OneInfinity Pioneers AI-related Risk Coverage in Upgraded Cyber Insurance, Delivering Comprehensive Protection for Hong Kong SMEs and Start-Ups

OneInfinity, a virtual asset insurance product by digital insurer OneDegree, announced a major upgrade to its cyber insurance product. The upgraded cyber policy addresses AI-related risks insofar as they intersect with cyber security, data protection, and network compromise.

The enhancement addresses the urgent global demand for AI risk protection and aligns with the Protection of Critical Infrastructure (Computer System) Ordinance, effective January 1, 2026 in Hong Kong. The upgrade provides a holistic solution integrating compliance, risk management, and financial safeguards to build a sustainable AI risk ecosystem for local enterprises.

AI Risk Insurance Gap Rapidly Widening as Major Insurers Refuse Coverage

In recent years, several global insurance giants have successively applied to regulators to add exclusion clauses to commercial policies. These clauses exempt coverage for legal liabilities arising from enterprises’ deployment of AI technologies, excluding losses caused by the use or integration of AI tools (such as chatbots and agentic AI systems) from the scope of coverage. Reports indicate that some insurers have even included exclusions for any “actual or alleged use of AI,” leaving many companies actively adopting generative AI exposed to highly systemic and interconnected risks with virtually no protection.

Recent incidents have shown how AI can materially amplify cyber risk when used as part of an attack vector — including AI-generated voice deepfakes used for large-scale financial fraud¹, AI-enhanced phishing campaigns leading to credential compromise and data breaches², and the use of AI to automate ransomware and extortion activities³. These developments highlight the growing need for cyber insurance solutions that explicitly address AI-enabled cyber threats, rather than standalone AI liability.

OneInfinity Takes Proactive Enhancement: AI-related Risks Now Covered

While many insurers are retreating by adding exclusion clauses, OneInfinity is proactively upgrading its product that include AI risks within the coverage scope, offering enhanced protection for enterprises actively adopting AI—particularly SMEs and innovative companies implementing generative AI, AI agents, and automated decision-making systems.

Through collaboration with its sister company Vulcan, which offers AI red‑teaming and real‑time guardrail solutions, OneInfinity combines active AI defence technology with insurance
risk transfer. The product is designed to help companies scale AI adoption confidently while
limiting potential financial losses from AI errors, misuse, or malicious exploitation.

Businesses can choose coverage levels up to US $2 million, balancing affordability and protection. The product continues OneInfinity’s tradition of clear policy terms combined with a digital application process, allowing for quick online completion.

Key AI-related cyber coverages include:

• Cyber losses and third-party liability arising from security incidents where artificial intelligence technologies are used within the insured’s systems or exploited as part of a cyberattack, resulting in network compromise, data breaches, or system disruption.

• Costs associated with incident response, business interruption, data recovery, network security, and privacy liability following cyber events in which malicious actors leverage or exploit artificial intelligence to gain unauthorized access, exfiltrate data, or impair system availability.

OneInfinity has incorporated risk layering and sub-limit management in the product design and provided clear compensation boundaries within a sustainable risk framework. OneInfinity have also secured A-rated reinsurer capacity to ensure sustainability.

Michelle Ip, AIFT Group Managing Director said: “With the new ordinance in effect, we expect growing demand for cyber security protection. In today’s AI‑driven environment, proactive monitoring and prevention are essential. AI can be both a risk and a safeguard — it’s a double‑edged sword. By embedding AI risk cover directly into our products, we’re helping enterprises take advantage of AI innovation while managing its challenges responsibly.”

New Cybersecurity Law Spurs Demand and Sector Growth

The Protection of Critical Infrastructure (Computer System) Ordinance had officially come into effect on January 1, 2026, imposing three major statutory obligations on designated “critical infrastructure operators”: establishing a security management framework; formulating and implementing security management plans with regular risk assessments; and incident reporting and response arrangements. The regulated sectors cover key industries such as energy, information technology, banking and financial services, transportation, healthcare, telecommunications, and broadcasting—expected to significantly drive local enterprises to enhance their cyber and information security standards.

As AI reshapes the cyber risk landscape, demand for consulting and technology solutions is expected to increase, attracting new providers and foreign investment. OneInfinity aims to support Hong Kong enterprises with integrated insurance, advisory, and compliance service, empowering them to pursue AI innovation with confidence under a sustainable risk framework.

