“We’re in the middle of an industrial paradigm shift,” says Joshua Motta, CEO and co-founder of Coalition — a brand-new cybersecurity firm/insurer that launched Dec. 5, 2017. “Given the competitive benefits, it’s unthinkable for a business not to digitize everything. However, this puts them in a precarious position. Now they’ve got troves of data to protect and myriad new risks they must defend against.”
Still, technological solutions are available to mitigate such risks, are they not? Motta says … not entirely. “Cybersecurity is broken,” he says.
But what does that mean?
A risk management problem
Digital threats, Motta explained, are so pervasive that technology can be an “illusory solution” in the sense that that no amount of technology will save an organization from a perpetrator bent on compromising its security. That thinking, he notes, has to change, particularly from an insurance standpoint, for a perpetrator need only be right once. Cyber risk, he says, is “not a technology problem; it’s a risk management problem. There’s a human being at work, a criminal, who’s the perpetrator. We wanted to rethink how we solve that risk.” And Motta’s company is looking to put its risk selection where its mouth is.
Backed by Swiss Re Corporate Solutions and Argo Group, Coalition possesses a deep bench of expertise: Motta was instrumental in the founding and growth of Cloudflare, a privately held $2 billion security company where he was the chief experience officer and head of special projects; he’s worked for the CIA, Honeywell, Sprint and Microsoft, the latter of which he went to work for at age 14. Coalition co-founder John Hering is the founder and executive chairman of Lookout, a Silicon Valley-based global leader in cybersecurity technology that’s been recognized as a Technology Pioneer by the World Economic Forum and serves more than 75 million users globally.
A new approach
But here’s the key differentiator. Coalition possesses a power that could make other cyber writers green with envy: the ability for brokers to quote a Cyber policy and have it bound in minutes.
After the broker submits the application, Coalition checks the client’s cyber exposures and vulnerabilities, running the prospect through an application programming interface (API) against a variety of online databases to gather data “in the background” on the potential insured’s e-mail systems, prior breaches and other vital information, checking them against vulnerability databases to see just how severe their risk profile is: Have any documents been lost by this company? Is their information being traded?
Those algorithms determine what a hacker would see, what cybersecurity controls a company has in place, and ultimately the expected probable loss. “We believe you have to take a novel approach — underwrite it like an adversary would view that company,” says Motta.
Coalition provides a suite of cybersecurity products for small to midsize businesses (SMBs) and comprehensive cyber and technology E&O insurance of up to $10 million in coverage. One of the challenges in selling to this sector, Motta says, is that “small to medium-sized businesses don’t know what to ask for. There are a not a lot of policies that are both comprehensive and modular, where you can pick what you want.”
Clients, Motta added, need to be able to select the coverage they want and need; he joked about how Cyber insurance needs to move away from what he called the “Henry Ford approach,” where you could have any color you want, as long as it’s black.
“You have to let people break away from that,” he said. “You have to let people select their own limits. You have to let people choose the coverage they need.”