On the fields of computer networks, network security and cybercrime, Jim Goldman has built his career around his ability to predict the future.
In the pre-Internet era of the late 1980s, Goldman was looking for ways for remote computers to communicate with each other. Back in the early to mid-1990s, when the Internet was first coming into use, people were already thinking about network security — a topic few people discussed at the time, Goldman said. “At the time, people thought I was paranoid — out of my rocker — because no one saw the need for it.”
Now Goldman thinks it has found a new Next Big Thing. He is co-founder and CEO of Trava Security Inc., an Indianapolis-based tech startup operating in the evolving field known as insurtech.
Trava, which was launched from Indianapolis-based venture studio High Alpha in 2020, tackles the cybersecurity problem from three angles. Its software platform helps customers identify their risks, and Trava also works with customers to help them address those risks. The link to insurance – and the area where Trava sees the greatest potential for growth – is in using collected data to help buy cybersecurity insurance.
“We mainly help [insurance carriers] collect the data needed to subscribe to the policy,” said Rob Beeler, Goldman co-founder and longtime CTO.
An evolution of subscription
Currently, a business applying for (or renewing) cyber liability insurance coverage will likely need to complete an application that could ask 100 or more questions about the applicant’s computer network and cybersecurity practices.
The problem, Beeler said, is that applications can be confusing and difficult to complete, especially for small and medium-sized businesses that don’t have in-house IT professionals.
Online threats are also constantly evolving, meaning information gathered through a traditional application process can quickly become irrelevant or outdated.
By gathering real-time information about a customer’s actual network and practices, Beeler said, “we believe we can get more accurate answers and more accurate data than just asking a layman, ‘Do- you these things?”
Over time, Trava expects the data to be integrated into the cybersecurity underwriting process in the same way it is already used in auto insurance. Many car insurance companies, for example, offer policies in which an insured’s driving habits are tracked in order to obtain discounts for safe driving.
“I just think that’s where the market is going,” Beeler said.
Trava supporters think so too.
“In two to three years, I expect the majority of cyber insurance policies to be written off data, not paper applications,” said Scott Dorsey, managing partner of High Alpha.
High Alpha launched Trava in early 2020, and in March 2021 High Alpha Capital participated in a $3.5 million seed funding round led by TDF Ventures, based in suburban Washington, D.C. TDF and High Alpha Capital also participated in Trava’s second major capital raise, a $4.5 million funding round that ended last month.
Trava grew out of a High Alpha Sprint Week, a periodic event where the venture capital firm explores business ideas that could serve as the basis for startups.
How did the idea that became Trava make it to Sprint Week? Credit goes to TDF Ventures. This company focuses on start-up business-to-business technology ventures, and one of its focus areas is cybersecurity.
TDF Director Matt Bressler wanted to find a better way to protect businesses from online threats. Companies are spending more on cybersecurity, but data breaches are also on the rise, Bressler said, and cyber liability insurance is becoming harder to obtain and more expensive.
“It’s a growing market where people are buying the product, but nobody really likes what they’re getting,” he said.
Bressler couldn’t find the right cybersecurity company to invest in, so he shelved the idea for a while.
TDF also likes to invest outside of the large coastal markets of New York and California. The company had made deals in Pittsburgh and Chicago and decided to investigate Indianapolis. While on a trip here, Bressler connected with High Alpha and realized the company might be interested in developing his cybersecurity idea.
Bressler therefore participated in a Sprint Week in early 2020, just before the start of the pandemic.
Goldman got involved through his relationship with Dorsey. The two had known each other from their time at ExactTarget, the Indianapolis marketing technology company Dorsey co-founded that was later sold to Salesforce. Goldman had joined the company in 2011, and by early 2020 he had become the second-ranked head of security governance, risk management, and compliance across the Salesforce organization.
