AI Risk Worries Insurers & Businesses Alike
As companies adopt AI, many insurance firms are explicitly excluding AI risks, while others are forging ahead to create the right framework. What risks can firms reasonably manage?
Insurance shapes how cyber risk is priced, transferred, and investigated, influencing breach costs, security incentives, and liability.
Search across headline titles and summaries.
Background for this topic.
Cyber insurance transfers some financial risk from security incidents to an insurer under a contract. Policies may cover first-party costs such as forensic investigation, system restoration, notification, and interruption of the insured’s business, as well as third-party privacy or security claims. Coverage depends on limits, deductibles, exclusions, and the policy’s definitions; regulatory penalties and ransom payments, for example, may be restricted or unavailable in some jurisdictions.
For security practitioners, insurance makes evidence of controls an operational and legal concern. Underwriting and claims may examine multifactor authentication, protected backups, logging, vulnerability remediation, access control, and tested incident-response plans. Inaccurate application answers or failure to meet policy conditions can reduce or invalidate recovery. During a claim, organizations may also share sensitive personal, technical, and investigative information with insurers, brokers, lawyers, and responders, requiring careful privacy, confidentiality, and evidence-handling practices.
Weekly headline count for the current query.
As companies adopt AI, many insurance firms are explicitly excluding AI risks, while others are forging ahead to create the right framework. What risks can firms reasonably manage?
Cyber insurance coverage is slowly changing, and some policies may not provide coverage for social engineering attacks like ClickFix.
The cyber insurance industry has made relatively weak inroads into Asia due to a variety of factors, but that could be changing.
In this latest installment of the Reporters' Notebook video series, we discuss how cyber insurance is forcing organizations to quantify risk, what's covered (and what's not), and why this could be the best thing to happen to cybersecurity.
An analysis of cyber-insurance claims data shows which cyber defenses actually work for policyholders. Here are six technologies that will pay off for companies in 2026.
Managing general agents help insurers navigate sectors where they lack expertise. A cybersecurity policy written by an MGA is more likely to reflect an understanding of the risks CISOs deal with.
With nearly 47,000 CVEs expected by the end of the year, organizations must balance comprehensive vulnerability management with strategic cyber insurance policy selection to effectively navigate this rapidly evolving threat landscape.
Though the company is informing its customers of the breach, Farmers isn't publicly divulging what kinds of personal data were affected.
Have I Been Pwned claims that the compromised data includes physical addresses, dates of birth, phone numbers, and more, for life insurance customers.
Security budgets are lowest in healthcare, professional and business services, retail, and hospitality, but budget growth remained above 5% in financial services, insurance, and tech.
The company has yet to report an exact number of how many individuals were impacted by the breach and plans to start the notification process around Aug. 1.
Cyber-insurance premiums continue to decline from their explosive growth from 2020 to 2022, but coverage is more important than ever to manage risks, experts say.
Cyber insurance companies were forced to adapt once ransomware skyrocketed and highlighted crucial security weaknesses among organizations in all sectors.
Insurance experts weigh in how the recent barrage of attacks against UK retailers could affect premium rates and policy requirements, as well as work toward improving risk assessment.
Cyber-insurance carrier Coalition said business email compromise and funds transfer fraud accounted for 60% of claims in 2024.
By focusing on prevention, education, and risk transfer through insurance, organizations — especially SMEs — can protect themselves from the rapidly escalating threats of cyberattacks.
Identity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.
Exposed login panels for VPNs and remote access systems leave companies open to attack, sometimes tripling the risk of ransomware and making it harder to get cyber insurance.
Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates.