Simon Glairy is a recognized expert in the fields of insurance and Insurtech, specializing in the high-stakes world of risk management and AI-driven risk assessment. As the digital landscape shifts toward more automated threats, Glairy helps organizations navigate the complex intersection of technology and liability. In this conversation, we explore how artificial intelligence is not just identifying vulnerabilities but actively executing “glass-to-ground” attacks, the hidden dangers of the technology supply chain, and why the reinsurance market remains surprisingly robust. Glairy offers a deep dive into the “cat-and-mouse” game between defense and offense, emphasizing the transition of cyber insurance into a proactive, continuous partnership.
How has the emergence of autonomous AI tools shifted the threat landscape for organizations that previously felt secure?
The barrier to entry for cybercriminals has plummeted, fundamentally changing the nature of the risks we face across the board. Just a year ago, we were looking at AI tools that could identify a company’s vulnerability and point it out, acting almost like a sophisticated scanner that still required a human hand to pull the trigger. Today, that has changed; we are seeing “glass-to-ground” attacks where the AI identifies the hole and autonomously carries out the breach without manual intervention. In early 2024, specifically following the releases of advanced models like OpenAI’s ChatGPT and Anthropic’s Claude, we saw the first real instances of this in February, signaling a new era of accelerated impact. By the end of this year, I expect these self-executing attacks to become common practice, making even novice hackers a significant threat to global infrastructure.
What specific challenges are smaller organizations facing regarding their reliance on the broader technology supply chain?
A primary concern that often flies under the radar for smaller firms is their extreme, often invisible exposure to the technology supply chain. It isn’t just about their own firewalls anymore; it’s about the contingent business interruption and dependent business interruption that occurs when a critical third-party supplier goes down. When a major service provider suffers a cyber event, it creates a ripple effect that causes massive downtime for every business tethered to their network infrastructure. We are seeing cases where companies are paralyzed not because they were targeted directly, but because a single link in their digital chain snapped. This interconnectedness means that a breach anywhere can lead to a business-stopping event everywhere, forcing a rethink of how we calculate risk in a shared digital ecosystem.
In light of these escalating and automated risks, how has the cyber reinsurance market responded in terms of capacity and stability?
Surprisingly, the reinsurance side of the industry has shown remarkable resilience and growth despite the rising complexity of the “tail” on cyber claims. You might expect to see a contraction in the market as risks become more automated and unpredictable, but the reality is that capital has continued to grow. According to insights from reinsurance brokers, recent cyber renewals were remarkably seamless, supported by an abundance of capacity that mirrors the direct cyber insurance market. This abundance suggests a high level of market confidence, even as the speed of AI-driven learning creates a more volatile environment for risk assessment. Reinsurers are currently comfortable with the risk-reward ratio, providing a necessary cushion that allows primary insurers to continue offering robust coverage.
How can insurance providers move beyond simple risk transfer to become more active partners in an organization’s cybersecurity defense?
We are moving toward a model where the insurer acts as a “bird’s eye view” guardian for the insured’s entire portfolio, emphasizing that insurance should be a partnership rather than just a transaction. It starts with external-facing scans that highlight open vulnerabilities before a policy is even quoted, ensuring that the insured addresses their biggest exposures as a condition of coverage. But it shouldn’t end there; we are working toward a model of continuous monitoring where we maintain oversight of the network infrastructure. If a zero-day event occurs, this proactive stance allows us to know exactly which insureds are exposed and warn them before the damage is done. This turns the relationship into a collaborative effort where the insurer provides the tools and intelligence to stop an attack in its tracks, rather than just writing a check after the fact.
What is your forecast for the future of AI-driven cybersecurity?
The current environment has evolved into an intense, high-speed “cat-and-mouse” game between malicious actors and the AI-driven defenses managed by Chief Information Security Officers. As bad actors utilize tools to accelerate their attacks, large organizations are fighting back by integrating “good” AI into their own security stacks to identify and neutralize threats at machine speed. This race will only intensify as AI continues to learn faster and faster, making manual human intervention almost obsolete in the initial stages of a breach. I believe that by the end of 2024, AI-driven defense will no longer be a luxury but a fundamental requirement for insurability. Companies that fail to adopt these autonomous defensive tools will find themselves increasingly unable to secure coverage as the sheer speed of automated attacks outpaces traditional human response times.
