Elpha Secure: Difference between revisions
Created page with "== Corporate and regulatory footprint == ποΈ '''Legal identity.''' Elpha Secure Technology, Inc. is a Delaware corporation incorporated in 2018, as recorded in a Regulation D Form D filing with the U.S. Securities and Exchange Commission (CIK 0001850887).<ref name="sec-formd">{{cite web |title=Elpha Secure Technology, Inc. β Form D |url=https://www.sec.gov/Archives/edgar/data/1850887/000185088722000001/xslFormDX01/primary_doc.xml |publisher=U.S. Securities and Exc..." Β |
No edit summary |
||
| Line 1: | Line 1: | ||
{{Infobox company |
|||
| name = Elpha Secure |
|||
| legal_name = Elpha Secure Technology, Inc. |
|||
| logo = Logo of Elpha Secure.svg |
|||
| logo_size = |
|||
| logo_alt = Elpha Secure logo |
|||
| logo_caption = |
|||
| type = Private β cyber insurtech MGA |
|||
| exchange = |
|||
| ticker = |
|||
| isin = |
|||
| lei = |
|||
| license_type = Surplus lines MGA |
|||
| npn = |
|||
| coverholder_ref = |
|||
| incorporation = Delaware |
|||
| founded = {{Start date and age|2018}} |
|||
| headquarter = New York, New York |
|||
| domicile = Delaware |
|||
| insurance_jurisdictions = All 50 U.S. states |
|||
| regulator = |
|||
| ultimate_parent = |
|||
| shareholders = Canapi Ventures<br/>Stone Point Ventures<br/>AXIS Capital<br/>State Farm Ventures<br/>The Hartford STAG Ventures<br/>Fermat Capital Management<br/>EOS Venture Partners |
|||
| key_people = Preetam Dutta, co-founder and CEO<br/>Gordon Malin, co-founder and CEO<br/>Josh MacDonald, Chief Underwriting Officer<br/>David Williams-King, CTO |
|||
| num_employees = 40 (third-party estimate) |
|||
| customer_segments = Small and midsize businesses (revenue up to $100 million) |
|||
| lines_of_business = Cyber insurance |
|||
| segments = |
|||
| products = Cyber insurance policy<br/>Elphaware security software suite<br/>ES Mail email security |
|||
| technology_platform = Socotra (cloud-native insurance platform) |
|||
| capacity_providers = AXIS Surplus Insurance Company<br/>Everest Indemnity Insurance Company (Everest Re Group) |
|||
| distribution = Wholesale insurance brokers |
|||
| geographic_markets = United States (all 50 states) |
|||
| num_customers = |
|||
| competitors = At-Bay<br/>Coalition<br/>Cowbell |
|||
| market_share_rank = |
|||
| financial_year = |
|||
| market_cap = |
|||
| revenue = |
|||
| insurance_revenue = |
|||
| operating_income = |
|||
| ebitda = |
|||
| net_income = |
|||
| gwp = |
|||
| nwp = |
|||
| loss_ratio = |
|||
| combined_ratio = |
|||
| commission_rate = |
|||
| total_assets = |
|||
| invested_assets = |
|||
| technical_reserves = |
|||
| csm = |
|||
| net_debt = |
|||
| equity = |
|||
| operating_margin = |
|||
| solvency_ratio = |
|||
| roe = |
|||
| total_funding = >$29 million |
|||
| last_round = Series A, $20 million, October 2022 |
|||
| last_valuation = |
|||
| lead_investors = Canapi Ventures (Series A) |
|||
| capital_structure = |
|||
| ifsr = |
|||
| capacity_partner_ratings = |
|||
| ratings = |
|||
| footnotes = |
|||
}} |
|||
{{Summary:Elpha Secure|5}} |
|||
{{More details}} |
|||
{{Section separator}} |
|||
== Corporate and regulatory footprint == |
== Corporate and regulatory footprint == |
||
ποΈ '''Legal identity.''' Elpha Secure Technology, Inc. is a Delaware corporation incorporated in 2018, as recorded in a Regulation D Form D filing with the U.S. Securities and Exchange Commission (CIK 0001850887).<ref name=" |
ποΈ '''Legal identity.''' Elpha Secure Technology, Inc. is a Delaware corporation incorporated in 2018, as recorded in a Regulation D Form D filing with the U.S. Securities and Exchange Commission (CIK 0001850887).<ref name="formd">{{cite web |title=Elpha Secure Technology, Inc. β Form D |url=https://www.sec.gov/Archives/edgar/data/1850887/000185088722000001/xslFormDX01/primary_doc.xml |publisher=U.S. Securities and Exchange Commission |access-date=2026-03-09}}</ref> The company's website identifies the operating entity as "Elpha Secure Technology Inc." with a principal business address at 580 Fifth Avenue, Suite 820, New York, NY 10036.<ref name="elphamain">{{cite web |title=Elpha Secure |url=https://www.elphasecure.com/ |publisher=Elpha Secure |access-date=2026-03-09}}</ref> A prior address at 576 Fifth Avenue, Suite 903, New York, NY 10036 appears in the SEC filing.<ref name="formd"/> |
||
π '''Regulatory |
π '''Regulatory positioning.''' Elpha positions itself as a "Fully Licensed MGA" operating across all 50 U.S. states, with surplus lines disclaimers indicating that products are offered only through licensed surplus lines producers.<ref name="brokers">{{cite web |title=For Brokers |url=https://www.elphasecure.com/for-brokers |publisher=Elpha Secure |access-date=2026-03-09}}</ref><ref name="newsroom">{{cite web |title=Newsroom |url=https://www.elphasecure.com/newsroom |publisher=Elpha Secure |access-date=2026-03-09}}</ref> Based on its own MGA positioning and explicit statements that it is "financially backed" by specific carriers, Elpha is most supportably classified as a cyber insurtech MGA with delegated underwriting authority rather than a licensed risk-bearing carrier.<ref name="brokers"/> Carrier licensure for a proprietary balance-sheet carrier was not identified in the sources reviewed. |
||
π '''Licensing evidence.''' A public license record from the Florida Department of Financial Services shows a senior claims professional associated with Elpha |
π '''Licensing evidence.''' A public license record from the Florida Department of Financial Services shows a senior claims professional associated with Elpha holding nonresident property and casualty and nonresident surplus lines licensing categories at the same New York address.<ref name="fllicense">{{cite web |title=Licensee Search β Florida Department of Financial Services |url=https://licenseesearch.fldfs.com/Licensee/1390211 |publisher=Florida Department of Financial Services |access-date=2026-03-09}}</ref> This evidences the use of state producer licensing regimes for personnel, though it does not substitute for a full entity producer licensing review across states. Disclosed capacity references in reviewed materials point to U.S. carrier paper rather than Lloyd's syndicate participation.<ref name="brokers"/> |
||
{{Section separator}} |
{{Section separator}} |
||
== Business model and operating architecture == |
== Business model and operating architecture == |
||
π '''Core thesis.''' Elpha's model combines cyber insurance with embedded security software, aiming to reduce loss frequency and severity by integrating security tooling and managed support into the insurance proposition.<ref name="elphamain"/> The insurance product is marketed as a "cyber insurance policy with market-leading coverage," paired with specific economic enhancements β notably reduced ransomware retention and shortened business interruption waiting periods β when the insured uses Elpha's security solution.<ref name="brokers"/> The security product, commonly branded "Elphaware" in earlier materials, is positioned as SaaS installed on endpoints with multiple modules including EDR-like monitoring, backups, MFA for remote access, and SOC support.<ref name="axispartner21">{{cite web |title=AXIS Partners With Elpha Secure to Provide Cyber Security Software for Small Businesses |url=https://www.businesswire.com/news/home/20210315005036/en/AXIS-Partners-With-Elpha-Secure-to-Provide-Cyber-Security-Software-for-Small-Businesses |publisher=Business Wire |date=15 March 2021 |access-date=2026-03-09}}</ref> |
|||
π’ '''Target market.''' Multiple sources converge on an SME-to-lower-mid-market orientation, with |
π’ '''Target market.''' Multiple sources converge on an SME-to-lower-mid-market orientation, with Elpha's marketing emphasizing "small businesses" and "small and midsize businesses."<ref name="cyberins">{{cite web |title=Cyber Insurance |url=https://www.elphasecure.com/cyber-insurance |publisher=Elpha Secure |access-date=2026-03-09}}</ref> A strategic partnership expansion announced by AXIS Capital Holdings Limited directs standalone cyber submissions for policyholders with revenue up to $100 million to Elpha's platform via wholesale brokers, effective July 1, 2024.<ref name="axisexpand24">{{cite web |title=AXIS Expands Partnership with Elpha Secure |url=https://investor.axiscapital.com/press-releases/news-details/2024/AXIS-Expands-Partnership-with-Elpha-Secure---2024-Z_O7iqFmUV/default.aspx |publisher=AXIS Capital Holdings Limited |date=2024 |access-date=2026-03-09}}</ref> |
