The Rising Threat of AI in Cyber Insurance and Vulnerability Management

Ryan Kratz, head of cyber for North America at MSIG, underscores a growing concern within the insurance industry: the expanding capabilities of artificial intelligence (AI) in identifying cybersecurity vulnerabilities and executing attacks. This advancement presents new challenges for commercial insurers, who must address these evolving risks effectively.

The introduction of AI in cyberattacks has significantly lowered the entry barriers for cybercriminals. Hackers, even with limited expertise, now leverage AI to execute attacks directly, bypassing the traditional method of merely probing for vulnerabilities. Previously, AI could identify weaknesses but lacked the capacity to exploit them autonomously. This evolution now permits attacks with minimal human intervention.

Supply-chain risks have also increased, particularly affecting smaller organizations. These firms often underestimate their reliance on technological supply chains. Consequently, insurers are increasingly covering risks associated with contingent business interruption and dependent business interruption, where disruptions in suppliers' operations due to cyber incidents lead to significant downtime.

Despite these threats, the cyber reinsurance market remains robust. Capital and capacity within both direct and reinsurance markets have remained abundant, maintaining stability in current renewals, according to insights from reinsurance brokers.

One notable AI-driven threat, termed "glass-to-ground," has seen significant acceleration. Advanced tools like OpenAI's ChatGPT and Anthropic's Claude can now independently initiate cyberattacks. Initially observed in early 2024, such attacks are expected to become standard practice as the technology progresses. Larger organizations are employing AI to bolster their Chief Information Security Officer (CISO) capabilities, creating a dynamic interplay between protective and offensive AI uses.

To mitigate these risks, Kratz emphasizes the importance of a collaborative approach in cyber insurance. Insurance should not merely transfer risk but act as a partnership. MSIG has been developing a primary product that provides comprehensive oversight of policyholders, including performing external vulnerability scans and notifying insureds of potential risks. Continuous network infrastructure monitoring helps identify and alert organizations to zero-day vulnerabilities.

Overall, integrating AI into cyber strategies—both defensive and offensive—necessitates insurers to rethink their risk management strategies in partnership with tech companies and insureds. This evolving landscape calls for resilient systems to ensure business continuity in the face of increasingly sophisticated cyber threats.