The rise of widely adopted generative artificial intelligence (genAI) is transforming the cybersecurity landscape. Since the introduction of ChatGPT in 2022, cyber phishing attacks have surged by 4,151%. Every day, approximately 3.4 billion spam emails are sent globally, contributing to the billions of dollars cyberattacks cost the global economy.

In recent years, cybercriminals have evolved from lone operators into highly organised groups. Some have even come to resemble medium-sized corporations, with their own HR departments and training programmes. Despite significant advancements in recognising and addressing these threats, the battle ebbs back and forth.

Now, the introduction of large language models and other genAI tools has opened a new front in the cybersecurity arms race.

A conflict seeped in history

The cat-and-mouse struggle between cyber defences and criminal innovation traces its roots back to the very first recorded cyberattack. In 1834, François and Joseph Blanc exploited the semaphore telegraph system to commit insider trading. By bribing a telegraph operator to introduce faulty characters into government messages, they intercepted market news from the Paris Stock Exchange before it reached Bordeaux—a rudimentary example of a man-in-the-middle (MitM) attack.

As technology advanced through the 20th century, so did hacking techniques. The late 1950s saw the advent of “phone phreaking” where “phreaks”—individuals with a keen interest in phone systems—exploited the protocols that telecom engineers used for remote network maintenance in order to make free calls and fraudulently bypass long-distance charges. Unfortunately for the phone companies, there was no effective way to curtail the activities of the phreaks, though the practice eventually faded in the 1980s.

The advent of personal computers and the internet introduced new avenues for cybercriminal activity. The Morris Worm of 1988, created by a Cornell University graduate student, was one of the first computer viruses to spread across networks, causing significant disruption and highlighting vulnerabilities in early internet infrastructure.

The 1990s and 2000s were marked by the rise of more aggressive hacking groups, trying to cause maximum destruction for financial gain. The Love Bug virus in 2000 demonstrated the potential for worldwide disruption, affecting millions of computers and causing billions in damages.

The late 1990s also saw the emergence of cyber insurance, as part of efforts to tackle the risks of doing business online. While the world was becoming increasingly reliant on technology, Tokio Marine Kiln became one of the first providers to offer cyber insurance cover.

Since then, the pace of change has continued to accelerate. The 2010s were defined by the proliferation of smartphones and cloud computing, which introduced new attack vectors. Today, genAI is further transforming the digital battleground, with cybercriminals weaponising genAI to create more sophisticated phishing attacks and deepfakes on a huge scale. We are seeing the multiplication of business email compromise (BEC) attacks, where genAI is used to analyse language and tone to automatically imitate highly targeted messages. The more personalised the attacks become, the harder they are to detect, and the more damage they can cause.

Such a high degree of complexity means there is no single solution to guarantee cyber safety. Businesses need to defend themselves and be prepared with sophisticated solutions for when the worst does happen—enter insurance.  

Insurance as a solution

By the start of the decade, businesses were inundated with cyberattacks. Insurance payouts were reaching into the billions. The market had reached a turning point where the hackers were winning. The need for a comprehensive approach to cybersecurity support and a greater partnership between business, cyber security and cyber insurers was clear.

Insurance now plays a vital role in enhancing a business’s cyber defence, response and recovery capabilities. What was once predominantly about providing liquidity and support at a time of distress has evolved into a multifaceted support system. Services begin with vulnerability scanning and extend to incident response, helping clients improve their defence postures, close gaps, and continuously probe for weaknesses. We are constantly scanning individual businesses, flagging emerging trends and tactics being deployed by hackers, and providing insights to help our clients and partners stay one step ahead.

TMK now works hand in hand with clients’ cybersecurity teams, drawing on our in-house cyber analysts and bespoke tools, our expertly chosen cyber partners, and decades of experience in cyber insurance. We can help run simulated cyberattacks to practice initial response steps in the event of a real incident, and facilitate the implementation of essential security measures, such as multi-factor authentication (MFA)—one of the easiest measures to enhance security beyond easily compromised passwords. Coupled with regular system updates and patch management, even the largest vulnerabilities can be managed effectively.

Additionally, by partnering with us, clients gain access to threat monitoring services. A 24-hour emergency hotline connects them to a leading breach response firm offering immediate advice from top-tier IT forensic experts, as well as ongoing guidance to ensure compliance with relevant privacy and data breach notification laws. Early access to experts and a coordinated response are integral to helping businesses recover swiftly.

The human element

As long as cyber criminality continues to thrive, cyber risk will remain at the top of the business risk agenda. The incentives for hackers are substantial, and with genAI-aided tools enhancing their criminal activities, they are constantly refining their methods.

Among the most concerning recent trends is the increase in hackers targeting the human element, exploiting gaps in employee awareness with realistic spoof emails and calls. Human fallibility has no technical solution, which is why it is crucial for businesses to invest in training programmes and educate employees about cybersecurity best practices and the latest phishing tactics. TMK offers workshops and seminars to foster a culture of cybersecurity awareness within organisations. Alongside education, imposing barriers, such as preventing anyone from outside an organisation having access to Teams or Slack, can also limit social engineering attacks.

As technology continues to evolve, so too will the tactics of cybercriminals. Businesses must remain vigilant, investing not only in cutting-edge defences, but also in a culture of cybersecurity resilience. The right insurance partner can help ensure business continuity from a financial perspective, as well as flag and mitigate risks before malicious actors have a chance to take hold. In response to the increasing complexity of cybersecurity risks, clients benefit from insurers’ multi-faceted, multi-stakeholder approach. Tapping into these partnerships is the best way for organisations to turn the tide, safeguard their operations, and stay ahead in what will invariably remain a tech-dominated business landscape.