With the capabilities of Chat GPT and artificial intelligence (AI) continuing to advance, this technology is only going to get smarter and potentially more difficult to control as it can be used to facilitate security breaches and increase the scale of cyber-attacks, states Peter Hedberg, Vice President of Cyber Underwriting at Corvus Insurance.
During an interview with Reinsurance News, Hedberg discussed how this technology has become a growing concern for the industry.
When asked a question regarding how concerning he sees Chat GPT and other forms of AI software being for the cyber insurance market, he said: “Right now I’d say that I’m cautious, very cautious. I think one of the things about Chat GPT is that it’s probably the most breath-taking that we’ve seen so far in its ability to mimic human behaviour. It’s using probabilistic answers to find out a lot of things.”
However, despite the advancements that this technology possesses, and how it can save time by automating certain tasks that a human would do, such as typing and sending out emails, Chat GPT can pose a major threat to the industry, Hedberg warns.
“Chat GPT removes a lot of markers because the answers that this technology delivers seems so natural and so human, however this also allows for the attack vector to scale effectively. So, instead of spending all this time to hack into an organisations database and watch things, you can use artificial intelligence, or the types of software to basically figure out a way to send 1,000+ emails that all sound correct to each organisation. Has this happened yet? No, but the concern is growing.”
In regards to how soon this could happen within the industry, Hedberg noted that it mainly relies on employee education and an organisations overall ability to underwrite these types of exposures.
“We are asking a lot of questions right now about AI. We’re asking them on applications, we’re asking if the organisation makes use of chat GPT in any sort of way. Because the other thing that we are concerned about is if Chat GPT is becoming a regular part of that business, and if people get used to how it is responding to things, which means a harder ability to detect when fraudulent emails are coming through and how to deal with them.”
However, even though various forms of AI technology present challenges and growing concerns for the industry, the technology still contains many positives as many companies are incorporating it into their systems to manage manual, low complexity workflows and increase operational efficiency.
Hedberg noted that AI can be used to try and identify new threat vectors, but the technology itself may also become a source of claims.
“I don’t know how hackers are not going to be able to use this as some sort of weapon, because it offers them a scale that they have never not had before. I can certainly see AI impacting a lot of different parts of the insurance industry.”
Moreover, Hedberg was also asked what we should anticipate to see from Corvus within the next three to five years.
He said: “We are going to hire a lot of underwriters, and part of that is because our book continues to grow because our value proposition continues to prove itself out. For us, we believe that insurance should be profitable and again that profit in a lot of ways should inform and create a better product for our policyholders as well.
“In addition to this, we are also going to be bringing all of our technology to the table as well. I see a lot of sustainable, meaningful growth. I’m not here to try to write every single business under the sun, I want to write the businesses that want to work with us. I want to work with businesses that are going to engage in that philosophy of the virtuous cycle.”
Further, Hedberg also addressed what he expects to see in the cybersecurity market throughout 2023.
“I think that from a threat vector we are probably going to continue to see Ukraine and Russia diminished a little bit. I think China is an issue, and I think it’s one that we need to pay very special attention to, because I think for a lot of the Russian, Ukrainian and other hackers it was a monetary thing. They were hacking us because we were paying ransoms and it was very disruptive, and I just think it was lucrative for them for a while.
“I don’t think that that is what the Chinese are waiting for, they are looking for intelligence and so I think that there’s going be a huge focus on controls going forward, and I think you’re going to see a lot of discrepancy between pricing.”