Evolve MGA

🏢 Legal entity. The operating legal entity is Evolve Cyber Insurance Services LLC, trading as Evolve MGA.^[1][2] A Rhode Island Department of State annual report filed in 2021 lists California as the state of formation and San Rafael as the principal office address.^[2] The company's website identifies San Diego as the headquarters location, while a 2023 acquisition announcement lists Dallas, Los Angeles, New York, and Texas as operating locations, indicating a multi-site U.S. footprint.^[3][4]

📅 Year founded. Evolve MGA has specialized in underwriting SME cyber insurance since 2015.^[3] A 2019 trade profile corroborates a circa-2015 launch and states the firm had doubled its book annually in the years following (historical claim, not independently validated).^[5]

🛡️ Business model and licensing. Evolve MGA positions itself as a cyber-focused MGA with full underwriting authority, offering cyber liability and technology E&O products.^[6] The company publishes a California insurance license number (0K40961) on its website.^[4] A publicly filed 2021 surplus-lines policy document shows insurance effected through CFC Underwriting Limited as coverholder, with a binding authority structure tied to a Unique Market Reference, providing direct evidence of Lloyd's delegated authority distribution for at least part of the historical book.^[1]

🏛️ Ownership and acquisition. Evolve MGA was acquired by Nexus Underwriting, with completion announced in July 2023.^[3] At the time of announcement, Nexus was described as a wholly owned subsidiary of Kentro Capital Limited.^[3] Brown & Brown, Inc. subsequently completed its acquisition of Kentro in October 2023, integrating Kentro into Brown & Brown Europe operations and placing Evolve MGA within a larger broker-controlled specialty platform.^[7]

📊 Scale indicators. The acquisition announcement disclosed over 3,000 retail broking partners and approximately 6,000 policyholders, and stated that the acquisition introduced the Evolved NexGen cyber policy supported by Lloyd's of London across all 50 U.S. states.^[3] The 2021 Rhode Island annual report lists Dan Carraher and Bryan Costello as managers of the entity.^[2]

👥 Founders. Brothers Michael Costello and Patrick Costello co-founded Evolve MGA and are described as fourth-generation insurance professionals.^[3] A 2020 agent-association profile states Patrick obtained a property and casualty license in college, interned at Lloyd's, trained at ACE Group, earned the CPCU designation, and worked as a professional liability underwriter before focusing on cyber; Michael worked as a retail producer and received multi-year cyber specialty training at Lloyd's.^[8]

🎙️ Underwriting philosophy. A 2019 trade interview quotes Patrick emphasizing wire transfer fraud and social engineering coverage while criticizing cyber policy "warranty statements" as a claims-denial risk; the same interview claims eight U.S. offices at the time and annual book doublings since 2015.^[5] The acquisition announcement quotes Adam Kembrooke as CEO and President of Nexus Underwriting U.S. in connection with the transaction.^[3]

⚠️ Leadership continuity. A 2025 public post from Patrick states it was his last day with the company, indicating at least one founder departure post-acquisition.^[9]

🔗 Ownership pathway. Evolve MGA was acquired by Nexus Underwriting in July 2023; Nexus was then owned by Kentro Capital Limited, which was subsequently acquired by Brown & Brown, Inc. in October 2023.^[3][7] No venture rounds, valuations, or equity raises were identified in primary sources reviewed; the sole disclosed capital event is the acquisition, whose financial terms were not published.^[3]

🏆 Awards as commercial signal. Evolve has received multiple Advisen (Zywave) Cyber Risk Awards: "Cyber Newcomer of the Year" in 2019,^[10] "Cyber Risk MGA" winner and Patrick as "Cyber Risk Industry Person of the Year — Americas" in 2021,^[11] and "Cyber MGA of the Year" in 2022.^[12] The acquisition announcement describes Evolve as a three-time Cyber MGA of the Year winner.^[3]

🎯 Customer segments. Evolve MGA markets to SMEs with cyber risk exposures up to $250 million, with some classes up to $500 million, spanning a broad industry appetite including banks, credit unions, hospitals, physician practices, municipalities, local government, private equity, venture capital, insurance intermediaries, and various professional services.^[6][4] This breadth suggests a generalist SME and lower mid-market underwriting posture rather than a narrow vertical specialization.

