Why It Matters for Your Business and Your Cyber Insurance

Cyber threats are everywhere right now. From high-profile breaches at Jaguar Land Rover and the Co-op to smaller firms being caught off guard, attacks are growing in both frequency and impact.
We’re seeing it first hand – more businesses are buying cyber insurance for the first time, while others are upping their cover limits to match the risk.

If your organisation still runs Windows 10, there’s an important deadline approaching and it could have big implications for your security, operations, and insurance.

What Happens When Support Ends

Microsoft will end support for Windows 10 on 14 October 2025. After that, no new security patches or updates will be released.
That means over 700 million devices will no longer be protected against newly discovered vulnerabilities – giving cybercriminals a huge new target list.

Unpatched systems are an open door. They’re vulnerable to malware, ransomware, data theft, and exploits that modern defences can’t stop. Unsupported operating systems are prime hunting ground for attackers and they know exactly where to look.

Not Every Device Can Upgrade

Moving to Windows 11 isn’t as simple as hitting “update.” The new system requires specific hardware, including the TPM 2.0 chip, which millions of older machines don’t have.
Analysts estimate that around 240 million devices won’t meet the requirements, meaning many will become obsolete almost overnight.

For businesses that rely on these machines, that’s a major operational and financial risk. Replacing them takes time and leaving it late could mean downtime or disruption.

Cyber Insurers Are Watching Closely

The cyber insurance market has been under pressure. In 2025, one in five policyholders made a claim – the highest level ever recorded. Many were linked to security gaps, outdated software, or weak update management.

Underwriters are taking note. They’re now examining patch management policies more closely and may exclude cover for businesses using unsupported systems.
If you’re still running Windows 10 after the cut-off date, your insurer could view it as a red flag potentially affecting your premium, your cover, or even the outcome of a claim.

Extended Support: A Costly Short-Term Fix

Microsoft will sell extended security updates at $60 per device in the first year, rising annually until 2028. But it’s not a long-term solution.

Extended support doesn’t improve performance or compatibility, and some insurers may not consider it sufficient to meet policy requirements. It might buy time but it won’t remove your exposure.

Take Action Now

The best approach is a proactive one. Acting early gives you control, keeps your premiums in check, and shows insurers that you’re serious about managing cyber risk.

Here’s where to start:

• Identify which systems are still using Windows 10.
• Check whether they can be upgraded to Windows 11.
• Plan replacements early to avoid disruption.
• If you must retain any Windows 10 devices, ensure they’re isolated, regularly backed up, and included in your incident response plan.

The Bottom Line

Windows 10’s end of life isn’t just an IT issue it’s a business risk. The decisions you make now will affect not only your security posture but also how your insurer views your business.

If you’d like advice on how these changes could impact your cyber cover or how to make sure your protection stays fit for purpose speak to Vista’s Cyber Insurance team today.