pith. sign in

arxiv: 2605.18784 · v1 · pith:QYBFBERYnew · submitted 2026-05-06 · 💱 q-fin.RM · cs.AI· cs.CR· cs.CY· econ.GN· q-fin.EC

The Insurability Frontier of AI Risk: Mapping Threats to Affirmative Coverage, Silent Exposures, and Exclusions

Alex Leung , Rex Zhang , Ervin Ling , Kentaroh Toyoda , SiewMei Loh This is my paper

Pith reviewed 2026-05-20 23:26 UTC · model grok-4.3

classification 💱 q-fin.RM cs.AIcs.CRcs.CYecon.GNq-fin.EC
keywords AI riskinsurability frontierinsurance coveragesilent exposuresfoundation modelscyber insuranceAI liabilityrisk management
0
0 comments X

The pith

The paper claims AI risks map to a four-tier insurability frontier of affirmative coverage, silent exposures, active exclusions, and gaps outside private insurance.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper maps 55 AI threat classes against 26 insurance products to show which perils now receive affirmative coverage, which create silent exposures under legacy policies, which are excluded, and which fall outside conventional structures. A sympathetic reader would care because agentic AI is entering commercial operations and businesses need to know whether resulting losses will be insured or left to the insured. The analysis reveals that carriers are differentiating their affirmative offerings by risk type and that foundation model concentration creates correlated losses across many policyholders at once.

Core claim

By coding AI threats from OWASP and MITRE catalogs against public carrier materials, the paper identifies a four-tier insurability frontier consisting of affirmatively insured perils, silent-AI exposures under legacy lines, actively excluded perils, and perils outside conventional private insurance. Affirmative coverage is beginning to split by carrier focus, such as model performance and drift at Munich Re or hallucination and liability at Armilla. Legacy cyber, E&O, D&O, and other policies retain silent exposure where AI serves as an instrumentality rather than the legal cause. Foundation model concentration emerges as the clearest novel frontier because upstream failures can produce loss,

What carries the argument

The four-tier insurability frontier, which classifies AI-mediated losses into affirmatively insured perils, silent-AI exposures, actively excluded perils, and perils outside conventional private insurance structures. It organizes the mapping of 55 threat classes to 26 products to reveal current carrier positioning.

If this is right

  • Affirmative AI coverage is differentiating by carrier emphasis on distinct risks such as model drift, hallucination, IP issues, or deepfakes.
  • Legacy insurance lines continue to provide silent coverage for losses where AI functions as an instrumentality of the harm.
  • Foundation model concentration creates the potential for correlated losses across many cedents simultaneously.
  • Market design efforts should focus on which insurability constraint each new structure relaxes rather than on systemic risk templates alone.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Businesses could review their existing policies to identify which AI perils currently create silent exposure rather than relying solely on new endorsements.
  • Reinsurers might develop products specifically targeting correlated losses from foundation model failures.
  • Regulators could use the tiered mapping to assess whether current insurance markets leave significant AI risks uninsured.
  • The same coding approach could be applied to other emerging technologies to track how coverage boundaries shift over time.

Load-bearing premise

The mapping rests on public carrier statements about coverage rather than the exact wording of insurance contracts or actual claim payment outcomes.

What would settle it

A specific AI-related claim paid by a carrier that publicly positions the peril as affirmatively covered, or denied by a carrier that publicly positions it as excluded, would test the frontier classification.