📋 Policy form and structure. Post-acquisition, Evolve offers the Evolved NexGen cyber policy supported by Lloyd's across all 50 states.^[3] A publicly filed 2021 policy specimen references wording version "EVO4.0" and provides a cyber incident response line associated with CFC.^[1] The historical specimen includes an unlimited retroactive date and an optional 12-month extended reporting period at 100% of applicable annualized premium, both typical claims-made structural elements.^[1]

🔒 First-party coverages. The EVO4.0 schedule includes cyber incident response sections for incident response costs, legal and regulatory costs, IT security and forensic costs, crisis communications, and privacy breach management costs, each at a $3,000,000 each-and-every-claim limit with varying deductibles, plus a $50,000 post-breach remediation sublimit.^[1] The current product page lists 24/7 hotline support, breach costs, forensic costs, legal breach advice, and PR/crisis management as included features.^[4]

💳 Cybercrime and social engineering. The current product page lists social engineering, invoice manipulation and impersonation fraud, electronic theft of third-party funds, theft of funds held in escrow, cyber extortion, and telephone hacking as covered perils.^[4] The EVO4.0 specimen provides explicit sublimits including funds transfer fraud ($250,000), theft of funds held in escrow ($250,000), theft of personal funds ($250,000), extortion ($3,000,000), corporate identity theft ($250,000), telephone hacking ($250,000), push payment fraud ($50,000), and unauthorized use of computer resources ($250,000).^[1]

🏗️ Business interruption and system failure. The current product page indicates business income loss with a stated six-hour waiting period, 12-month reputational loss coverage, supplemental extra expense, and "bricking" coverage.^[4] The EVO4.0 schedule shows system damage and business interruption at $3,000,000 limits for system damage/rectification and income loss/extra expense, with a $1,000,000 sublimit for system failure; dependent business interruption at the same structure; reputational harm at $3,000,000; claim preparation costs at $25,000; and hardware replacement costs at $3,000,000.^[1]

⚖️ Third-party coverages. Network security liability, privacy liability, regulatory penalties, and PCI liability are included per the current product page.^[4] The EVO4.0 schedule shows these as aggregate-limit insuring clauses at $3,000,000 with a $5,000 deductible, alongside management liability, regulatory fines, and PCI fines/penalties/assessments.^[1] Media liability and intellectual property rights infringement appear in the historical specimen within an aggregate-limit framework.^[1]

💻 Technology E&O. The EVO4.0 specimen explicitly states "Technology Errors and Omissions: NO COVER GIVEN" within that policy form.^[1] Evolve separately markets a standalone Technology E&O product covering IT consulting, MSPs, SaaS, software development, telecom services, and related technology operations.^[13]

🚨 Historical claims ecosystem. The 2021 EVO4.0 specimen designates CFC Underwriting Limited as cyber incident manager and lists an approved claims panel including Wilson Elser, Context Security, Kivu Consulting, CrowdStrike, DOSarrest, Mullen Coughlin, and Clyde & Co, signaling a structured managed-response model.^[1]

📞 Current claims handling. The current product page states rapid response claims handling through McDonald Hopkins and provides a dedicated incident email for NexGen policyholders.^[4][6]

🔍 Pre-bind services. Evolve provides risk vulnerability scans and reports and states that each policyholder receives a comprehensive risk assessment with their quote.^[4]

📱 Policyholder tooling. An in-house mobile app offers 24/7 dark web monitoring, network deep scanning, phishing simulation campaigns, free forensic expert advice, and instant claims notification.^[14] The cyber product page links to a Data Breach Calculator hosted on eRiskHub infrastructure, based on a proprietary formula developed by NetDiligence and its insurance industry partners.^[4][6]

🤝 Vendor partnerships. The policyholder risk management page lists vendor relationships including Upfort (Upfort Shield trial and discount), Avail, BlackFog, ControlCase, eSentire, and Coro, forming a curated cybersecurity partner marketplace for policyholders.^[15]

🌐 Retail broker model. Evolve operates a direct-to-retail broker distribution architecture, with the acquisition announcement citing over 3,000 retail broking partners.^[3] A 2020 association profile describes outreach through broker training, marketing materials, and in-person seminars, with a production team spending significant time in retail agencies.^[8] The company's appointment page targets brokers directly, framing itself as "trusted by thousands of brokers across the country."^[16]

🇺🇸 Geographic footprint. Evolve states nationwide U.S. availability across all 50 states for the post-acquisition NexGen policy supported by Lloyd's.^[3] No evidence of non-U.S. underwriting operations under the Evolve MGA brand was found in reviewed sources.

