Overview
- Insurance Companies Using AI
- The Dual Role of AI: Defense Tool and Risk Amplifier
- AI Boosts the Reach of Cybercriminals
- Majority of Cyberattacks Arise from Social Engineering
- Cyber Threats Evolve Daily, Unlike Fires or Thefts
- AI Accelerates Detection, But Also Automates Attacks
- AI Can Detect Patterns. Only People Understand Intent
Few industries remain untouched by artificial intelligence, and insurance is no exception. According to Goldman Sachs’ Global Insurance Survey, 29% of insurers globally already use AI—a figure expected to rise (based on a poll of 359 CIOs & CFOs from insurance companies). Beinsure analyzed the report and highlighted the key points.
Interestingly, according to the National Association of Insurance Commissioners, 42% of insurance companies in America were already using AI.
So, the American market is leading in the adoption of AI and ML tools in insurance. Interestingly, according to the NIAC, insurance companies have already decided whether to use artificial intelligence and in what form.
Thus, according to the NIAC, only 10% of companies were still considering the implementation of artificial intelligence, while 37% had already decided not to use artificial intelligence in their work.
Insurance Companies Using AI
According to the NIAC, the majority of companies that have not yet implemented projects in the field of artificial intelligence stated that the implementation of the technology does not yet present compelling business reasons (56%).
IBM survey of 1,000 global insurance companies and 4,700 insured customers notes that both companies and customers have significantly different views on generative AI expectations and concerns.
At the same time, 25% of companies indicated that they are still waiting for regulatory guidance.
According to the NIAC, 54% of insurance companies already utilize artificial intelligence for pricing. Companies use credit and financial history, public records, demographics, driving behavior, and medical records to prepare personalized offers.
The Dual Role of AI: Defense Tool and Risk Amplifier
In cyber insurance, AI serves as both a defense mechanism and a risk amplifier. BOXX Insurance said companies should treat cyber insurance as a preventive strategy rather than a reactive one, according to Insurance Business Magazine.
AI is now the analyst, the search engine, and the attacker’s tool. We use it to process large volumes of data and detect threats faster. But the same tools are already in the hands of cybercriminals.
This dual use directly impacts threat intelligence services and risk identification. Companies rely on AI to protect clients while understanding that threat actors do the same.
Adoption rate of AI in the insurance industry worldwide
We believe that due to the increased availability of GenAI-related products, companies have further expanded their use of AI, primarily in customer communications and internal document processing systems.
The cyber threat from AI systems remains largely unknown. Amid speculation and sensationalism about how Gen AI will affect the cyber risk landscape, it’s crucial to understand the actual threat.
AI Boosts the Reach of Cybercriminals
Cybercriminals aren’t just adopting AI—they’re scaling with it. “The underground economy is deploying AI faster than most businesses. One-off attacks have evolved into fully automated campaigns. That shift affects how we assess and underwrite cyber risk,” Neil Jardine, Director of Cyber Intelligence and Claims at BOXX Insurance said.
Analysts acknowledge that while AI can reinforce protection, it also enhances attack capabilities.
Cybercriminals adapt as fast as new tech emerges. If a business can’t keep up, those innovations become vulnerabilities. Agility in cybersecurity is as important as strength.
“We’re not repricing policies because of AI—we’re preparing for what’s coming,” Jardine said, pointing to the rise of complex phishing and fraud campaigns powered by generative AI.
Majority of Cyberattacks Arise from Social Engineering
According to Viking Cloud, 98% of cyberattacks—whether targeting individuals or businesses—stem from social engineering. Losses from cybercrime are expected to hit $10.5tn by 2025 and may grow to $15.63tn by 2029.
10 years ago, phishing emails were full of mistakes. Now, generative AI crafts messages that are grammatically clean and psychologically effective. People need new instincts, not checklists.
The risk goes beyond text. AI now mimics voices of company executives and loved ones.
We’ve seen deepfakes impersonating CEOs and relatives. Trust becomes a weapon. Businesses must train teams to question even familiar voices.
Despite the rising complexity, Jardine stressed the importance of fundamentals.
Cyber Threats Evolve Daily, Unlike Fires or Thefts
Criminals put 100% of their resources into finding vulnerabilities. Companies can’t afford to spread their defenses too thin. That’s why insurance must go beyond covering losses—it needs to anticipate threats.
