management solutions and tens of thousands of exposed login panels across the internet. More than 65% of businesses had at least one internet-exposed web login panel at the time of applying for cyber insurance. These panels were identified by an AI system built by Coalition, trained to detect the visual patterns of web login panels.

The detected panels span email, VPN, finance, human resources, and more, according to the report. At least five web panels were detected on 15% of these submissions, and seven businesses were found to have at least 100 exposed web login panels, the report noted.

Software Vulnerabilities Explosion

Just over 40,000 software vulnerabilities were published in 2024, a 38% increase on 2023, according to Coalition. Threat actors were able to choose from over 3,000 new vulnerabilities every month, which helps explain why software exploits were the second-most frequent initial access vector in Coalition ransomware claims.

A dramatic spike in vulnerabilities in April and May—more than 5,000 vulnerabilities published in May alone—coincided with a breakdown in the system of classification. Most vulnerabilities were classified as “unknown severity,” rather than low, medium, high, or critical.

The report recommends that organizations monitor their attack surface to detect exposed login panels and services, patch emergent zero-day vulnerabilities in internet-facing technology, and educate employees about common social engineering tactics. Implementing 24/7 monitoring of systems and networks, with rapid response procedures, is also critical.

View the full report here. &

The R&I Editorial Team can be reached at [email protected].

Beyond Borders: Crafting Effective Property Risk Strategies for Multinationals

Operating a multinational business requires strong risk mitigation strategies and solid insurance partnerships, especially when it comes to managing property risk.

By: AXA XL | March 5, 2025

The commercial property insurance market has had its fair share of ups and downs over the last few years, from the impact of natural catastrophes to economic pressures and inflation. Multinationals with properties in various locations have had to come up with solid risk management plans to keep pace.

Some lines appear to be reaching a level of stabilization following years of necessary rate increases; however, multinational businesses must continue to pursue the best risk strategies possible. Now is not the time to rest on one’s risk management laurels; it’s imperative to keep driving for solutions.

“The outlook for the commercial property insurance market is still cautious, even with a sense of stabilization occurring. Insurers need to balance rate pressures and responsible underwriting practices. I believe, for multinationals, an emphasis on risk mitigation and property risk engineering will be essential,” said Michele Sansone, CUO Property and Multinational Solutions, AXA XL.

One strategy that works is a multinational property program, which can enhance risk mitigation efforts across operations. Insurers and property owners work together to develop comprehensive risk management, aimed at addressing the various challenges that persist globally.

Here’s a deeper look at what makes a strong multinational property program and how these operations can work with their insurance partners to get the most out of them.

Property Risks Still Rising

Michele Sansone, CUO Property and Multinational Solutions, Americas, AXA XL

Perhaps the most important thing to review is that, even when rates are stabilizing, risk remains.

Hurricanes, wildfires and other natural disasters are still growing concerns for the property market. The U.S. alone saw 24 disaster events with total losses exceeding $1 billion each in 2024.

Wildfires in Chile, floods in Hungary, Cyclone Chido — all events just scratching the surface of last year’s natural catastrophes are having severe impact on how multinational business is being conducted.

“The primary challenge lies in the cost of transporting goods from one location to another and understanding the potential business interruption impact resulting from these costs, rather than the supply chain itself,” said Sansone.

“For instance, if a piece of equipment manufactured in Germany is damaged due to a fire in the U.S., the key considerations are the time required to replace it and whether the cost will be higher. These types of impacts persist, indicating that the risks are still present, albeit with varying degrees of severity.”

Outside of Nat CATs, there’s also concerns around geopolitical disruptors, like Russia’s continued invasion of Ukraine, as one example.

“Inflation is also significantly influencing the commercial property insurance market,” Sansone added.

Top Benefits of a Multinational Property Program

Getting a handle on growing property risks as they impact businesses across the globe is the main goal of a multinational property program.

However, creating and maintaining such a program may seem like a daunting task. But it’s important to note that having a global system in place can provide a comprehensive view of all operations and enhance effective mitigation strategies.

