All our underwriting news
Agentic AI
Agentic Security: What Underwriters Need to Know in 2026
Autonomous AI agents are entering production at scale — and they bring a completely new attack surface that traditional cyber insurance questionnaires weren't designed to capture.
Michael Guiao
8 min read
AI Agents · · 9 min read
Living-Off-the-Land 2.0: How Autonomous AI Agents Are Weaponizing LOTL Tradecraft — And What It Means for Cyber Underwriting
The convergence of agentic AI and living-off-the-land attack techniques is collapsing three attacker constraints at once: cost, skill, and detectability. A deep analysis of demonstrated capabilities, real incidents, and the underwriting implications that should reshape your risk selection in 2026.
AI Ops · · 1 min read
How AI Is Changing Cyber Risk Assessment
A look at how AI and multi-agent systems are starting to transform the way we evaluate and underwrite cyber risk.
AI · · 7 min read
AI in Cyber Underwriting: Attacker, Defender, and Underwriter Perspectives
Exploring how AI transforms cyber risk from three angles: how threat actors weaponize it, how security teams deploy it, and how underwriters must adapt their approach.
AI Risk · · 4 min read
AI Risk Loading: Why Insurers Are Adding 10-15% and What It Means for Cyber Coverage
Allianz's blanket surcharge on AI-related cyber coverage is the industry's first systematic attempt to price AI risk. Here's what brokers and risk engineers need to know.
AI Risk · · 4 min read
Beazley vs. Allianz: Two Approaches to AI Risk in Cyber Insurance — What Brokers Must Know in 2026
Beazley uses flat 10% AI sublimits, Allianz uses individual risk assessment with up to 30% uplift. A detailed comparison of the two dominant approaches and what DACH brokers need at renewal.
NIS 2 · · 13 min read
Critical Infrastructure Underwriting Under NIS2: Healthcare, Energy, and Transport in 2026
A sector-by-sector guide for cyber underwriters on NIS2 critical infrastructure compliance in healthcare, energy, and transport — including specific requirements, claim trends, underwriting questions, and coverage implications.
Claims · · 9 min read
Denied: Why 1 in 4 Cyber Insurance Claims Gets Rejected in 2026
21% of cyber insurance claims were denied or partially denied in 2025, up from 15% two years ago. Here are the specific reasons — and what brokers can do to prevent it.
Claims · · 6 min read
Cyber Claims in 2026: Fewer Claims, Bigger Losses — The Severity Paradox
Cyber insurance claims frequency dropped 53% in early 2025 but average severity doubled for large accounts. What the data means for underwriters pricing risk in 2026.
Cyber Insurance · · 5 min read
Your Policy Says Cyber Event — But What Risk Does That Actually Expose?
Most cyber insurance policies define 'cyber event' so broadly that the term becomes meaningless for underwriting. Here is why that one definition matters more than any exclusion clause.
Cyber Insurance Comparison · · 16 min read
Cyber Insurance Comparison: How to Evaluate and Compare Policies in 2026
Learn how to compare cyber insurance policies in 2026. Coverage limits, deductibles, exclusions, endorsements, top EU providers, and a buyer's checklist. Includes NIS2 impact on policy selection.
Cyber Insurance · · 5 min read
How Much Does Cyber Insurance Cost in 2026? A Pricing Breakdown for Underwriters and Buyers
Complete guide to cyber insurance pricing in 2026. Learn the key factors that determine premiums, from revenue size to security controls, with real market benchmarks for SMEs and mid-market companies.
Cyber Insurance · · 14 min read
Cyber Insurance Policy Wording: 12 Essential Clauses Every Underwriter and Broker Must Check in 2026
Practitioner guide to cyber insurance policy wording — the 12 critical clauses that determine coverage scope, exclusions, and claims outcomes. Written for underwriters, brokers, and risk managers comparing cyber policies in 2026.
Brokers · · 8 min read
How to Prepare a Cyber Insurance Submission in 2026: The Complete Broker's Guide
A step-by-step guide for insurance brokers preparing cyber submissions in 2026. Covers NIS2, DORA requirements, what underwriters actually check, common submission mistakes, and how the Instant Broker Scorecard cuts prep time from 3 hours to 3 seconds.
Cyber Insurance · · 6 min read
The Cyber Insurance Submission Crisis: 7 Reasons Brokers Can't Afford Manual Risk Assessments in 2026
Cyber insurance submissions are broken. With premiums up 11% and carriers demanding quantified risk data, brokers who still prepare submissions manually are losing deals. Here's what's changing in 2026.
