Hong Kong regulator warns insurers: strengthen cyber defenses alongside AI adoption
Hong Kong's insurance regulator has told the industry that deploying artificial intelligence must be paired with stronger cybersecurity measures, citing a "critical" threat from cyberattacks.
The Hong Kong Insurance Authority's warning reflects a broader tension facing the sector: as insurers accelerate AI implementation to improve operations and claims processing, they risk exposing themselves to heightened cyber risk if security infrastructure doesn't keep pace.
The message aligns with emerging industry concerns. Marine insurers, for instance, now treat cyber risk as a physical threat rather than purely an IT problem-particularly as shipping routes like the Strait of Hormuz remain volatile, creating compounded exposure for underwriters.
Insurers implementing AI tools should conduct security assessments before deployment and establish governance frameworks that treat cybersecurity as a board-level issue, not solely an IT department responsibility.
What this means for your organization
If your company operates in or writes business for Hong Kong, expect regulatory scrutiny of how you're managing cyber risk alongside new technology rollouts. Internal audit teams should map AI implementations against existing security controls.
For insurers globally, the regulator's stance signals that regulators will increasingly view inadequate cyber defenses as a compliance failure when paired with rapid technology adoption.
Your membership also unlocks:
