The first known cyber insurance policy was issued in 1997 through AIG — a $15 million coverage limit for internet-related risks at a time when many executives still weren't sure the internet would last. Nearly three decades later, cyber is one of the fastest-moving, most competitive lines in all of insurance. The threat landscape has never been more complex. AI hasn't just raised the volume of attacks — it's sharpened them. Phishing emails that once announced themselves with broken English and implausible promises have given way to hyper-personalized, eerily convincing communications. Deepfakes are blurring the line between real and fabricated in ways that insurance policies haven't fully caught up with. And invoice fraud — one of the oldest scams in the book — is quietly surging, powered by social engineering that exploits LinkedIn connections, email thread histories, and the reluctance of junior employees to question a message that appears to come from the CEO. For the latest on where cyber stands and insight on where it’s going, we turned this month to Liz Kim, president of US operations at BOXX Insurance, whose nearly 30 years in the industry span law, claims leadership, underwriting, product development, reinsurance brokering, and now carrier strategy. Her core message: The battle between attackers and defenders never really ends, it just shifts terrain. Ransomware gives way to extortion, which gives way to business email compromise, which gives way to whatever comes next. The only durable advantage is staying ahead of the bad guys — through education, technology, and underwriting discipline. Read the full interview to find out why invoice manipulation deserves more attention than it's getting, what AI is actually changing in cyber insurance, and how third-party vendor relationships have quietly become the industry's biggest claims problem. |