At SIGMA, our Certified Cyber Insurance Specialists (CCIS) bring deep technical knowledge and strategic insight to an increasingly complex threat landscape. They deliver practical, forward-looking analytical solutions to support the evolving risk financing challenges organizations face.

Cyber risk is one of the fastest-growing and most significant risks facing organizations today. As digital transformation accelerates and threats become more sophisticated, businesses must proactively manage exposures that can impact operations, reputation, and financial stability. SIGMA provides the expertise and resources to help clients better understand these risks and navigate the evolving cyber insurance marketplace.

In today’s blog, we’re proud to introduce the professionals behind SIGMA’s cyber advisory work. Each expert offers a distinct perspective on the broader cyber insurance market, providing insight into trends such as the rise of ransomware and social engineering attacks and the growing demand for incident response preparedness.

As businesses navigate rapid technological change, expanding digital footprints, and heightened regulatory scrutiny, SIGMA’s credentialed specialists monitor emerging threats, interpret shifts in the cyber insurance marketplace, and help organizations strengthen resilience while optimizing coverage strategies. Read on to meet the team and explore the trends shaping today’s dynamic cyber risk environment.

Michelle Bradley, what key analytical and funding trends are you currently seeing?

Michelle is a consulting actuary at SIGMA and has spent over 30 years in the actuarial profession. Her professional designations and credentials include Associate of the Casualty Actuarial Society (ACAS), Member of the American Academy of Actuaries (MAAA), Associate in Risk Management (ARM), Chartered Enterprise Risk Analyst (CERA), and Certified Cyber Insurance Specialist (CCIS). She has extensive experience in the areas of actuarial, risk management and enterprise risk management. Michelle has experience with cyber analytics related to the financial implications of cyber risk.  Additionally, she provides senior level consultation both internally and to entities considering the use of captives for cyber risk. The following summarizes some key analytical and funding trends that she has observed:

• Cyber risk analytics for companies normally involve advanced statistical modeling that must navigate the lack of credibility of a company’s unique data (low frequency of events) and the complexity of the program structure in place to insure the risk. Industry data to support these models is improving.
• Policy features for insurance are changing continuously and these should be monitored, and models should be adjusted. 
• Models should consider the varying types of cyber losses: ransomware, data breaches and scams, e.g. A risk transfer structure may have various limits and sublimits associated with different types of events. These should be also contemplated in the modeling. 
• The growth of cyber risk in existing or new captives is significant. Both industry data and our internal data suggest that approximately one in four captives now include cyber risk (or are considering cyber risk). We see captive structures that involve both deductible coverage and higher layer coverage. 

We welcome you to view Michelle's bio, and connect with her on LinkedIn.

Becky Austin, what cybersecurity trends are you currently seeing?

Becky Austin currently serves as SIGMA’s Operations and IT Project Manager. Becky earned her Certified Cyber Insurance Specialist (CCIS) designation from the Cyber Insurance Academy in June 2024. Unlike many members of SIGMA’s team who come from an insurance background, Becky approaches cyber risk from a technical IT and security operations perspective.

As one of SIGMA’s IT leaders, she oversees the company’s technology infrastructure and day-to-day IT operations, including the management of our internal cybersecurity initiatives. She holds a Bachelor of Science in Computer Science from the University of North Alabama and brings more than 30 years of professional experience to her role.

In SIGMA’s practice, Becky has observed two notable cybersecurity trends:

• Increasing scrutiny around third-party vendor risk management, especially when vendors handle personally identifiable information (PII). Businesses are placing higher priority on due diligence, contractual controls, and continual monitoring.
• A rise in Living off the Land (LotL) attacks, in which cyber attackers exploit trusted tools, such as Microsoft 365, to conduct phishing campaigns and spread malware. These tactics are especially deceitful as they leverage legitimate business platforms, making detection a challenge. Because these attacks use valid accounts and approved services, they often circumvent detection defenses and require more in depth techniques such as behavioral analytics and enhanced logging for detection.

These trends reinforce the importance of security controls such as phishing-resistant MFA and endpoint detection response (EDR), as well as continued employee training to heighten awareness.

We welcome you to view Becky's bio, and connect with her on LinkedIn.

We welcome discussion with any of our insurance colleagues who want a better understanding of these topics, and those wishing to contact us can do so at support@SIGMAactuary.com or by scheduling a call today with one of our consulting actuaries.

© SIGMA Actuarial Consulting Group, Inc.