AI and Cybersecurity: Challenges for the Insurance Industry

Advancements in artificial intelligence are enhancing and automating cyberattack capabilities, posing significant challenges for companies. Ryan Kratz, head of cyber for North America at MSIG, a property and casualty insurer, discussed these developments with Digital Insurance. Kratz, an experienced attorney with a decade of expertise in cyber risk, highlighted key areas of concern in the current cyber threat landscape and organizational defense strategies.

Ransomware persists as the most prevalent type of cyberattack, with AI simplifying its execution. Larger enterprises frequently encounter ransomware attacks, often leading to third-party complaints due to associated data exfiltration. These events can result in prolonged legal disputes concerning data privacy. Conversely, smaller organizations are more susceptible to business email compromise, primarily through phishing attacks targeting funds transfer. Attackers meticulously research these organizations, exploiting sectors like real estate where significant funds are regularly transferred.

Large enterprises are actively investing in cyber defenses, allocating substantial budgets for IT and cybersecurity initiatives. While these companies are generally effective in safeguarding their systems, human error remains a potential vulnerability. Comprehensive employee training is conducted, yet a single mistake can trigger a severe ransomware incident, illustrating persistent challenges in cybersecurity risk management.

Insurers and companies are gaining insights from past cyber incidents, recognizing the risks associated with single points of failure in large aggregators like CrowdStrike. Such dependencies can amplify exposure for major enterprises. Consequently, organizations are increasingly aware of the need to bolster redundancies and mitigate aggregation risks, emphasizing the importance of robust regulatory compliance requirements.

Kratz expressed concern about the dual challenge of AI developments and vulnerabilities in supply chain aspects. A significant event affecting key service providers could have widespread implications for organizations and insurers, impacting economic stability. The potential for a major disruption across interconnected systems poses a considerable threat to the insurance industry.

In other industry developments, new policy growth and insurance shopping experienced a downturn in early 2026, as reported by LexisNexis. Additionally, an insurer has filed a legal complaint against Nationwide Mortgage Bankers for allegedly exploiting its branding and creating consumer confusion regarding affiliations. Furthermore, Safepoint Holdings Inc. and its investors are pursuing an initial public offering to raise substantial capital, reflecting how the financial services sector continues to adapt to digital transformation in customer engagement strategies.