Insurance IT leaders face a widening gap between AI ambitions and infrastructure reality
Insurance carriers are piloting generative AI in underwriting, deploying machine learning for fraud detection, and experimenting with AI-assisted claims processing. The business cases look solid. But when IT leaders assess whether their infrastructure can actually support it all, confidence drops sharply.
A survey of 276 IT directors and vice presidents at large enterprises found that only one-quarter said they were extremely confident their current infrastructure could support AI models. Nearly half still rely on systems built decades ago for critical operations. For insurers, that gap between AI ambition and IT reality isn't abstract-it's a direct threat to modernization plans.
Data quality is the hidden blocker
AI models perform only as well as the data feeding them. In insurance, that data is often scattered across legacy systems from different eras, inconsistently structured, and difficult to extract at scale.
Sixty-two percent of IT leaders cited data quality as their biggest challenge when managing data across hybrid environments. That was followed by access control and identity management (52%) and moving data securely between environments (50%).
The highest-value insurance data-loss histories, claims patterns, customer risk profiles-still lives on mainframes designed decades before AI training pipelines existed. Carriers have built impressive data lakes and migrated to the cloud, but the most critical data remains locked in older systems. Bridging that gap requires more work than most digital transformation roadmaps acknowledge.
Security confidence is not the same as security readiness
Insurance operates under heavy regulation, and the regulatory environment is tightening. Fewer than one-third of IT leaders said they were extremely confident they would pass their next compliance audit.
Carriers are investing in multi-factor authentication, identity and access management, resiliency, rapid data recovery, and zero-trust architecture. The tools exist. But as AI introduces new attack surfaces and hybrid cloud environments create new integration points, the gap between "we have security tools" and "we are secure" keeps widening.
Data privacy and security ranked as the top concern for 70% of IT leaders looking ahead. In insurance, where the data includes health records, financial histories, and personal risk profiles, that concern is warranted.
The skills shortage is quietly derailing progress
More than half of IT leaders (52%) said finding skilled personnel familiar with legacy systems development was a significant challenge. Only 35% said their IT workforce had the skills needed to support those systems effectively.
COBOL developers and mainframe specialists are a shrinking population. The people who built and maintain core systems processing millions of policies and claims are retiring, and the institutional knowledge they carry is often undocumented. Carriers risk losing the ability to safely modernize the systems that need modernization most.
Eighty-one percent of IT leaders are allocating dedicated training budgets for staff, 79% are providing access to online learning platforms, and 69% are offering vendor-specific certifications. But training programs take time to produce results, and the window for knowledge transfer from retiring specialists is narrowing.
Modernization means connecting legacy systems, not replacing them
The instinct when facing these challenges is often to rip-and-replace: sunset legacy systems, migrate everything to the cloud, and start fresh. In insurance, that's usually the wrong move.
Core mainframe systems at major carriers are battle-tested, deeply reliable, and contain decades of business logic that can't be replicated quickly or cheaply. The goal should be to unlock them, not eliminate them.
That means making the data they hold accessible to modern AI tools, connecting them to cloud environments without creating security vulnerabilities, and modernizing surrounding workflows without disrupting mission-critical operations underneath. For most carriers, the actual risk tolerance for disruption is lower than AI roadmaps currently assume.
Where to start: Data accessibility first
Sixty-six percent of IT leaders identified data accessibility for AI as their top concern. That number should be front and center in every insurance CIO's planning conversation.
The AI opportunity in insurance is real. Better risk models, faster claims processing, and more accurate fraud detection are achievable benefits. But they're only accessible to carriers that solve the infrastructure problem first.
That work means investing in data pipelines connecting legacy systems to modern AI platforms. It means addressing security and compliance gaps before they become audit findings or breach headlines. And it means treating the skills shortage seriously enough to build active knowledge-transfer programs, not just tuition reimbursement.
The carriers that will lead on AI aren't necessarily the ones with the biggest technology budgets. They're the ones that close the gap between what they want AI to do and what their infrastructure can actually support. Start with an honest assessment of where the data is, who can manage it, and whether the systems holding it are ready for what's being asked of them.
Learn more about AI for Insurance and explore the AI Learning Path for CIOs to understand how to bridge infrastructure gaps.
Your membership also unlocks:
