Cyber insurance providers are increasingly placing limits on coverage for artificial intelligence-related incidents, including so-called 'LLM jacking' attacks, where malicious actors hijack large language models. These caps are being introduced even though insurers lack sufficient actuarial data to accurately price the risks.
Sources in the cybersecurity community report that policies are now explicitly excluding or capping payouts for AI-specific breaches, leaving many organizations potentially underinsured. The trend reflects a broader uncertainty in the insurance market about how to quantify and manage the novel threats posed by generative AI systems.
"Is your policy keeping up, or are you already exposed?" asks a recent briefing from the CISO Series, which highlighted the issue.
The development signals a growing gap between the rapid adoption of AI technologies and the insurance industry's ability to assess and cover associated cyber risks. Experts urge businesses to review their policies carefully and consider supplemental coverage for AI-related exposures.