Sign in
Sign up
  • Home
  • Blog
  • Guides
  • “AI Risk Isn’t One Thing”: Tufts Professor Warns Insurers to Learn from Cyber
Josephine Wolff, Professor at Tufts University, warns that AI failures, bias, and emerging liability trends demand stronger definitions, clearer measurement, and better pricing across the evolving AI insurance market.
  • Guides

“AI Risk Isn’t One Thing”: Tufts Professor Warns Insurers to Learn from Cyber

The emerging AI insurance market must learn from cyber insurance’s early days to define, measure, and meaningfully price.
2 min read
All Posts

“AI Risk Isn’t One Thing”: Tufts Professor Warns Insurers to Learn from Cyber

  • Guides
2 min read
Josephine Wolff, Professor at Tufts University, warns that AI failures, bias, and emerging liability trends demand stronger definitions, clearer measurement, and better pricing across the evolving AI insurance market.

AI risk is not one thing: “AI risk is a huge basket of different things that can go wrong with different types of AI systems, some of them accidental, some of them deliberate and malicious.” In her session at the CIA Cyber Insurance Bootcamp 2025, Josephine Wolff, Professor of Cybersecurity Policy at The Fletcher School at Tufts University, drew on her cybersecurity roots to explore how the lessons of cyber insurance can inform the emerging AI insurance market.

AI Risk in Practice

To illustrate the very real issues that are quickly emerging, Wolff pointed to bias in AI-driven hiring systems. As companies increasingly rely on automated resume screening, underlying data patterns can quietly perpetuate discrimination. “These systems can make decisions that seem objective, but often reflect the biases of their training data,” she noted, while referencing a major U.S. court case from 2025: Mobley v. Workday, Inc. This case demonstrated that the legal system is beginning to treat these risks as more than hypothetical.

In Mobley v. Workday, a major U.S. case about AI-powered screening tools, a judge ruled that Workday’s software might have acted like an “agent” by deciding who moved forward and who got rejected.
That means AI vendors themselves could be held directly responsible if their tools discriminate.
Then, just a few months later, the same court went even further. It preliminarily approved a nationwide group of applicants aged 40+ who say they were rejected by Workday’s automated system. The judge said they were all affected in the same way because the same AI tool scored, ranked, or filtered their applications.
In other words, the court ruled that one algorithm can create widespread, legally significant bias.
Together, these rulings make one thing clear: bias in AI hiring tools isn’t just a technical glitch or an ethical debate.
It’s becoming a major legal and financial risk for both the companies that use these tools and the vendors who build them.

That single example encapsulates the core challenge of AI insurance: identifying, quantifying, and allocating responsibility for harms that are both technologically and ethically complex.

From AI Risk to Evolution

While today’s insurance market is still finding its footing, Wolff emphasized that this stage mirrors the early, cautious evolution of cyber insurance. The industry’s next task, she suggested, is to define what “AI risk” really means before it can learn how to price it.

 

Josephine Wolff’s session took place at the 2025 Cyber Insurance Bootcamp. It brought together top industry minds for an intensive, no-nonsense learning experience focused on the trends that will shape cyber risk in 2026.

Unlock more world-class knowledge and expertise.

Upgrade your membership to enjoy unlimited access to premium content.

Upgrade Membership

Already have an account?

Sign in
Download Now

About Cyber Insurance Academy

The Cyber Insurance Academy was cultivated by the leading minds in cybersecurity and insurance, with a mission to help cyber insurance professionals stay ahead of the curve. We aim to address the industry’s educational gap and technical challenges, while fostering a vibrant community of like-minded professionals.

 

Our first-of-its-kind online campus blends a Gold-Standard CII-CPD accredited course, expert-led certification courses, industry-leading events, a top-tier content library, and a supportive, diverse and professional network that equips you with the confidence and expertise to lead in cyber insurance and make an impact.

You may also like

All posts

Want cyber insurance updates sent straight to your inbox?

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .
Skip to content
Cyber Insurance Academy
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.