Notifications
Clear all
Topic starter
27/06/2026 1:20 pm
TL;DR: Email security, AI-assisted control verification, and employee training are now shaping how underwriters, brokers, and clients manage cyber insurance pressure, while the market stays stable despite rising claims and regulation, according to Abnormal AI. The real shift is that human risk, not just perimeter tooling, is becoming a core underwriting and resilience variable.
NHIMG editorial — here’s why we think this discussion matters
By the numbers:
- When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes and as quickly as 9 minutes in some cases.
Questions worth separating out
Q: How should security teams connect email security to identity governance?
A: Security teams should treat email as an identity control surface because mailbox compromise often leads to password resets, session theft, and fraudulent approvals.
Q: Why does employee training still matter when AI tools are handling email threats?
A: Training still matters because many attacks succeed when a person approves, forwards, or discloses something that should have been challenged.
Practitioner guidance
- Map email compromise to identity workflows Trace how mailbox takeover could trigger password resets, MFA fatigue, delegated approvals, or supplier fraud, then update IAM and incident response runbooks accordingly.
- Define which AI detections can trigger containment automatically Separate high-confidence email detections that can quarantine messages or suspend sessions from cases that still need human validation before action is taken.
- Measure control verification, not control claims Track whether security controls actually stop phishing, impersonation, and malicious attachments in live traffic, then review false negatives and response latency as governance metrics.
What to expect at the briefing
Abnormal AI's full webinar covers the operational detail this post intentionally leaves for the source:
- The specific email threat patterns discussed by the panel, including how they intersect with cyber insurance expectations.
- How AI is being applied to verify controls and automate threat response in live email security operations.
- The training approaches used to reduce human risk factors in the context of phishing and email-driven compromise.
- The way underwriters, brokers, and clients are adjusting their expectations as the cyber insurance landscape evolves.
👉 Read Abnormal AI's on-demand webinar on email threat resilience and cyber insurance →
Email threat resilience and cyber insurance pressure: what changes now?
Explore further
27/06/2026 2:39 pm
Email resilience is now an identity governance problem, not just a mail-filtering problem. The article’s framing shows that email threats are increasingly evaluated through the lens of control assurance, human behaviour, and downstream access risk. That matters because a compromised mailbox can become the entry point to identity reset flows, delegated approvals, and token abuse. The practical conclusion is that email security has to be governed as part of identity assurance, not left as an isolated security tool domain.
A few things that frame the scale:
- 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, with 38% at no or low visibility and 47% at only partial visibility, according to The state of non-human identity security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities, according to The state of non-human identity security.
A question worth separating out:
Q: Who is accountable when email compromise leads to fraud or identity abuse?
A: Accountability should sit with the teams that own the affected trust paths, including email security, identity governance, and incident response. If a compromised mailbox can reach resets, approvals, or supplier workflows, those dependencies must be owned and tested before an incident occurs.
👉 Read our full editorial: Email threat resilience meets cyber insurance pressure in 2026
