Source: Article from Insurance Journal – Author: L.S. Howard.
A new Moody’s Ratings report finds many organizations lack policies governing AI use, creating higher risks of data breaches, IP loss, and reputational harm. Learn how strong cyber governance and insurance can help protect your business.
AI Oversight Gaps Heighten Cyber Exposure
A recent Moody’s Ratings 2025 cybersecurity survey reveals that many companies and public entities still lack formal rules to manage employee use of artificial intelligence (AI) tools like ChatGPT and Google Gemini. Without such policies, staff may unintentionally share sensitive or proprietary data with public platforms—raising the likelihood of data breaches, intellectual property loss, and reputational damage.
Nearly 22% of surveyed organizations admit they have no AI-use restrictions, and only 48% of local governments have implemented governance measures. In contrast, North American companies lead in this area, with 80% enforcing AI controls.
Cyber Threats Growing More Severe
Moody’s notes that cyberattacks against rated organizations remain significantly higher than pre-2010 levels, though slightly below their 2020 peak. As digitalization expands and technologies such as generative AI and quantum computing evolve, the severity and cost of cyber incidents are expected to rise.
Third-Party Software: A Weak Link
The report highlights the growing risk of supply-chain and third-party software vulnerabilities. Fourteen percent of respondents have never reviewed their vendors’ cybersecurity practices, while only 65% conduct reviews annually. To mitigate exposure, more organizations now require their vendors to carry cyber insurance when accessing internal systems.
Cyber Hygiene Still Lacking
Even basic protections are being overlooked:
22% of organizations do not perform daily data backups.
Only 75% enforce multi-factor authentication (MFA) across all applications, despite Microsoft data showing MFA can block 99.9% of account-based attacks.
Encouraging Signs of Better Oversight
There is some progress. Twenty-eight percent of cybersecurity leaders now report directly to CEOs or CFOs—a 13% increase from Moody’s previous survey—showing that executive awareness and accountability are improving.
About the Survey
Moody’s collected 1,952 responses worldwide between April and July 2025 from corporate, financial, infrastructure, healthcare, and public-sector organizations. The study assessed four key areas: cyber governance, operations, risk transfer (insurance), and AI usage.
Protecting Your Business
As AI tools become standard in daily operations, cyber governance and insurance protection are more critical than ever. We can help businesses strengthen their cyber defenses and secure coverage tailored to their operations.
📞 Call us at (323) 869-0780
📧 Email: steve@faisinc.com
🌐 Visit: www.faisinc.com
You’re on the right road with Falcon & Associates.