read the original abstract

The rapid diffusion of agentic AI has created a new coverage problem for commercial insurance: some AI-mediated losses are now affirmatively insured, some create silent-AI exposure under legacy cyber, technology errors-and-omissions (E&O), directors-and-officers (D&O), employment practices liability (EPLI), crime, and media policies, and others are being actively excluded. This paper maps that emerging boundary by coding 55 AI threat classes against 26 insurance products, endorsements, and exclusion regimes using public carrier materials and OWASP/MITRE threat catalogs. We identify a four-tier insurability frontier: affirmatively insured perils, silent-AI exposures, actively excluded perils, and perils outside conventional private insurance structures. Our coding measures publicly claimed positioning rather than executed contract wording; the headline statistics describe what carriers publicly state about coverage, not what would be paid in any specific claim. Three patterns emerge. First, affirmative AI coverage is beginning to differentiate by primary risk emphasis: public materials often position Munich Re around model performance and drift, Armilla and parts of the Lloyd's market around hallucination and broader AI liability, Tokio Marine Kiln and CFC around IP and technology E&O concerns, Apollo ibott around emerging autonomous system liability, and Coalition around deepfake and AI-enabled cyber response. Second, legacy lines retain silent-AI exposure where AI is an instrumentality rather than the legal cause of loss. Third, foundation model concentration is the clearest genuinely novel insurability frontier because upstream model failure can correlate losses across many cedents at once; the relevant market design question is which insurability constraint each candidate structure relaxes, not merely which systemic risk template exists.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript maps 55 AI threat classes against 26 insurance products, endorsements, and exclusion regimes using public carrier materials and OWASP/MITRE catalogs. It identifies a four-tier insurability frontier consisting of affirmatively insured perils, silent-AI exposures under legacy lines, actively excluded perils, and perils outside conventional private insurance structures. The work observes differentiation in affirmative AI coverage positioning across carriers and argues that foundation model concentration constitutes the clearest novel insurability frontier due to the potential for upstream failures to generate correlated losses across multiple cedents.

Significance. If the classification reliably captures coverage boundaries, the mapping offers a practical reference for identifying gaps between stated insurer positions and emerging AI risks, potentially guiding product development and regulatory discussion. The systematic use of established threat catalogs provides a reproducible starting point for future updates. However, the explicit limitation to public statements rather than executed contracts or claims data reduces the direct operational significance for assessing actual loss scenarios or systemic risk pricing.

major comments (2)
  1. [Methods] Methods section: The coding rules, criteria for resolving ambiguous policy language, and any assessment of inter-rater reliability are not described in sufficient detail. Because the four-tier frontier and all headline statistics are derived directly from this classification of public materials, the absence of these methodological specifics undermines confidence that the results proxy actual insurability rather than stated positioning.
  2. [Results and discussion] Discussion of emerging patterns (third pattern): The assertion that foundation model concentration is the clearest novel frontier because upstream model failure can correlate losses across many cedents is presented as following from the coding exercise. However, the per-product coding does not appear to include explicit measurement or examples of cross-cedent correlation; this element reads as an additional interpretive claim whose load-bearing status for the overall frontier requires either direct support from the data or clearer separation from the classification results.
minor comments (2)
  1. [Abstract] Abstract: The sample sizes (55 threat classes and 26 products) are mentioned in the body but could be stated explicitly in the abstract to immediately convey the scope of the mapping exercise.
  2. [Throughout] Terminology: The distinction between 'AI as instrumentality' and 'legal cause of loss' is used in the discussion of silent exposures; a brief definitional footnote or parenthetical would aid readers from outside insurance law.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive feedback on our manuscript. We address each major comment below and outline the revisions we will make to strengthen the paper.

read point-by-point responses

  1. Referee: [Methods] Methods section: The coding rules, criteria for resolving ambiguous policy language, and any assessment of inter-rater reliability are not described in sufficient detail. Because the four-tier frontier and all headline statistics are derived directly from this classification of public materials, the absence of these methodological specifics undermines confidence that the results proxy actual insurability rather than stated positioning.

