By Richard Brannigan, managing director of The Bletchley Group.

With the UK’s artificial intelligence (AI) market now worth more than £16.6 billion, and around one in six organisations having embraced at least one AI technology, understanding the impact to business is paramount. Any new technology raises unique challenges and from brute force, denial of service (DoS) to social engineering attacks, AI sadly poses specific issues related to cyber security.

Although hugely popular due to its impressive ability to produce huge volumes of new content, generative AI in particular has some flaws. You only need to review a couple of Google’s AI summaries to see the current limitations in terms of accuracy. The technology often gets things wrong and presents incorrect statements as facts; a flaw known as AI hallucination. 

Data poisoning — when AI models are corrupted with manipulated data — can also be particularly problematic if data is passed on to third-party applications and services. On top of that, AI models are prone to prompt injection attacks which occur when the input makes the technology behave in an unintended way that can have adverse effects: generating offensive content, revealing of confidential information, or causing unintended consequences in a system that accepts unchecked input.

Keeping your business safe

With the impacts of a cyber attack spanning financial to operational, as well as reputational or even legal, threats should not be taken lightly. Unfortunately achieving a 100% guarantee against them is impossible. This highlights the importance of having the right insurance policy in place.

Due to the construction sector’s extensive use of data (both first and third-party) through digital platforms as well as the requirement to conduct electronic transactions, cyber insurance is a vital protective measure. While there is cyber insurance included in some policies as an add-on the level of cover will be really basic. Full cyber cover as a standalone policy is recommended to truly safeguard your business and operations because a tailored solution provides more of a 360 degree approach including first party covers in addition to third party liability.

A full cyber insurance policy covers:

  • cyber extortion
  • meeting ransom demands
  • data recovery costs
  • business interruption
  • costs of informing clients of data breaches
  • the costs involved in credit monitoring and regulatory fines or penalties. 

Specific business needs should also be kept front of mind when choosing a policy. Doing so will provide peace of mind that any losses can be reimbursed, as well as any legal action being supported, whereas being led by price alone may mean the policy doesn’t sufficiently cover all aspects of operations.

To discuss cyber and data liability further, or to consider your insurance needs, please call 0121 803 3760 or email info@thebletchleygroup.com