Elpha Secure’s Malin: Rise in cyber ILS transactions illustrates need for more capacity

The president of SME-focused cyber insurtech Elpha Secure said the spike in cyber ILS transactions last year reflected demand for more capacity in the cyber segment, and also laid his firm’s focus on improving insureds’ cyber hygiene.

Gordon Malin – a longtime industry investor who previously worked at Citadel and Point72, and also serves as Elpha Secure’s COO – made these comments in a wide-ranging interview with The Insurer TV at last week’s NetDiligence Cyber Risk Summit in Miami Beach.

Elpha Secure has attracted investment from Stone Point Ventures, Axis Capital, State Farm Ventures, The Hartford, Eos Ventures, and Fermat Capital, and has capacity from Axis and Everest.

According to Malin, one of the insurtech’s aims with its portfolio management approach is to “get in front” of the challenge posed by systemic risks.

“If you think about our value proposition and what we do beyond just offering the traditional risk transfer, we have built our own proprietary software that we can deliver to solve [security vulnerabilities],” Malin explained.

Elpha Secure aims to give small businesses “the appropriate hygiene and controls that they need to be insurable”.

ILS deals sign of shortage in traditional cyber capacity

Malin also said that the surge in demand for cyber coverage is on pace to outstrip the supply of capacity to support the risk on traditional (re)insurers’ balance sheets, which is why more insurers are turning to the capital markets for ILS transactions.

“We just don't have the capacity on the insurance balance sheet to be able to support the growth in the segment,” Malin explained.

“So you look at some of these transactions, you can ask yourself, ‘Why?’ It's pretty clear [(re)insurers] are beginning to look to the capital markets to begin to solve for tail risk capacity to support tail risk, and creating innovative ILS structures to be able to move forward,” he commented.

Elpha Secure’s president touted cyber loss prevention tools like managed detection and response (MDR) and endpoint detection and response (EDR) as being critical tools to mitigate the accumulation of attritional cyber losses.

“More important, though, is the data that you're able to get, from endpoints – from networks – to be able to understand the cumulative effects of a single point of failure across your portfolio,” he explained.

Last June a breach in the data transfer platform MOVEit captured significant attention in both the cybersecurity community and the broader corporate world after a vulnerability in its software allowed threat actors to exfiltrate data from hundreds of major corporations.

Among those affected by the MOVEit breach carried out by the extortion gang Cl0p in the insurance industry were Aon, Allianz, MS Amlin, and Zurich’s Brazilian operations.

Malin said Elpha Secure knew within 24 hours his firm’s exact exposure to the MOVEit breach “down to the endpoint”.

To that end, Malin highlighted the importance of “being able to understand where your aggregation is coming from… and not only be able to monitor that, to be able to manage it, but also to be able to respond to it”.

Asked to comment on the future of the cyber insurtech MGA business model – after Corvus was acquired by Travelers at the beginning of this year and with speculation that others could take a similar route – Malin emphasised that those best able to manage systemic risk would come out ahead.

“A lot of them started with external scanning capabilities, digital delivery of insurance, which were both pretty for insurance, kind of revolutionary, if not evolutionary,” Malin explained.

But, he said, it will ultimately be those cyber insurtech MGAs that “know how to manage systemic risk, and the ones that are thinking about PMLs” that will ultimately succeed.

“I think the insurtechs that understand that and are able to move forward with that are the ones that are going to have the capacity to be able to continue to exist,” he argued.

Watch the full Insurer TV interview with Elpha Secure president and COO Gordon Malin to hear more on:

  • Why the launch of a number of cyber ILS transactions reflects an imminent shortfall of cyber capacity from the traditional (re)insurance market
  • The key importance of MGA insurtechs in managing systemic risk and how those who closely track their PMLs will succeed
  • How scanning capabilities are critical to mitigating the frequency of attritional losses
  • Elpha Secure’s ultimate ambitions with compete with its cyber insurtech rivals
  • And more…