As the cyber landscape continues to evolve, insurers are adjusting their approach to address emerging risks tied to data privacy and artificial intelligence (AI). A recent panel at the WSIA Annual Marketplace in San Diego, hosted by AM Best, brought industry experts together to explore how these shifts are influencing the cyber insurance market. Panelists highlighted key issues, including unauthorized data collection, AI-related challenges, and the increasing complexity of managing third-party vendor risks.

AI and Data Privacy in Focus

Deuayne Crawford, head of wholesale cyber and technology underwriting for AXA XL, emphasized the growing concerns around unauthorized data collection practices. Crawford explained how new technologies, such as pixel tracking, are often used without proper disclosure or user consent, raising significant privacy and regulatory issues.

The discussion also highlighted how AI is introducing risks related to intellectual property infringement and privacy violations. David Blades, associate director at AM Best, noted that while AI offers many benefits, it also presents new security challenges that the industry is still grappling with.

“Cyber risk is fast-moving, and it’s going to need innovative insurance solutions,” Blades said, stressing the need for flexible, tailored coverage—particularly from surplus lines markets, which are better suited to addressing these dynamic risks.

The Role of Third-Party Vendors

Another major area of concern discussed by the panel was third-party vendor risk. Many companies outsource their technology needs to external providers, which creates vulnerabilities if those vendors fail to secure data properly. Crawford pointed out that even when the fault lies with a third party, the client often bears the brunt of the impact.

“Clients rely heavily on third-party vendors for technology, and if those vendors encounter issues, the repercussions can be significant,” Crawford warned.

Multidisciplinary Approach to AI Risks

Steve Robinson, national cyber practice leader for RPS, observed that AI is no longer just a technological issue. It has become a multidisciplinary concern involving legal, human resources, and marketing departments. AI technologies like pixel tracking are prompting marketing teams to join the risk management conversation, further complicating the landscape for companies.

“Marketing teams now need to be part of the risk management strategy,” Robinson said, pointing to the importance of cross-departmental collaboration to address these new risks.

Capacity and Pricing Remain Favorable

Despite several high-profile cyber incidents in 2024, the panelists expressed optimism about the current state of the market. Robinson noted that while specific industries have been hit hard by certain breaches, the small and medium-sized enterprise (SME) sector has been less affected.

He also mentioned that these breaches were often resolved quickly, with minimal market disruption. “It didn’t have the reverberations through the market that we initially feared,” he said, crediting the quick responses of IT teams working to mitigate the damage.

The Future of Cyber Insurance

Looking ahead, the panelists agreed that flexibility will be crucial for insurers as they navigate the fast-changing world of cyber risks. The surplus lines market, in particular, was highlighted as well-positioned to provide the tailored solutions necessary to address these emerging challenges.

“Cyber risks are dynamic and require insurers to continually innovate with their coverage options,” Robinson said, emphasizing that insurers must stay ahead of emerging risks to better serve their clients.

As the cyber insurance market continues to adapt to these new realities, companies will need to stay vigilant about evolving threats and work closely with insurers to ensure they have the right coverage in place.

 #CyberInsurance, #AIrisks, #DataPrivacy, #EmergingThreats, #CyberSecurity, #SurplusLines, #RiskManagement, #ThirdPartyVendorRisk, #InsuranceInnovation, #WSIA