||
π° '''Bundled economics.''' Elpha's broker-facing marketing states that a "single premium includes" both insurance and its software suite, suggesting bundled economics for the core insured distribution channel.<ref name="brokers"/> Separately, a co-branded page with Selective Insurance indicates per-device pricing tiers ($25 and $37 per device per year), implying the software can also be packaged as a standalone subscription or affinity benefit depending on channel structure.<ref name="selective">{{cite web |title=Selective Insurance |url=https://www.elphasecure.com/selective-insurance |publisher=Elpha Secure |access-date=2026-03-09}}</ref> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Product and coverage analysis == |
== Product and coverage analysis == |
||
π '''Policy structure.''' Elpha |
π '''Policy structure and pricing.''' Elpha advertises a base policy starting at $1,000 and "insurance + software starting cost $1,000."<ref name="smartercov">{{cite web |title=Smarter Coverage |url=https://www.elphasecure.com/landing-pages/smarter-coverage |publisher=Elpha Secure |access-date=2026-03-09}}</ref> Marketed enhancements include a $500 extortion loss retention, a 6-hour waiting period, and a 365-day period of restoration for business interruption when the insured adopts the security solution.<ref name="brokers"/> Marketing frames the product as "straightforward" with embedded software upgrades and enhancements, though the modularity of insuring agreements and distinctions between proprietary and carrier wording are not detailed in accessible product-facing pages.<ref name="cyberins"/> |
||
π‘οΈ '''First-party coverages.''' Elpha's marketing pages explicitly list business interruption and system failure coverage (with waiting-period and restoration-period enhancements), ransomware and cyber extortion coverage (with |
π‘οΈ '''First-party coverages.''' Elpha's marketing pages explicitly list business interruption and system failure coverage (with waiting-period and restoration-period enhancements), ransomware and cyber extortion coverage (with an extortion loss retention enhancement), and incident response expenses.<ref name="smartercov"/> |
||
βοΈ '''Third-party coverages.''' |
βοΈ '''Third-party coverages.''' Listed third-party coverages include network security and privacy liability, regulatory fines, and PCI coverage.<ref name="smartercov"/> |
||
π₯ '''Breach response model.''' Elpha maintains a curated provider panel and encourages policyholders to use listed providers. |
π₯ '''Breach response model.''' Elpha states it maintains a curated provider panel and encourages policyholders to use listed providers. The claims page includes reimbursement gating language stipulating that only expenses incurred through engagement of listed response providers and with Elpha's prior written consent qualify as incident response expenses under the first-party insuring agreement.<ref name="claims">{{cite web |title=Claims |url=https://www.elphasecure.com/insurance/claims |publisher=Elpha Secure |access-date=2026-03-09}}</ref> This indicates a panel-led incident response model with economic controls rather than unrestricted vendor choice. Elpha's claims page provides an incident hotline routed through incident response counsel and references a formal claims email notice process.<ref name="claims"/> |
||
π '''Coverage |
π '''Coverage differentiation.''' Elpha markets "enhanced coverage" β lower retentions, shorter waiting periods, and longer restoration periods β when the insured adopts the security solution.<ref name="cyberins"/> This positions the insurance economics as an adoption lever for the security tooling. |
||
{{Section separator}} |
{{Section separator}} |
||
== Cybersecurity services and technology stack == |
== Cybersecurity services and technology stack == |
||
π₯οΈ '''Service |
π₯οΈ '''Service posture.''' Elpha's software is positioned as endpoint-installed tooling with additional managed services, supported by a Security Operations Center.<ref name="cybertech">{{cite web |title=Cybersecurity Technology |url=https://www.elphasecure.com/cybersecurity-technology |publisher=Elpha Secure |access-date=2026-03-09}}</ref> Pre-bind capabilities include a "deep scanning tool" for external network and cloud assets to detect vulnerabilities and misconfigurations, plus a monthly outreach cadence focused on worst risks with an option for quarterly reporting.<ref name="howitworks">{{cite web |title=How It Works |url=https://www.elphasecure.com/technology/how-it-works |publisher=Elpha Secure |access-date=2026-03-09}}</ref> This functionally resembles underwriting hygiene enforcement and risk-improvement workflows aligned with cyber insurance subjectivities. |
||
π '''Continuous in-force services.''' |
π '''Continuous in-force services.''' Elpha describes a seven-component security agent comprising real-time threat monitoring (EDR-like), remote access protection with MFA, SOC outreach for top patches and mitigations, email security ("ES Mail") for phishing, spam, and fraudulent financial transaction identification, patching capabilities (vulnerability and version management), dark web monitoring, and exposed credential monitoring.<ref name="howitworks"/> |
||
π€ '''Technology partners.''' Elpha launched its cyber insurance offering on Socotra's cloud-native platform |
π€ '''Technology partners.''' Elpha launched its cyber insurance offering on Socotra's cloud-native platform with an implementation time of less than two months. An analytics partnership with CyberCube provides Portfolio Manager and Single Point of Failure Intelligence for portfolio accumulation management and capital discussions.<ref name="elphamain"/><ref name="seriesa">{{cite web |title=Elpha Secure Raises $20 Million in Series A Funding Led by Canapi Ventures |url=https://www.nasdaq.com/press-release/elpha-secure-raises-%2420-million-in-series-a-funding-led-by-canapi-ventures-2022-10-06 |publisher=Nasdaq / PR Newswire |date=6 October 2022 |access-date=2026-03-09}}</ref> In October 2025, Elpha announced a partnership with SentinelOne to integrate its insurance offering with SentinelOne's security platform for SMB customers.<ref name="sentinelone">{{cite web |title=Elpha Secure and SentinelOne Partner to Drive Cyber Resilience and Protection for Customers |url=https://www.prnewswire.com/news-releases/elpha-secure-and-sentinelone-partner-to-drive-cyber-resilience-and-protection-for-customers-302573779.html |publisher=PR Newswire |date=October 2025 |access-date=2026-03-09}}</ref> |
||
β
'''Validation signals.''' Elpha states its software is third-party audited by Security Compass Advisory and references VB100 testing as a validation mechanism.<ref name="howitworks"/><ref name="claims"/> |
|||
π° '''Bundled economics.''' Elpha's broker-facing marketing states that a single premium includes both insurance and the software suite, indicating bundled economics for core insured distribution.<ref name="elpha-brokers"/> Separately, a co-branded page with Selective Insurance shows per-device pricing tiers of $25 and $37 per device per year, implying the software can also be packaged as a standalone subscription or affinity benefit depending on channel structure.<ref>{{cite web |title=Elpha Secure β Selective Insurance |url=https://www.elphasecure.com/selective-insurance |publisher=Elpha Secure Technology, Inc. |access-date=9 March 2026}}</ref> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Distribution, geography, and partnerships == |
== Distribution, geography, and partnerships == |
||
π '''Channel architecture.''' Elpha |