📜 Licensing and authorization. The company publicly displays a California insurance license number and operates through national broker relationships.^[4] The 2021 policy specimen is classified as surplus lines, with Patrick listed as surplus lines broker.^[1] The policy certificate evidences a Lloyd's delegated authority pathway via CFC as coverholder.^[1]

🏦 Current capacity. Post-acquisition, Evolve states the NexGen policy is supported by Lloyd's of London across all 50 U.S. states.^[3]

📄 Historical panel. A 2021 surplus-lines tax filing page within the EVO4.0 specimen provides granular evidence of a co-insurance structure spanning Lloyd's syndicates (with percentage participations) and non-Lloyd's insurers including Zurich Insurance plc, HDI Global Specialty SE, XL Catlin Insurance Company UK Limited, and Fidelis Underwriting Limited.^[1] CFC Underwriting Limited served as coverholder and cyber incident manager, a role typically paired with delegated underwriting authority and controlled claims response.^[1]

🔗 AXA relationship. The 2021 specimen lists XL Catlin Insurance Company UK Limited as an insurer participant; AXA XL identifies AXA XL Insurance Company UK Limited as formerly XL Catlin Insurance Company UK Limited, following AXA's completion of the XL Group acquisition in 2018.^[1][17] No evidence was found of AXA Venture Partners, Kamet, or AXA-entity distribution partnerships, nor of founder employment ties to AXA.^[8]

🤝 Broker association partnerships. The Florida Association of Insurance Agents partnered with Evolve to provide coverage through the EVO 3.0 cyber policy to its members, listing specific coverage highlights as part of that arrangement.^[18]

🧭 Category positioning. Evolve is classified as a U.S. cyber-focused MGA built around retail broker distribution at scale, packaged coverage emphasizing broad first-party protection and cybercrime/social engineering scenarios, and bundled cybersecurity partner resources with an incident-response workflow.^[3]

💡 Claimed differentiators. Evolve's product comparison table highlights unlimited reinstatement on first-party coverage, breach response costs outside the limit, and full prior acts as distinguishing features.^[4] The historical specimen corroborates these claims through its unlimited retroactive date, defined waiting period mechanics, and multiple cybercrime sublimits.^[1] The partner ecosystem and mobile app reflect an insurtech-adjacent service layer.^[14]

🏁 Peer benchmarking. Full-stack cyber platforms such as Coalition and At-Bay typically emphasize proprietary security telemetry and continuous control monitoring as underwriting differentiators — capabilities not demonstrated as proprietary by Evolve in public materials.^[4][19] Cowbell Cyber and Corvus Insurance are positioned around analytics-driven underwriting, whereas Evolve's strengths appear more anchored in broker education, claims ecosystem breadth, and coverage design.^[19] Evolve's historical linkage to CFC as coverholder and incident manager implies structural proximity to CFC's operating model of delegated authority plus managed response.^[1]

⚡ Capacity concentration. While the 2021 specimen evidences a diversified panel spanning Lloyd's and non-Lloyd's insurers, the current positioning emphasizes Lloyd's support; a shift in Lloyd's appetite, delegated authority performance management, or capacity retrenchment could create volatility in available limits, pricing, and underwriting guidelines.^[3][1]

🔧 Claims and response dependency. The EVO4.0 specimen shows a structured response model centered on CFC, while the current NexGen process references McDonald Hopkins, creating operational dependency on third-party claims and vendor ecosystems across policy generations.^[1][4]

🌊 Aggregation and systemic exposure. The portfolio is described as one of the larger SME cyber portfolios in the U.S., implying exposure to correlated events such as ransomware waves, supplier outages, and systemic vulnerabilities.^[3]

👤 Key-person risk. Patrick Costello's public departure creates key-person continuity risk given the founder-led identity prominent in earlier materials and awards, raising questions about underwriting philosophy continuity and distribution retention.^[9]

📝 Regulatory and compliance risk. Evolve publicly discloses a California insurance license number and operates across states including surplus lines placements; formal multi-state licensing confirmation and any administrative action history were not located in accessible regulator registers.^[4]

🧩 M&A-driven trajectory. The acquisition by Nexus and subsequent integration of Kentro into Brown & Brown indicates a platform strategy oriented toward consolidated specialty underwriting capabilities and distribution leverage across geographies and lines.^[3][7]

📢 Distribution scale. A core strategic pillar is building and defending retail broker distribution scale, anchored by the disclosed base of over 3,000 broking partners.^[3]

🛡️ Product differentiation. Evolve seeks to maintain differentiation through broad cybercrime and first-party coverage features and claims response capabilities, complemented by curated cybersecurity services, policyholder tooling, and vendor partnerships.^[4][15]

• Cyber insurtech MGAs and underwriting agencies