• EN
Top navigation or filters may restrict results of your search. To see all possible results click here.
Business case


Released 09 September 2021
Get in contact now!

When the Proxylogon/MS Exchange vulnerability caused a big stir in the insurance industry in early March, the insurance company was able to actively communicate with likely affected customers thanks to a targeted analysis of these vulnerabilities and thus contribute to damage prevention.

Fast and targeted analyses of larger portfolio structures can be carried out efficiently with cysmo Analytics. Complex correlations in the geographical distribution of server structures can be analysed, but also concrete vulnerabilities related to known and new flaws.



Photo of Jonas Schwade
Jonas Schwade

The issue

At the beginning of March, a vulnerability was discovered in the MS Exchange Servers. Many companies from different industries and of different sizes were affected by the vulnerability. The damage potential was incalculable and it was difficult to get an approximate idea of how many companies in the portfolio even had a vulnerable MS Exchange Server in operation. Predictions/estimates were impossible at that stage.

The correct processes regarding the update and any downstream forensic investigations were also not sufficiently clear.

Insurance companies had already faced these challenges with attacks such as WannaCry or NotPetya.


Only one day after the vulnerability became known, the cyber risk assessment tool cysmo had gathered technical data on the vulnerability of individual systems. It was not only possible to check which of the companies was affected by the attack at the current time, but additionally who had had a vulnerable server in use at the beginning (2021/04/03).

By means of the automated approach, thousands of companies from insurance companies' portfolios could be evaluated within a few hours, so that the insurance companies could get an overview of the approximate extent of the damage.

Two weeks later, it was also possible to evaluate data from companies where a so-called backdoor had been installed. Once again, the portfolios could be assessed within a few hours.

Related solutions

Benefits and advantages

The rapid availability of the data made it possible for the insurance companies to explicitly point out the vulnerabilities to the affected customers. Some of the customers had not even known they had been affected until that point. At the same time, insurance companies were able to get a picture of a percentage distribution within the portfolio and use this to calculate potential damage levels, which resulted in improved reporting.

User questions

Answered questions

Unanswered questions

Thank you for your question! We will inform you when the page owner answers your question.

Please note that submitted questions are public.

Responsible for this content


  • Germany
  • Spain
  • Switzerland
  • Austria
  • United States
  • United Kingdom

Views: 11463

Downloads: 0

Ratings by number of stars:
100 %
0 %
0 %
0 %
0 %

Page is favored by 1 user.

Contact inquiries: 0

Interested? Like to know more?

Get in contact now!


External vendor partners can provide content on hr | equarium. Hannover Rück SE does not verify these contents. Hannover Rück SE is also not responsible and not liable for the contents and services offered. For more information please see the terms of use.

Report site