‘Dependencies on a small number of dominant providers create shared points of exposure across insureds,’ says director

The underwriting and risk modelling approach used in the cyber insurance sector may need to undergo fundamental changes, as artificial intelligence (AI) drives increases in the “speed, scale and coordination of attacks”.

Innovation Artificial Intelligence

Read: Millions spent on insurance AI with little to show for it

Read: Lancashire inks deal to use Novee’s AI proposition for power and renewables underwriting

Not subscribed? Become a subscriber and access our premium content

Explore more artificial intelligence related stories here, or discover other news stories here 

This is according to a new report, released today (13 April 2026) by cyber risk analytics firm CyberCube, which suggested that (re)insurers currently treat AI threats as a risk multiplier, rather than a distinct risk class of its own.

The report identified easier exploitation of security gaps, reduced breach to disruption timeframes and agentic AI attack vectors as key drivers of risk.

It also suggested that the industry could begin to counter these new attack vectors with increasing focus on identity security and patching, improving recoverability of systems and focusing underwriting on governance of AI agents, APIs, permissions, logging and more.

Deeply embedded

According to report author William Altman, AI is “compressing the cyber attack lifecycle, reducing the time threat actors spend between initial compromise and operational disruption and in some cases enabling impact to occur before detection and containment are effective”.

Read: Lloyd’s insurer launches AI proposition to streamline political violence and terrorism portfolio

Read: Novee AI secures £1.6m in funding to enhance commercial and specialty underwriting

Explore more artificial intelligence related stories here, or discover other news stories here 

“As a result, recovery capability may become a more important determinant of business interruption loss severity than traditional preventative controls,” he added.

Altman, who is also director of cyber threat intelligence services at CyberCube, continued: “As AI becomes more deeply embedded in critical business operations and increasingly concentrated across compute infrastructure, hyperscale cloud platforms and foundation model providers, the potential for portfolio aggregation risk may rise.

“This reflects the tightly coupled nature of the AI supply chain, where dependencies on a small number of dominant providers create shared points of exposure across insureds.

“This increases the likelihood of correlated losses rather than isolated events, particularly as AI systems take on greater roles in automation, decision-making and operational control.”

George is a data reporter at Insurance Times, uncovering interesting industry trends and reporting on the technological advancements that will shape the future of the sector.

He graduated in 2017 from the University of Manchester with a degree in Geology. He spent the first part of his career working in consulting and tech, spending time at Citibank as a data analyst, before working as an analytics engineer with clients in the retail, technology, manufacturing and financial services sectors.View full Profile

More George McDade

Topics