Coalition, Liberty Mutual Insurance, Lockton, Resilience, and Marsh are now part of QuiltWorks. Their addition turns what was a technical risk framework into something genuinely different: the first model that spans vulnerability discovery, expert remediation, and financial protection in a single coordinated structure, with actuarial intelligence and underwriting expertise informing the risk prioritization throughout.

That combination is worth examining carefully. Not because it is a good press release narrative, but because the specific problem it addresses is real, growing, and not being solved adequately by anything else currently available.

Why Frontier AI Changed the Insurance Conversation

The cyber insurance market has been trying to figure out how to price and underwrite frontier AI risk for the better part of two years and the honest answer from most underwriters has been that they are doing it with inadequate visibility into the actual exposure profile of the organizations they are covering.

The challenge is specific. Frontier AI has done two things to the vulnerability lifecycle simultaneously. It has accelerated vulnerability discovery AI-enabled scanning and analysis tools can identify exploitable weaknesses in software and infrastructure faster than human researchers working conventional methods. And it has compressed the exploitation timeline once a vulnerability is known, AI-assisted exploit development can produce working attack code in hours rather than the weeks that gave defenders a meaningful remediation window.

The result is that the actuarial models underwriters use to price cyber risk models built on historical data about how long organizations had to remediate before exploitation occurred, how often disclosed vulnerabilities were actually weaponized, how quickly defenders could respond are increasingly disconnected from the frontier AI reality. The historical data suggests one risk profile. The current environment is producing a different one.

Tim MalcomVetter, General Manager of Security at Coalition, captured the specific dynamic: frontier AI is collapsing the window between vulnerability and loss. That collapse is not gradual. It is happening fast enough that coverage decisions made based on last year’s risk models are already partially obsolete.

For insurers trying to maintain both coverage availability and solvency, that is a genuine problem. For organizations trying to obtain and maintain the coverage their boards and contracts require, it is also a genuine problem because insurers raising their bars in response to frontier AI risk means coverage is harder to get and more expensive to maintain without demonstrated visibility and remediation capability.

Project QuiltWorks addresses both sides of that problem simultaneously by creating a shared intelligence layer between the security program and the insurance underwriting process.

What QuiltWorks Actually Is Now

The original Project QuiltWorks combined CrowdStrike’s AI-driven vulnerability discovery and adversary-informed prioritization with remediation services from major systems integrators. Powered by frontier models from OpenAI and Anthropic, it gave organizations a way to identify the exposures most likely to be exploited and a clear path to closing them with expert help.

The insurance industry addition extends that structure in four specific directions that together produce something qualitatively different from what existed before.

Financial risk modeling brings actuarial expertise directly into the exposure prioritization process. Most vulnerability management programs prioritize based on CVSS scores the standardized severity ratings that describe how dangerous a vulnerability is in the abstract. CVSS scores do not know your specific environment, your specific threat actor profile, or what a successful exploit against your specific infrastructure would actually cost your specific business. Actuarial intelligence that incorporates claims data from thousands of real incidents, mapped against the specific characteristics of your environment, produces a financial exposure picture that CVSS scores were never designed to provide.

Exposure prioritization that combines adversary intelligence, vulnerability telemetry, and underwriting insights addresses the signal-to-noise problem that overwhelms most vulnerability management programs. The average large enterprise has thousands of open vulnerabilities at any given time. The question is not which ones are theoretically most severe it is which ones are most likely to be exploited, and which ones, if exploited, would generate the largest financial and business impact. Combining what adversaries are actually targeting with what insurers have seen turn into expensive claims produces a prioritization signal that neither source could generate alone.

Underwriting confidence is the dimension that changes the insurance relationship from transactional to continuous. When an insurer has visibility into a client’s real-time risk exposure what vulnerabilities exist, what is being actively remediated, what the trajectory of the security posture looks like over time they have the intelligence to underwrite frontier AI risk with confidence rather than pricing in uncertainty as a premium buffer. For the organisation on the other side of that relationship, demonstrated continuous visibility and proven remediation frameworks become the evidence base for obtaining and maintaining the coverage their business requires.

Coordinated risk mitigation is the feedback loop that makes the framework self-improving over time. CrowdStrike’s vulnerability discovery, adversary intelligence from active threat tracking, claims data from insurance incidents, and remediation outcomes from expert-led remediation services all feed into a continuous cycle that gets better at identifying the right risks to prioritize and the right approaches to close them. That continuous loop is what distinguishes a framework from a point-in-time assessment.

The Board Conversation This Framework Was Built For

Daniel Bernard, CrowdStrike’s Chief Business Officer, said something in the announcement that is worth taking seriously: frontier AI risk does not stop at technology. It lands on the balance sheet.