π '''Channel architecture.''' Elpha works with wholesale insurance brokers and markets "quotes in seconds" with an online binding workflow.<ref name="cyberins"/> The AXIS partnership expansion also references routing submissions via wholesale broker partners to Elpha.<ref name="axisexpand24"/> A digital distribution partnership with Affinity Advisors further streamlines access to cyber insurance and security solutions through wholesale broker partners.<ref name="linkedin">{{cite web |title=Elpha Secure LinkedIn Post β Affinity Advisors Partnership |url=https://www.linkedin.com/posts/elpha-secure_cyberinsurance-partnership-sme-activity-7283248640498827264-pNRq |publisher=LinkedIn |access-date=2026-03-09}}</ref> |
||
π '''Geographic footprint.''' Elpha states it operates across all 50 U.S. states.<ref name="brokers"/> The public site is U.S.-oriented with U.S. contact information and surplus lines disclaimers; operational capabilities outside the United States are not described in reviewed sources.<ref name="newsroom"/> |
|||
π¦ '''Capacity providers.''' Elpha's broker page states the program is financially backed by AXIS Surplus Insurance Company and Everest Re Group.<ref name="elpha-brokers"/> Additional disclosures name Everest Indemnity Insurance Company alongside AXIS Surplus Insurance Company as insurers underwriting the cyber program, confirming a multi-carrier structure.<ref>{{cite web |title=AXIS Partners With Elpha Secure to Provide Cyber Security Software for Small Businesses |url=https://investor.axiscapital.com/investors/press-releases/news-details/2021/AXIS-Partners-With-Elpha-Secure-to-Provide-Cyber-Security-Software-for-Small-Businesses/default.aspx |publisher=AXIS Capital Holdings Limited |date=March 2021 |access-date=9 March 2026}}</ref> |
|||
π¦ '''Capacity providers.''' Elpha's broker page states it is financially backed by AXIS Surplus Insurance Company and Everest Re Group.<ref name="brokers"/> Specialist coverage further supports a multi-carrier program structure, naming Everest Indemnity Insurance Company and AXIS Surplus Insurance Company as insurers underwriting the cyber program.<ref name="axisinvestor21">{{cite web |title=AXIS Partners With Elpha Secure to Provide Cyber Security Software for Small Businesses |url=https://investor.axiscapital.com/investors/press-releases/news-details/2021/AXIS-Partners-With-Elpha-Secure-to-Provide-Cyber-Security-Software-for-Small-Businesses/default.aspx |publisher=AXIS Capital Holdings Limited |date=2021 |access-date=2026-03-09}}</ref> |
|||
π '''AXIS relationship.''' The AXIS relationship commenced in 2021, with AXIS serving as both an investor and a capacity provider. By July 2024, AXIS began directing certain standalone SME cyber submissions covering policyholders with up to $100 million in revenue to Elpha's platform, a meaningful indicator of institutional confidence and a signal that AXIS viewed Elpha as a scalable distribution and servicing mechanism for a portion of its SME cyber portfolio.<ref name="axis-2024"/> |
|||
π€ '''AXIS relationship.''' AXIS disclosed that the relationship commenced in 2021 and that AXIS became both an investor in and a capacity provider for Elpha.<ref name="axisexpand24"/> By July 2024, AXIS began directing certain standalone SME cyber submissions for risks with revenue up to $100 million to Elpha's platform.<ref name="axisexpand24"/> This is a meaningful indicator of institutional confidence and suggests AXIS viewed Elpha as a scalable distribution and servicing mechanism for a portion of its SME cyber portfolio. |
|||
π€ '''Distribution partnerships.''' Elpha has referenced a digital distribution partnership with Affinity Advisors to streamline access to cyber insurance and security solutions through wholesale broker partners.<ref>{{cite web |title=Elpha Secure LinkedIn β Affinity Advisors partnership |url=https://www.linkedin.com/posts/elpha-secure_cyberinsurance-partnership-sme-activity-7283248640498827264-pNRq |publisher=LinkedIn |access-date=9 March 2026}}</ref> No identified AXA connection β investor, capacity or reinsurance relationship, or distribution partnership β was found in the sources reviewed.<ref name="nasdaq-seriesa">{{cite web |title=Elpha Secure Raises $20 Million in Series A Funding Led by Canapi Ventures |url=https://www.nasdaq.com/press-release/elpha-secure-raises-%2420-million-in-series-a-funding-led-by-canapi-ventures-2022-10-06 |publisher=Nasdaq / PR Newswire |date=6 October 2022 |access-date=9 March 2026}}</ref> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Leadership, governance, and personnel |
== Leadership, governance, and personnel == |
||
π€ '''Founders.''' Preetam Dutta is identified as CEO in Elpha communications and listed as an executive officer and director in the SEC Form D filing.<ref name=" |
π€ '''Founders.''' Preetam Dutta is identified as CEO in Elpha communications and is listed as an executive officer and director in the SEC Form D filing.<ref name="formd"/><ref name="riskappetite">{{cite web |title=Elpha Secure Increases Risk Appetite |url=https://blog.elphasecure.com/elpha-secure-increases-risk-appetite/ |publisher=Elpha Secure Blog |date=February 2023 |access-date=2026-03-09}}</ref> Gordon Malin is identified by AXIS as Elpha's co-founder and CEO as of June 2024.<ref name="axisexpand24"/> External profiling and Elpha's positioning indicate a technical cybersecurity orientation at the founding level.<ref name="riskappetite"/> |
||
π ''' |
π '''Education.''' David Williams-King's doctoral training is associated with Columbia University, as described on a Columbia CS personal page.<ref name="columbiadwk">{{cite web |title=David Williams-King β Columbia University |url=https://www.cs.columbia.edu/~dwk/ |publisher=Columbia University |access-date=2026-03-09}}</ref> Preetam Dutta's education claims (PhD at Columbia; undergraduate at Yale University) appear in secondary profiles rather than primary filings.<ref name="forward50">{{cite web |title=Forward50 Americas |url=https://sonr.global/wp-content/uploads/2023/10/Forward50-Americas.pdf |publisher=Sonr Global |date=October 2023 |access-date=2026-03-09}}</ref> |
||
π '''Key leadership roles.''' Josh MacDonald is publicly referenced as Chief Underwriting Officer in multiple industry contexts including events and commentary.<ref name="cybcube">{{cite web |title=Cyber Predictions 2023 Webinar |url=https://www.cybcube.com/events/cyber-predictions-2023-webinar |publisher=CyberCube |access-date=2026-03-09}}</ref> David Williams-King self-identifies as having become CTO at Elpha after completing a PhD.<ref name="columbiadwk"/> Perry Tsao appears in a Florida license record with a business address aligned to Elpha and holds nonresident P&C and nonresident surplus lines licensing categories.<ref name="fllicense"/> |
|||
π '''Education.''' David Williams-King's doctoral training is associated with Columbia University. Preetam Dutta's education claims β a PhD at Columbia and an undergraduate degree at Yale University β appear in secondary profiles rather than primary filings and should be treated as contextual.<ref name="prn-sentinel"/><ref>{{cite web |title=Forward50 Americas |url=https://sonr.global/wp-content/uploads/2023/10/Forward50-Americas.pdf |publisher=Sonr Global |date=October 2023 |access-date=9 March 2026}}</ref> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Funding |
== Funding and financial signals == |
||
π΅ ''' |
π΅ '''Series A.''' Elpha completed a $20 million Series A in October 2022 led by Canapi Ventures with participation from existing investors including Stone Point Ventures, AXIS Capital, State Farm Ventures, The Hartford STAG Ventures, Fermat Capital Management, and EOS Venture Partners.<ref name="seriesa"/> Socotra's announcement references Elpha having raised "more than $9 million" in seed funding prior to the Series A. Cumulative disclosed funding therefore exceeds $29 million.<ref name="seriesa"/> |
||
{| class="wikitable sortable" style="width:100%; font-size:0.85em" |
{| class="wikitable sortable" style="width:100%; font-size:0.85em" |
||
|+ π° Elpha Secure |
|+ π° Elpha Secure disclosed funding rounds, amount, and investors |
||
! scope="col" style="text-align:center" | Round |
! scope="col" style="text-align:center" | Round |
||