“A global program provides a standardized approach to risk management, ensuring consistency across all operations,” Sansone explained. That consistency further enables multinational businesses to collect centralized data and analysis, leading to better risk assessment and decision making.

Not to mention, a multinational property program gives way to improved cost efficiency because it leverages global purchasing power and reduces redundancy.

A Local View to Managing Global Risk

Multinational property programs will often look to insurers to front their operations. This involves using a local insurer in each country to issue policies, with the multinational company retaining the risks.

“This structure allows companies to comply with local regulations while maintaining control over their global risk strategy,” Sansone explained.

The fronting partner has the ability to harness local insurance prowess to gain better understanding of regional risks and the regulatory environment the company is operating within.

“This is crucial for tailoring coverage,” said Sansone.

Local expertise also helps in navigating cultural differences and building relationships with stakeholders in different areas. It also facilitates faster and more effective claims resolution due to localized knowledge and support.

“Having a network with local expertise is crucial in providing valuable information to our clients,” Sansone concluded. “Our goal is to provide consultative advice when we review and offer insurance solutions.”

Best Collaboration Strategies for Risk Management

Once a multinational operation commits to having a global property program, it’s key to think about the makeup of its insurance team. A good insurer will not only have the breadth of knowledge needed to manage risk across borders but also an internal network primed to work with the multinational.

“Effective collaboration between a carrier and an insured involves more than just the underwriter and the client; it also means involving claims and risk engineering teams as well.

“After all, the client is paying a premium for potential claims, so they need to understand how the policy will be interpreted,” said Sansone.

Risk engineering plays a vital role in helping clients become better risks. By involving these professionals, multinationals have the ability to receive comprehensive risk assessments that not only help build risk mitigation strategies but also can lower potential costs.

“Loss estimates are an essential aspect to the information risk engineers provide. If we base all loss estimates on outdated information or property values, we are likely to see very high numbers — a worst-case scenario for an underwriter,” Sansone said.

“But if an engineer informs us about risk mitigation measures like sprinklers and shut-off valves, the potential charges will be lower.”

Access to the claims team is essential for effective collaboration. If an insured is familiar with its claims team, they have the ability to inquire about previous claims or discuss a concern raised by senior management.

“Providing them with a point of contact for future questions is invaluable,” Sansone said.

Across the Globe, Under One Roof

At AXA XL, the team understands that, in order to truly manage today’s most pressing property risks, clients need the utmost support from their insurance partner. That’s why Sansone and her colleagues work every day to provide tailored coverage to meet the diverse needs of its multinational partners.

“Clients are increasingly asking questions and seeking advice on their property insurance and risk management strategies,” Sansone said. “We leverage our local market knowledge and expertise to provide better risk assessments and management tailored to our clients’ specific regional needs.”

AXA XL recently launched a Multinational Solutions Portal for its clients. The portal provides centralized management of multinational insurance programs across operations, with the goal to simplify administration and reporting.

“Users have a clear overview of the global property program including where instructions have been given, the status of policy issuance and copies of issued policies. They have access to all of their policy information and data in one place including the number of countries covered, policies instructed, issues and outstanding,” Sansone explained.

Above all, AXA XL’s multinational solutions aim to provide businesses with peace of mind as they navigate the complexities of operating in various global markets.

“When a client approaches us to front their program and provide evidence of insurance in all the countries where they operate, we conduct a thorough analysis,” Sansone said. “We examine the exposures in each country to determine the significance of having a local policy. It’s crucial to ensure that the policy issued in each country is compliant and has the appropriate limits, coverage, and premium charge.”

“We do all of this so that our multinational clients have the utmost confidence in their insurance coverage and global risk mitigation strategy,” she said.

To learn more, visit: https://axaxl.com/insurance/product-families/multinational-solutions.

This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with AXA XL. The editorial staff of Risk & Insurance had no role in its preparation.

AXA XL, the property & casualty and specialty risk division of AXA, provides insurance and risk management products and services for mid-sized companies through to large multinationals, and reinsurance solutions to insurance companies globally. We partner with those who move the world forward. To learn more, visit www.axaxl.com.