2026 Intangible vs Tangible Risks Comparison Report

De-risking AI, IP, and Cyber

2026 Intangible vs Tangible Risks Comparison Report

Sponsored by Aon Risk Solutions. Independently conducted by the Ponemon Institute. Published May 2026.

The 2026 Intangible versus Tangible Risks Comparison Report is based on insights from 2,487 risk, cyber and finance professionals across regions, industries and organization sizes worldwide. The research confirms that information assets – data, IP, models and digital infrastructure – now slightly exceed the value of traditional physical assets on corporate balance sheets, and that the financial impact of a major information asset loss is, on average, higher than that of a comparable physical asset loss.

"Data is the foundation, and AI sits below that, feeding off the data foundation. Next is analytics: analyzers that are forward looking, benchmarks that help clients compare themselves to others, and diagnostics that help isolate problems and recommend how to improve results.”

– Mindy Simon, COO, Aon

Yet insurance strategies have not kept pace with how AI is reshaping risk. On average, organizations report information asset values of approximately $1.49 billion – marginally higher than the $1.40 billion average for PP&E – but continue to rely heavily on self insurance for digital risk. Only about 20 percent of information asset exposure is covered by insurance and roughly 60 percent is self insured, compared to 55 percent insurance coverage and 34 percent self insurance for PP&E. At the same time, the estimated likelihood of a 100 percent PML loss to information assets has risen from 3.1 percent in 2024 to 4.9 percent in 2026, underscoring how fast these exposures are growing.

AI adoption is now nearly universal among study participants: 68 percent already use AI tools and a further 18 percent expect to do so within 12 months. However, as AI is embedded into underwriting, trading, clinical decision making, customer screening and industrial operations, AI related exclusions and sub limits are proliferating across many traditional policies – from cyber and E&O to general liability and IP. Only a minority of current AI related claims fall cleanly into standalone cyber cover; many instead test the boundaries of E&O, media liability, D&O, EPL and other lines, turning “what actually responds when an AI system causes harm?” into a board level question.¹

The study also underscores the escalating frequency and cost of cyber and AI enabled incidents. Sixty three percent of organizations experienced at least one material security exploit or data breach in the past two years, with each incident costing an average of $5.75 million. Against this backdrop, risk managers are increasingly seeking affirmative, clearly drafted cover for generative AI risks, and more than two thirds of buyers would pay higher premiums for explicit AI extensions rather than rely on silent or ambiguous wording.²

As organizations navigate an extended period of AI driven transformation, this growing misalignment between where enterprise value resides (intangible and information assets) and where insurance capital is deployed (tangible assets and legacy cover structures) widens the protection gap. The 2026 report challenges boards, risk leaders and insurers to treat AI, cyber and information assets as a single, integrated enterprise exposure – using better data, clearer policy design and, where appropriate, alternative risk transfer to better align insurance programs with modern balance sheets and the real world volatility of AI driven, IP and data related losses.

63%

63% of respondents say their existing policies or standalone AI liability cover do not address AI generated attack risks (or are unsure), yet 63% are interested or very interested in purchasing an AI liability policy.

With AI adding complexity to traditional operating models, leaders need forward looking, actionable insights to understand their exposures and take effective action to manage their risks, protect their balance sheets and grow amidst the volatility.

Greg Case

President and Chief Executive Officer

What is the report about?

This research provides a clearer view of how rapidly evolving generative AI, cyber and intellectual property (IP) risks are reshaping organizations’ balance sheets – and how far insurance strategies have fallen behind. It highlights the growing dominance of intangible assets and the role insurance can play in protecting those assets, so leaders can make more informed choices about how to deploy finite risk and capital resources across both tangible and intangible perils.

"Data centers are growing rapidly in scale and complexity as artificial intelligence adoption accelerates, creating both a new challenge and a defining opportunity for the insurance industry as risk and capital increasingly converge.”

– Joe Peiser, Aon Risk Capital CEO

In the report, we compare the relative:

Value of key tangible assets (Property, Plant & Equipment) versus critical intangible assets (information assets and IP)
Potential loss severity and likelihood associated with tangible versus intangible assets
Extent and structure of insurance protection for tangible versus intangible assets, including where self insurance, gaps, exclusions and sub limits are leaving organizations exposed in an increasingly AI enabled risk landscape