Prior to joining ExactTarget, Goldman spent 20 years at Purdue University, where his early interest in networking and cybersecurity led him to develop the university’s programs in networking engineering, information security, and in cybercrime. Goldman also developed and ran the Purdue Malware Lab, which focused on researching malware and developing strategies to protect against it.
Thanks to his malware research, Goldman was also appointed to the FBI’s Cybercrime Task Force, a role he served in from 2009 to 2014.
So Dorsey asked Goldman to attend Sprint Week as a subject matter expert who could help High Alpha refine its cyber insurance business idea.
“Jim helped us shape the idea in a really deep way,” Dorsey said.
As Sprint Week progressed, Goldman was enthralled with the business concept. During his time at the FBI, he had seen the financial devastation that cybercrime could wreak on small and medium-sized businesses, which lacked the resources to bounce back like large corporations could.
“When Scott first started doing this, I said, ‘Oh, that’s exactly where my passion is,'” Goldman recalled. “I said, ‘Scott, I want to run this business for you.’ “
High Alpha introduced Goldman to Beeler, who had 30 years of experience leading software teams. He lived in Boston and wanted to move back to Indianapolis.
Beeler also saw the appeal of the concept that became Trava.
“I was really drawn to the mission of helping small businesses protect themselves,” he said. “It felt like a problem that was definitely worth solving.”
Beeler is 57 years old. Goldman declined to reveal his age. Dorsey said the co-founders, with their decades of experience, are exactly the right people to lead Trava.
“When we think of the [cybersecurity] industry, it’s all about trust,” Dorsey said. “I don’t think this is a business you can build with young, inexperienced founders.”
Trava was quietly launched in May 2020, before publicly announcing its launch in December.
The company has rolled out its various offerings in order, one thing building on the next. She started by offering cybersecurity consulting as a way to generate income while working on her software platform.
Trava’s risk assessment platform was launched in December 2020. The following month, it began acting as an insurance broker, offering cyber insurance cover through an insurance wholesaler . In May 2021, after Trava collected customer data through its software platform, the company began using that data in the underwriting process.
The company’s current effort – and the one it says will help the business get off the ground – is recruiting insurance brokers and agents who can access Trava’s platform as a tool to sell cyber insurance coverage to their customers. These customers could also decide to become Trava customers.
Brokers, Goldman said, are essential. This is because, through brokers, Trava can reach many more potential customers. “For every insurance broker we sign, we add between 100 and 1,000 clients.”
Currently, Trava works with 12 insurance brokers who represent hundreds of agents. By the end of next year, Trava’s goal is to have signed agreements with 100 brokers.
Trava declined to discuss its revenue numbers, but Goldman said cyber insurance currently accounts for about 20% of Trava’s total revenue. Over time, the company wants to develop this so that cyber insurance is its main source of income.
Trava is one of a number of companies working in the insurtech space.
Reid Putnam, vice president of property and casualty at Indianapolis-based Gregory & Appel Insurance, cited California-based companies At-Bay, Coalition Inc. and Cowbell Cyber as other examples of insurtech startups. All three have been founded since 2016.
“They mix insurance and technology,” Putnam said. “It’s all kinds of variations on the theme. They all do something a little different.
At the same time, cybersecurity firms are also reaching out to insurers because they see business opportunities in making their cybersecurity data available, Putnam said. “Carriers are increasingly leveraging cyber scan reports to inform their underwriting process.”
But it will take time before cybersecurity data is fully integrated into insurance underwriting, he said. This is partly because cybersecurity is a relatively new type of insurance and insurers are still looking to address an ever-changing threat landscape.
Last month, for example, the Wall Street Journal reported that Lloyd’s of London Ltd. will ask its insurer groups next year to exclude state-sponsored cyberattacks from stand-alone insurance policies.
“The cyber insurance market is still trying to figure out what are the basic duty of care requirements that any insurer should have?” said Putnam.
#Trava #Security #sees #great #potential #cybersecurity #insurance #market #Indianapolis #Business #Journal