The following article was written in association with Cowbell.
AI could be seen as something of a double-edged sword – especially where cyber insurance is concerned. While the tech offers immeasurable opportunities for organizations, it offers the same benefits to cyber criminals, meaning leaders need to stay ahead of the game in order to mitigate and prevent any attacks.
According to Statista, 52% of companies in the US reported loss of sensitive information thanks to cybercrime in 2024, with 26% involving specific business email compromises. What’s more, the US actually boasts the highest data breach costs globally, averaging $9.36 million per breach, according to Statista. Speaking to Insurance Business, Trent Cooksley (pictured), co-founder & chief operating officer at Cowbell, explained that this rise in cybercrime means the demand for cyber insurance is changing dramatically.
“The demand has gone up considerably in the last few years, which is a good thing for providers, purchasers. However, I would note that there's still a lot of uptake opportunity in the small to medium sized business category in the UK, the US, across Europe and into Asia-Pacific.”
After all, cyber incidents aren’t decreasing – if anything criminals are becoming even more brazen and sophisticated in their attacks.
“At Cowbell, we’re working on continually educating brokers, agents and policy holders on the importance of having coverage and what that means for them,” added Cooksley. “We hear a lot of reasons as to why they haven’t purchased it yet – for instance, organizations have fewer cyber security resources – but that just makes them targets for attackers as much as large businesses are. Organizations need this financial protection but also, and maybe even more importantly, they need expert guidance to navigate this changing landscape.”
The types of threats are also evolving at an exponential rate. It seems as if every other day brings another new, as yet unheard of, criminal gang or incident that rattles IT teams’ boots. Ransomware, according to Cooksley, has spiked significantly – as have social engineering scams, link baiting tricks and deep fakes.
“Data breaches are still an issue too,” he told IB. “Any type of sensitive information loss of customer records triggers a lot of cleanup costs, fines and lawsuits. Business email compromises are increasing as well - the volume of the threat actors ability to scale is really prevalent in the marketplace. And from a pattern standpoint, the attackers are getting craftier too.”
It's about helping businesses not only educate employees in preventative methods but also enabling leaders to act quickly in a curative way – something which is getting increasingly more difficult as cyber criminals upskill their own knowledge base.
“It’s the cyber battle field out there,” added Cooksley. “Especially with AI – that can really turbo charge attackers’ ability to create maliciousness. AI helps them craft emails at scale, making them more convincing because they’re learning what works and what doesn't. From there, they can use machine learning to analyze the behavior - it speeds up vulnerability scouting as well, scanning systems faster than a human could and zeroing in on weak spots. However, on the other side, AI can be a really big benefit for an employer’s protection. AI can sift through lots of data, continuously monitor your network, help spot oddities more quickly and flag potential breaches in real time from anywhere.”
It’s a cat and mouse chase of technology – one which will inevitably spur on advancements within the tech, both helping and hindering employers. One area that organizations should be looking at investing more time and money in the battle against cybercrime is an often overlooked one – your people. As your first line of defense, it’s essential that employees are upskilled to spot both glaring scams and the more nuanced, subtle techniques criminals roll out.
“Your employees are either your biggest defense against cybercrime or your biggest weakness,” added Cooksley. “As such, education is the number one most important thing here. At Cowbell, we offer free training for many of our policy holders which is continually updated to adapt to the new [threats]. It’s about building a mindset – after all, it’s everyone's job being proactive here.”
Looking ahead to what the future holds for cybercrime and its impact on the insurance landscape, Cooksley told IB that coverage will need to adapt as AI does.
“It’s great to see organizations understand the importance of insurance and thinking about what their security apparatus looks like,” he added. “We’re always hearing it from top Fortune 500 companies that cyber is a big concern - but now it's finally getting through to the smaller companies who didn't think they had the exposure.
“Those changes means that policies will have to adapt - there's always new technologies around too. That’s one of the exciting things about the space - it's not a set it and forget it deal.”