    Authors: We agree that greater methodological transparency is warranted. In the revised manuscript we will expand the Methods section to specify the coding protocol, including the decision tree for classifying threats into the four tiers, explicit criteria for handling ambiguous policy language (such as inferring coverage from general provisions versus requiring affirmative AI endorsements), and the process of cross-referencing multiple public carrier documents to resolve edge cases. Because the classification was performed by the study team with iterative review against source materials, we will also note the absence of formal inter-rater reliability statistics and describe the internal consistency checks employed. These additions will clarify that the results reflect publicly stated positioning rather than executed claims outcomes. revision: yes

  2. Referee: [Results and discussion] Discussion of emerging patterns (third pattern): The assertion that foundation model concentration is the clearest novel frontier because upstream model failure can correlate losses across many cedents is presented as following from the coding exercise. However, the per-product coding does not appear to include explicit measurement or examples of cross-cedent correlation; this element reads as an additional interpretive claim whose load-bearing status for the overall frontier requires either direct support from the data or clearer separation from the classification results.

    Authors: We accept that the third pattern contains an interpretive step beyond the raw coding. The per-product classifications show that upstream model-related threats are rarely affirmatively covered and frequently fall into silent or excluded categories, which, when combined with the known architecture of foundation models, supports the inference of correlated loss potential across cedents. To address the referee’s concern, we will revise the discussion to (a) present the coding results first, (b) explicitly label the correlation argument as an interpretive inference, and (c) supply concrete examples drawn from the coded threat classes (e.g., model drift or training-data poisoning affecting multiple downstream applications) to illustrate the basis for the claim. We will not assert that the coding exercise itself quantified correlation coefficients, but we maintain that the pattern logically follows from the observed coverage gaps and the systemic nature of foundation-model dependencies. revision: partial

Circularity Check

0 steps flagged

Descriptive classification with no derivation chain or self-referential reduction.

full rationale

The paper conducts an explicit coding exercise of 55 AI threat classes against 26 products using public carrier materials and OWASP/MITRE catalogs. It states upfront that 'Our coding measures publicly claimed positioning rather than executed contract wording' and that statistics 'describe what carriers publicly state about coverage, not what would be paid in any specific claim.' No equations, fitted parameters, predictions, or uniqueness theorems appear; the four-tier frontier and patterns (affirmative coverage differentiation, silent exposures, foundation-model concentration) are direct outputs of the classification method applied to external inputs. The work is self-contained against its stated scope with no load-bearing self-citation or ansatz smuggling.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The mapping assumes that public carrier statements are a stable proxy for coverage intent and that OWASP/MITRE threat classes are exhaustive and mutually exclusive for insurability purposes. No free parameters or invented entities are introduced; the work treats existing insurance products and threat lists as given inputs.

axioms (2)
  • domain assumption Public carrier materials accurately reflect current affirmative coverage, silent exposure, and exclusion positions for AI risks.
    Stated explicitly in the abstract as the basis for the coding exercise.
  • domain assumption The 55 AI threat classes drawn from OWASP/MITRE catalogs form a complete and non-overlapping set for insurability analysis.
    Implicit in the decision to code all threats against the 26 products.

pith-pipeline@v0.9.0 · 5871 in / 1389 out tokens · 27101 ms · 2026-05-20T23:26:48.888877+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

62 extracted references · 62 canonical work pages

  1. [1]

    OWASP Top 10 for LLM Applications

    OWASP GenAI Security Project. OWASP Top 10 for LLM Applications

    work page

  2. [2]

    https://genai.owasp.org/llm-top-10/

    work page

  3. [3]

    Continuously hardening ChatGPT Atlas against prompt injection

    OpenAI. Continuously hardening ChatGPT Atlas against prompt injection. 22 December 2025. https://openai.com/index/hardening-atlas- against-prompt-injection/

    work page 2025

  4. [4]

    OWASP Top 10 for Agentic Applications 2026 (ASI01 to ASI10)

    OWASP GenAI Security Project. OWASP Top 10 for Agentic Applications 2026 (ASI01 to ASI10). 9 December 2025

    work page 2026

  5. [5]

    MITRE ATLAS v5.1.0

    MITRE Corporation. MITRE ATLAS v5.1.0. November 2025. https://atlas.mitre.org/

    work page 2025

  6. [6]

    Munich Re Generating content with AI: An IP-infringement minefield?

