Introducing The Underwriter's Edge

A new weekly newsletter for cyber underwriters, risk engineers, and brokers who want to stay ahead of threats, regulations, and emerging risks.

A new weekly newsletter for cyber underwriters, risk engineers, and brokers who want to stay ahead of threats, regulations, and emerging risks.

Every morning, thousands of cyber underwriters open their inboxes to find another firehose of information. New CVEs. Regulatory updates. Threat actor reports. Vendor security notices. Industry loss data. It never stops.

But here’s the problem: information is not insight.

Most of us are drowning in data while starving for clarity. We need someone to cut through the noise, connect the dots, and tell us what actually matters for the risks we’re pricing today and the portfolios we’re building for tomorrow.

That’s why I’m starting The Underwriter’s Edge.

From Risk Engineering to Underwriting

I’ve spent over a decade in cyber risk — from PwC to AXA to Zurich. I’ve reviewed hundreds of risk assessments, analyzed countless security postures, and watched the market evolve from a niche product to a core line of business.

Now I’m transitioning into a senior cyber underwriting role at Sompo. And the gaps I’ve observed from both sides — risk engineering and underwriting — are impossible to ignore.

We have more data than ever, but less time to make sense of it. We have sophisticated models, but they’re only as good as the assumptions fed into them. We have brilliant underwriters, but they’re spending too much time on routine analysis and not enough on complex judgment calls.

This newsletter is my attempt to help bridge those gaps.

What You’ll Get Every Week

The Underwriter’s Edge is a weekly intelligence brief designed for professionals who need to stay current without getting overwhelmed.

Each edition will cover:

  • Threat Intelligence — Active attack campaigns, emerging threat actors, and what they mean for portfolio exposure
  • Regulatory Developments — NIS2, DORA, EU AI Act, and how new rules change the risk landscape
  • Claims Trends — Real patterns from the market, not just headline cases
  • AI & Automation — Tools and techniques that can augment underwriting judgment (without replacing it)
  • Practical Frameworks — Mental models and assessment approaches you can apply immediately

I’ll also share perspectives from my dual vantage point: building AI automation tools while working inside the underwriting function. That intersection — where traditional risk expertise meets emerging technology — is where I think some of the most interesting opportunities (and risks) live right now.

Who This Is For

This newsletter is written for:

  • Cyber underwriters who want sharper situational awareness without drowning in open-source intelligence feeds
  • Risk engineers supporting underwriting teams who need to translate technical findings into business impact
  • Brokers advising clients on cyber coverage who want to speak the language of risk more fluently
  • CISOs and risk managers at insureds who want to understand how underwriters think about emerging threats

If you’re looking for hot stock tips, product pitches, or generic cybersecurity news, this isn’t for you. If you want disciplined analysis of what actually moves the needle in cyber risk transfer, read on.

What’s Coming Next

I’ve already queued up the first seven topics based on conversations with underwriters, brokers, and risk engineers over the past few months. These are the questions that keep coming up:

  1. AI in Cyber Underwriting: Attacker, Defender, and Underwriter Perspectives — How generative AI is reshaping the threat landscape and what that means for risk assessment
  2. Supply Chain Exposure: Why One Vendor Can Blow Up Your Entire Book — The concentration risks hiding in plain sight and how to surface them
  3. Do Brokers Need to Understand Cyber Accumulation? Yes — Here Is Why — Making the case for accumulation literacy beyond the underwriting floor
  4. Deepfake-Enabled BEC: The Claim Trend Underwriters Cannot Ignore — Social engineering is evolving fast. Here’s what to watch for.
  5. NIS2 for Brokers: What Your Clients Must Do and What Happens If They Don’t — Practical guidance for the regulatory wave hitting European insureds
  6. AI Agents for Cyber Reconnaissance: What Underwriters Need to Price — Offensive AI capabilities are advancing. How should risk assessment adapt?
  7. EU AI Act and Cyber Insurance: What Underwriters and Brokers Must Know Now — The intersection of AI regulation and coverage considerations

Beyond the Newsletter

This is part of a larger project. I’m building Resiliently as a resource hub for cyber risk professionals — tools, templates, and interactive assessments that can support your day-to-day work.

The newsletter will always be free. The tools are designed to make your job easier, not to sell you something you don’t need.

If you want to subscribe, just scroll down and drop your email. You’ll get the first edition as soon as it publishes.

And if you have topics you want covered, questions about the market, or perspectives from your corner of the industry, reply to any newsletter edition. I read every response.

Let’s get to work.

— Michael


For related analysis, see The NIS2 Audit Crunch: What Underwriters Need to Know Before June 30, 2026.

For related analysis, see Your Policy Says Cyber Event — But What Risk Does That Actually Expose?.

The Underwriter’s Edge publishes weekly. No spam. No fluff. Just signal.

Michael Guiao Michael Guiao founded Resiliently AI and writes Resiliently. He has CISM, CCSP, CISA, and DPO certifications — but let them lapse, because in the age of AI, knowledge is cheap. What matters is judgment, and that comes from eight years of hands-on work at Zurich, Sompo, AXA, and PwC.

Go deeper with premium cyber risk reports

Professional-grade analysis, NIS2 compliance guides, and threat intelligence — used by underwriters across Europe.

Starter

€199 /month

Unlimited scans, submission packets, PDF downloads, NIS2/DORA

View Plans →
Best Value

Professional

€490 /month

Full platform — continuous monitoring, API access, white-label reports

Everything in Starter plus professional tools

Upgrade Now →
30-day money-back
Secure via Stripe
Cancel anytime

Free NIS2 Compliance Checklist

Get the free 15-point PDF checklist + NIS2 compliance tips in your inbox.

No spam. Unsubscribe anytime. Privacy Policy

blog.featured

WordPress Plugin Flaw CVE-2023-4213 Exposes 10K+ Sites to Cyber Claims

Cyber Risk ·

6 min read

WordPress Plugin XSS Vulnerability Exposes Cyber Insurance Portfolios to Persistent Web Risks

Cyber Risk ·

5 min read

WordPress Security Plugin Flaw Exposes Organizations to Cyber Claims

Cyber Risk ·

6 min read

WordPress Plugin Flaw Exposes Cyber Insurance Portfolios to SQL Injection Risks

Cyber Risk ·

6 min read

Premium Report

2026 Cyber Risk Landscape Report

24 pages of threat analysis, claims data, and underwriting implications for European cyber insurance.

View Reports →

Related posts

The Five Toxic Powers of Agentic AI — What Underwriters Need to Know
Agentic AI · · 11 min read

The Five Toxic Powers of Agentic AI — What Underwriters Need to Know

Agentic AI introduces five double-edged powers that create toxic risk combinations. Here's how underwriters, brokers, and CISOs should assess the threat.

Agentic Security: What Underwriters Need to Know in 2026
Agentic AI · · 9 min read

Agentic Security: What Underwriters Need to Know in 2026

Autonomous AI agents are entering production at scale — and they bring a completely new attack surface that traditional cyber insurance questionnaires weren't designed to capture.

An AI Agent Deleted a Startup's Production Database — Can You Insure Against That?
AI Agents · · 7 min read

An AI Agent Deleted a Startup's Production Database — Can You Insure Against That?

PocketOS lost its production database to a Cursor AI agent in 9 seconds. The incident exposes a gap in cyber insurance that most policies don't cover: AI-caused operational destruction with no external attacker.