NEW YORK (Reuters) - American International Group Inc AIG.N said it would include cyber coverage to its commercial casualty insurance during the first quarter of 2018, a move that would boost rates but make it clearer how customers are covered if they are the victim of a security breach.

FILE PHOTO: The AIG logo is seen at its building in New York's financial district March 19, 2015. REUTERS/Brendan McDermid/File Photo

The change is part of the insurance giant’s effort to shift from issuing policies that do not specify whether cyber losses are covered, said Tracie Grella, AIG’s Global Head of Cyber Risk Insurance, while on the sidelines of a cyber risk conference in New York on Thursday.

AIG is in the process of reviewing all types of coverage it offers to gauge its exposure to cyber risk, Grella said.

Cyber coverage is a mounting concern for companies worldwide as hackers increasingly take aim at their technology systems.

In September, Equifax Inc EFX.N, a provider of consumer credit scores, disclosed that cyber criminals had breached its systems between mid-May and late July and stolen the sensitive information of 145.5 million people. The hack is among the largest to occur.

Many commercial insurers offer stand-alone cyber coverage, separate from other property and casualty policies, but cyber coverage is not yet a standard addition to most other policies.

But insurers are also struggling to estimate their potential exposure to cyber-related losses amid mounting cyber risks and interest in cyber insurance.

Information from AIG’s review of existing policies will help the insurer better understand the insurer’s overall exposure, Grella told risk managers and insurers at a conference organized by Advisen Ltd, an insurance industry data and technology provider.

AIG unveiled a property policy in April that specifically includes cyber coverage, Grella said.

Adding cyber coverage to other types of policies will mean higher rates, Grella said. “When you buy affirmative cyber coverage, you should be paying for it,” Grella said.

(The story corrects first paragragh to show cyber coverage will begin during the first quarter of 2018 instead of January.)