    Munich Re. Munich Re Generating content with AI: An IP-infringement minefield?. 2024 to 2025. https://www.munichre.com/en/solutions/for- industry-clients/insure-ai/ai-whitepaper.html

    work page 2024

  7. [7]

    aiSure: More AI Opportunity

    Munich Re. aiSure: More AI Opportunity. Less AI Risk. https://www.munichre.com/en/solutions/for-industry-clients/insure- ai.html

    work page

  8. [8]

    The lethal trifecta for AI agents

    Willison, S. The lethal trifecta for AI agents. 16 June 2025. https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/

    work page 2025

  9. [9]

    Limits of Insurability of Risks

    Berliner, B. Limits of Insurability of Risks. Prentice-Hall, 1982

    work page 1982

  10. [10]

    Insurers retreat from AI cover as risk of multibillion-dollar claims mounts

    Harris, L., & Criddle, C. Insurers retreat from AI cover as risk of multibillion-dollar claims mounts. Financial Times, 22 November 2025. https://www.ft.com/content/abfe9741-f438-4ed6-a673-075ec177dc62

    work page 2025

  11. [11]

    Global Cybersecurity Outlook 2026

    World Economic Forum. Global Cybersecurity Outlook 2026. 12 January 2026. https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2 026.pdf

    work page 2026

  12. [12]

    OWASP Agentic Skills Top 10 (incubator project)

    OWASP Foundation. OWASP Agentic Skills Top 10 (incubator project). https://owasp.org/www-project-agentic-skills-top-10/

    work page

  13. [13]

    (IBM, Invariant Labs, ETH Zurich, Google, Microsoft)

    Beurer-Kellner et al. (IBM, Invariant Labs, ETH Zurich, Google, Microsoft). Design Patterns for Securing LLM Agents against Prompt Injections. 2025. https://arxiv.org/abs/2506.08837

    work page arXiv 2025

  14. [14]

    (MITRE / NIST CSRC)

    Liaghati, C. (MITRE / NIST CSRC). MITRE ATLAS Overview. September 2025

    work page 2025

  15. [15]

    Widespread Data Theft Targets Salesforce Instances via Salesloft Drift (UNC6395)

    Google Cloud Threat Intelligence Group (Mandiant). Widespread Data Theft Targets Salesforce Instances via Salesloft Drift (UNC6395). August

    work page

  16. [16]

    https://cloud.google.com/blog/topics/threat-intelligence/data-theft- salesforce-instances-via-salesloft-drift

    work page

  17. [17]

    Cybersecurity Alert: Salesloft Drift AI Supply Chain Attack

    FINRA. Cybersecurity Alert: Salesloft Drift AI Supply Chain Attack. September 2025

    work page 2025

  18. [18]

    Armilla AI Insurance, Lloyd’s Coverholder

    Armilla AI. Armilla AI Insurance, Lloyd’s Coverholder. https://www.armilla.ai/ai-insurance

    work page

  19. [19]

    AIUC-1: AI Agent Standard

    AIUC. AIUC-1: AI Agent Standard. https://www.aiuc-1.com/

    work page

  20. [20]

    Privacy guardrails for GenAI (Copilot/Glean)

    Knostic AI. Privacy guardrails for GenAI (Copilot/Glean). https://www.knostic.ai/

    work page

  21. [21]

    (HiddenLayer Research)

    Pearcy, S. (HiddenLayer Research). The Lethal Trifecta and How to Defend Against It. 25 November 2025. https://www.hiddenlayer.com/research/the-lethal-trifecta-and-how-to- defend-against-it

    work page 2025

  22. [22]

    Affirmative Artificial Intelligence Insurance Coverages Emerge

    Hunton Insurance Recovery Blog. Affirmative Artificial Intelligence Insurance Coverages Emerge. May 2025

    work page 2025

  23. [23]

