Straddling the Cyber Cityscape
Why bundling cyber insurance and cybersecurity forms a winning “Coalition”
Welcome back to The Innovation Armory! Today’s piece is on the dynamo combination of bundling cyber insurance with cybersecurity and threat remediation software. Thanks to Chung-Man Tam, CPO of Coalition, for our conversation about Coalition’s journey. Coalition is an active cyber risk mitigation and insurance platform that recently raised a $250 million Series F round which valued the business at $5 billion. Read on for more about:
Why lower marginal cost distribution of protection makes cyber insurance a better vertical for bundling than other insurance segments
How bundling insurance and security drives a unique multiplier effect on research and development innovations
Coalition’s superpowers in pricing, sales positioning and gathering competitive intel
Using insurance as a wedge to “sell software while the iron is hot”
The implications of cyber insurance eating traditional insurance
Working with private equity portfolios to drive a B2BC sales engine
This is a long post so if your email gets clipped at the bottom, make sure to click unclip / visit The Innovation Armory to check out the full read.
If you liked this piece feel free to subscribe for future updates below:
Or share with the link below :)
Low Cost Distribution and Cyber Bundling
Cyber is a unique vertical in insurance because from end-to-end the financial coverage, remediation and protection against cyber attacks can all be delivered at low marginal cost through digital distribution. Take homeowners insurance as a counter-example here. If your house is at risk of being destroyed by a natural disaster, it is magnitudes costlier than mere financial protection to protect the home in a literal sense, requiring erecting physical barriers and actually fortifying the house with special materials. If the house is impacted by a disaster, the repair of the home requires engaging construction contractors with expensive labor, materials and services work. Cyber is the holy grail of insurance because protection and remediation tied to the underlying insurance policy are also distributed digitally through software, which creates the potential for meaningful synergies in financially covering and technically servicing cyber risk:
Because protection and remediation can also be offered through software, there is a unique opportunity in cyber insurance for digital first players to simultaneously offer financial protection / coverage and cybersecurity products and profit off the unique symbiosis between these verticals. According to Vantage Research, the cyber insurance market is forecast to reach $28+ billion by 2028E and the global cybersecurity market is currently sized at ~$140B expected to reach ~$380 billion by 2029E. While market estimates vary meaningfully by source, what’s clear is that positioning a business at the intersection of these two verticals can go chase a massive combined TAM that will only grow larger over time as more of our lives become digitized and the cyber risk threat vectors grow exponentially.
Coalition provides active insurance to offer end-to-end coverage of digital risk from financial protection to cybersecurity monitoring to incident response and remediation. Coalition is pioneering a new category of insurance that is meant to detect and respond to risk before it strikes while also protecting users in the event that a digital threat successfully penetrates an organization. The reality of the online world is that relative to other insurance verticals, cyber risks can arise and spiral out of hand at warp speed, requiring an insurance provider who can keep pace in helping manage all kinds of risk beyond just financial risk. Coalition is able to assess risk faster and financially and technically remediate cyber attacks faster by virtue of offering both insurance coverage products and cybersecurity management software products under one umbrella:
Creating an Unstoppable Cyber Machine
Bundling financial coverage and cyber protection gives Coalition incredible research & development and sales & marketing superpowers relative to other cyber insurance and cybersecurity players.
These superpowers manifest through a variety of avenues including most notably incredibly efficient payback periods on innovation investments, pricing advantages and competitive intel. Broadly, they can be mapped across three primary vectors: Sector Moat (Insurance or Cybersecurity), namely in which vertical does the superpower give Coalition an advantage; Benefit Type (Revenue or Cost), namely does the superpower help Coalition convert more demand for its product or help it operate more profitably at scale; and Function (e.g. does this superpower help in research and development or sales and marketing efforts). For the diagram in this section, I got a little artistic and used some pretty color coding for the third dimension so that I didn’t have to include a drawing with more than two dimensions:
I’ve plotted the most salient benefits for this business model below using the axes above:
Innovation Payback Periods - I think by far one of the largest competitive advantages Coalition has is the multiplier effect it receives on its research and development spend vs. other players in cyber insurance / security, but even more broadly relative to any software company. When a normal software company invests in innovation to boost the competitiveness of its product, the return on investment is determined by i) how much more of the product is sold by virtue of that investment, ii) how much higher a price it commands and iii) the timing over which these benefits are realized. However, all of this ROI is generally attributed to benefits that accrue specifically to the product on which the investment was made. In addition to the primary ROI it earns in cybersecurity, Coalition has a unique ability to pass through R&D investment as a higher margin in its insurance segment. Cybersecurity investment not only makes the cyber business more competitive, but more importantly makes the insurance business meaningfully more profitable. Cyber insurers earn their margin by selling policies where the total premiums collected > payouts required in response to cyber attacks. Premiums are normally locked in for a fixed contract term, while businesses will dynamically and continuously iterate on innovation in their underlying products. For customers that procure both insurance and cybersecurity from Coalition, they will pay a fixed premium tied to a static risk assessment. The risk of an attack is a function of many factors, but one critical one is the software / infrastructure protection that is in place to prevent an attack. The reality is that as Coalition improves the cybersecurity software products that protect from attacks, it reduces the probability of attack for its customers and therefore also the risk that it also has to pay out a policy on the insurance side. This arbitrage certainly exists during the duration of a fixed insurance contract over which innovations are made, but likely also thereafter as many corporate customers are unlikely to try to lobby to lower their premiums in between renewal cycles.
