Cybersecurity insurance provider Coalition nabs $205M

Cyber insurance company Coalition today announced that it raised $205 million in a series E funding round, bringing its total raised to $505 million at a $3.5 billion post-money valuation. The financing, which was led by Durable Capital, T. Rowe Price, and Whale Rock Capital with participation from the company’s existing investors, will be used to support growth and fuel Coalition’s expansion into new markets as well as new insurance lines on its path to an initial public offering.

The pandemic accelerated the adoption of digital tools, which in turn drove a greater need for cybersecurity insurance coverage. Experts estimate that a ransomware attack is occurring roughly every 11 seconds in 2021. Perhaps unsurprisingly, one study found that nearly 80% of companies carry cyber insurance, with 55% buying stand-alone policies. Mordor Intelligence projects that the cyber insurance market will climb from $7.36 billion in value in 2020 to $27.83 billion by 2026.

Launched in 2017 by Lookout founder John Hering and Joshua Motta, San Francisco, California-based Coalition combines insurance with cybersecurity tools to help businesses mitigate and manage cyber risk. In addition to automated security alerts, threat intelligence, and guidance, it provides companies with up to $15 million of cyber and technology insurance coverage.

“Before founding Coalition in 2017, I had the unique privilege to work with a diverse mix of technology, finance and cybersecurity organizations. After spending time at Microsoft, the CIA, Goldman Sachs, and Cloudflare, I came to a fundamental realization: The traditional approach to cybersecurity is broken. Organizations were in a technology arms race chasing technological threats with cyber tools and yet the constraint drumbeat of new breaches and ransomware attacks hasn’t seemed to slow,” Motta told VentureBeat via email. “That’s when I had a breakthrough notion: protecting organizations from cyber threats is a risk management problem, not a technology problem. We have to align the right incentives to solve cyber risk.”

Cyber risk

Coalition aims to protect organizations across a range of industries, including health care, public sector, manufacturing, legal, ecommerce, energy, and technology. The company’s Coalition Control product provides a security score informed by data from the public and private web. Policyholders get access to regular security scans, security score, and real-time, personalized security alerts plus  Coalition’s in-house claims and incident response teams.

In 2020, Coalition acquired BinaryEdge, a platform akin to BitSight and SecurityScorecard that scans the internet and maps the attack surface of organizations. Since the purchase, Motta says that Coalition has combined terabytes of data from BinaryEdge with claims and other cybersecurity data sources, powering machine learning and natural language processing in its risk evaluation process.

Above: Coalition’s cyber risk monitoring dashboard.

Image Credit: Coalition

“Our aim was to use machine learning to generate a real-time assessment of an organization’s digital risk,” Motta explained. “In late 2020, [we] used this proprietary data advantage to produce the first admitted cyber insurance offering in the market that statistically tied granular technical indicators to the probability of a breach. This allows us to more accurately price cyber risk in the quoting and underwriting process.”

Coalition, which has 265 employees and expects to increase its headcount to 315 this year, has 52,000 customers, including BinaryEdge’s 25,000 paying subscribers. The company crossed $320 million in run rate premium in 2021 — an 800% increase over the prior year — and plans to expand availability of its free Coalition Control offering and its claims estimate models for cybersecurity brokers.

“Cyber risk is no longer a purely digital risk. Increasingly, a company’s industrial processes are controlled by computers, which means they’re at risk of being attacked,” Motta continued. “Coalition’s policy is unique in covering the full spectrum of physical damage that can result from a cyber attack, alongside the financial and intangible damages a company can suffer.”