How AI and LLMs are revolutionizing cyber insurance

Solving the widening cybersecurity insurance gap that prevents companies from purchasing or renewing policies must start with risk assessments based on AI-driven real-time insights.

Cyber ​​insurers are focused on helping customers reduce the chance of a breach by continually improving and expanding cybersecurity strategies. Real-time risk assessments, underwriting improvements, streamlining claims processing and resilience planning all need to be improved, with AI delivering solid wins for each.

“It reduces claim costs, which reduces insurance premiums. We can offer better pricing and better coverage by ensuring they have good endpoint detection and response (EDR). And that’s the hope to make it more accessible to these smaller organizations and increase overall awareness. No one wants incidents,” said Anthony Dagostino, Global Chief Cyber ​​Underwriting Officer for Commercial Lines at AXA XLtold VentureBeat in a recent interview.

The current state of cyber insurance

Ransomware, social engineering, phishing and privileged access attacks increase premiums, making cyber insurance unaffordable for many businesses. Ransomware attacks were the top driver of cyber insurance claims in early 2024, followed by supply chain attacks and business email compromise (BEC) attacks. According to US sources, BEC attacks will double by 2023 Verizon. Supply chain attacks continue to increase, with twice as many attacks occurring 2023 compared to the previous three years combined. Software supply chain costs companies $46 billion in 2023.

Source: Munich RE, Cyber ​​Insurance Risks and Trends 2024

“Cyberinsurance is sometimes considered a discretionary insurance purchase. It is not required like workers’ compensation in the United States or real estate. So either you have a contract that requires you’ve had an incident and you know you need it, or one of your competitors has had an incident and you know you probably need it,” Dagostino told VentureBeat.

An industry ripe for AI-driven improvements

Nearly all organizations are struggling to afford cyber insurance due to rising premiums, particularly affecting small and medium-sized businesses (SMBs). More than one in four or 28% of SMEs surveyed received no coverage. If they obtain a policy, SMBs are more likely to face significant coverage exclusions and require multiple claims.

General, 67% of organizations said their premiums increased by 50 to 100% last year when they applied for or renewed their policy. All respondents to a recent survey did new exclusions in their policy, which does not cover some attack-related costs.

Organizations are often forced to make a trade-off between purchasing cyber insurance or adding more applications and services to defend against attacks. “We work with customers to estimate the return on investment dollars and cents on where they really need to focus their energy to make them safer,” Ann Irvine, Chief Data Scientist and Vice President of Product Management at Resilience Insurance, told VentureBeat. “This allows us to help them decide whether to invest in new tools or improve the management of existing tools.”

“The better we understand what tools a customer has deployed and how they deployed them, the more effectively we can engage with them on an ongoing basis to ensure they are mitigating their cyber risks during the policy period,” Irvine said.

Cyber ​​insurers are also looking to AI to reduce the time and cost of real-time risk assessments $10,000 to $50,000 per assessment and takes four to six weeks to complete. AI also streamlines the underwriting process, reducing the typical workflow from weeks to days, improving efficiency by maximum 70%. Traditional claims processing costs an insurer an average of €15,000 per claim due to manual processing, which can take up to six months.

AI-based systems significantly reduce claim processing time 80%. Bij-Bay, Corvus Insurance, Cowbell Cyber, Upfort And Resilience insurance provide AI-based solutions to help streamline cyber insurance.

CrowdStrike’s platform strategy for improving insurability

CrowdStrikes launch of Falcon for insurability defines a new era in how AI and LLMs are revolutionizing cyber insurance. The new program is designed to give cyber insurers the flexibility they need to provide their customers and prospects with AI-native cyber protection using the CrowdStrike Falcon cybersecurity platform at preferential rates. Daniel Bernard, chief business officer at CrowdStrike, told VentureBeat during a recent interview that he predicts the premium reduction will be between 10 and 30%.

“This initiative ensures that large parts of the market that were not eligible for cyber insurance are eligible. For those with Falcon, it becomes less expensive to get the cyber insurance they want and need. Insurers can now quantify risk in ways not previously possible, allowing them to make smarter underwriting decisions,” Bernard told VentureBeat.

According to IDCorganizations can do that detects 96% more threats in half the time compared to other vendors and conduct surveys 66% faster with the Falcon platform. CrowdStrike’s goal in offering Falcon for Insurability is to enable insurers, including Ascot Group, AXA XL, Beazley Insurance, Berkley Cyber ​​Risk Solutions, Coalition and Resilience, to reduce insurance risk knowing their insured customers have a market-tested AI platform that can continue to scale and enable stronger cyber resilience.

“I think what we’re finding now is that we’re bringing these types of partnerships together. It reduces claim costs, which reduces insurance premiums. We can offer better preferred pricing and coverage by ensuring they have good EDR. And that’s the hope to make it more accessible to these smaller organizations and increase overall awareness. Nobody wants incidents,” Dagostino said.

Getting AI right in cyber insurance has to start with people

It has become a requirement to have human-in-the-middle AI workflows and architectures in cybersecurity, and that is permeating cyber insurance as well. CrowdStrikes’ Managed Detection and Response (MDR) service is an example of why human-in-the-middle is essential. “Our AI-powered defenses, combined with human expertise, create an infinite loop where everything is constantly improving. That is why cyber insurers are keen to join us,” Bernard told VentureBeat.

Irvine from Resilience agrees.” We use a very structured approach to elicit information from experts. We kind of have, well, we have exercises to calibrate experts to help them think probabilistically. We then ask them very targeted questions, where their answers can be used directly as data to influence our models,” says Irvine.

“One of the things about cyber insurance that makes it so challenging as an industry unlike any other type of insurance we have out there is the actuarial calculation,” Elia Zaitsev, CTO at CrowdStrike, told VentureBeat.

Zaitsev continued, “So the reason traditional insurance works is that you can socialize the risk, right? And you don’t run all the risks if you shoot in one shot. But when you think about how cyber insurance works, think about things like WannaCry and NotPetya, where you have more of a global systemic problem. If everyone gets hit with the same ransomware at the same time, the potential for that kind of destroys the actuarial map of cyber insurance.”

Knowing predictive attack paths is essential

Traditional insurance models that socialize risk and cover isolated incidents don’t work for cyber insurance. What is needed are advanced AI and Large Language Model (LLM) technologies that help identify and anticipate potential routes that attackers can take to exploit vulnerabilities within an organization’s infrastructure. Zaitsev told VentureBeat that predictive attack paths are a game changer for cyber insurers, providing proactive rather than reactive cyber defenses.

Predictive attack paths provide the real-time insights needed to reduce the risk and likelihood of an attack. Reducing risks helps keep premiums affordable and policies feasible for a broader group of customers. They also provide greater stability for cyber insurers by reducing the potential for widespread risk of simultaneous, large-scale cyber events.

Falcon for Insurability is addressing these challenges and leveraging the company’s years of experience using AI to help stop breaches. Zaitsev told VentureBeat. “We’re going to significantly reduce your rates if you use technology like CrowdStrike because the systematic risk makes it very difficult for us to write policies that are, quite frankly, affordable for the average business.”

Making cyber insurance more accessible

Organizations can spend months going through the application process to obtain cyber insurance, only to be rejected without explanation. A common vision among all suppliers is to remove the barriers for companies that have been rejected for insurance in the past. The goal is to identify which tools, apps, and platforms their customers need to reduce the chance of a breach.

VentureBeat believes more cybersecurity platform vendors will emulate Falcon for Insurability, seeking the win/win of reducing the risk of a breach that will lower premium costs while increasing market share among SMB, mid-market and enterprise customers that are served via channels and shared with cyber insurers.