all you need to know from Coalition's 20-page cyber report in 1 email

Reading time: 5 minutes

Welcome to the Pride,

Every week, we review 200+ insurance articles, so you don't have to. In this newsletter, we highlight three events that caught our attention.

3 artificial intelligence insurance news we will dAIve into today:

(bad dad joke!)

1) Deepfakes: A New Threat to Financial Institutions

New technologies open new possibilities.

On the positive, AI is transforming business, offering increased efficiency and cost savings. But AI also introduces new risks, like deepfakes.

What is a deepfake?

Deepfakes leverage AI to create realistic but fake videos and audio.

Here's an example:

https://www.tiktok.com/@deeptomcruise/video/7223086851236646149?lang=en

This is not Tom Cruise. It's a deepfake of Tom Cruise. Scary, right?

Deepfakes are dangerous because they can make it appear as though someone said or did something they never did (source).

Here are 4 threats deepfakes to your financial institution:

1. Fraud: Deepfakes can be used to trick people into giving up money or personal information. For example, someone could create a deepfake of your CEO asking an employee to transfer funds.
2. Reputational Damage. A deepfake that goes viral on social media can hurt your company's reputation. This can lead to lost customers and revenue.
3. Legal Issues. Deepfakes can be used to create false advertising or violate someone's privacy. This could lead to lawsuits.
4. Regulatory Scrutiny. If a deepfake causes a data breach or other security incident, regulators could investigate and fine your company.

And there's another problem:

Right now, there's no easy answer about which insurance policy will cover a deepfake claim.

Several insurance policies might offer some protection, including:

• Commercial General Liability (CGL)
• Cyber Insurance
• Media Liability Insurance:
• Directors and Officers Liability (D&O)
• Errors and Omissions/Professional Liability Insurance
• Commercial Crime Insurance

But just because you have one of the above, it doesn't mean you're covered.

Policy wording is crucial. Coverage gaps and exclusions could leave your institution vulnerable.

So what?

The insurance industry is in uncharted territory with deepfakes.

No one's quite sure which policies will respond when a deepfake incident hits. That uncertainty is a major problem for financial institutions.

Why?

Because deepfakes present some unique challenges:

1. Your current policies likely have significant gaps in deepfake coverage
2. Regulators are paying close attention, and it's unclear if your insurance will protect you from their scrutiny
3. A viral deepfake could devastate your reputation
4. The technology is evolving faster than insurance solutions can keep up

As with any crisis, you need to be proactive.

Don't wait until a digital impersonation of your CEO starts making headlines. Start talking with your broker about deepfakes today.

Deepfakes have concerned us at LION for a while. So we're updating our coverage requests for underwriters - to accommodate this new demand.

We've been working on language that might be able to fill those coverage gaps and provide you with more comprehensive protection.

If you want to learn more about our Lloyd's manuscript, read this edition. To contact us, click here.

2) Cyberattacks Surge: Ransomware and BEC on the Rise

The cyber threat landscape is kinda like the hairstyle of David Beckham:

Changing by the day.

Coalition recently released their influential mid-year cyber claims report (source). We read it so you don't have to.

Here are our 3 big takeaways from the 20-page report:

1. Ransomware is back with a vengeance. Even though ransomware attacks are happening less frequently, they're causing more damage when they do occur. The average ransomware loss in the first half of 2024 was $353,000, a 68% jump from the previous six months.
2. Business email compromise (BEC) is still the biggest problem. At a BEC attack, hackers trick employees into sending money or sensitive information. These attacks remain the most common type of cyber incident.
3. Third-party disruptions are a growing threat. A single cyber incident can ripple through entire industries. The recent high-profile attacks on companies like Change Healthcare and CDK Global served as a reminder of that.

Many businesses rely on the same technology and how vulnerable they are -

One outage can knock out a whole industry.

Threat actors are using new tactics (like deepfakes) to exploit these weaknesses.

So what?

It's not only about preventing attacks. Black Swan events will happen. Instead, focus on minimizing the damage when disruptions inevitably happen.

After the CDK Global and Crowdstrike crises, we're seeing insurers ask tougher questions about cyber. Specifically about incident response plans and third-party risk management.

What does this mean for you?

Institutions that prove a proactive approach to cyber risk will be in a better position to secure favorable coverage.

You can't afford to be complacent.

Here's 3 things we're advising our clients to do:

1. Review your cybersecurity controls. Make sure you have strong defenses in place to prevent and detect attacks. This includes things like multi-factor authentication, endpoint security, and regular vulnerability scanning.
2. Strengthen your incident response plan. Have a clear plan in place for how you'll respond to a cyberattack. This should include steps for containing the damage, restoring systems, and communicating with stakeholders.
3. Scrutinize your third-party vendors. Understand the cyber risks posed by your vendors and make sure they have adequate security measures in place.

...and prepare answers to questions about #1, #2, and #3 to your insurers.

Expect more questions about your controls and response plans during upcoming renewals.

Contact LION Specialty to discuss how these trends may affect your cyber insurance program. We can help you navigate these conversations with underwriters and secure the best possible terms.

3) OpenAI's New "Thinking" AI Could Reshape Insurance

OpenAI recently released a major update to ChatGPT called "o1".

This new AI can "think" - it asks itself extra questions to solve problems and avoid mistakes. It's a massive step towards making AI more reliable and useful for complex tasks. (source)

We'll get to why that's a big deal in a second...

But first, here are some benchmarks:

• It can break down complex problems into steps, like human reasoning.
• It reduces "hallucinations" (making things up) by double-checking its work.
• The model placed among the top 500 students in a qualifier for the USA Math Olympiad. (Imagine a team of actuaries that never sleep.)
• o1 exceeds human PhD-level accuracy on benchmarks of physics, biology, and chemistry problems.

Think of it like this.

Before, ChatGPT was like a student who could memorize facts but struggled to apply them. Now, it's like that student has learned to think critically and solve problems (source).

While AI won't replace human experts anytime soon, it will help them become more effective.

AI does the heavy lifting, so your team can focus on strategy and client service. That's a win-win.

Here are two areas we’re applying this tech:

1) Smarter Risk Analysis:

We're exploring how to teach AI to understand different types of risk exposures.

Imagine an AI that can:

1. Quickly analyze a submission
2. Highlight key risk factors, and
3. Create a concise summary for underwriters

This could help underwriters get comfortable with risks faster, streamlining the entire process.

2) AI-Powered Policy Comparison:

Ever tried comparing 200-page insurance policies?

It's not fun. (Not that you thought it was!)

So, it's a perfect task for AI. We're testing AI to:

• Compare policy language across multiple contracts
• Identify coverage gaps
• Highlight the best provisions from different policies

This could help us create "best-in-class" policies by combining the best parts from many contracts.

So what?

This technology could revolutionize how we and you analyze risk and craft policies.

Imagine getting a policy that's not just good, but optimized based on the collective wisdom of your entire industry.

We're at the forefront of this innovation, but we're moving carefully.

Our goal is to leverage AI to provide more accurate risk assessments and stronger policies...

...while maintaining the high level of personal service, security, and expertise you expect from us.

Want to learn more about how we're using AI to enhance coverage and analytics like peer data & benchmarking? Let's chat. We're excited to show you how these advancements could benefit your institution’s insurance program.

Want to share this edition via text, email or social media?

Simply copy-and-paste the link below:

https://lionspecialty.ck.page/posts/deepfake-danger-threatens-your-bottom-line

And if you got this newsletter forwarded, you can subscribe here.

Stay Covered,

Natasha & Mark

Co-Founders and Managing Partners

Lion Specialty