Risk Register · · 9 min read
Why Your Cyber Risk Register Is Lying to You — And What to Do About It
Most cyber risk registers are compliance checklists with no connection to real threat data, real incidents, or real financial exposure. Here is how to build one that actually works for underwriting decisions.
Cyber Risk · · 3 min read
Deepfake-Enabled BEC: The Claim Trend Underwriters Cannot Ignore
Business email compromise has been the most financially devastating category of cybercrime for years. Now deepfakes are supercharging that dynamic, and the claims data is starting to reflect it.
DORA · · 23 min read
DORA ICT Risk Management Framework: What Cyber Insurance Underwriters Must Know in 2026
Complete practitioner guide to the DORA ICT risk management framework for cyber insurance underwriting. Covers the 5 pillars, how they affect coverage decisions, underwriting questions for financial sector clients, and compliance deadlines.
DORA · · 16 min read
DORA ICT Risk Management Framework: Complete Practitioner Guide for Financial Institutions and Their Insurers in 2026
Comprehensive guide to the Digital Operational Resilience Act (DORA) ICT risk management framework. Covers all 5 pillars, compliance requirements, underwriting implications, and the intersection with NIS2 for EU financial institutions.
Brokers · · 4 min read
Instant Broker Scorecard (IBS): From Domain to Submission in 3 Seconds
The Instant Broker Scorecard (IBS) turns any domain into an underwriter-ready risk assessment in 3 seconds — with financial exposure estimates in EUR, underwriter recommendations, and a printable PDF your carrier will actually read.
Newsletter · · 5 min read
Introducing The Underwriter's Edge
A new weekly newsletter for cyber underwriters, risk engineers, and brokers who want to stay ahead of threats, regulations, and emerging risks.
Detection Gap · · 8 min read
The LOTL 2.0 Detection Gap: Why Your Current Security Stack May Be Blind to the Next Generation of Attacks
Detailed analysis of the specific detection blind spots that autonomous LOTL attacks exploit — and the behavioral analytics, identity monitoring, and architectural changes that close them. Includes a control effectiveness matrix for underwriters and risk engineers.
Mid Market · · 7 min read
The Mid-Market Crosshairs: How LOTL 2.0 Eliminates the "Too Small to Target" Protection
Analysis of why mid-market organizations (€50M–€500M revenue) are the primary beneficiaries of the LOTL 2.0 shift, how attacker economics have fundamentally changed, and what this means for cyber insurance portfolio risk. Includes scenario modeling for underwriters.
Underwriting · · 8 min read
The LOTL 2.0 Underwriting Playbook: Risk Selection Criteria When the Attacker Is an Algorithm
Practical underwriting framework for assessing cyber risk in the era of autonomous LOTL attacks. Includes revised risk scoring matrices, control weight adjustments, and application question updates for underwriters.
NIS 2 · · 9 min read
The NIS2 + AI Coverage Gap: When Your Cyber Policy Won't Cover the Incident NIS2 Requires You to Report
NIS2 mandates AI incident reporting for hundreds of thousands of EU entities. But most cyber insurance policies contain silent AI exclusions, sublimits, or ambiguity that leave insureds paying for AI incident response out of pocket — even though NIS2 required them to report the incident in the first place.
NIS 2 · · 10 min read
The NIS2 Audit Crunch: What Underwriters Need to Know Before June 30, 2026
With the June 30, 2026 NIS2 compliance audit deadline approaching, cyber underwriters face a narrow window to reassess risk profiles across their entire European portfolio. Here is what the audit requirement means for how you evaluate, price, and write cyber coverage.
NIS 2 · · 12 min read
How to Prepare for a NIS2 Audit: Documentation, Evidence, and Compliance Verification Guide (2026)
Complete guide to NIS2 audit preparation. Covers documentation requirements by Article, evidence collection, common failures, management liability, and a 30-day pre-audit checklist for in-scope EU entities.
NIS 2 · · 4 min read
NIS2 Compliance Is Now an Underwriting Requirement — Every Broker's Duty of Care
The NIS2 transposition deadline has passed. With fewer than 10% of critical entities fully compliant, carriers are starting to exclude non-compliant organizations from coverage. For insurance brokers, failing to verify client NIS2 status is now a professional liability risk. Here's what you need to know.
NIS 2 · · 6 min read
NIS2 Compliance Checklist for 2026: What Brokers Need to Verify Before Coverage Placement
Before placing cyber coverage for NIS2 in-scope clients, verify these 10 compliance checkpoints. Missing documentation is the most common coverage gap.
