Intellectual Property Risks Expanding with AI Usage, Cyber Threats
Intellectual property (IP) assets are one of the greatest sources of value creation in the corporate world, yet they are increasingly vulnerable to cyber risk and lack the same level of insurance protection as tangible physical assets, according to a report by Aon.
Information assets—such as customer records, employee records, financial reports, analytical data, source code, models, methods and other intellectual properties—have an average value of $1.24 billion, which is slightly higher than the average value of tangible assets, such as plants, property and equipment, at $1.09 billion, the report says.
In addition, the probable maximum loss of information assets being stolen or destroyed is $1.15 billion, greater than $846 million as the largest average loss from the destruction of PP&E assets. The loss of information assets also brings a more severe risk of business interruption losses vs. PP&E, at $324 million vs. $144 million, according to the report.
Despite the risk to intangible assets, they are less likely to be covered by insurance, Aon found.
While an average of 60% of PP&E assets are covered by insurance, only 19% of information assets receive the same protection, according to a global survey of business executives involved in cyber risk management and enterprise risk management. Self-insurance is more widely used for information assets, at 58% compared to 32% for PP&E assets.
This gap in coverage is particularly concerning given the surge in cyberattacks, Aon stated.
“Cyberattacks, especially ransomware, are surging, despite increased cyber security. Yet, cyber insurance pricing continues to decrease due to insurance carrier competition. Something has got to give,” the report’s authors state.
Fifty-six percent of respondents said their organizations had a material or significantly disruptive security exploit or data breach one or more times in the past 24 months. The average total financial impact of these incidents was $5 million.
While 69% of organizations are predicting that their cyber risk exposure will increase in the next 24 months, 32% of respondents say there is no plan to purchase standalone cyber insurance. The main reasons for not purchasing a standalone cyber security insurance policy are: coverage is inadequate based on their exposure (38%), premiums are too expensive (37% ) and there are too many exclusions, restrictions and uninsurable risks (29%).
Of the 67% of respondents with cyber insurance that have policies covering IP events, 36% say their organizations’ existing insurance policy covers a challenge to their IP assets, 33% say it covers third-party infringement of their IP assets and 31% of respondents say it covers an allegation that their company is infringing third-party IP rights, the report states.
The rise of generative AI poses additional information risks, such as intellectual property infringement, hallucinations, security breaches, and bias, according to the report. AI products like robots face unique challenges that differ from content misinformation, including the potential for bodily injury and property damage. Traditional insurance policies often fail to explicitly address AI-related risks, leading to coverage gaps and potential litigation, as seen in the “silent cyber” cases, according to the report.
To mitigate intangible asset risks, organizations must adopt a proactive mindset. This involves clarifying the scope of coverage and exclusions for AI risks in insurance policies and considering the purchase of standalone cyber insurance and IP insurance policies. Interest in trade secret and IP liability policies is on the rise, as cyber liability and IP risks rank among the top 10 business risks faced by organizations, Aon noted.
By proactively addressing the challenges posed by cyber risks and AI, companies can better protect their most valuable assets and ensure long-term success in an increasingly digital world, the report stated.
To view the full report, visit Aon website. &