! scope="col" style="text-align:center" | Date |
! scope="col" style="text-align:center" | Date |
||
! scope="col" style="text-align:right; width:7em" | Amount raised |
! scope="col" style="text-align:right; width:7em" | Amount raised |
||
! scope="col" style="text-align:center" | Lead investor |
! scope="col" style="text-align:center" | Lead investor(s) |
||
! scope="col" style="text-align:center" | Notable co-investors |
! scope="col" style="text-align:center" | Notable co-investors |
||
! scope="col" style="text-align:right; width:7em" | Cumulative funding |
! scope="col" style="text-align:right; width:7em" | Cumulative funding |
||
|- |
|- |
||
| Seed |
|||
| Seed || Referenced by April 2022 announcement || style="text-align:right" | >$9M || β || β || style="text-align:right" | >$9M |
|||
| β |
|||
| style="text-align:right" | >$9M |
|||
| β |
|||
| β |
|||
| style="text-align:right" | >$9M |
|||
|- |
|- |
||
| Series A |
|||
| Series A || October 2022 || style="text-align:right" | $20M || Canapi Ventures || Stone Point Ventures; AXIS Capital; State Farm Ventures; The Hartford STAG Ventures; Fermat Capital Management; EOS Venture Partners || style="text-align:right" | >$29M |
|||
| October 2022 |
|||
| style="text-align:right" | $20M |
|||
| Canapi Ventures |
|||
| Stone Point Ventures; AXIS Capital; State Farm Ventures; The Hartford STAG Ventures; Fermat Capital Management; EOS Venture Partners |
|||
| style="text-align:right" | >$29M |
|||
|- style="background:#f8f9fa" |
|||
| '''Total''' |
|||
| |
|||
| style="text-align:right" | '''>$29M''' |
|||
| |
|||
| |
|||
| style="text-align:right" | '''>$29M''' |
|||
|} |
|} |
||
π '''Financial transparency.''' Elpha does not publicly disclose GWP, policy count, loss ratio, or revenue in the reviewed sources. The only broadly accessible scale proxy is a third-party headcount estimate of approximately 40 employees.<ref name="builtin">{{cite web |title=Elpha Secure Company Profile |url=https://builtin.com/company/elpha-secure |publisher=Built In |access-date=2026-03-09}}</ref><ref name="linkedin"/> No statutory insurance financial filings attributable to an Elpha-owned carrier entity were identified; the review relied on SEC Form D identity data, insurer and partner disclosures, and company-controlled product pages.<ref name="formd"/> |
|||
{{Section separator}} |
|||
{| class="wikitable sortable" style="width:100%; font-size:0.85em" |
|||
== Competitive positioning and risks == |
|||
|+ π Elpha Secure Technology, Inc. β key financial indicators<ref name="sec-formd"/> |
|||
! scope="col" style="text-align:center" | Metric |
|||
π― '''Cluster placement.''' Within the cyber insurtech ecosystem, Elpha fits the "embedded cyber defense + cyber insurance" cluster: an underwriting structure plus active security tooling and services, with insurance economics used as an adoption lever for the security product.<ref name="smartercov"/> |
|||
! scope="col" style="text-align:right; width:8em" | Most recent figure |
|||
! scope="col" style="text-align:center" | Source |
|||
π '''Peer analogs.''' At-Bay positions a combined insurance and security platform including MDR, with policy enhancements tied to adopting security controls.<ref name="atbay">{{cite web |title=At-Bay: Cyber Insurance & MDR Security Platform |url=https://www.at-bay.com/ |publisher=At-Bay |access-date=2026-03-09}}</ref> Coalition markets "active" cyber insurance with incident response and affiliated security capabilities.<ref name="coalition">{{cite web |title=Coalition β Active Cyber Insurance |url=https://www.coalitioninc.com/au/ |publisher=Coalition |access-date=2026-03-09}}</ref> Cowbell emphasizes continuous underwriting and continuous risk assessment as core differentiators.<ref name="cowbell">{{cite web |title=Continuous Underwriting |url=https://cowbell.insure/au/continuous-underwriting/ |publisher=Cowbell |access-date=2026-03-09}}</ref> Elpha's differentiation relative to these larger platforms rests not on scale disclosures β which are limited β but on explicit program relationships with AXIS that route SME submissions to its platform and on security product breadth centered on endpoint-installed capabilities plus SOC outreach, including newer email-security tooling.<ref name="axisexpand24"/> |
|||
|- |
|||
| Gross Written Premium (GWP) || style="text-align:right" | β || β |
|||
π° '''Moat assessment.''' Elpha's CyberCube partnership for portfolio analytics and accumulation risk tooling indicates an intent to professionalize catastrophic cyber risk management for capacity discussions.<ref name="elphamain"/> The software suite is described as modular and configurable (active and passive modes), covering endpoint monitoring, backups, email security, and vulnerability management β broader than a pure scan-based underwriting overlay.<ref name="howitworks"/> AXIS's 2024 decision to direct certain SME submissions to Elpha indicates distribution leverage, and disclosed carrier backers (AXIS Surplus and Everest entities) provide a positive stability signal, though AXIS also being an investor intensifies counterparty concentration risk.<ref name="brokers"/><ref name="axisexpand24"/> |
|||
|- |
|||
| Policy count (in force) || style="text-align:right" | β || β |
|||
β οΈ '''Risk factors.''' The program's backing by a limited set of carriers creates fragility if capacity appetite changes, pricing corridors tighten, or performance triggers are invoked.<ref name="brokers"/> Cyber accumulation remains the existential risk of the class; a Milliman case study quoting Elpha's underwriting leadership highlights catastrophic systemic exposure framing.<ref name="milliman">{{cite web |title=Safeguarding Small Businesses Against Cyber Threats |url=https://www.milliman.com/en/Insurance/solution-story/safeguarding-small-businesses-against-cyber-threats |publisher=Milliman |access-date=2026-03-09}}</ref> Bundling security into premium requires consistent adoption and operational support to realize loss benefits, and deployment and configuration remain operational realities.<ref name="howitworks"/> Larger "InsurSec" peers also market insurance enhancements linked to security adoption and many operate at significantly larger disclosed scale, increasing their ability to invest in threat intelligence and incident response.<ref name="atbay"/> The model relies on surplus lines distribution and producer licensing compliance across many jurisdictions.<ref name="newsroom"/> |
|||
|- |
|||
| Net loss ratio || style="text-align:right" | β || β |
|||
|- |
|||
| Revenue || style="text-align:right" | β || β |
|||
|- |
|||
| Net income / net loss || style="text-align:right" | β || β |
|||
|- |
|||
| MGA commission rate (% of GWP) || style="text-align:right" | β || β |
|||
|- |
|||
| Headcount || style="text-align:right" | ~40 || Built In (third-party listing) |
|||
|- |
|||
| GWP per employee || style="text-align:right" | β || β |
|||
|} |
|||
{{Section separator}} |
{{Section separator}} |
||
== Strategic trajectory == |
|||
== Competitive positioning, risks, and outlook == |
|||
π '''Product-market broadening.''' In February 2023, Elpha stated it increased capacity to quote businesses with revenues up to $100 million and broadened underwriting appetite into additional industries including transportation, entertainment, life sciences, and certain education sectors.<ref name="riskappetite"/> |
|||
πΊοΈ '''Competitive cluster.''' Within the cyber insurtech ecosystem, Elpha fits the "embedded cyber defence + cyber insurance" cluster, combining underwriting structure with active security tooling and using insurance economics β retention and waiting-period enhancements β as an adoption lever.<ref name="elpha-smarter"/> Closest peer analogues include At-Bay, which positions a combined insurance and security platform with MDR and policy enhancements tied to security controls; Coalition, which markets active cyber insurance with incident response and affiliated security capabilities; and Cowbell, which emphasises continuous underwriting and continuous risk assessment.<ref>{{cite web |title=At-Bay β Cyber Insurance & MDR Security Platform |url=https://www.at-bay.com/ |publisher=At-Bay |access-date=9 March 2026}}</ref><ref>{{cite web |title=Coalition β Active Insurance & Cybersecurity |url=https://www.coalitioninc.com/ |publisher=Coalition, Inc. |access-date=9 March 2026}}</ref><ref>{{cite web |title=Cowbell β Continuous Underwriting |url=https://cowbell.insure/au/continuous-underwriting/ |publisher=Cowbell |access-date=9 March 2026}}</ref> |