    Verisk to Roll Out New General Liability Exclusions for Generative AI Exposures

    Independent Agent / Big I. Verisk to Roll Out New General Liability Exclusions for Generative AI Exposures. October 2025. https://www.independentagent.com/vu_resource/verisk-to-roll-out-new- general-liability-exclusions-for-generative-ai-exposures/

    work page 2025

  24. [24]

    Verisk CG 40 47: What the New AI Exclusions Mean for Your Commercial Clients

    Gridex. Verisk CG 40 47: What the New AI Exclusions Mean for Your Commercial Clients. March 2026

    work page 2026

  25. [25]

    Insurance Topics: Artificial Intelligence; AI Model Bulletin State Adoption Map

    National Association of Insurance Commissioners. Insurance Topics: Artificial Intelligence; AI Model Bulletin State Adoption Map. April

    work page

  26. [26]

    https://content.naic.org/insurance-topics/artificial-intelligence

    work page

  27. [27]

    Exclusive: Who covers the damage when an AI agent goes rogue? This startup has an insurance policy for that

    Sharon Goldman (Fortune). Exclusive: Who covers the damage when an AI agent goes rogue? This startup has an insurance policy for that. 23 July

    work page

  28. [28]

    https://fortune.com/2025/07/23/ai-agent-insurance-startup-aiuc- stealth-15-million-seed-nat-friedman/

    work page 2025

  29. [29]

    Securities and Exchange Commission

    U.S. Securities and Exchange Commission. SEC Charges Two Investment Advisers with Making False and Misleading Statements About Their Use of Artificial Intelligence. March 2024. https://www.sec.gov/newsroom/press-releases/2024-36

    work page 2024

  30. [30]

    Armilla AI Raises Lloyd’s-Backed Coverage to $25M as Traditional Insurers Retreat

    FFNews / FFInsurtech. Armilla AI Raises Lloyd’s-Backed Coverage to $25M as Traditional Insurers Retreat. January 2026

    work page 2026

  31. [31]

    Testudo launches AI insurance underwriting platform backed by Lloyd’s Lab

    Reinsurance News. Testudo launches AI insurance underwriting platform backed by Lloyd’s Lab. June 2025. https://www.reinsurancene.ws/testudo-launches-ai-insurance- underwriting-platform-backed-by-lloyds-lab/

    work page 2025

  32. [32]

    Armilla Launches Affirmative AI Liability Insurance with Chaucer

    Armilla. Armilla Launches Affirmative AI Liability Insurance with Chaucer. 30 April 2025

    work page 2025

  33. [33]

    HSB Introduces AI Liability Insurance for Small Businesses

    Munich Re HSB. HSB Introduces AI Liability Insurance for Small Businesses. 18 March 2026. https://www.munichre.com/hsb/en/products/services/artificial- intelligence-insurance.html

    work page 2026

  34. [34]

    Coalition Adds Deepfake Response Endorsement to its Cyber Insurance Policies Globally

    Coalition. Coalition Adds Deepfake Response Endorsement to its Cyber Insurance Policies Globally. 9 December 2025. https://www.coalitioninc.com/announcements/coalition-adds-deepfake- response-endorsement

    work page 2025

  35. [35]

    Marsh and Apollo’s ibott develop first-of-its-kind insurance facility for Uber to accelerate autonomous ride-hailing

    Apollo Group / Marsh. Marsh and Apollo’s ibott develop first-of-its-kind insurance facility for Uber to accelerate autonomous ride-hailing. 12 March 2026

    work page 2026

  36. [36]

    Insurance for AI Companies (Vouch + Hiscox / Corix)

    Vouch. Insurance for AI Companies (Vouch + Hiscox / Corix). https://www.vouch.us/technology/ai

    work page

  37. [37]

    Insurers, brokers adjust as AI exclusions emerge (Coalition, Axa XL endorsements)

