“If you can’t mitigate it, insure it.” 

This simple adage, stated by our Chief Security Officer, David Clarke, encapsulates the fundamental challenge facing businesses in the era of artificial intelligence.  

As the former Head of the United Kingdom’s National Fraud Intelligence Bureau, David brings deep expertise in tackling organised crime, fraud, and terrorism. His leadership experience spans the City of London Police and the Royal Air Force, providing him with a robust understanding of security at the intersection of technology and risk. 

David Clarke, with his slogan, in front of the Lloyds building, the world’s largest insurance marketplace.

David’s background includes serving as a United Nations Peacekeeper in Bosnia and responding to major incidents such as the London terrorist attacks, reinforcing his conviction that true security requires both advanced technology and strong community collaboration. 

He has demonstrated this commitment through initiatives like chairing the independent Fraud Advisory Panel and launching the COVID-19 Fraud Watch Task Force, which shared intelligence to counter emerging threats during the pandemic. David is also a respected voice on security, regularly appearing on BBC Television, The Times, and giving evidence to the UK Parliament’s Treasury Select Committee. 

David Clarke as a commentator as the Chair of the Fraud Advisory Panel at the BBC.

Now AI can create convincing email scams  

Whilst David is a champion of AI for good, he urges us to focus on its vulnerabilities.  

While companies are quick to deploy Large and Small Language Models, insurers are often hesitant to underwrite the risks. Why? Because the scale of AI risk is unknown, and the liability for a malfunctioning or compromised model is too great. The legal and financial consequences of a misstep, such as an AI providing incorrect medical advice or a compromised financial model, are too vast to be easily quantified and insured against. 

For example, Reuters tested major AI chatbots to craft phishing emails targeting elderly people. The bots created highly persuasive messages that fooled participants. The AI improved grammar, tone and personalisation of the messages, making them more authentic and harder to detect as a scam.   

AI introduces new, complex security vulnerabilities that traditional cybersecurity protocols may not address. Businesses need to be aware of four key risks: 

• Data poisoning. When malicious actors infect a model’s training data, they can compromise the integrity of its output.  
• Model manipulation. Adversaries can trick an AI model into making incorrect decisions. For instance, a small, imperceptible change to an image could cause an object recognition model to misclassify an object, with potentially dangerous results. 
• Data leakage. Sensitive information can be inadvertently exposed during the AI process. Without proper controls and access permissions, confidential data used for training can be recalled or leaked through a malicious query.
• Supply chain vulnerabilities. Unsecured third-party AI services can serve as a backdoor for attackers, allowing them to breach your systems and compromise your data. 

What Boards must do 

C-Suite executives must be proactive in their approach to AI security, moving beyond simple awareness to actionable strategies. According to David, true preparedness involves due diligence, governance, and a commitment to always having human supervision of AI.  

For the things you cannot mitigate with robust measures, protect these with insurance – and make sure it is sufficient to cover all likely outcomes. And if anyone on your board tries to convince you that insurance isn’t necessary, remind them of the cyber-attack that brought down JRL, who did not insurance cover for cyber risks.

GAI Translate: a secure AI engine, built for you 

At GAI Translate, our model is built, from the ground-up, on a foundation of data security and human oversight. Our commitment to these principles was recently validated by the Security and Safety Entrepreneur Award (SSEAS) for 2025. We are also ISO:27001 and ISO:9001 certified, a testament to our dedication to robust security and quality controls.  

When you use GAI Translate, you have the option to go through our certified and vetted linguists, which provide a critical layer of oversight. This certification is covered by insurance, which means that by choosing our service, you can outsource your liability for the translation’s accuracy. 

Our platform uses end-to-end encryption and robust security protocols, providing uncompromised data protection. We are designed specifically to help businesses in regulated industries meet stringent compliance standards, ensuring your translations are handled with the highest degree of care. GAI is your trusted, reliable partner. 

Conclusion 

In an era where the lines between reality and simulation are blurred, and digital risks are evolving faster than ever, you must be prepared. David Clarke’s message is simple:  

“Security is the foundation to using technology. In the Age of AI, you can’t win the game unless you rewrite the rules from the inside out – that’s what we’ve done with GAI.” 

Contact us for a demo to learn how human-first AI translation with insurance-backed certification can secure your global communication.