Are cyber insurers ready to respond to a truly catastrophic cyber event?

Events like SolarWinds, Kaseya, MOVEit, Change Healthcare and the CrowdStrike outage disrupted tens of thousands of organisations and generated losses measured in the tens or hundreds of millions. But even these high-profile incidents fell far short of the volume of cyber claims notifications a truly systemic event could generate. Examples from beyond the world of cyber insurance offer a useful point of comparison. During the Covid business interruption crisis hundreds of thousands of notifications were made in the UK alone, enough to put parts of the insurance market under severe operational strain. Imagine an impact like that, massively multiplied and accelerated. In the event of a large-scale systemic cyber event, notification volumes could be vastly higher and arrive en masse almost instantaneously.

The rise of AI-enabled cyber attacks materially changes the threat landscape. Advanced AI systems are getting better at identifying software weaknesses, automating reconnaissance, and accelerating exploitation. Anthropic has recently gone public with the claim that its latest AI model Mythos has identified thousands of zero-day vulnerabilities. This highlights how the rapid pace of innovation in the AI world is driving a dramatic escalation in the speed and scale of offensive cyber capabilities. In practical terms, attacks that once took time, specialist skills, and a significant amount of human effort can now be launched faster, more cheaply, and against many more targets simultaneously. This increases the likelihood of a widespread ransomware campaign, software supply chain compromise, cloud outage, or mass exploitation event affecting thousands of insured organisations simultaneously.

With catastrophic cyber scenarios becoming more and more plausible, the crucial question is whether cyber insurers have the operational resilience to handle them. Many current processes around FNOL, cyber claims triage, and catastrophe response still reflect models developed for natural disasters. For events like floods, fires and storms, claims arrive in waves, geography makes prioritisation easier, and there is time to manual triage claims. But cyber catastrophes are different. Their footprint can form globally in minutes, with little or no warning. Claims volumes can spike instantly. Internal teams, external response partners, and customer communication channels will all come under pressure - all at once. The upside is that the digital nature of cyber events also creates an opportunity. It means that intake, triage, routing, and customer updates can all be automated and scaled using AI.

That's where ACS FirstResponder comes in. Rather than relying on manual processes tailored to yesterday's risks, ACS FirstResponder is built to deliver real-time cyber incident intake, intelligent triage, surge response, and scalable claims operations when a systemic event occurs. This empowers organisations to respond faster, prioritise more consistently, maintain visibility through periods of peak demand, and deliver better outcomes when the pressure is at peak intensity. All of this matters, because when the first true cyber catastrophe arrives, operational resilience will separate those that survive, and those that collapse under the pressure.