|||
π '''Institutional distribution scaling.''' AXIS's 2024 expanded partnership indicates a deliberate shift of SME cyber submissions to Elpha's platform beginning July 1, 2024, covering standalone cyber submissions for risks with revenue up to $100 million routed via wholesale brokers.<ref name="axisexpand24"/> |
|||
βοΈ '''Differentiation.''' Elpha's differentiation versus these larger platforms rests not on scale disclosures, which remain limited, but on two factors: explicit program relationships with AXIS that route SME cyber submissions to Elpha's platform, and security product breadth centred on endpoint-installed capabilities plus SOC outreach, including newer email-security tooling.<ref name="axis-2024"/> |
|||
βοΈ '''Security capability expansion.''' Elpha's ES Mail features and associated fraud-oriented detections indicate expansion from endpoint tooling into email security and financial transaction fraud signaling.<ref name="howitworks"/> The SentinelOne partnership (October 2025) signals a strategy of integrating with a mainstream endpoint security platform, potentially as an alternative to purely proprietary controls or as a co-managed layer.<ref name="sentinelone"/> |
|||
π° '''Moat assessment.''' Elpha's partnership with CyberCube for portfolio analytics and accumulation risk tooling signals an intent to professionalise cyber catastrophe management for capacity discussions.<ref name="elpha-home"/> The software suite is described as modular and configurable in active or passive modes, covering endpoint monitoring, backups, email security, and vulnerability management β broader than a pure scan-based underwriting overlay.<ref name="elpha-howitworks"/> AXIS's 2024 decision to direct certain SME submissions to Elpha indicates distribution leverage, while disclosed carrier backers (AXIS Surplus and Everest entities), combined with AXIS's investor role, provide a positive capacity-stability signal but also intensify counterparty concentration risk.<ref name="elpha-brokers"/><ref name="axis-2024"/> |
|||
ποΈ '''Newsroom developments.''' A February 2026 Elpha newsroom headline indicates the ES Mail launch and cybercrime limit expansion to $500,000.<ref name="newsroom"/> |
|||
β οΈ '''Risk factors.''' Key institutional risk factors include: |
|||
* '''Capacity dependency:''' The program's backing by a limited set of carriers creates single-point fragility if capacity appetite changes, pricing corridors tighten, or performance triggers are invoked.<ref name="elpha-brokers"/> |
|||
* '''Systemic aggregation risk:''' Cyber accumulation remains the existential risk of the class; a Milliman case study quoting Elpha's underwriting leadership highlights catastrophic systemic exposure framing.<ref>{{cite web |title=Safeguarding Small Businesses Against Cyber Threats |url=https://www.milliman.com/en/Insurance/solution-story/safeguarding-small-businesses-against-cyber-threats |publisher=Milliman |access-date=9 March 2026}}</ref> |
|||
* '''Execution risk in bundling:''' Bundling security into premium requires consistent adoption and operational support (SOC capacity, deployment success) to realise loss benefits; Elpha acknowledges installation workflows and feature toggles as operational realities.<ref name="elpha-howitworks"/> |
|||
* '''Claims cost control vs customer experience:''' Reimbursement gating through approved providers and prior consent can manage severity but may create friction for policyholders preferring other vendors.<ref name="elpha-claims"/> |
|||
* '''Competitive pressure:''' Larger InsurSec peers operate at significantly greater disclosed scale, increasing their ability to invest in threat intelligence and incident response.<ref>{{cite web |title=At-Bay β Cyber Insurance & MDR Security Platform |url=https://www.at-bay.com/ |publisher=At-Bay |access-date=9 March 2026}}</ref> |
|||
* '''Regulatory risk:''' The model relies on surplus lines distribution and producer licensing compliance across many jurisdictions.<ref name="elpha-newsroom"/> |
|||
π '''Strategic trajectory.''' In February 2023 Elpha increased capacity to quote businesses with revenues up to $100 million and broadened underwriting appetite into additional industries including transportation, entertainment, life sciences, and certain education sectors.<ref>{{cite web |title=Elpha Secure increases risk appetite |url=https://blog.elphasecure.com/elpha-secure-increases-risk-appetite/ |publisher=Elpha Secure Blog |date=February 2023 |access-date=9 March 2026}}</ref> AXIS's expanded partnership in mid-2024 formalised a deliberate shift of SME cyber submissions to Elpha's platform.<ref name="axis-2024"/> Security capabilities have expanded from endpoint tooling into email security and financial transaction fraud signalling through the ES Mail feature, and the SentinelOne partnership (October 2025) signals a strategy of integrating with a mainstream endpoint security platform as a co-managed layer.<ref name="elpha-howitworks"/><ref name="prn-sentinel"/> In February 2026, Elpha's newsroom indicated an ES Mail launch and cybercrime limit expansion to $500,000.<ref name="elpha-newsroom"/> |
|||
{{Section separator}} |
{{Section separator}} |
||
| Line 125: | Line 194: | ||
{| class="wikitable sortable" style="width:100%; font-size:0.85em" |
{| class="wikitable sortable" style="width:100%; font-size:0.85em" |
||
|+ π
Elpha Secure |
|+ π
Elpha Secure key milestones and events |
||
! scope="col" style="text-align:center |
! scope="col" style="text-align:center" | Date |
||
! scope="col" style="text-align:center" | Event |
! scope="col" style="text-align:center" | Event |
||
|- |
|- |
||
| 2018 |
|||
| 2018 || Delaware incorporation and founding.<ref name="sec-formd"/> |
|||
| Delaware incorporation and founding.<ref name="formd"/> |
|||
|- |
|- |
||
| March 2021 |
|||
| March 2021 || AXIS announces strategic partnership to provide cyber insurance and Elphaware-based software protection for small businesses.<ref name="bw-axis-2021"/> |
|||
| AXIS announces strategic partnership to provide cyber insurance and Elphaware-based software protection for small businesses.<ref name="axispartner21"/> |
|||
|- |
|- |
||
| April 2022 |
|||
| April 2022 || Cyber insurance offering launched on the Socotra platform; seed funding referenced as more than $9 million. |
|||
| Cyber insurance offering launches on Socotra platform; seed funding referenced as "more than $9 million." |
|||
|- |
|- |
||
| October 2022 |
|||
| October 2022 || $20 million Series A led by Canapi Ventures announced.<ref name="nasdaq-seriesa"/> |
|||
| $20 million Series A led by Canapi Ventures announced.<ref name="seriesa"/> |
|||
|- |
|- |
||
| November 2022 |
|||
| November 2022 || CyberCube partnership announced for portfolio analytics and single-point-of-failure intelligence.<ref name="elpha-home"/> |
|||
| CyberCube partnership announced for portfolio analytics and single-point-of-failure intelligence.<ref name="elphamain"/> |
|||
|- |
|- |
||
| February 2023 |
|||
| February 2023 || Increased capacity to quote risks with up to $100 million in revenue; broadened underwriting appetite into additional industries.<ref>{{cite web |title=Elpha Secure increases risk appetite |url=https://blog.elphasecure.com/elpha-secure-increases-risk-appetite/ |publisher=Elpha Secure Blog |date=February 2023 |access-date=9 March 2026}}</ref> |
|||
| Increased capacity to quote up to $100 million revenue risks; broadened underwriting appetite.<ref name="riskappetite"/> |
|||
|- |
|- |
||
| JuneβJuly 2024 |
|||
| JuneβJuly 2024 || AXIS expands partnership; begins routing certain SME standalone cyber submissions to Elpha via wholesale brokers effective 1 July 2024.<ref name="axis-2024"/> |
|||