NIS 2 · · 10 min read
How NIS2 Compliance Lowers Cyber Insurance Premiums: The Business Case for Security Investment
NIS2 compliance can reduce cyber insurance premiums by 15-40%. Learn which controls insurers value most, how to document compliance for underwriters, and calculate the ROI of security investment against premium savings.
Cyber Risk · · 2 min read
NIS2 and DORA: What Cyber Underwriters Need to Know
A practical breakdown of how the NIS2 Directive and DORA regulation affect cyber insurance underwriting in Europe.
NIS2 Penalties · · 6 min read
NIS2 Penalties & Fines Explained: What Organizations Actually Face in 2026
NIS2 fines can reach €10 million or 2% of global annual turnover—whichever is higher. This breakdown explains exactly which penalties apply to essential vs important entities, what triggers enforcement, and how underwriters should factor penalty exposure into cyber risk assessment.
NIS 2 · · 16 min read
NIS2 Underwriting Questions: What Every Cyber Insurance Broker Should Ask
Practical Line 1, Line 2, and Line 3 underwriting questions for NIS2-exposed clients. Essential vs important entities. Coverage gaps brokers should flag.
Underwriting · · 5 min read
Pricing Blind: When You Can't See the Risk You're Insuring
Cyber underwriters are pricing policies based on questionnaires and self-reported data while the real attack surface stays hidden. Here is what you are missing and how to fix it.
Ransomware · · 5 min read
Ransomware Claims in 2026: What the Data Tells Underwriters About Pricing Risk
Ransomware claims frequency is shifting again in 2026. Here is what the latest data patterns mean for how underwriters price cyber risk, structure deductibles, and evaluate ransomware-specific endorsements.
Ransomware · · 6 min read
Ransomware Underwriting Models in 2026: From Flat Premiums to Dynamic Risk Pricing
Cyber underwriters still using flat ransomware pricing are leaving money on the table. Here is how leading insurers are building dynamic pricing models using threat intelligence, sector exposure, and real-time data.
Residual Risk · · 6 min read
Residual Risk Is Why Insurance Exists
Security reduces risk. It never eliminates it. The gap between what controls can achieve and what remains is residual risk — the entire reason cyber insurance exists. And it is the most under-discussed concept in the industry.
Security Ratings · · 5 min read
Why Security Ratings Don't Work for Cyber Insurance Underwriting (And What Does)
BitSight, SecurityScorecard, and UpGuard give you an A-F score. But underwriters need financial exposure in EUR. Here's why passive security ratings fail underwriting decisions and what Resiliently's financial exposure approach does differently.
Cyber Risk Quantification · · 5 min read
Why SMBs Can't Afford Cyber Risk Quantification (And Why That's About to Change)
Safe Security costs $50k+/yr. Kovrr is enterprise-only. Axio requires dedicated risk analysts. Meanwhile, SMBs with €10M-€500M revenue are expected to quantify cyber risk for insurance submissions with none of these tools. Resiliently brings FAIR-aligned Monte Carlo simulation to SMBs at €49/month — with euro-denominated output that underwriters actually use.
Resilience Stack · · 21 min read
The Resilience Stack™: A 5-Layer Framework for Cyber Insurance Risk Assessment
Introducing the Resilience Stack™ — RESILIENTLY's proprietary framework for evaluating cyber risk across five layers: threat landscape, exposure surface, regulatory posture, financial impact, and insurance readiness.
Cyber Risk · · 4 min read
The Uncomfortable Truth About Cyber Risk in 2026
Five things I'm seeing in the threat landscape that most security leaders aren't talking about enough.
Broker Tools · · 6 min read
Why Brokers Pay €49/mo Instead of $16,500/yr — The Attack Surface Management Pricing Revolution
SecurityScorecard starts at $16,500/year. UpGuard at $21,000. Assetnote at $230,000. Yet 70% of cyber insurance submissions are placed by independent brokers who can't justify that spend. Resiliently delivers hourly scanning + euro risk quantification for €49/month. Here's how the math works — and why it changes everything for the submission process.
blog.featured
The Resilience Stack™: A Five-Layer Framework for Cyber Insurance Risk Assessment
Resilience Stack ·
12 min read
The Cyber Insurance Submission Crisis: 7 Reasons Brokers Can't Afford Manual Risk Assessments in 2026
Cyber Insurance ·
6 min read
Cyber Risk Quantification Tools 2026: The $50K Gap Between Free and Enterprise
Cyber Risk Quantification ·
4 min read
NIS2 Compliance Is Now an Underwriting Requirement — Every Broker's Duty of Care
NIS 2 ·
4 min read
Premium Report
2026 Cyber Risk Landscape Report
24 pages of threat analysis, claims data, and underwriting implications for European cyber insurance.
View Reports →