Live Webinar 11/20: SMB Cyber Survival Guide 2025
Cyber Incident? Get Help

How does Active Insurance work? A Q&A with Coalition’s Tiago Henriques

Large-Coalition Blog-QA-Tiago

Cyber risk is much more dynamic than it was even two years ago before the pandemic that drove businesses to operate almost exclusively online. By the end of 2022, nearly 65% of the global gross domestic product will be digitized, providing new opportunities for threat actors to exploit the digital economy and disrupt business. 

According to our 2022 Cyber Claims Report, Coalition policyholders experienced a 20% increase in ransomware demands last year, with initial demands averaging $1.8 million to reclaim their extortion-encrypted data. The digital threats of today’s economy are more pervasive, amorphous and hard to predict, and traditional insurance isn’t dynamic enough to protect your business from them. 

Coalition’s Director of Engineering for Security and Data Collection, Tiago Henriques, an expert on the dark web, answers some common questions about cyber risk in 2022 and how Active Insurance plays defense for businesses of all shapes and sizes.

Q: What is Active Insurance and how does it help businesses safeguard their assets?

A: Active Insurance is insurance built for the digital economy. It leverages technology to offer continuous insight of specific vulnerabilities impacting a policyholder, instead of relying on a third-party scorecard report that just captures a snapshot in time. This level of monitoring continuously collects information about the current and emerging vulnerabilities that helps policyholders mitigate their risk more swiftly than traditional risk management systems, ideally minimizing the likelihood of an incident taking place.

Q: How does Coalition collect data on cyberthreats and company vulnerabilities?

A: Everything in our Active Insurance process is done in-house. Two and a half years ago, Coalition acquired a company I founded called Binary Edge, which specializes in large-scale data collection. This involves scanning the entire digital space, including hacker-led channels where incidents are discussed, planned, and implemented. We also have an entire team dedicated to exploring the internet to find vulnerabilities for companies to see when and how hackers try to infiltrate them, which turns the tables on them with their own methods. 

The amount of data we can monitor is unmatched. One IP address can have 65,535 services exposed to the internet. Traditional platforms will look at 400 of these servers, where we can scan all servers. For non-policyholders to get the same level of information we collect across Coalition Control features, they would need to purchase at least five different products. 

All of this data is then fed into the Active Risk Platform to determine a company’s vulnerabilities and the probability of a cyber incident taking place. With this information, we can guide the policyholder on how to correct these vulnerabilities.

Q: How can Active Insurance help businesses in the current hard insurance market?

A: In today’s hard market, the risks of cybercrime are becoming more recognized by businesses. Everyone is looking for coverage, and insurance companies are requiring more businesses to have risk management practices in place before approving coverage. Active Insurance provides meaningful risk management insights throughout the course of the policy term.

Q: Does Active Insurance completely prevent cyber incidents?

A: Unfortunately, nothing can completely prevent cyber incidents from taking place. Even the most secure companies can be doing everything right and still experience a cyber breach. What Active Insurance provides is the foresight into vulnerabilities, the ability to correct them and a strong incident response support if a threat still breaks through. We help policyholders identify and solve the issue to get back up and running faster, with minimized downtime and financial loss. 

Q: How has cybercrime evolved in recent years? 

A: When the pandemic struck, digitization came fast for many companies. Faster than some of them could realistically manage appropriately. Thousands of employees transitioned overnight to remote work, opening up unsecured access points into networks. Many companies without the resources to set up strong security protocols and systems to protect their data opened themselves up to immense online risk. Even organizations that were more prepared to manage digitization were introduced to additional risk by third party vendors or partners with access to their networks. Whatever risk their vendors have, they now have by association too. 

For more information on Active Insurance and how it’s revolutionizing cybersecurity, check out our Broker's Guide to Active Insurance.