Remarks:

1 World Economic Forum – Deepfake AI used in $25m corporate fraud case (https://www.weforum.org/stories/2024/07/deepfake-ai-cybercrime-arup/)
2 BlackFog – AI powering a new wave of phishing attacks (https://www.blackfog.com/ai-phishing-powering-a-new-wave-of-cyberattacks/)
3 Proofpoint – Generative AI accelerating phishing and social engineering
(https://www.proofpoint.com/us/threat-insight/post/generative-ai-and-phishing), Dark Reading – Cybercriminals using AI to scale ransomware and extortion (https://www.darkreading.com/cyberattacks-data-breaches/how-cybercriminals-are-using-ai)

Prof Kentaroh Toyada

Director of GenAI Research

Prof Kentaroh Toyada is Director of GenAI Security Research at Vulcan, AIFT, where he lead the strategic research and development of generative AI security. Previously, he was a Senior Scientist at the Institute of High-Performance Computing (IHPC), Agency for Science, Technology and Research (A*STAR), where he focused on advancing AI and Web3 technologies. He is also serving as the visiting associate professor in the Department of Information and Computer Science at Keio University in Japan.

Tal Eliyahu

Cybersecurity Leader

Tal Eliyahu is a cybersecurity leader based in Singapore with more than 15 years across startups and innovation labs, helping more than 30 startups build and scale cybersecurity foundations across crypto, financial services, and supply-chain ecosystems. He has shaped cyber risk strategy for financial services innovation at SC Ventures and contributed to initiatives with the Citi Innovation Lab.

He has participated in four regulatory task forces and is an active FS-ISAC member. Tal serves on the advisory board for the Black Hat AI Summit and leads the AI Village at BSides. Known for a hands-on, experiment-driven approach, he connects peer-driven intelligence, regulatory needs, and emerging AI risk discussions to translate complex risks into auditable, verifiable, and scalable controls across banking and fintech.

Professor Patrick Glauner

Patrick Glauner is the Founder & CEO of skyrocket.ai GmbH and a Full Professor of Artificial Intelligence at Deggendorf Institute of Technology since age 30. With a rich background of over 15 years in AI, in both industry and academia, including roles at the European Organization for Nuclear Research (CERN) and in AI leadership in industry, he brings the big picture of AI and advises companies on the use of AI from a strategic, operational and technical perspective.

He has advised numerous parliaments on AI policy as an expert witness and is regularly featured in international media. He studied at Imperial College London and is an alumnus of the German National Academic Foundation (Studienstiftung des deutschen Volkes).

Professor Muhammad Khurram Khan

Prof. Muhammad Khurram Khan is a globally recognized cybersecurity thought leader with over 25 years of impactful contributions in research, innovation, and digital policy. He is a founding member of the Center of Excellence in Information Assurance (CoEIA) at King Saud University and has played a key role in shaping national academic programs and workforce development in alignment with Saudi Arabia’s Vision 2030. He is also the founder and CEO of the Global Foundation for Cyber Studies and Research (USA).

Prof. Khan has published over 500 peer-reviewed papers, holds 11 U.S. patents (4 more pending), and has received more than 37,000 citations, with an h-index of 100. He is ranked among the world’s top 2% of scientists by Stanford University. He serves as Editor-in-Chief of Springer-Nature’s Telecommunication Systems journal and sits on the editorial boards of several IEEE, Elsevier, and Springer journals.

Alex Leung

Co-founder and Group CXO

Alex has 20 years of experience in strategy, product and technology planning in risk management and insurance industry. Previously, he served in leadership roles at a number of startups in the US and Asia. He had also been a consultant with the World Bank and Deloitte Consulting in the US. Alex is a fellow of the Society of Actuaries. He holds an MBA from UC Berkeley and a Bachelor’s degree in Mathematics from UCLA.

Alvin Kwock

Co-founder and Group CEO

Alvin has a diverse background in finance, emerging technology, and risk management. Prior to starting AIFT, Alvin was the Asia-Pacific Head of Emerging Technology and Taiwan Head of Research at JPMorgan. Under Alvin’s leadership, JPM’s Asia Tech Hardware team has been received multiple accolades. He is a member of United Nations ESCAP’s Banking and Finance Task Force, Hong Kong Insurance Authority’s Future Task Force, and he also serves on CUHK Business School Quantitative Finance Advisory Committee. He holds an MA degree in Social Science and a BA degree in Economics, both from the University of Chicago.