| AXIS expands partnership; begins routing certain SME standalone cyber submissions to Elpha via wholesale brokers (effective July 1, 2024).<ref name="axisexpand24"/> |
|||
|- |
|- |
||
| October 2025 |
|||
| October 2025 || SentinelOne partnership announced.<ref name="prn-sentinel"/> |
|||
| SentinelOne partnership announced.<ref name="sentinelone"/> |
|||
|- |
|- |
||
| February 2026 |
|||
| February 2026 || Newsroom headline indicates ES Mail launch and cybercrime limit expansion to $500,000.<ref name="elpha-newsroom"/> |
|||
| Newsroom headline indicates ES Mail launch and cybercrime limit expansion to $500,000.<ref name="newsroom"/> |
|||
|} |
|} |
||
{{Section separator}} |
|||
== See also == |
|||
* [[Cyber insurtech MGAs and underwriting agencies]] |
|||
{{Section separator}} |
{{Section separator}} |
||
Revision as of 14:32, 9 March 2026
Elpha Secure | |
|---|---|
| Elpha Secure Technology, Inc. | |
 | |
| Corporate identity | |
| Type | Private β cyber insurtech MGA |
| License type | Surplus lines MGA |
| Incorporation | Delaware |
| Founded | 2018 |
| Headquarters | New York, New York |
| Domicile | Delaware |
| Licensed jurisdictions | All 50 U.S. states |
| Major shareholders | Canapi Ventures Stone Point Ventures AXIS Capital State Farm Ventures The Hartford STAG Ventures Fermat Capital Management EOS Venture Partners |
| Key people | Preetam Dutta, co-founder and CEO Gordon Malin, co-founder and CEO Josh MacDonald, Chief Underwriting Officer David Williams-King, CTO |
| Number of employees | 40 (third-party estimate) |
| Business & markets | |
| Customer segments | Small and midsize businesses (revenue up to $100 million) |
| Lines of business | Cyber insurance |
| Main products & services | Cyber insurance policy Elphaware security software suite ES Mail email security |
| Technology platform | Socotra (cloud-native insurance platform) |
| Capacity providers | AXIS Surplus Insurance Company Everest Indemnity Insurance Company (Everest Re Group) |
| Distribution | Wholesale insurance brokers |
| Geographic markets | United States (all 50 states) |
| Competitors | At-Bay Coalition Cowbell |
| Key financials | |
| Total funding raised | >$29 million |
| Last funding round | Series A, $20 million, October 2022 |
| Lead investors | Canapi Ventures (Series A) |
π Elpha Secure is a Delaware-incorporated cyber insurtech MGA founded in 2018 that combines proprietary endpoint security software with surplus lines cyber insurance for U.S. small and midsize businesses with revenue up to $100 million. The operating entity, Elpha Secure Technology, Inc. (CIK 0001850887), is headquartered at 580 Fifth Avenue, New York, and operates across all 50 U.S. states through wholesale broker distribution. The company is financially backed by AXIS Surplus Insurance Company and Everest Indemnity Insurance Company under a multi-carrier program structure.
π° Funding. Cumulative disclosed funding exceeds $29 million, comprising more than $9 million in seed funding and a $20 million Series A completed in October 2022 led by Canapi Ventures. Co-investors include Stone Point Ventures, AXIS Capital, State Farm Ventures, The Hartford STAG Ventures, Fermat Capital Management, and EOS Venture Partners. Valuation and profitability metrics have not been publicly disclosed.
π‘οΈ Product design. The insurance product is marketed as a cyber insurance policy starting at $1,000, with economic enhancements tied to adoption of the Elphaware security suite β including a $500 extortion loss retention, a 6-hour business interruption waiting period, and a 365-day period of restoration. First-party coverages include business interruption, ransomware, and incident response expenses; third-party coverages include network security and privacy liability, regulatory fines, and PCI coverage.
π₯οΈ Security technology. Elpha's seven-component security agent provides real-time EDR-like threat monitoring, remote access protection with MFA, SOC-driven patch outreach, ES Mail email security for phishing and financial fraud detection, vulnerability management, dark web monitoring, and exposed credential monitoring. Pre-bind capabilities include a deep scanning tool for external network and cloud assets. The software is third-party audited by Security Compass Advisory with VB100 testing as an additional validation mechanism.
π€ AXIS relationship. AXIS commenced its strategic partnership with Elpha in March 2021, becoming both an investor and a capacity provider. By July 2024, AXIS expanded the relationship to direct certain standalone SME cyber submissions for risks with revenue up to $100 million to Elpha's platform via wholesale brokers. This institutional commitment positions Elpha as a scalable distribution and servicing mechanism for a segment of AXIS's SME cyber portfolio.
π Technology partnerships. Elpha launched its insurance offering on Socotra's cloud-native platform with implementation in less than two months. A CyberCube analytics partnership provides Portfolio Manager and Single Point of Failure Intelligence for accumulation risk management. The October 2025 SentinelOne partnership integrates Elpha's insurance offering with SentinelOne's endpoint security platform for SMB customers, signaling a strategy of layering mainstream security alongside proprietary controls.
π― Competitive positioning. Elpha fits the embedded cyber defense plus insurance cluster alongside peers At-Bay, Coalition, and Cowbell, which also market insurance enhancements linked to security adoption. Elpha's differentiation rests on explicit AXIS program relationships routing SME submissions, security product breadth centered on endpoint-installed capabilities and SOC outreach, and the bundled insurance-plus-software economic model. Larger peers operate at significantly greater disclosed scale, increasing their investment capacity in threat intelligence and incident response.
β οΈ Risk factors. Capacity dependency on a limited set of carriers (AXIS Surplus and Everest entities) creates fragility if appetite changes or performance triggers are invoked, compounded by AXIS's dual investor-capacity role. Cyber accumulation remains the existential risk of the class, and the bundled security model requires consistent deployment and SOC support to realize loss benefits. Claims reimbursement gating through approved providers may create policyholder friction, and surplus lines distribution demands compliance across many jurisdictions.
π Strategic trajectory. Elpha broadened its underwriting appetite in February 2023 to cover revenues up to $100 million across transportation, entertainment, life sciences, and education sectors. The AXIS partnership expansion in mid-2024 and the SentinelOne partnership in late 2025 signal continued distribution scaling and security capability layering. A February 2026 newsroom headline indicates the ES Mail launch and cybercrime limit expansion to $500,000, reflecting product-market broadening across both insurance and security dimensions.
The following sections provide further details.
Corporate and regulatory footprint
ποΈ Legal identity. Elpha Secure Technology, Inc. is a Delaware corporation incorporated in 2018, as recorded in a Regulation D Form D filing with the U.S. Securities and Exchange Commission (CIK 0001850887).[1] The company's website identifies the operating entity as "Elpha Secure Technology Inc." with a principal business address at 580 Fifth Avenue, Suite 820, New York, NY 10036.[2] A prior address at 576 Fifth Avenue, Suite 903, New York, NY 10036 appears in the SEC filing.[1]
π Regulatory positioning. Elpha positions itself as a "Fully Licensed MGA" operating across all 50 U.S. states, with surplus lines disclaimers indicating that products are offered only through licensed surplus lines producers.[3][4] Based on its own MGA positioning and explicit statements that it is "financially backed" by specific carriers, Elpha is most supportably classified as a cyber insurtech MGA with delegated underwriting authority rather than a licensed risk-bearing carrier.[3] Carrier licensure for a proprietary balance-sheet carrier was not identified in the sources reviewed.