If you insure physical assets but ignore digital ones, you’re stuck in the past. A stolen laptop is replaceable. But if your systems are encrypted or data leaks, the damage hits reputation, trust, and your position in the market.
Generative artificial intelligence is considered one of the most important technological breakthroughs of the last few decades.
Munich Re Group sees great opportunities for insurers – if they explore the possibilities of the new technology and understand its risks.
There are many ways organizations could revolutionize their respective industries by applying Gen AI to routine business functions.
For example, in insurance, Gen AI can assist underwriters evaluating risks by analyzing vast amounts of data, including historical claims, customer information and internal/external cybersecurity factors.
By summarizing risk profiles, Gen AI can help underwriters develop the appropriate coverages and make more informed decisions quickly. However, artificial intelligence technology in insurance also presents new cybersecurity risks.
While Gen AI can be used to improve operational efficiency, it also opens doors for malicious actors to exploit its capabilities for cyberattacks.
AI Accelerates Detection, But Also Automates Attacks
The same tech that defends can also exploit. Amid rising tensions and shifting priorities between global powers in cyberspace, the main threat to businesses is the growing professionalism of cybercriminals who carry out sophisticated attacks with impunity from hostile nations, according to Howden’s Cyber Report.
Whilst ransomware and systemic risk continue to dominate the cyber threat landscape, another major and relatively new development has been the explosion of Gen AI.
AI can scan the internet, identify a vulnerability, exploit it, and launch malware—without human input. The first human interaction often comes when the victim calls the attacker’s fake help line.
In this automated threat landscape, human involvement matters more than ever. RDT research found that while customers value AI speed, 88% believe it should complement, not replace, human judgment.
AI Can Detect Patterns. Only People Understand Intent
The strongest defense is human-AI collaboration. That’s how we train systems and clients—work with the technology, don’t blindly trust it.
Gen AI offers opportunities for both cyber attackers and defenders, poised to significantly impact the threat landscape by enabling more advanced attacks from skilled actors and lowering entry barriers for novice hackers.
Fortunately, new AI-driven defenses are rapidly developing, and effective use of traditional risk controls can enhance resilience.
Despite the highly fluid threat environment, the foundations for a mature cyber (re)insurance market are now in place with the prospect of steady exposure-led growth, ongoing profitability and innovation.
Large language models (LLMs) enable higher-quality, scalable social engineering, including phishing and deep fakes. They also allow quicker vulnerability identification, potentially expanding the initial attack footprint.
These capabilities could accelerate attack escalation, raising global cyber event frequency through smaller incidents reaching material thresholds. Existing material events may also impact more companies due to AI-driven expansion of attack footprints.
Competition is returning to the market as improved cyber hygiene has mitigated losses and delivered strong underwriting performance.
FAQ
As of the Goldman Sachs Global Insurance Survey, 29% of insurers globally use AI, a figure expected to rise. In the U.S., 42% of insurers already use AI, according to the National Association of Insurance Commissioners (NAIC), making it a leading market in AI adoption.
Among insurers that haven’t adopted AI, 56% say there’s no compelling business reason. Another 25% are waiting for regulatory clarity. Only 10% are still evaluating implementation.
54% of insurers use AI for pricing, analyzing credit scores, financial history, public records, demographics, and behavioral data. Generative AI is also used in customer communication, underwriting, and document processing.
AI functions as both a defensive tool and a threat. Insurers use it to detect cyber threats and assess risk. However, cybercriminals also use AI to automate attacks, increasing the complexity and frequency of cyber incidents.
Generative AI enables high-quality phishing, deepfakes, and voice mimicking. 98% of cyberattacks stem from social engineering. Attackers now use AI to scale campaigns, impersonate individuals, and bypass traditional security layers.
Insurers are not repricing based on AI risk yet but are preparing for more sophisticated attacks. They focus on preemptive strategies and enhanced cyber hygiene, while maintaining core underwriting principles.
AI enhances speed and scale but lacks human judgment. 88% of insurance customers believe AI should support, not replace, human decision-making. The strongest risk strategies blend AI tools with expert oversight.
…………………….
AUTHOR: Peter Sonner — Cyber and Tech Editor at Beinsure Media
