Cyber Defense
How Insurers Are Using AI to Better Protect and Serve
It’s safe to say that we’ve barely scratched the surface of what machine learning and deep learning can do, and the idea of ruthless criminals harnessing that much power could keep risk managers — and everyone else — up at night.
But don’t count out the good guys.
There are scores upon scores of talented and passionate people working to leverage machine learning techniques to make the cyber realm a safer place.
“What artificial intelligence and machine learning has changed is the nature of the engagement,” said Tim Marlin, senior managing director, and head of Cyber & Professional Liability for The Hartford. With powerful artificial intelligence being implemented on both sides, he said “this is truly an arms race now. And the folks with the best technology often win.”
Many cyber security firms are using sophisticated AI to automatically detect, analyze, and defend against advanced attacks by deceiving or confusing the attackers’ technology. As the attackers learn and adapt over time, the defenders do the same.
From the insurance angle, that same phenomenal computing power can be used to get a more precise handle on an insured’s risks, understand opportunities for improving the risk, and better price appropriate coverage for it.
“What artificial intelligence and machine learning has changed is the nature of the engagement.” With powerful artificial intelligence being implemented on both sides, “this is truly an arms race now. And the folks with the best technology often win.” — Tim Marlin, senior managing director, and head of Cyber & Professional Liability, The Hartford
Joshua Motta, CEO of Coalition, a new firm that provides comprehensive cyber insurance coverage, cyber security, and risk management services, spoke with R&I about the risks of advanced AI in the hands of bad actors. And he explained how his firm is taking that same power and using it to solve cyber risk in a dynamic way.
“During our underwriting process … we gather hundreds of thousands of data points using machine learning techniques to assess the risks of that company — to determine the likely probability of an attack and what the severity would be.”
Coalition analyzes each company’s IT infrastructure, scanning their domains and their corporate networks, categorizing the specific versions of each technology they’re using and what vulnerabilities are known for each element. It also cross-references company employees to see whether any have had passwords compromised in third-party data breaches.
“It’s just an enormous amount of data,” said Motta. “ … and we’ve stored that not just for the companies that quote with us. We currently gather this data once a week for 14 million companies — the vast majority of small and medium businesses in the United States.”
Coalition uses that data to simulate attack vulnerability in real-time.
“When we write [any of] these 14 million companies, we know what they look like. We know what technologies and services [they use and] how they configure them. So we spin up what we call virtual machines on the Internet that are configured to look exactly like the different profiles of policyholders we have.
“Say we have one policyholder that is running an Apache Web server with a WordPress content management system to develop their blog. That may be distinct from someone else who’s running a Microsoft Web server running Magento shopping cart. So we’ll spin up things that look like these and then we just wait and see who attacks them. We log every single type of attack and the techniques they’re using.
“With that we can now start to learn on that data and we can start to make predictions on which companies are more likely to experience a cyber attack and which companies, based on the technology choices they’ve made, are more likely to succumb to one – [meaning which attacks] will be successful.”
Motta said that as the company develops loss and claims data, it will use those for learning purposes as well.
“This is where you’re starting to see those techniques brought into effect — [with deep learning] we can use the claim and loss data that we collect to refine our underwriting, but also to help build better tools and provide better data to the policyholders, to help them prevent losses in the first place.”
The Hartford’s Tim Marlin shares Motta’s dedication to helping insureds stay ahead of a risk landscape that changes at breakneck speed.
“What we are trying to do as an insurance carrier is to make sure that [cyber risk mitigation] is part of our offering, part of the services that we can help bring to bear,” he said. “We are trying to make available the service partners that can bring some powerful [machine learning] tools to our insureds.” &