π Licensing evidence. A public license record from the Florida Department of Financial Services shows a senior claims professional associated with Elpha holding nonresident property and casualty and nonresident surplus lines licensing categories at the same New York address.[5] This evidences the use of state producer licensing regimes for personnel, though it does not substitute for a full entity producer licensing review across states. Disclosed capacity references in reviewed materials point to U.S. carrier paper rather than Lloyd's syndicate participation.[3]
Business model and operating architecture
π Core thesis. Elpha's model combines cyber insurance with embedded security software, aiming to reduce loss frequency and severity by integrating security tooling and managed support into the insurance proposition.[2] The insurance product is marketed as a "cyber insurance policy with market-leading coverage," paired with specific economic enhancements β notably reduced ransomware retention and shortened business interruption waiting periods β when the insured uses Elpha's security solution.[3] The security product, commonly branded "Elphaware" in earlier materials, is positioned as SaaS installed on endpoints with multiple modules including EDR-like monitoring, backups, MFA for remote access, and SOC support.[6]
π’ Target market. Multiple sources converge on an SME-to-lower-mid-market orientation, with Elpha's marketing emphasizing "small businesses" and "small and midsize businesses."[7] A strategic partnership expansion announced by AXIS Capital Holdings Limited directs standalone cyber submissions for policyholders with revenue up to $100 million to Elpha's platform via wholesale brokers, effective July 1, 2024.[8]
π° Bundled economics. Elpha's broker-facing marketing states that a "single premium includes" both insurance and its software suite, suggesting bundled economics for the core insured distribution channel.[3] Separately, a co-branded page with Selective Insurance indicates per-device pricing tiers ($25 and $37 per device per year), implying the software can also be packaged as a standalone subscription or affinity benefit depending on channel structure.[9]
Product and coverage analysis
π Policy structure and pricing. Elpha advertises a base policy starting at $1,000 and "insurance + software starting cost $1,000."[10] Marketed enhancements include a $500 extortion loss retention, a 6-hour waiting period, and a 365-day period of restoration for business interruption when the insured adopts the security solution.[3] Marketing frames the product as "straightforward" with embedded software upgrades and enhancements, though the modularity of insuring agreements and distinctions between proprietary and carrier wording are not detailed in accessible product-facing pages.[7]
π‘οΈ First-party coverages. Elpha's marketing pages explicitly list business interruption and system failure coverage (with waiting-period and restoration-period enhancements), ransomware and cyber extortion coverage (with an extortion loss retention enhancement), and incident response expenses.[10]
βοΈ Third-party coverages. Listed third-party coverages include network security and privacy liability, regulatory fines, and PCI coverage.[10]
π₯ Breach response model. Elpha states it maintains a curated provider panel and encourages policyholders to use listed providers. The claims page includes reimbursement gating language stipulating that only expenses incurred through engagement of listed response providers and with Elpha's prior written consent qualify as incident response expenses under the first-party insuring agreement.[11] This indicates a panel-led incident response model with economic controls rather than unrestricted vendor choice. Elpha's claims page provides an incident hotline routed through incident response counsel and references a formal claims email notice process.[11]
π Coverage differentiation. Elpha markets "enhanced coverage" β lower retentions, shorter waiting periods, and longer restoration periods β when the insured adopts the security solution.[7] This positions the insurance economics as an adoption lever for the security tooling.
Cybersecurity services and technology stack
π₯οΈ Service posture. Elpha's software is positioned as endpoint-installed tooling with additional managed services, supported by a Security Operations Center.[12] Pre-bind capabilities include a "deep scanning tool" for external network and cloud assets to detect vulnerabilities and misconfigurations, plus a monthly outreach cadence focused on worst risks with an option for quarterly reporting.[13] This functionally resembles underwriting hygiene enforcement and risk-improvement workflows aligned with cyber insurance subjectivities.
π Continuous in-force services. Elpha describes a seven-component security agent comprising real-time threat monitoring (EDR-like), remote access protection with MFA, SOC outreach for top patches and mitigations, email security ("ES Mail") for phishing, spam, and fraudulent financial transaction identification, patching capabilities (vulnerability and version management), dark web monitoring, and exposed credential monitoring.[13]
π€ Technology partners. Elpha launched its cyber insurance offering on Socotra's cloud-native platform with an implementation time of less than two months. An analytics partnership with CyberCube provides Portfolio Manager and Single Point of Failure Intelligence for portfolio accumulation management and capital discussions.[2][14] In October 2025, Elpha announced a partnership with SentinelOne to integrate its insurance offering with SentinelOne's security platform for SMB customers.[15]
β Validation signals. Elpha states its software is third-party audited by Security Compass Advisory and references VB100 testing as a validation mechanism.[13][11]
Distribution, geography, and partnerships
π Channel architecture. Elpha works with wholesale insurance brokers and markets "quotes in seconds" with an online binding workflow.[7] The AXIS partnership expansion also references routing submissions via wholesale broker partners to Elpha.[8] A digital distribution partnership with Affinity Advisors further streamlines access to cyber insurance and security solutions through wholesale broker partners.[16]
π Geographic footprint. Elpha states it operates across all 50 U.S. states.[3] The public site is U.S.-oriented with U.S. contact information and surplus lines disclaimers; operational capabilities outside the United States are not described in reviewed sources.[4]
π¦ Capacity providers. Elpha's broker page states it is financially backed by AXIS Surplus Insurance Company and Everest Re Group.[3] Specialist coverage further supports a multi-carrier program structure, naming Everest Indemnity Insurance Company and AXIS Surplus Insurance Company as insurers underwriting the cyber program.[17]
π€ AXIS relationship. AXIS disclosed that the relationship commenced in 2021 and that AXIS became both an investor in and a capacity provider for Elpha.[8] By July 2024, AXIS began directing certain standalone SME cyber submissions for risks with revenue up to $100 million to Elpha's platform.[8] This is a meaningful indicator of institutional confidence and suggests AXIS viewed Elpha as a scalable distribution and servicing mechanism for a portion of its SME cyber portfolio.
