New Zealand organisations operating on Microsoft Windows 10 are being urged to reassess their cybersecurity posture and insurance exposure ahead of the software’s upcoming end-of-life milestone.
As of Oct. 14,, Microsoft will no longer offer free security updates or technical support for Windows 10, increasing vulnerability to cyber threats and complicating insurance coverage.
Jamie Hall, business development executive at Ingram Micro NZ, said the looming cut-off could leave businesses exposed.
“Without those security patches or updates coming through, you’re potentially going to be at risk or vulnerable to attacks or other things that might be targeted to devices that are still on Windows 10,” he said, as reported by RNZ. “All of a sudden that’s opening up businesses to potential risk, but it goes a step further because, for example, if a business had cybersecurity insurance, which many do, if you've got an unsupported piece of software, it’s likely it’s not going to be included in that policy.”
Not all users can transition to Windows 11 due to hardware constraints.
Nick Gelling, Consumer NZ product test writer, said this presents an issue for older systems still in circulation. He added that the problem may disproportionately affect vulnerable groups, such as older adults and lower-income individuals.
“We think in New Zealand there’s hundreds of thousands of computers that will be stuck on Windows 10 and unable to make that upgrade, and they’ll be unable to receive security support, which means that the computers are unsafe to use,” Gelling said, as reported by RNZ.
The transition also presents an operational challenge for insurers and brokers, particularly those offering cyber coverage.
Unsupported software could violate key conditions required to trigger coverage, raising questions around claims processing in the event of a breach.
Hall urged business owners to conduct technology audits and develop transition plans well in advance.
A recent Arctic Wolf study found that 85% of organisations in Australia and New Zealand experienced at least one cyber incident in the past year, outpacing the global average.
The report also found that regional firms were more likely to pay ransoms and engage external negotiators following attacks.
Mark Thomas, director of security services for ANZ at Arctic Wolf, said the risks highlight a need for tailored regional responses.
“The 2025 Trends Report shows that security leaders in Australia and New Zealand are facing a different bottom line. Here, organisations are grappling with a unique set of challenges spurred on by stringent regulatory and compliance frameworks and an uptick of ransomware attacks. It’s no surprise that the key drivers for security strategies reflect the broader business trends we’re seeing in region,” he said.