    Business Insurance. Insurers, brokers adjust as AI exclusions emerge (Coalition, Axa XL endorsements). April 2026

    work page 2026

  38. [38]

    Insurance Carriers Add AI Exclusions to Design Professional E&O Policies

    FinancialContent / Risk Specialty Group. Insurance Carriers Add AI Exclusions to Design Professional E&O Policies. January 2026

    work page 2026

  39. [39]

    Insurers likely to exclude gen AI, startups wait in wings (Testudo, Vouch, Armilla)

    American Banker. Insurers likely to exclude gen AI, startups wait in wings (Testudo, Vouch, Armilla). November 2025

    work page 2025

  40. [40]

    As insurers retreat from AI risk, one startup plans to fill the gap

    S&P Global Market Intelligence. As insurers retreat from AI risk, one startup plans to fill the gap. February 2026

    work page 2026

  41. [41]

    Chubb Is Excluding the Risk Its Own CEO Says AI Will Solve (W

    Insurance Intel Substack. Chubb Is Excluding the Risk Its Own CEO Says AI Will Solve (W. R. Berkley PC 51380). March 2026

    work page 2026

  42. [42]

    Insurer in Full: US liability insurers explore AI exclusions

    The Insurer / Slipcase. Insurer in Full: US liability insurers explore AI exclusions. October 2025

    work page 2025

  43. [43]

    Transactional liability, partnership with Munich Re aiSure

    Mosaic Insurance. Transactional liability, partnership with Munich Re aiSure. https://www.mosaicinsurance.com/resources/press- releases/~/mosaic-partners-with-munich-res-aisure-to-provide-pioneering- coverage-for-ai-vendors/

    work page

  44. [44]

    What OpenClaw reveals about agentic AI security risks (ClawHavoc, 1,184 malicious skills)

    IBM X-Force. What OpenClaw reveals about agentic AI security risks (ClawHavoc, 1,184 malicious skills). April 2026

    work page 2026

  45. [45]

    ClawHavoc: Analysis of Large-Scale Poisoning Campaign Targeting the OpenClaw Skill Market for AI Agents

    Antiy CERT. ClawHavoc: Analysis of Large-Scale Poisoning Campaign Targeting the OpenClaw Skill Market for AI Agents. 6 February 2026. 14 https://www.antiy.net/p/clawhavoc-analysis-of-large-scale-poisoning- campaign-targeting-the-openclaw-skill-market-for-ai-agents/

    work page 2026

  46. [46]

    EchoLeak (CVE-2025-32711), first zero-click prompt injection in Microsoft 365 Copilot

    Aim Security / Microsoft. EchoLeak (CVE-2025-32711), first zero-click prompt injection in Microsoft 365 Copilot. 2025

    work page 2025

  47. [47]

    The Mother of All AI Supply Chains: Critical, Systemic Vulnerability at the Core of Anthropic’s MCP

    OX Security. The Mother of All AI Supply Chains: Critical, Systemic Vulnerability at the Core of Anthropic’s MCP. April 2026. https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical- systemic-vulnerability-at-the-core-of-the-mcp/

    work page 2026

  48. [48]

    LlamaFirewall: An open source guardrail system for building secure AI agents

    Meta AI Research. LlamaFirewall: An open source guardrail system for building secure AI agents. April 2025

    work page 2025

  49. [49]

    OpenGuardrails: A Configurable, Unified, and Scalable Guardrails Platform for Large Language Models

    Wang & Li. OpenGuardrails: A Configurable, Unified, and Scalable Guardrails Platform for Large Language Models. October 2025. https://arxiv.org/abs/2510.19169v2

    work page arXiv 2025

  50. [50]

    Timeline for the Implementation of the EU AI Act

    European Commission. Timeline for the Implementation of the EU AI Act. AI Act Service Desk. https://ai-act-service-desk.ec.europa.eu/en/ai- act/timeline/timeline-implementation-eu-ai-act

    work page

  51. [51]

