Pulse Check: Remote Access Trends for Cyber Insurers and Applicants
- J. Foster Davis
- May 18
- 4 min read
As the cyber insurance market continues to experience soft conditions in early 2026, remote access remains a critical factor in cyber insurance underwriting and risk assessment. New data from January to May, 2026, reveals trends in how applicants manage remote connectivity to their environments. This pulse check reviews these fresh statistics, focusing on the use of Remote Desktop Protocol (RDP), Virtual Network Computing (VNC), and Virtual Private Network (VPN) solutions. Understanding these trends helps cyber insurers better evaluate market conditions and supports applicants in aligning their security practices with evolving expectations.
Observations
The data includes a non-scientific sample of over 1,000 current or prospective policyholders. BreachRisk™ a.i. automatically gathered the data using ethical passive hacker tradecraft, which was then processed through The Cyber Questionnaire Validator.
Less than 1% of companies use legacy remote desktop technologies such as RDP, VNC, or other remote desktop connectivity from the public Internet.
About 12% of companies use a VPN for remote access.
The Cyber Questionnaire Validator™ question text | Evidence:Yes | Evidence:No |
Does the Applicant allow Remote Desktop Protocol (RDP), Virtual Network Computing (VNC) or other remote desktop connectivity to their environment(s) from the public Internet? | 0.7% | 99.3% |
Does the Applicant use Virtual Private Network (VPN) solutions to provide remote access to their environment(s) from the public Internet? | 12.3%* | 87.7%* |
Direct measurements by BreachRisk™ a.i. and The Cyber Questionnaire Validator™ cover approximately 01 January 2026 - 15 May 2026. n>1000, multiple regions, multiple lines, non-scientific sample. *a "yes" answer to this question is not considered an insecure practice | ||
Remote Desktop Protocol and VNC Usage Remains Low
Allowing RDP or VNC access from the public Internet is generally considered a risky practice. These protocols can be exploited through brute force attacks, credential theft, or unpatched vulnerabilities. Hackers frequently scan for exposed RDP or VNC ports as an entry point into networks.
The low percentage of applicants permitting this access suggests a positive shift in security posture across the market. Many organizations have likely moved away from direct remote desktop exposure, possibly replacing it with more secure alternatives or restricting access through internal networks only.
Why This Matters for Cyber Insurers
Reduced exposure to common attack vectors lowers the likelihood of breaches caused by remote desktop exploits.
This trend could signal improved security hygiene among applicants, which may influence underwriting decisions.
Cyber insurers can use this data to adjust risk models and pricing, reflecting the lower prevalence of this risky practice.
This finding is good news for cyber insurers who may have feared higher prevalence among applicants to allow direct remote desktop access. It also encourages applicants to maintain or improve their remote access controls to stay competitive in the cyber insurance market. Every market is different, and this benchmark can help insurers compare among different industries, domiciles, and revenue bands.
VPN Usage Shows Mixed Adoption
The report indicates 12.3% of applicants use VPN solutions to provide remote access from the public Internet, while 87.7% do not appear to use a VPN. Unlike RDP or VNC, the presence or absence of VPN use is not inherently good or bad. VPNs can offer secure remote access when configured correctly, but they can also introduce risks if poorly managed. The high rate of non-use could also indicate that many companies choose to not configure remote access unless the business benefit is worth the cybersecurity risk.
Understanding VPN Use in Context
VPNs create encrypted tunnels, protecting data in transit and reducing exposure to interception.
However, VPNs can become a single point of failure if compromised, especially if multi-factor authentication is not enforced.
Some organizations may opt for alternative secure remote access methods, such as zero-trust network access (ZTNA) or cloud-based solutions, which could explain the high percentage not using VPNs.
The VPN market has seen significant consolidation, with a few key players such as Cisco and Fortinet dominating the landscape. This concentration raises concerns about systemic risk, as vulnerabilities in these widely-used clients could lead to widespread exploitation.
For cyber insurers, the mixed adoption of VPNs means underwriting might need to consider the quality of remote access controls rather than just their presence. Analytics that assess VPN configurations, authentication methods, and monitoring practices will provide better insight into risk.
Implications for Market Conditions and Risk Assessment
The data from early 2026 highlights important remote access practices among cyber insurance applicants. These trends have direct implications for market conditions and risk evaluation, and could be driving softer market conditions. But as the easier exploitations offered by RDP and VNC become less available, hackers shift to new tactics that target VPNs, such as misconfigurations and unpatched vulnerabilities.
Key Takeaways for Cyber Insurers
The near elimination of public Internet-facing RDP and VNC access reduces a common attack surface.
VPN adoption is not a straightforward indicator of risk without further context.
Insurers should focus on detailed analytics of remote access controls, including authentication strength and patch management.
Caution: fewer legacy remote access options won't stop attackers from attacking modern VPN remote access methods.
Advice for Applicants Seeking Cyber Insurance
Avoid exposing RDP, VNC, or similar protocols directly to the Internet.
If using VPNs, ensure strong authentication and continuous monitoring are in place.
Disable all types of remote access (including VPN) if your business needs do not justify the risk of cyber attack.
Moving Forward with Remote Access Security
The evolving landscape of remote access demands ongoing attention from both cyber insurers and applicants. The low rate of risky remote desktop exposure is encouraging, but vigilance remains essential. VPNs and other remote access methods require careful management to avoid becoming weak points.
Cyber insurers can use these insights to refine their analytics and better understand market conditions. Applicants benefit by aligning their remote access practices with security expectations, improving their chances of favorable insurance terms.
By focusing on clear, measurable controls and transparent communication, the cyber insurance community can support stronger defenses against remote access threats and reduce overall cyber risk.
Follow BreachBits on LinkedIn for more Pulse Check insights: insurance observations from the hacker's perspective.
Comments