"Organizations using Cisco and Citrix VPN devices were nearly seven times as likely to suffer a ransomware infection over a 15-month period, according to At-Bay, a provider of cyber insurance and a vendor of managed detection and response products. "When compared to businesses without a VPN detected, organizations using Cisco or Citrix were 6.8X more likely to fall victim to an attack," according to At-Bay's 2025 InsurSec Report [ PDF], which notes that Cisco and Citrix held the top spots in last year's report, too."
"When asked if these findings mean that Cisco and Citrix VPN users should find another vendor, At-Bay CISO for Customers Adam Tyra told The Register, "We think the takeaway is clear: Companies relying on on-premise VPN devices from vendors like Cisco and Citrix should strongly consider transitioning to modern cloud-based, remote access solutions." For comparison: SonicWall VPN users clocked in No. 2, at 5.8 times more likely to fall victim to ransomware."
Organizations using on-premise Cisco and Citrix VPN devices experienced markedly higher ransomware claim rates, with Cisco/Citrix users 6.8 times more likely to be attacked during January 2024–March 2025. The findings derive from analysis of more than 100,000 policy years of cyber claims data. Other on-premise VPN vendors also showed elevated risk: SonicWall 5.8X, Palo Alto GlobalProtect 5.5X, and Fortinet 5.3X. Businesses using any on-premise VPN were 3.7X more likely to suffer ransomware than those using cloud-based VPNs or no VPN detected. A shift to cloud-based remote access was recommended.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]