    Insurers expected to introduce GenAI liability exclusions: Evercore ISI

    Reinsurance News. Insurers expected to introduce GenAI liability exclusions: Evercore ISI. December 2025

    work page 2025

  52. [52]

    AI Insurance Requirements: Insurance May Not Cover Your AI Failures (D&O / E&O / EPLI exclusions detail)

    Traverse Legal. AI Insurance Requirements: Insurance May Not Cover Your AI Failures (D&O / E&O / EPLI exclusions detail). April 2026

    work page 2026

  53. [53]

    Content Analysis of Cyber Insurance Policies: How Do Carriers Price Cyber Risk? Journal of Cybersecurity, 5(1), 2019

    Romanosky, S., Ablon, L., Kuehn, A., & Jones, T. Content Analysis of Cyber Insurance Policies: How Do Carriers Price Cyber Risk? Journal of Cybersecurity, 5(1), 2019

    work page 2019

  54. [54]

    Compliance Managers

    Talesh, S. A. Data Breach, Privacy, and Cyber Insurance: How Insurance Companies Act as “Compliance Managers” for Businesses. Law & Social Inquiry, 43(2), 417 to 440, 2018

    work page 2018

  55. [55]

    & Shortland, A

    Baker, T. & Shortland, A. The Government Behind Insurance Governance: Lessons for Ransomware. Regulation & Governance, October 2023. https://doi.org/10.1111/rego.12505. See also Baker, T. & Logue, K. D., & Saiman, C. Insurance Law and Policy: Cases and Materials, 5th ed., Wolters Kluwer, 2021, ch. 1

    work page doi:10.1111/rego.12505 2023

  56. [56]

    Service Terms

    OpenAI. Service Terms. 9 January 2026. https://openai.com/policies/service-terms/

    work page 2026

  57. [57]

    Expanded legal protections and improvements to our API

    Anthropic. Expanded legal protections and improvements to our API. 19 December 2023. https://www.anthropic.com/news/expanded-legal- protections-api-improvements; see also Anthropic, Updates to Consumer Terms and Privacy Policy. 28 August 2025. https://www.anthropic.com/news/updates-to-our-consumer-terms (noting that the 2025 consumer updates do not apply ...

    work page 2023

  58. [58]

    Service Specific Terms, current version, Generative AI Services indemnification; and Google Cloud Generative AI Indemnified Services

    Google Cloud. Service Specific Terms, current version, Generative AI Services indemnification; and Google Cloud Generative AI Indemnified Services. https://cloud.google.com/terms/service-terms and https://cloud.google.com/terms/generative-ai-indemnified-services

    work page

  59. [59]

    Insurance Topics: Risk Retention Groups

    National Association of Insurance Commissioners. Insurance Topics: Risk Retention Groups. https://content.naic.org/insurance-topics/risk- retention-groups

    work page

  60. [60]

    and Shokrai M

    Hansen R. and Shokrai M. (Google Cloud). Expanding our Risk Protection Program with new insurance partners and AI coverage. 16 May

    work page

  61. [61]

    See also Risk Protection Program product page: https://cloud.google.com/security/products/risk-protection-program

    https://cloud.google.com/blog/products/identity-security/whats- new-with-google-clouds-risk-protection-program/. See also Risk Protection Program product page: https://cloud.google.com/security/products/risk-protection-program

    work page

  62. [62]

    MCP-38: A Comprehensive Threat Taxonomy for Model Context Protocol Systems,

    Y. T. Shen, K. Toyoda, and A. Leung, “MCP-38: A Comprehensive Threat Taxonomy for Model Context Protocol Systems,” arXiv preprint arXiv:2603.18063, 2026. [Online]. Available: https://arxiv.org/abs/2603.18063 15 APPENDIX A: FULL 55 × 26 MATRIX TABLE A1: Threat × insurance-product coverage status. A = affirmative; S = silent / gray; X = excluded; · = no pub...

    work page arXiv 2026