Skip to main content
Marsh logo

Article

Debunking Generative AI myth #2: Its most pertinent risks

While generative AI is an emerging technology, it is one that is being used for everyday business practices across almost all functions, both back-end and client facing.

02/06/2025 · 4 minute read

Organisations of all sizes, across virtually every industry, are exploring how to optimise generative AI technology to achieve business objectives, including realising operational efficiencies, increasing client satisfaction, and developing new products and services. To sustainably capitalise on generative AI’s potential upside, companies must be aware of and prepare for potential downsides.

At Marsh, we help organisations across industries understand, measure, manage, and respond to generative AI risks. In doing so, we have helped risk leaders and senior executives address three common myths. First, we looked at who in your company “owns” generative AI risk.

In this article, the second in a three-part mini-series, we’ll explore:

Myth 2: Generative AI is an emerging technology, and therefore cyber and technological risks are the most pertinent to consider.

While generative AI is an emerging technology, it is one that is being used for everyday business practices across almost all functions, both back-end and client facing. Uses range from marketing teams helping generate creative content, to software engineering teams expediting code, to sales teams providing hyper-personalised client recommendations, to legal teams expediting research and analysis.

This means that generative AI-related risks encompass—and span beyond—typical cyber and technology risks, and include:

  • Physical bodily injury/property damage resulting from generative AI-provisioned product safety advice to clients
  • Financial loss/personal and advertising injury, such as defamation, that stem from inaccuracies/misleading AI-generated content in client settings
  • Inadvertently infringing on existing copyrights, patents, or trademarks in training generative AI models
  • Bias/discrimination allegations related to personalised experiences
  • Bias/discrimination allegations related to employment practices
  • AI system failure/cyberattack that leads to business interruption
  • Data/privacy breaches when using generative AI to generate personalised recommendations for clients
  • Wire transfer fraud resulting from AI-enabled hyper-realistic deepfakes

The corresponding, relevant lines of insurance for both developers and end-users of generative AI technology potentially spans virtually all lines of commercial insurance: cyber, tech errors and omissions (E&O), media liability, directors and officers (D&O), employment practices liability, intellectual property, commercial general liability, product liability, and more.

Developers and users of generative AI technologies alike should assess whether their risk management programme is sufficient to address relevant exposures. Lately, we have seen many organisations that had not previously been materially exposed to technology liability considering tech E&O coverage as they launch new businesses enabled by generative AI, such as using data to provide clients with improved analytics and insights. Such new business can create E&O liability exposures as technological services and/or products are provided to clients for a fee.

To assess whether existing insurance programmes are considered sufficient, and to build resiliency against generative AI risks, organisations can:

  • Inventory all models that are being used in an enterprise context and corresponding high-level use cases.
  • Build risk scenarios that reflect what could realistically go wrong, informed by inventory of models and corresponding use cases, classified into a spectrum of high frequency/low severity vs. low frequency/high severity scenarios. 
  • Map risk controls against each prioritised risk scenario and conduct broader resilience planning.
  • Quantify the potential impact of these risk scenarios on the existing insurance programme, assessing whether existing limits and retentions need to be adjusted.
  • Map key risks to a strategic insurance programmes across relevant lines. 

Given its wide applicability across the enterprise, generative AI presents more than just cyber and technology risks. Developers and users of generative AI technologies should assess their existing risk mitigation and transfer strategies on an iterative basis, especially as generative AI continues to advance.

To learn more about how a Marsh specialist can help your company navigate generative AI and its risks and opportunities, please contact us here.

Next up: Myth #3 looks at the broad insurance issues related to generative AI

Find out more

Our people

Jaymin Kim

Jaymin Kim

Managing Director, Emerging Technologies, Global Cyber Insurance Center

  • United States

Greg Eskins

Greg Eskins

Global Cyber Product Leader and Head, Global Cyber Insurance Center

  • United States

Related insights

London

Report

Five trends in UK cyber insurance in the first quarter of 2025

10/06/2025
Hand touching modern interface digital transformation concept. Connection next generation technology and new era of innovation.

Article

Debunking Generative AI myth #3: GenAI insurance issues

03/06/2025
Robot hand ai artificial intelligence assistance for medical healthcare practices operation surgical performance, unity with human and ai concept, with graphical icon display blue banner background

Article

Debunking Generative AI myth #1: Who owns GenAI risks

02/06/2025
Placeholder Image

Webcast,Featured insight

Two years after ChatGPT: The evolving world of generative AI, risk, and insurance

05/05/2025
View more

This publication is not intended to be taken as advice regarding any individual situation and should not be relied upon as such. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Marsh shall have no obligation to update this publication and shall have no liability to you or any other party arising out of this publication or any matter contained herein. Any statements concerning actuarial, tax, accounting, or legal matters are based solely on our experience as insurance brokers and risk consultants and are not to be relied upon as actuarial, accounting, tax, or legal advice, for which you should consult your own professional advisors. Any modelling, analytics, or projections are subject to inherent uncertainty, and any analysis could be materially affected if any underlying assumptions, conditions, information, or factors are inaccurate or incomplete or should change.

Page Compliance ID