Why Cyber Insurance Faces New AI Liability Risks

Artificial Intelligence & Machine Learning , Cyber Insurance , Governance & Risk Management Why Cyber Insurance Faces New AI Liability Risks Josephine Wolff on Why Healthcare Must Scrutinize Cyber and AI Coverage Marianne Kolbasuk McGee (HealthInfoSec) • May 12, 2026     Credit Eligible Get Permission Josephine Wolff, professor cyber policy, the Fletcher School, Tufts University Healthcare organizations face growing pressure to reassess cyber insurance coverage as ransomware attacks disrupt patient care and artificial intelligence tools introduce new liability, said Josephine Wolff, professor of cybersecurity policy at the Fletcher School of Tufts University. See Also: Why Every AI Decision Begins With DNS Exclusions, compliance demands and AI-related uncertainty are reshaping insurance decisions, she said. Insurers have broadened coverage in recent years to address ransomware-related costs, including incident response, business interruption, legal expenses and regulatory reporting, and increasingly, healthcare organizations have sought out those policies, she said. But healthcare organizations also face growing uncertainty about other coverage issues as AI-driven diagnostic and clinical decision-support tools enter medical environments. That's because insurers and healthcare providers are assessing how liability should apply when AI systems potentially contribute to medical decisions or operational failures, she said. "I think the most important thing to focus on when you're shopping for cyber insurance, or AI insurance for that matter, is what are the exclusions in a policy, and to what extent do those overlap with the scenarios that you're most worried about," Wolff said. "Cyber insurance from 10 different providers are going to have very different coverage, very different exclusions." In the video interview, Wolff also discusses: How ransomware attacks have shifted cyber insurance coverage in healthcare; Why AI-related liability raises new questions for insurers and hospitals; Insurance and liability issues involving patient harm stemming from AI-assisted clinical decisions and cyber-related incidents. Wolff is a professor of cybersecurity policy at the Fletcher School at Tufts University. Her research interests include liability for cybersecurity incidents, cyber insurance, government responses to cyberattacks and the economics of information security. She is also the author of two books on those topics. Prior to joining Fletcher, she was an assistant professor of public policy and computing security at the Rochester Institute of Technology and a fellow at the New America Cybersecurity Initiative and Harvard's Berkman Klein Center for Internet & Society.