While this competitive advantage is incredibly powerful, it will be interesting to see if there is any regulatory intervention in this model that requires the separation of policy providers and remediation providers due to the potential to create misaligned incentives.
Pricing Premiums - For customers that are already using Coalition’s cybersecurity offerings, it also has a large advantage in terms of being able to price new policies. Traditional insurance companies make their own risk assessments about the likelihood of various attacks by assessing the strength of enterprise cyber infrastructure. If Coalition provides a good chunk of that infrastructure, it has the data and the product visibility to have higher information quality on these risk vectors and so can price policies more competitively. Further, by virtue of being the service provider who maintains the cybersecurity offering, Coalition can save additional expenses on cybersecurity and infrastructure audits that might feed into a pricing process and pass those savings onto customers in the form of lower prices. Even for customers who don’t use coalition on the cybersecurity side, its historical database of claims and cybersecurity configurations across a wide slate of clients helps it make a better risk determination upfront to offer more competitive pricing at a similar risk level
Competitive Intel & Funding Advantage - Coalition can use the insurance side of its business to gather market intel on competitors and where they have deficiencies in their cybersecurity stacks that were effectively exploited by cyber criminals. Where customers procure insurance from Coalition but don’t yet use other risk mitigation software, claims deliver an incredible amount of information value. In aggregate, cohorts of claim data can help spot the most common security exploits amongst competitors so that Coalition can focus on investing in innovation in that area to better differentiate itself. In essence, the insurance segment of the business acts as a quasi spy scout for the cybersecurity side of the business:
Especially in the cybersecurity space where threats evolve at lightning speed, constantly staying ahead of the latest threat vector is incredibly important to remain competitive. Besides gathering relative intel on peers, claims are also a leading indicator of new types of cybersecurity attacks not yet widely spread or understood and can be helpful in thinking through proper software prioritization to be most responsive to the trending state of the market and the latest risk factors. One of the largest issues that sub-scale cyber companies face is a higher burn rate due to the significant investment required to keep their software package up-to-date with the latest potential threats from cyber criminals. Good cyber businesses require a lot of research and development. Because it offers insurance too, Coalition can financially cover new threat vectors even before it’s built the cyber product needed to remediate the threat technically. This gives Coalition the ability to leverage the cash flow from the insurance side of the business to fund continual innovations to address emerging threats from cyber criminals.
Bundling to Overcome Any Product Gaps - Related to this last point, given how quickly the cybersecurity landscape moves, vendors will inevitably face periods of time where their platform has product gaps relative to the largest cyber threats out there. Even if their intel collection and funding advantage don’t manage to help plug any gaps fast enough, Coalition can plug any product capabilities in an RFP process it may not possess today with an insurance product to ensure it wins the deal from a bundling perspective. Many larger enterprises want to use a more holistic platform or only a handful of cyber solutions to decrease total cost of ownership and streamline their cyber infrastructure. To win an RFP where a customer really needs best-in-class protection in a specific vertical security area, Coalition can offer better insurance coverage to offset any cyber product gaps it could have relative to other competitors. That particular component of the insurance could even be a temporary loss leader while certain technical cyber capabilities are under development if it meant inking a lucrative broader cyber risk mitigation and software subscription contract. Similarly, as customers have different threat levels across different risk vectors and also different risk tolerances, there’s an interesting opportunity to potentially productize and modularize insurance and cybersecurity bundles by category of attack vector (e.g. phishing, social manipulation, malware, etc.). These modularized packages provide an interesting opportunity to sell a best-in-class wedge (both in terms of financial and product coverage) to initially penetrate the enterprise cyber stack of new potential clients.
“Selling When the Iron is Hot” - This is perhaps one of the largest potential sales advantages that any software company can have, namely the ability to reach potential customers with sales messaging at the moment of highest impact. While traditional company advertisement spend can be effective in reaching the right customer (e.g. one who could be interested in a product) it does not assess mindset and doesn’t necessarily reach that customer at the right time. If a customer wants to buy a new car insurance policy, how effective would it be to advertise to them while they’re trying to get it on with their partner?
