When BOXX Insurance - a Toronto-based MGA that provides small and midsized enterprises (SMEs) with solutions to protect themselves from cyber threats – pitched to join the 2020 cohort of the Lloyd’s Innovation Lab, it went something like this:
“For too long cyber insurance has waited for the disaster to happen before it responds. That’s totally the wrong call for digital threats. Cyber insurance should be there to help customers predict, prevent, respond, and recover – not just wait for the disaster to happen. No-one buys car insurance so they can smash up their car, and we think the same goes for cyber. Our mandate is to help companies be digitally healthy so that they can prevent cyber incidents from happening in the first place.”
BOXX Insurance’s “digital health” mandate has struck a chord around the world. Since its inception in 2018, the digital MGA has represented Canada in the Global FinTech Hackcelerator in Singapore; it was one of five fintechs to be selected for a Canadian Trade Commission tour of the USA and Singapore; it has landed multiple white-label deals with insurers in Asia and South America; it is currently in contractual negotiations with a global P&C insurer to provide its Cyberboxx solution to the insurer’s significant SME book; and the MGA was the only Canadian firm to win a place in the fourth cohort of the Lloyd’s Lab, which started on April 27, 2020.
“Our goal at BOXX Insurance is to help SMEs around the world be digitally healthy,” said Vishal Kundi, CEO and co-founder of BOXX Insurance. “What does that mean? It means we’ve got to help them train their employees not to click on the goofy stuff; it means we’ve got to boost their IT network and cyber security; it means we’ve got to provide them with a mega SWAT team that can help them respond and recover if they do get compromised. SMEs aren’t interested in our technology and the wizardry behind it, and they don’t just want the promise of a check if something goes wrong. They want to stop an incident from happening in the first place.”
To deliver on this promise, BOXX Insurance’s proprietary cyber insurance product Cyberboxx comes with a number of value-added tools and services. It comes with a real-time BOXX cyber score, which alerts SMEs to any cyber vulnerabilities before hackers can exploit them. SMEs also gain access to the BOXX Academy, which provides employee training and an enterprise-grade firewall, as well as a partnership with the BOXX Hackbusters – a specialist team of cybersecurity professionals that will help companies prevent and respond to cyber incidents.
“We did not want to go to market with a ‘me too’ insurance product,” said Kundi. “That’s why we spent so much time thinking about cyber insurance from an outside-in perspective. There are probably two or three things that we first noticed when analyzing the existing products in the marketplace. One is that most small to midsized businesses use the same devices at home as they do for work. It’s a very fine grey line - yet most cyber insurance policies were really clear that they will only insure and pay claims if a company’s computer network was breached in a very traditional way. So, we made a massive point of saying that ‘bring your own devices’ is also covered by Cyberboxx. If you’re hacked from your personal phone, then you don’t have to worry, it’s all covered. We’ve also worked with our Lloyd’s partners to remove any prior acts limitations, and we’ve enhanced the working from home coverage to protect SMEs with employees working remotely.”
Cyberboxx is sold exclusively through brokers. Kundi told Insurance Business. “We’re working really hard to turn small- to midsized brokers from cyber insurance laggards into cyber insurance leaders. The very big brokers know what they’re doing. They talk to us more from a productivity perspective than a product perspective, and that’s a different proposition. We’re absolutely thrilled that the majority of brokers that we bring on board have never sold a cyber policy to a customer who has never bought a cyber policy. That gives me a lot of personal pride and satisfaction, and it means that we’re continuing to help companies that ordinarily wouldn’t be so digitally healthy.”