How AI and LLMs are revolutionizing cyber insurance

Solving the widening cybersecurity insurance gap that drives businesses away from purchasing or renewing policies needs to start with risk assessments based on AI-driven real-time insights. 

Cyber insurers are focused on helping clients reduce the probability of a breach by continually improving and augmenting cybersecurity strategies. Real-time risk assessments, underwriting improvements, streamlining claims processing, and resilience planning all need to be improved with AI delivering solid gains to each. 

“It’s reducing claims costs, which reduces insurance premiums. We can give better-preferred pricing and better coverage by ensuring they have good endpoint detection and response (EDR) in place. And that’s the hope to make it more accessible for these smaller organizations and just increase awareness overall. Nobody wants to have incidents,” Anthony Dagostino, Global Chief Cyber Underwriting Officer for Commercial Lines at AXA XL, told VentureBeat in a recent interview. 

The current state of cyber insurance 

Ransomware, social engineering, phishing, and privileged access credential attacks increase premiums, making cyber insurance unaffordable for many businesses. Ransomware attacks were the primary driver of cyber insurance claims in early 2024, followed by supply chain attacks and business e-mail compromise (BEC) attacks. BEC attacks doubled in 2023, according to Verizon. Supply chain attacks continue to increase, with twice as many occurring in 2023 compared to the previous three years combined. Software supply chain cost businesses $46 billion in 2023.

Source: Munich RE, Cyber Insurance Risks and Trends 2024

“Cyber insurance is sometimes considered as a discretionary insurance purchase. It’s not required like workers’ comp in the states or property. So it’s either you have a contract that’s requiring it you had an incident, and you know that you need it, or one of your competitors had an incident and you know that you probably need it,” Dagostino told VentureBeat.

An industry ripe for AI-driven improvements

Nearly all organizations struggle to afford cyber insurance due to rising premiums, with small- and medium businesses (SMBs) being particularly impacted. More than one in four or 28% of SMBs surveyed, had been denied coverage. If they’re granted a policy, SMBs are more likely to face significant coverage exclusions and require multiple claims. 

Overall,  67% of organizations said their premiums had increased between 50 to 100% when they applied for or renewed their policies last year. All respondents to a recent survey had new exclusions in their policies, with some attack-related expenses not covered. 

Organizations are often forced to make trade-offs between purchasing cyber insurance or adding more applications and services to defend against attacks. “We work with customers to estimate those return on investment dollars and cents on where they should really focus their energy to make them more secure,” Ann Irvine, Chief Data Scientist and Vice President of Product Management at Resilience Insurance told VentureBeat. “This allows us to help them decide whether to invest in new tools or improve the management of existing ones.”

“The more we understand the tools a customer has deployed, how they have them deployed, the more effectively we can continuously engage with them to ensure they are mitigating their cyber risk during the policy period,” Irvine said.

Cyber insurers are also looking to AI to reduce the time and costs of real-time risk assessments that can cost between $10,000 to $50,000 per assessment and take between four to six weeks to complete. AI is also streamlining the underwriting process, reducing the typical workflow from weeks to days improving efficiency by up to 70%. Traditional claims processing costs an insurer an average of $15,000 per claim due to manual handling, which can take up to six months. 

AI-based systems are cutting claim processing times by over 80%. At-Bay, Corvus Insurance, Cowbell Cyber, Paladin Cyber and Resilience Insurance are providing AI-based solutions to help streamline cyber insurance. 

CrowdStrike’s platform strategy for improving Insurability 

CrowdStrike’s launch of Falcon for Insurability defines a new era in how AI and LLMs are revolutionizing cyber insurance. The new program is designed to give cyber insurers the flexibility they need to provide their clients and prospects with AI-native cyber protection using the CrowdStrike Falcon cybersecurity platform at preferred rates. Daniel Bernard, chief business officer at CrowdStrike, told VentureBeat during a recent interview that he predicts the reduction in premiums will be in the 10 to 30% range.  

