In this chapter of our Annual Insurance Review 2022, we look at the main developments in 2021 and expected issues in 2022 for technology.
Key developments in 2021
Over the course of 2021, prompted by the wave of cyber-attacks since the start of the Covid-19 pandemic, the NCSC has worked with the Alan Turing Institute to explore the use of AI in detecting online malicious activity. There is an increasing awareness that a strong AI infrastructure has become more of a necessity than a convenience for the underpinning of a safe cyber environment.
The UK is aware that foreign threat actors are also considering the use of AI to conduct criminal activities in the cyber space. Developing a strong AI infrastructure will be necessary to avoid making the UK an easier target for cyber criminals.
Currently, the NCSC is undergoing an AI exploring phase with the following objectives:
- Identifying malicious software by analysing patterns of activity on networks and devices;
- Characterising criminal or hostile behaviours;
- Revising the understanding behind attacks and correlating it with reported cyber-criminal activity.
Data from GCHQ shows that almost half of UK businesses and a quarter of charities reported having a security breach or cyber-attack in the last 12 months, with one in five of these leading to significant loss of money or data. The cyber insurance market has inevitably hardened as a result. Although this additional tool in the armoury is still at a very early stage, it may, in due course, help reduce the underwriting risk of those organisations that chose to implement it.
What to look for in 2022
There is increasing awareness on how the creation of quantum software and hardware may threaten the security of current cryptography. It is believed that quantum computers, once developed/fine-tuned and if in the hands of malicious organisations, will allow an attacker to access encrypted information. This led to leading nations and technology companies making significant investments in quantum computing and quantum-safe cryptography which will likely result in substantial developments by 2022-2024.
Due to its complexity, it is likely we will see an extended research of quantum computing applicability before working devices can be employed effectively. It is believed this will mark a drastic technological revolution and this now futuristic concept will mark the start of a technological new age. The applicability of quantum computing to cybersecurity will help contain a threat profile and reduce vulnerabilities as well as faster upgrades, patching, and verification methods which will lead to a smaller window for attack. This will be an important development for IT service providers that host or manage data for third parties, who will likely face greater exposure to claims in the event that data under their control succumbs to a data breach but is not fully protected / encrypted once this technology becomes available.
Written by Emanuele Santella.
Download our full Annual Insurance Review 2022 for more insights.