Tom Wetzel, AI for Insurance Agents and Cyber Crime Expert - PIR Ep. 806

Tom Wetzel explains that generative AI has turned cybercrime into a low‑cost, high‑speed operation. Criminals can now launch shotgun attacks against any target, and the industry’s data shows that 60 % of insurance‑sector breaches originate from third‑party vendors. With an estimated $25 trillion global cybercrime economy, even a five‑person agency is a viable victim because AI tools automate credential harvesting, phishing templates, and even custom malware. Supply‑chain weak points such as agency management systems or popular services like DocuSign become backdoors, making the traditional belief that “small agencies aren’t worth hacking” dangerously obsolete.

Carriers are responding by embedding cyber‑security requirements into agency contracts. Mandatory multi‑factor authentication (MFA), managed detection and response (MDR) solutions, and annual cyber risk assessments are now common conditions for doing business. Wetzel’s tiered assessment model offers a lightweight, affordable option for boutique agencies while still surfacing hidden passwords and partial credit‑card numbers. Agents who meet these standards reap tangible benefits: automatic premium discounts, higher sub‑limits, reduced breach penalties, and a measurable boost to agency valuation. In effect, a robust cyber posture transforms a compliance cost into a competitive advantage in the insurance marketplace.

Practically, agents should start with a comprehensive cyber risk assessment to map devices, remote‑work practices, and third‑party integrations. Deploy MFA across every application, consider biometric logins where feasible, and invest in an MDR platform that continuously monitors endpoints for anomalous behavior. Regularly patch software and train staff to verify unexpected emails, especially those mimicking DocuSign or carrier communications. As AI continues to lower the barrier for inexperienced hackers, staying ahead of evolving tactics requires annual reassessment and incremental upgrades. By treating cybersecurity as a core business asset, independent agents protect client data, lower insurance costs, and position their firms for future growth.