If you are running a PC on Microsoft Windows 8.1, you need to act fast to secure your system and data.  From January 10, 2023, Microsoft is no longer issuing the security updates or patches for this operating system that help keep it safe from viruses and cyber attacks and you could invalidate your cyber insurance policy, if you continue to use such software.

Windows 8.1 is regarded as ‘older’ software dating back to 2013 and Microsoft feels anyone using Microsoft Windows should have updated their software beyond this level.  Despite this, there are felt to be millions of people worldwide still using 8.1.  It is still the fourth most used Microsoft operating system worldwide.

However, as Microsoft says, whilst it is still possible to keep using this system, “without continued software and security updates, your PC will be at greater risk for viruses and malware.”

Windows’ advice is to move to Windows 11. That will mean buying a new PC, as most older ones will not be compatible with this operating system, but a new PC or laptop should come with Windows 11 already installed. There is an option of moving to Windows 10, as an interim measure. This will require users to purchase a full version of the Windows 10 software.  However, Windows 10 support will disappear in 2025.

How software updates keep your cyber insurance valid

Anyone using a PC or Mac should view software in the same way as they do food, realising it has a shelf-life.  Leave it too long and your system may well become infected.  Outdated software is riddled with security vulnerabilities so, if you continue to use it, you are exposing yourself to cybercrime.  Updates and upgrades, from the software providers, are issued on an ongoing basis for very good reason.  They typically include patches, which seek to cover gaps, where system vulnerabilities have been exposed.  If you are not patching your system with those, there are holes that can be exploited by cyber criminals.  A cyber insurer could easily view your failure to update your systems as negligent and either refuse to cover you, or turn down a claim.

Avoiding business interruption through software updates

There are also operational reasons to keep upgrading your software – so you can run the latest applications and ensure things run smoothly, whilst you are working.  Out-of-date software can easily lead to business interruption, with IT suddenly ceasing to operate or programmes running into conflict with other tools you are using.  Business interruption, caused through not keeping software ‘maintained’ through updates, is actually very avoidable and unlikely to be viewed with sympathy by an insurer.

Cyber implications of not updating software

Cybercriminals can be very sophisticated.  If the software company can see vulnerabilities, so can they and the easiest way into a system could be through one of those.  You could well suffer a ransomware attack or be targeted with malware, both of which could be hugely costly in terms of downtime and system repair.  It will probably affect your website and your communications with customers, which could be disastrous for your sales and reputation.  Meanwhile, it could also lead to loss of customer data, with all the angst and customer anger that brings, not to mention potential GDPR fines.

Quite simply, out-of-date software is a key with which a cyber criminal can unlock the rest of your system, accessing files, banking details and more.

How to protect your system against cyber attacks

The answer is to regularly check for updates and respond to any alerts that advise of them, by taking the required action. It may take a short period of time to install a full update but remember the worth of doing this and the scenarios that can develop if you do not.

Always back-up your system before an update, but make back-ups a regular part of your routine anyway.  Also check that the update you are doing will be compatible with your machine – taking us back to the point about Windows 11 and older laptops.

Having continually updated software is good practice that will help protect you against becoming a cyber criminal.  The risks of that happening, through a wide variety of tactics, is huge, however, and small and medium-sized companies are just as likely to be attacked as larger ones.  So, as well as doing all you can to control the cyber risk, you should make sure you have robust cyber insurance in place, which will protect you should the worst occur.

What is ‘good’ cyber insurance?

A good cyber insurance policy should not just compensate you for losses but also actively provide you with the support you need, the minute you discover an issue.  By that time, the criminals could have been inside your system for many months and the policy should provide you with cyber-crime savvy IT professionals, who can instantly examine your system, assess where the issue has arisen and restore your working operations as fast as possible.

Without such support, you could be left floundering, not knowing where to turn to find help.  That all adds to the delay in getting back up and running and could be extremely costly.

Be careful with the cyber insurance you buy

Many off-the-shelf and online cyber policies will not offer you this access to IT support and may not be the policy your business actually needs.  Whilst some cyber insurance is provided, it may well not be sufficient to get your business activities restored fast.

On the other hand, if you have previously relied on other types of insurance policy providing you with some cyber insurance support, you may well find that any cyber cover has been removed from those.  Insurers have taken steps to prevent having to pay out for cyber situations via policies not really intended to cover such risks.

How to get help with buying cyber insurance

The best advice is to talk to an insurance broker who can equip you with the cyber insurance cover that will make the right difference to you and your business, when the time comes.  For help with this, please call Gauntlet on 0113 244 8686 or visit our Find a Local Broker page and choose a broker who can assist you.

For further information about cyber crime, we have two podcasts on this topic at our Mind the Gaps podcast.  Subscribe and listen at all major channels, or listen to the relevant episodes here and here.