Coalition’s Shawn Ram says the cyber specialist’s data-driven “active insurance” and reinsurance tools aim to differentiate in a softening market, as the firm expands in Europe with Allianz capacity for France.
Coalition was founded in 2017 and the San Francisco-based group has grown into one of the largest cyber insurance specialists.
Its hybrid model means Coalition operates as a managing general agent (MGA) in multiple markets, often alongside fronting partners and its own risk retention through a captive or its admitted US carrier.
Offering so-called ‘active insurance’ alongside preventative cyber security services, it has focused on SME and mid-market risks rather than mega corporates.
Its chief revenue officer for insurance, Shawn Ram (pictured), says the firm was built as a technology company that operates in insurance.
Speaking to GR, he highlighted the unusual composition of its workforce for an insurance company.
The majority are engineers and security specialists, he emphasised, building a platform that ingests trillions of cyber security signals each month for underwriting and ongoing risk assessment.
“Coalition is about a policy being active 24/7,” Ram says.
Policyholders are continuously monitored, he adds, with proactive alerts and fix-support when the firm sees indications of decisions being taken or events taking place that could lead to a claim.
As a result of this ‘active’ stance, last year the company sent around 100,000 notifications.
Signals and honeypots
To validate risk signals, Coalition runs a global honeypot network, Ram explains, that mimics client technology stacks and leaves ports open to see what adversaries might try.
Over one recent 28-day window there were roughly 28 billion connection attempts on those sensors and 2.6 billion malware payloads deployed, he reveals.
Remote desktop protocol (RDP) alone saw about 5 billion attempts, Ram says, a data point that directly informs pricing and declinatures when RDP is found on a prospect’s network.
“If you send me a submission and RDP is found in your network, I either need to charge substantially more for that or potentially decline the risk,” he adds.
European push
Coalition continues to expand internationally and will soon enter France as an MGA, with Allianz as its lead capacity provider.
Ram points to three filters for new markets: a mature or growing cyber marketplace; a regulatory framework that sharpens security and privacy focus; and evidence of local breach activity driving demand.
France also benefits from Coalition’s experience delivering French-language notifications via its Quebec launch, he added.
Active in a soft market
Alongside primary cyber, Coalition has built a reinsurance MGA, Coalition Re, providing aggregate stop-loss and related covers, and offering cedants an exposure management platform named Helios.
Ram says the aim here is to make technology more tangible for cedant insurers and to help them fine-tune their portfolios.
He characterises cyber re/insurance market conditions as soft, with plentiful capacity and coverage expansion, especially outside the largest US accounts, where primary rates have begun to flatten.
“In a soft market environment, the ability to deliver more value and differentiate the product allows cedants to distinguish providers from one another,” he says.
“We try to give you something to look at, feel and see.”
No comments yet