That statement reflects something that CISOs and security leaders have known for a while but have struggled to translate into the language that boards, CFOs, and audit committees need to act on it. A vulnerability disclosure and remediation plan is a security document. A financial exposure quantification that connects specific technical risks to specific potential losses expressed in the dollar terms that boards use to make risk management decisions is a governance document.

The difference matters because the decisions that flow from each are different. A security document produces a remediation prioritization queue. A governance document produces risk transfer decisions, reserve calculations, insurance coverage requirements, and board-level risk appetite conversations. Most security programs produce the first and struggle to produce the second.

Project QuiltWorks, with the insurance industry partners now embedded in the framework, produces both. The actuarial expertise that Coalition, Liberty Mutual, Lockton, Resilience, and Marsh bring to the framework translates technical exposure into financial exposure in terms that board members can engage with substantively rather than receiving as an update from the security team.

Michelle Faylo, U.S. Cyber and Technology Leader at Lockton, identified the specific demand this addresses: clients increasingly want greater visibility into frontier AI exposure and a clearer path to mitigation. That demand is not coming from the IT department. It is coming from risk management, finance, and governance functions that are being asked questions about frontier AI risk that they currently cannot answer with the confidence that regulators, investors, and counterparties increasingly expect.

Why the Claims Data Feedback Loop Is the Most Underappreciated Element

The inclusion of cyber insurers in the prioritization intelligence layer is the element of Project QuiltWorks that is easiest to understand at the headline level financial protection, underwriting confidence, risk transfer and hardest to appreciate at the technical level without thinking through what claims data actually contains.

When a cyber incident results in an insurance claim, the claims process generates extraordinarily detailed data about what happened, how it happened, which specific vulnerabilities or misconfigurations enabled the attack, how long the incident persisted before detection, what the remediation required, and what the total financial impact was. That data, aggregated across thousands of incidents, is the most grounded source of insight into which technical vulnerabilities actually drive financial loss that exists anywhere.

CVSS scores are developed by researchers assessing theoretical severity. Adversary intelligence reflects what threat actors are currently interested in. Claims data reflects what actually caused organisations to lose money, suffer disruption, and make insurance claims. Those three signals are related but not identical and the combination produces a prioritization intelligence that is more grounded in real-world financial impact than any single signal alone.

Jud Dressler, Head of Risk Operations at Resilience, described the practical problem that claims data helps solve: it is unfeasible to secure everything, so organisations must prioritize the threats that pose the most material risk to their business. That framing is accurate and important. Every security program makes prioritization decisions, often with insufficient information about which decisions matter most financially. Claims data from Resilience’s Risk Operations Center, combined with CrowdStrike’s adversary intelligence and vulnerability telemetry, gives that prioritization process an empirical grounding in actual loss outcomes that changes the quality of the decisions it produces.

What the Framework Signals About Where Cyber Risk Management Is Heading

Pull back from the specific QuiltWorks capabilities and a market trajectory becomes visible that has implications beyond CrowdStrike and its insurance partners.

The convergence of cybersecurity and cyber insurance has been anticipated and discussed for years, but the actual integration between security programs and insurance processes has remained largely transactional. Security teams generate assessments. Insurance applications get filled out. Underwriters make coverage decisions. Claims happen. The feedback loop between those stages has been slow, lossy, and dependent on periodic rather than continuous information exchange.

Frontier AI is forcing that integration to become real. When exploitation timelines compress to hours and vulnerability discovery accelerates to AI-enabled speeds, the gap between the security program’s current posture and the insurance underwriting model’s assumptions about that posture becomes financially material in ways that both sides need to address.

The framework approach that Project QuiltWorks represents continuous shared visibility between security programs and insurers, claims data feeding back into prioritization intelligence, underwriting confidence built on demonstrated rather than attested security posture is where the market needs to go. QuiltWorks is the first framework to get there with the combination of security technology, remediation capability, and insurance industry participation that makes the model credible rather than theoretical.

For CISOs navigating the frontier AI risk conversation with their boards, the framework provides something that has been genuinely missing: a way to connect technical exposure to financial exposure in terms that governance processes can act on, with insurance partners who have the confidence to provide meaningful coverage based on demonstrated continuous visibility rather than periodic compliance assertions.

For the insurers in the framework, the continuous visibility and shared intelligence model is what makes underwriting frontier AI risk economically viable rather than a category to avoid or charge prohibitive premiums for.

And for the organisations caught between frontier AI-enabled attackers moving at machine speed and boards asking for financial exposure clarity that security programs were not built to provide, Project QuiltWorks is the most complete answer currently available to both problems simultaneously.

Research and Intelligence Sources: CrowdStrike

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com