“Ransomware groups are becoming increasingly sophisticated, while employee error continues to be a major factor,” added Maley. “The rapid advancement of AI introduces new risks, and many businesses still underestimate the importance of both cyber risk management and cyber insurance. For example, one way to infiltrate systems is through phishing attacks. Before AI, it was fairly easy to spot phishing emails; poor grammar and spelling, and incomprehensible language were dead giveaways. Now, international ransomware groups can easily create professional and authentic-sounding emails and send them out en masse, drastically increasing their chance of employees mistaking them for real messages.”