Robin Scott

GM of Middle East &

Group General Counsel

Robin has extensive experience in corporate transformation, legal, and strategic roles. Before joining AIFT, Robin worked at a leading Southeast Asian conglomerate in legal and transformation roles. He began his career as a lawyer, working in the London, New York and Hong Kong offices of Freshfields. He holds an MA degree from the University of Cambridge.

Nigel Yip

Group Deputy CFO

Nigel brings a wealth of experience in financial strategy to AIFT. Before joining AIFT, Nigel held the position of CFO at a publicly listed company, where he led several successful fundraising initiatives, including an IPO in Hong Kong. He played a pivotal role in establishing robust financial reporting processes, strengthening internal controls, and ensuring compliance with regulatory standards. Prior to his corporate executive career, Nigel accumulated extensive experiences at Rothschild and Credit Suisse, where he specialized in IPOs, cross-border M&A, and private equity investments. Nigel holds an MBA from the University of Chicago Booth School of Business and a Bachelor of Economics and Finance from the University of Hong Kong.

Emily Chow

Deputy CEO of OneDegree

Emily is a seasoned veteran with 18 years of experience in banking and finance industry. Previously serving as PrimeCredit’s Head of Marketing, Emily was instrumental in the “PrimeCredit Brothers” rebranding campaign, which was a huge success and eventually led the brand to become a market leader. Prior to joining AIFT, Emily held key positions at WeLend and virtual banks WeLab Bank as well as Airstar Bank, where she demonstrated proven track records in driving the go-to-market strategy and various branding and marketing campaigns with solid experience in disrupting various markets with innovative product designs and digital experiences.

Michelle Ip

Group Managing Director

Michelle has more than 12 years of experience in insurance and insurtech start-ups, including greenfield market entry, oversight and business development across multiple countries in ASEAN like Cambodia, Myanmar and East Asia. Michelle was previously the founding member of iFWD, the no.1 digital insurer in Hong Kong since 2015, and the co-founder of Sugar AI, a fintech startup launched in 2018 and Partnership Director at bolttech. Michelle holds a Master's degree in International Relations and Affairs from the London School of Economics and Political Science (LSE) and a BBA in Accounting and Finance from the University of Hong Kong.

Rex Zhang

GM of Web3 Businesses

With extensive experience across global insurers and reinsurers, Rex has played a pivotal role in building multiple digital and insurance solutions from the ground up. Rex specializes in bridging traditional insurance with fintech, Web3, and cybersecurity solutions, delivering tailored products that address the evolving needs of partners and clients. His expertise spans underwriting, risk assessment, and digital transformation, enabling businesses to navigate emerging risks with confidence. He holds a Master’s degree in Fintech from HKUST and a BBA in Insurance, Financial, and Actuarial Analysis from CUHK.

Professor Tony Chan

Prof. Tony Chan is a board member of the Future Investment Initiative Institute and the former President of both King Abdullah University of Science and Technology (KAUST) and The Hong Kong University of Science and Technology (HKUST). An expert in computational mathematics, AI, and digital strategy, he has led major research initiatives in AI and innovation, driving digital transformation in academia and industry. He holds a Ph.D. in Computer Science from Stanford University.

Professor Ben Y. Zhao

Prof. Ben Zhao, Neubauer Professor at the University of Chicago, is an expert in AI, ML, Security and Data. Prof. Zhao is a Distinguished Scientist at the Association for Computing Machinery and has received multiple honors and prestigious awards including the NSF CAREER award, MIT Technology Review’s TR-35 Award (Young Innovators Under 35), ComputerWorld Magazine’s Top 40 Tech Innovators award, Google Faculty award, and IEEE ITC Early Career Award. He holds a Ph.D. in Computer Science from UC Berkeley.

Professor Hau L. Lee

Prof. Hau L. Lee is the Thoma Professor of Operations, Information, and Technology at the Stanford Graduate School of Business. A leading expert in supply chain management and operations research, his work has significantly influenced both academia and industry. His research is widely recognized, including a paper ranked among the 10 most influential in Management Science history. Beyond academia, Prof. Lee has worked extensively with both public and private sectors. He holds a Ph.D. in Operations Research from Wharton.