“This initiative enables huge swaths of the market that were ineligible for cyber insurance to become eligible. For those with Falcon, it becomes less costly to obtain the cyber insurance they want and need. Insurers can now quantify risk in ways they couldn’t before, making smarter underwriting decisions,” Bernard told VentureBeat.

According to IDC, organizations can detect 96% more threats in half the time compared to other vendors and conduct investigations 66% faster with the Falcon platform. CrowdStrike’s goal in offering Falcon for Insurability is to enable insurers, including Ascot Group, AXA XL, Beazley Insurance, Berkley Cyber Risk Solutions, Coalition and Resilience, to reduce underwriting risk knowing their insured clients have a market-tested AI platform that can continue to scale and deliver hardened cyber resilience. 

“I think what we’re finding now is we bring these types of partnerships together. It’s reducing claims costs which reduces insurance premiums. We can give better-preferred pricing and better coverage by ensuring they have good EDR in place. And that’s the hope to make it more accessible for these smaller organizations and just increase awareness overall. Nobody wants to have incidents,” Dagostino said.

Getting AI right in cyber insurance needs to start with people 

It’s become table stakes to have human-in-the-middle AI workflows and architectures in cybersecurity, and that’s permeating cyber insurance as well. CrowdStrikes’ Managed Detection and Response (MDR) service is an example of why human-in-the-middle is essential. “Our AI-powered defenses, combined with human expertise, create an infinite loop where everything improves continuously. This is why cyber insurers are eager to join us,” Bernard told VentureBeat. 

Irvine at Resilience agrees.”We take a really structured approach to eliciting information from experts. We have very sort of, well, we have exercises for calibrating experts to help them think probabilistically. Then we ask them very targeted questions that can be where their responses can directly be used as data to influence our models,” Irvine said.

“One of the things about cyber insurance that makes it so challenging as an industry that is different from every other kind of insurance we have there is the actuarial calculation,” Elia Zaitsev, CTO at CrowdStrike, told VentureBeat.  

Zaitsev continued, “So the reason that traditional insurance works is you can socialize the risk, right? And you don’t have all the risks firing at once. But if you think about how cyber insurance works, think about things like WannaCry and NotPetya, where you have more of a global systematic issue. If everyone gets hit with the same ransomware at once, the potential for that kind of destroys the actuarial map of cyber insurance.”​

Knowing predictive attack paths is key 

Traditional insurance models that socialize risk and cover isolated incidents don’t work for cyber insurance. What’s needed are advanced AI and large language model (LLM) technologies that help identify and anticipate potential routes attackers might take to exploit vulnerabilities within an organization’s infrastructure. Zaitsev told VentureBeat that predictive attack paths are a game changer for cyber insurers because they provide proactive rather than reactive cyber defense. 

Predictive attack paths provide the real-time insights needed to reduce risk and the probability of an attack. Reducing risk helps keep premiums affordable and policies feasible for a broader base of clients. They also bring greater stability to cyber insurer by reducing the potential of a widespread risk of simultaneous, large-scale cyber events. 

Falcon for Insurability takes on these challenges, capitalizing on the company’s many years of experience using AI to help stop breaches. Zaitsev told VentureBeat. “We are going to lower your rates a lot if you’re using technology like CrowdStrike because otherwise, the systematic risk makes it very difficult for us to write policies that are, frankly, affordable by the average company.”

Making cyber insurance more accessible 

Organizations can spend months going through the application process to get cyber insurance, only to be rejected with no explanation. A common vision all vendors have is to remove the barriers in front of companies that have been rejected for insurance in the past. Identifying which tools, apps and platforms their customers need to reduce the probability of a breach is the goal. 

VentureBeat believes more cybersecurity platform vendors will emulate Falcon for Insurability, looking for the win/win of reducing the risk of a breach that will drive down premium costs while increasing market share across SMBs, mid-tier and enterprise customers served through channels and shared with cyber insurers.