Leadership, governance, and personnel
π€ Founders. Preetam Dutta is identified as CEO in Elpha communications and is listed as an executive officer and director in the SEC Form D filing.[1][18] Gordon Malin is identified by AXIS as Elpha's co-founder and CEO as of June 2024.[8] External profiling and Elpha's positioning indicate a technical cybersecurity orientation at the founding level.[18]
π Education. David Williams-King's doctoral training is associated with Columbia University, as described on a Columbia CS personal page.[19] Preetam Dutta's education claims (PhD at Columbia; undergraduate at Yale University) appear in secondary profiles rather than primary filings.[20]
π Key leadership roles. Josh MacDonald is publicly referenced as Chief Underwriting Officer in multiple industry contexts including events and commentary.[21] David Williams-King self-identifies as having become CTO at Elpha after completing a PhD.[19] Perry Tsao appears in a Florida license record with a business address aligned to Elpha and holds nonresident P&C and nonresident surplus lines licensing categories.[5]
Funding and financial signals
π΅ Series A. Elpha completed a $20 million Series A in October 2022 led by Canapi Ventures with participation from existing investors including Stone Point Ventures, AXIS Capital, State Farm Ventures, The Hartford STAG Ventures, Fermat Capital Management, and EOS Venture Partners.[14] Socotra's announcement references Elpha having raised "more than $9 million" in seed funding prior to the Series A. Cumulative disclosed funding therefore exceeds $29 million.[14]
| Round | Date | Amount raised | Lead investor(s) | Notable co-investors | Cumulative funding |
|---|---|---|---|---|---|
| Seed | β | >$9M | β | β | >$9M |
| Series A | October 2022 | $20M | Canapi Ventures | Stone Point Ventures; AXIS Capital; State Farm Ventures; The Hartford STAG Ventures; Fermat Capital Management; EOS Venture Partners | >$29M |
| Total | >$29M | >$29M |
π Financial transparency. Elpha does not publicly disclose GWP, policy count, loss ratio, or revenue in the reviewed sources. The only broadly accessible scale proxy is a third-party headcount estimate of approximately 40 employees.[22][16] No statutory insurance financial filings attributable to an Elpha-owned carrier entity were identified; the review relied on SEC Form D identity data, insurer and partner disclosures, and company-controlled product pages.[1]
Competitive positioning and risks
π― Cluster placement. Within the cyber insurtech ecosystem, Elpha fits the "embedded cyber defense + cyber insurance" cluster: an underwriting structure plus active security tooling and services, with insurance economics used as an adoption lever for the security product.[10]
π Peer analogs. At-Bay positions a combined insurance and security platform including MDR, with policy enhancements tied to adopting security controls.[23] Coalition markets "active" cyber insurance with incident response and affiliated security capabilities.[24] Cowbell emphasizes continuous underwriting and continuous risk assessment as core differentiators.[25] Elpha's differentiation relative to these larger platforms rests not on scale disclosures β which are limited β but on explicit program relationships with AXIS that route SME submissions to its platform and on security product breadth centered on endpoint-installed capabilities plus SOC outreach, including newer email-security tooling.[8]
π° Moat assessment. Elpha's CyberCube partnership for portfolio analytics and accumulation risk tooling indicates an intent to professionalize catastrophic cyber risk management for capacity discussions.[2] The software suite is described as modular and configurable (active and passive modes), covering endpoint monitoring, backups, email security, and vulnerability management β broader than a pure scan-based underwriting overlay.[13] AXIS's 2024 decision to direct certain SME submissions to Elpha indicates distribution leverage, and disclosed carrier backers (AXIS Surplus and Everest entities) provide a positive stability signal, though AXIS also being an investor intensifies counterparty concentration risk.[3][8]
β οΈ Risk factors. The program's backing by a limited set of carriers creates fragility if capacity appetite changes, pricing corridors tighten, or performance triggers are invoked.[3] Cyber accumulation remains the existential risk of the class; a Milliman case study quoting Elpha's underwriting leadership highlights catastrophic systemic exposure framing.[26] Bundling security into premium requires consistent adoption and operational support to realize loss benefits, and deployment and configuration remain operational realities.[13] Larger "InsurSec" peers also market insurance enhancements linked to security adoption and many operate at significantly larger disclosed scale, increasing their ability to invest in threat intelligence and incident response.[23] The model relies on surplus lines distribution and producer licensing compliance across many jurisdictions.[4]
Strategic trajectory
π Product-market broadening. In February 2023, Elpha stated it increased capacity to quote businesses with revenues up to $100 million and broadened underwriting appetite into additional industries including transportation, entertainment, life sciences, and certain education sectors.[18]
π Institutional distribution scaling. AXIS's 2024 expanded partnership indicates a deliberate shift of SME cyber submissions to Elpha's platform beginning July 1, 2024, covering standalone cyber submissions for risks with revenue up to $100 million routed via wholesale brokers.[8]
βοΈ Security capability expansion. Elpha's ES Mail features and associated fraud-oriented detections indicate expansion from endpoint tooling into email security and financial transaction fraud signaling.[13] The SentinelOne partnership (October 2025) signals a strategy of integrating with a mainstream endpoint security platform, potentially as an alternative to purely proprietary controls or as a co-managed layer.[15]
ποΈ Newsroom developments. A February 2026 Elpha newsroom headline indicates the ES Mail launch and cybercrime limit expansion to $500,000.[4]
Company timeline
| Date | Event |
|---|---|
| 2018 | Delaware incorporation and founding.[1] |
| March 2021 | AXIS announces strategic partnership to provide cyber insurance and Elphaware-based software protection for small businesses.[6] |
| April 2022 | Cyber insurance offering launches on Socotra platform; seed funding referenced as "more than $9 million." |
| October 2022 | $20 million Series A led by Canapi Ventures announced.[14] |
| November 2022 | CyberCube partnership announced for portfolio analytics and single-point-of-failure intelligence.[2] |
| February 2023 | Increased capacity to quote up to $100 million revenue risks; broadened underwriting appetite.[18] |
| JuneβJuly 2024 | AXIS expands partnership; begins routing certain SME standalone cyber submissions to Elpha via wholesale brokers (effective July 1, 2024).[8] |
| October 2025 | SentinelOne partnership announced.[15] |
| February 2026 | Newsroom headline indicates ES Mail launch and cybercrime limit expansion to $500,000.[4] |
See also
References
- β 1.0 1.1 1.2 1.3 1.4 "Elpha Secure Technology, Inc. β Form D". U.S. Securities and Exchange Commission. Retrieved 2026-03-09.
- β 2.0 2.1 2.2 2.3 2.4 "Elpha Secure". Elpha Secure. Retrieved 2026-03-09.
- β 3.00 3.01 3.02 3.03 3.04 3.05 3.06 3.07 3.08 3.09 "For Brokers". Elpha Secure. Retrieved 2026-03-09.
- β 4.0 4.1 4.2 4.3 4.4 "Newsroom". Elpha Secure. Retrieved 2026-03-09.
- β 5.0 5.1 "Licensee Search β Florida Department of Financial Services". Florida Department of Financial Services. Retrieved 2026-03-09.
- β 6.0 6.1 "AXIS Partners With Elpha Secure to Provide Cyber Security Software for Small Businesses". Business Wire. 15 March 2021. Retrieved 2026-03-09.
- β 7.0 7.1 7.2 7.3 "Cyber Insurance". Elpha Secure. Retrieved 2026-03-09.
- β 8.0 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 "AXIS Expands Partnership with Elpha Secure". AXIS Capital Holdings Limited. 2024. Retrieved 2026-03-09.
- β "Selective Insurance". Elpha Secure. Retrieved 2026-03-09.
- β 10.0 10.1 10.2 10.3 "Smarter Coverage". Elpha Secure. Retrieved 2026-03-09.
- β 11.0 11.1 11.2 "Claims". Elpha Secure. Retrieved 2026-03-09.
- β "Cybersecurity Technology". Elpha Secure. Retrieved 2026-03-09.
- β 13.0 13.1 13.2 13.3 13.4 13.5 "How It Works". Elpha Secure. Retrieved 2026-03-09.
- β 14.0 14.1 14.2 14.3 "Elpha Secure Raises $20 Million in Series A Funding Led by Canapi Ventures". Nasdaq / PR Newswire. 6 October 2022. Retrieved 2026-03-09.
- β 15.0 15.1 15.2 "Elpha Secure and SentinelOne Partner to Drive Cyber Resilience and Protection for Customers". PR Newswire. October 2025. Retrieved 2026-03-09.
- β 16.0 16.1 "Elpha Secure LinkedIn Post β Affinity Advisors Partnership". LinkedIn. Retrieved 2026-03-09.
- β "AXIS Partners With Elpha Secure to Provide Cyber Security Software for Small Businesses". AXIS Capital Holdings Limited. 2021. Retrieved 2026-03-09.
- β 18.0 18.1 18.2 18.3 "Elpha Secure Increases Risk Appetite". Elpha Secure Blog. February 2023. Retrieved 2026-03-09.
- β 19.0 19.1 "David Williams-King β Columbia University". Columbia University. Retrieved 2026-03-09.
- β "Forward50 Americas" (PDF). Sonr Global. October 2023. Retrieved 2026-03-09.
- β "Cyber Predictions 2023 Webinar". CyberCube. Retrieved 2026-03-09.
- β "Elpha Secure Company Profile". Built In. Retrieved 2026-03-09.
- β 23.0 23.1 "At-Bay: Cyber Insurance & MDR Security Platform". At-Bay. Retrieved 2026-03-09.
- β "Coalition β Active Cyber Insurance". Coalition. Retrieved 2026-03-09.
- β "Continuous Underwriting". Cowbell. Retrieved 2026-03-09.
- β "Safeguarding Small Businesses Against Cyber Threats". Milliman. Retrieved 2026-03-09.