Axa issues ChatGPT use guidelines, warns on chatbot cyber attacks – Insurance News Australia

Axa has developed guidelines for staff use of ChatGPT for drafting emails, helping automate the collection and analysis of data used to underwrite different risks, and other purposes. 
Axa XL Financial Lines Underwriting Manager Zhenghong Pan says this is likely just the start of ways the industry can make use of new generative artificial intelligence (AI) technology. 
The guidelines are sure to be “updated and expanded as new uses are identified,” he says. 
“I can envision several applications for these tools within the commercial P&C industry,” Singapore-based Mr Pan said. 
Generative AI should help insurers process claims more quickly and efficiently, he says, and identify claims patterns to facilitate more accurate risk assessments.  
For now though, the best models only produce accurate information around 50-70% of the time. 
“These glitches and imperfections will doubtless become less common as the models become more experienced, although the shape of the reliability curve over time is also hard to predict,” Mr Pan said. 
The potential for ChatGPT or other generative AI models to exacerbate cyber risk “can’t be ignored,” he says, as hackers could ask a chatbot to write the software needed to launch and execute cyberattacks.  
“That could change the threat landscape significantly,” Mr Pan said. 
Cybercriminal gang “vendors” may not attack organisations directly but offer others the names of exposed companies, governments, schools and universities and so on, and provide software for executing ransomware attacks and a user manual. 
These “vendors” then charge a licence fee or take a cut. 
“With generative AI, asking a chatbot to create the software needed to launch a phishing, malware or denial of service attack could be vastly simpler and produce better results than developing that code on one’s own,” Mr Pan said, adding that generative AI could make hacking more accessible to amateurs who previously lacked the skills to pierce sophisticated security barriers. 
“We could see more and more ‘script kiddies’ – unskilled individuals who use scripts or programs developed by others for malicious purposes,” he said.  
“In the past, they would have accessed the dark web for these scripts. Now, they could use a chatbot to write the software for them.” 
For insurers and their customers, new XDR software is the next level of end-point detection and response. It leverages AI to automatically spot anomalous behaviour or dangerous-looking signals. 
“It seems likely that generative AI will escalate the ongoing arms race between hackers intent on infiltrating organisations’ IT systems and cybersecurity professionals intent on keeping them out. In other words, the battles between the good and bad guys could become even more intense and complex,” Mr Pan said. 
Copyright © 2023 Insurance News Pty Ltd.
Back to top