Insurance & Management Strategies to Mitigate AI and Cyber Risks

Businesses face mounting risks that can lead to heavy damage. The cost of a data breach reached an average of $4.88 million in 2024, ten percent higher than the previous year. With increasing reliance on artificial intelligence (AI), businesses need to navigate additional risks as AI’s transformative power introduces opportunities and exposures.

Cyber insurance is a comforting safety net, helping manage and mitigate the impact of cybersecurity incidents, including AI-driven ones. AI also creates new challenges, like algorithmic biases, unpredictable outputs, and AI errors that may result in uninsured exposure if not correctly accounted for in insurance policies.

Even with strong cybersecurity, systems can be breached. Cyber insurance can help cover costs from data breaches, ransomware, and AI risks, though AI-specific coverage is still developing. Many policies offer some AI protection, but specialized coverage for algorithmic bias, large language model (LLM) hallucinations, and regulatory issues are emerging, often with broader protection than traditional policies.

Expect high premiums and low limits, much like early cyber insurance. Insurers may also exclude losses from intentional AI misuse, standard software failures, and breaches not covered in existing policies. Exclusions for noncompliance with data privacy laws may also appear as regulations evolve.

Types of Cyber Insurance Coverage

Businesses should pay particular attention to policy exclusions related to AI use. Standard exclusions might include:

• Black box errors: Many policies exclude coverage for AI decisions that cannot be explained or justified.

  
  

• Acts of war or terrorism: Some policies exclude cyberattacks involving AI systems attributed to state actors or terrorist organizations.

   

• Preexisting conditions: Coverage may be denied for vulnerabilities or issues before the policy’s inception.

   

Regularly Review and Update Your Policy

Regularly reviewing and updating your policies as cyber risks and AI technology evolve ensures your coverage remains adequate to address new AI-related dangers and vulnerabilities. AI systems are continuously improving; your insurance must keep pace with these changes.

Best Management Practices

Strong governance and cybersecurity measures can minimize the likelihood of AI-related incidents. Here are several best practices to mitigate AI risks and improve cybersecurity posture:

• Develop and implement a written information security program.

  
  

• Implement strong governance and oversight policies for AI.

   

• Implement strong access controls for data.

   

• Monitor systems continuously.

   

• Conduct regular cybersecurity audits.

   

• Train employees on risk.

   

• Test incident response plans.