How AI Is Changing Cyber Risk Assessment
A look at how AI and multi-agent systems are starting to transform the way we evaluate and underwrite cyber risk.
The cyber risk assessment process has been largely manual for years. An engineer reviews questionnaires, scans reports, checks configurations, and writes up findings. It works, but it doesn’t scale well.
Where AI Fits In
AI — especially multi-agent systems — can handle the repetitive parts: parsing scan results, cross-referencing compliance frameworks, drafting initial assessments. The engineer still makes the judgment calls, but the prep work happens faster.
What I’m Building
I’ve been experimenting with Google’s Agent Development Kit to build content automation tools. The same multi-agent patterns apply to risk assessment: one agent gathers data, another analyzes it, a third checks compliance, and a coordinator routes the workflow.
The Practical Reality
We’re not replacing risk engineers with AI. We’re giving them better tools so they can focus on the parts that actually require human judgment — understanding business context, assessing management commitment, and making underwriting recommendations.
The technology is ready. The question is how quickly the industry adopts it.
Michael Guiao Michael Guiao founded Resiliently AI and writes Resiliently. He has CISM, CCSP, CISA, and DPO certifications — but let them lapse, because in the age of AI, knowledge is cheap. What matters is judgment, and that comes from eight years of hands-on work at Zurich, Sompo, AXA, and PwC.
Get the full picture with premium access
In-depth reports, assessment tools, and weekly risk intelligence for cyber professionals.
Best Value
Professional
€490 /month
Full platform — continuous monitoring, API access, white-label reports
Everything in Starter plus professional tools
Upgrade Now → 30-day money-back
Secure via Stripe
Cancel anytime
Free NIS2 Compliance Checklist
Get the free 15-point PDF checklist + NIS2 compliance tips in your inbox.
Check your inbox! Your checklist download is on its way.
Something went wrong. Please try again.
No spam. Unsubscribe anytime. Privacy Policy
blog.featured
The Resilience Stack™: A Five-Layer Framework for Cyber Insurance Risk Assessment
Resilience Stack ·
12 min read
The Five Toxic Powers of Agentic AI — What Underwriters Need to Know
Agentic AI ·
11 min read
DeepMind Mapped Every Way the Web Can Hijack Your AI Agent — Here Is What Underwriters Need to Ask
AI Agents ·
20 min read
The AI Insurance Split: Big Carriers Exclude, Startups Fill the Gap — What Underwriters and Brokers Need to Know
AI Insurance ·
12 min read
Premium Report
2026 Cyber Risk Landscape Report
24 pages of threat analysis, claims data, and underwriting implications for European cyber insurance.
View Reports →Related posts
Agentic AI · · 11 min read
The Five Toxic Powers of Agentic AI — What Underwriters Need to Know
Agentic AI introduces five double-edged powers that create toxic risk combinations. Here's how underwriters, brokers, and CISOs should assess the threat.
Agentic AI · · 8 min read
Agentic Security: What Underwriters Need to Know in 2026
Autonomous AI agents are entering production at scale — and they bring a completely new attack surface that traditional cyber insurance questionnaires weren't designed to capture.
AI Agents · · 9 min read
Living-Off-the-Land 2.0: How Autonomous AI Agents Are Weaponizing LOTL Tradecraft — And What It Means for Cyber Underwriting
The convergence of agentic AI and living-off-the-land attack techniques is collapsing three attacker constraints at once: cost, skill, and detectability. A deep analysis of demonstrated capabilities, real incidents, and the underwriting implications that should reshape your risk selection in 2026.