We’ve reported extensively about the impact of GenAI on the cyber insurance industry, from its use by hackers to predictions it will “revolutionize” the industry. Information Week has some interesting observations from Nathan Smolenski of cybersecurity provider Netskope. A couple:
Underwriters need to defend against “Data/AI model poisoning: …The GenAI models themselves must also be protected as if they were source code” to prevent un/intentional insertion of faulty or even maliciously generated data into AI model used for underwriting. The author recommends referring to NIST’sTrustworthy & Responsible AI Resource Center.
Cyber liability insurance buyers should leverage AI to move beyond old processes for evaluating and purchasing cyber liability insurance (and new insurtechs are making this easier with their combined security/application/underwriting platforms). “Cyber insurance is often purchased by the same person or team within the CFO’s office who is making all other insurance decisions for the company. The only time security or IT people may get involved is when they’re asked to fill out some kind of kludgy survey,” notes the article.