Context is King, and Coalition’s insurance segment provides the perfect contextual opportunity to sell new cybersecurity and risk mitigation software capabilities at the moment of highest impact. People don’t like switching software vendors because of perceived high switching costs and the risk of migrating over to a new solution. However, what better time to get a customer to switch to a new solution than when their cybersecurity systems are breached by an attack? That is precisely the moment where they most feel like the cost of staying (the current cost of the breach) outweighs any potential switching costs. Even if it’s not true that a new solution would help meaningfully more, there are political reasons within a larger enterprise organization why IT and security professionals will feel the need to try to procure a new solution to prove they are adding value in solving the infrastructure problem after a breach.
In effect, for insurance customers that have whitespace to be sold cybersecurity capabilities, you can even think about their insurance payout as a customer acquisition cost for their cybersecurity software procurement: a high probability customer acquisition cost because of the context in which the client is being sold. If the insurance payout drives more long term revenue from a customer in risk mitigation software, that helps move one of Coalition’s cost centers closer to being a revenue generator for the platform.
Cyber Insurance Will Eat Traditional Insurance
Coalition is a software first business vs. most other insurance players for whom technology is not their core competency. As every industry is digitizing and trying to differentiate through the use of software systems, the magnitude of enterprise risk and exposure to cyber attacks continues to increase at a quick clip. According to a study by McAfee, global 2020 cybercrime losses topped $1 trillion! Relative to other insurance verticals, I expect the pace of growth in potential losses to be even higher, driven by:
Growing internet penetration especially in emerging markets as even more of the global population comes online
Digitization of the enterprise even in traditional economic sectors driven by forced virtualization from covid-19
On the consumer side, more of our lives are online especially post-pandemic, both in terms of where our attention sits but also in terms of the numbers of applications, products and services we use where our primary interaction with a brand is digital
Web3 and cryptocurrencies are continuing to financialize digital assets and create new investment opportunities online beyond traditional securities such as in NFTs, tokens, scarce gaming assets, etc. Not only is more of our activity going online, but that activity is being financialized and creating more avenues for us to concentrate our net worth across digital assets. Especially as more net worth is captured through digital assets, the consumer use case for cyber insurance will grow meaningfully beyond an initial starting point today focused on enterprise
As cyber insurance protects both i) an increasing % of daily digital vs. physical activities and ii) a greater proportion of wealth concentrated online, it will begin to lead over time as one of the largest global insurance sectors and eat up other segments:
Because traditional insurance companies aren’t software-first, they aren’t as well equipped as technology players to price cyber insurance and assess complicated technical infrastructure risk. Moreover, it is even less likely they will be able to compete in cybersecurity software if that does become a critical part of the broader cyber risk insurance bundle. Therefore, Coalition has an interesting opportunity to partner with traditional insurance companies to become the de facto cyber component of their core insurance bundle, both for enterprises but also for a growing consumer use case as the risk and magnitude of cyber loss grows for consumers. Customers have an incentive to bundle insurance offerings both from a policy administration and pricing perspective. As cyber insurance continues to represent greater wallet share of total premiums paid from all the factors discussed above, Coalition may be better positioned over time to leverage that initial customer relationship to expand into other insurance verticals. Customers will gravitate towards insurance bundles from providers that provide the best coverage in the insurance sector where they face the largest potential liability from loss and that very well could become cyber as more of our activities and finances become entangled with the digital world.
Coalition is already leveraging its mindshare to buy assets in additional insurance verticals including property and casualty, including its acquisition of Digital Affect Insurance earlier this month. It clearly has its sights set on additional verticals and cyber will be the best starting point from which to add new insurance products long-term. As our lives become inextricably tied to the digital world, will we even see certain political factions lobby for universal cyber insurance over the next couple of decades on the backs of GDPR and a data rights agenda?
Outside of partnering with insurance firms, I think there’s a really interesting opportunity to try to partner with private equity and venture capital firms (especially technology focused ones) to drive a B2BC sales motion. Increasingly, especially in control private equity deals, given the large number of high profile breaches over the past couple of years, more sponsors are requiring large cyber insurance be put in place for assets they acquire. Increasingly, one of the ways that firms drive value creation post-investment is by also helping advise on cybersecurity vendors and improving cybersecurity resilience. For firms who would like to see more standardization of cybersecurity software across their portfolios and also want to drive bundled price synergies, procuring risk mitigation and risk coverage from the same vendor would be highly attractive.
All Innovation Armory publications and the views and opinions expressed at, or through, this site belong solely to the blog owner and his guests and do not represent those of people, employers, institutions or organizations that the owner may or may not be associated with in a professional or personal capacity. All liability with respect to the actions taken or not taken based on the contents of this site are hereby expressly disclaimed. These publications are the blog owners’ personal opinions and are not meant to be relied upon as a basis for investment decisions.