RANCHO MIRAGE, Calif. — Intelligent automation and machine learning technologies can help businesses and their insurers deal with cyberattacks in microseconds, experts say.
Companies should leverage these advanced technologies to bridge the gap between the rapid speed of attacks and their cybersecurity response time, attendees at the Captive Insurance Companies Association 2023 International Conference were told last week.
Information technology organizations use “bows and arrows” to respond to bad actors using high-velocity attacks, said Michael Steep, Stanford, Calif.-based founder and executive director of the Disruptive Technologies Program at Stanford University and CEO of consulting firm Transform Innovation Ventures.
“The problem is that the technology to combat (attacks) is super slow and in some cases outdated. That̵7;s why cyber insurance is now experiencing this major financial crisis,” Steep said during a panel session at CICA.
“We can’t figure out what the risk factor is in a quick enough time to be able to address these issues,” he said.
In addition, nation-state-backed hackers are manipulating information via artificial intelligence, leading to greater vulnerabilities in high-velocity attacks.
“We need to rethink how we can enable one-second responses to data breaches,” Steep said.
The problem is there’s been a disconnect, said Stephen Cardot, CEO of CloudCover, a Minneapolis-based cybersecurity firm.
While the insurance industry traditionally looks back at historical loss scenarios and loss ratios, companies are starting to think about cybersecurity strategies that anticipate cyber threats, he said.
“People can be intimidated, but AI is frankly a useful tool when applied correctly. I don’t refer to AI as artificial; it’s actually augmented, or autonomous, or automated intelligence,” Mr. Cardot said during the panel discussion.
AI-generated technology and machine learning are “a game changer” because they can help insurers and other businesses predict cyber threats before they happen and address them in real time, he said.
The overall cyber insurance market was estimated at roughly $10 billion in premiums by 2022, but is expected to grow to $25 billion by 2025, said Nick Pearson, Tampa, Fla.-based vice president of BMS Group Ltd.
“It’s been a very tough market and that means prices are going up, up, up,” Pearson said during the panel session.
In 2021, prices increased by up to 400%, but since then cyber prices have “flattened”, with some books seeing increases more in the 10 to 50% range, he said. Warranty discipline and safety protocols have improved, while losses have increased, he said.
Increased use of AI, including chatbots like ChatGPT, raises risk concerns, but it also presents opportunities to improve risk management, Mark Field, director, risk and insurance operations team, Office of the General Counsel, at Sutter Health, a Sacramento, Calif.-based health care system, said during another panel session at the CICA conference.
“Risk management and underwriting decisions or events are driven by data,” said Mr. Field.
“Think of yourself as a primary care physician and your patients are your insurance claims information, insurance information, exposure information. Wouldn’t it be nice if you could get help pulling data information from big data sets to make better decisions?” he said.
There is a trend toward AI improving decision-making by risk managers and insurance companies, he said.