Coalition Releases First-Ever Cyber Threat Index for 2023

New research from Coalition predicts a 13% increase in average monthly Common Vulnerabilities and Exposures over 2022

SAN FRANCISCO – February 1, 2023 –  Coalition, the world's first Active Insurance provider designed to prevent digital risk before it strikes, today published its first-ever Coalition Cyber Threat Index, detailing insights on cybersecurity trends from 2022 and what emerging cyber threats are on the horizon to better prepare businesses for 2023.

Based on data from the last ten years, Coalition predicts more than 1,900 new Common Vulnerabilities and Exposures (CVEs) per month in 2023, including 270 high-severity and 155 critical-severity vulnerabilities — a 13% increase in average monthly CVEs from published 2022 levels.

Coalition also reported: 

• For most CVEs, the time to exploit is within 90 days of public disclosure, with the majority exploited within the first 30 days. 

• 94% of organizations scanned in the last year have at least one unencrypted service exposed to the internet.

• Remote Desktop Protocol (RDP) remains cyber-attackers’ most commonly scanned protocol, meaning they still leverage old protocols with new vulnerabilities to gain access to systems.

• Elasticsearch and MongoDB databases have a high rate of compromise, with signals showing that a large number have been captured by ransomware attacks.

“The reality is that the number of security vulnerabilities and breaches are consistently increasing —from 1,000 in 2002 to over 23,000 in 2022. Defenders are fighting a battle on all sides and at all times,” said Tiago Henriques, Coalition’s Vice President of Security Research. “We produced this report to provide as much information as possible for organizations to learn from. With the overwhelming volume of vulnerabilities and lack of IT staff, cybersecurity experts need a way to evaluate each vulnerability's risk so they can prioritize what to address.” 

Coalition compiled its 2023 Cyber Threat Index based on critical information gathered from its active risk management and reduction technology that combines data from underwriting and claims, internet scans, and Coalition’s global network of honeypot sensors. Coalition’s scanning data includes over 5.2 billion IP addresses. Its honeypots, used to observe attacks from the inside and develop a deeper understanding of attackers' techniques, span over 22,000 events and multiple geo-distributed IP addresses. 

In light of these findings, Coalition recommends that organizations and their security and IT teams prioritize applying updates on public-facing infrastructure and internet-facing software within 30 days of a patch’s release and follow regular upgrade cycles to mitigate vulnerabilities in older software to prepare for the looming 2023 threats.

“Cybersecurity professionals must be more alert than ever to vulnerabilities that already exist within their networks and assets. Attackers are becoming increasingly sophisticated and have become experts at exploiting commonly used systems and technologies,” continued Henriques. “Organizations must use secure communication protocols to access their data. They must also enforce multifactor authentication and ensure the services they use are not exposed to the internet. Taking steps like these to improve your basic security hygiene is crucial to improving your overall defense posture.”

To read the complete report, download the 2023 Coalition Cyber Threat Index.

About Coalition

Coalition is the world's first Active Insurance provider designed to prevent digital risk before it strikes. By combining comprehensive insurance coverage and cybersecurity tools, Coalition helps businesses manage and mitigate digital risks. Coalition offers its Active Insurance products in the U.S., U.K., and Canada through relationships with leading global insurers, including Arch Insurance North America, Allianz, Ascot Group, Lloyd's of London, Swiss Re Corporate Solutions, Vantage, and management liability coverage through Zurich American Insurance Company. Its security products are available to organizations worldwide. Coalition's Active Risk Platform provides automated security alerts, threat intelligence, expert guidance, and cybersecurity tools to help businesses remain resilient in the face of cyber attacks. Headquartered in San Francisco, Coalition is a distributed company with a global workforce that collaborates digitally and in office hubs.