RHS 109 - How to Sell More Cyber Insurance with Pat Costello

Top reasons your dog wants you to move to Ohio.

Amazing dog parks to stretch your legs.

All four of them.

Dog-friendly patios.

Even gourmet hot dogs loaded with the good stuff.

Bon appétit.

And Ohio has so many high-paying jobs, you'll be top dog in no time.

Jobs in technology, engineering, science, advanced manufacturing, and more.

The career you want and a life you'll love. Have it all in the heart of it all.
Go to callohiohome.com. I need directions for paying down debt.
Starting route. Apply for a SoFi personal loan and consolidate your debt into one fixed payment.
Turn right into a positive outlook and get $5,000 to $100,000 as soon as the same day you sign with no fees required.

Got it. You could get out of high interest credit card debt with a SoFi personal loan.

View your rate at SoFi.com slash debt in 60 seconds with no impact to your credit score.

Loans originated by SoFi Bank and A. Member FDIC.
Terms and conditions and welcome back to the show.

Today we have a tremendous episode for you, a conversation with Pat Costello, co-founder and CEO of EvolveMGA, one of the most comprehensive cyber specialist carriers in our industry. And Pat is doing some really interesting things.
And what I love about EvolveMGA is that they're trying to educate and bring cyber to the agency force, right? I mean, too many of us are not selling enough cyber. I get it.
It's not an easy sell. It's tough to lead with cyber.
Oftentimes, our commercial clients are looking at cyber as a luxury. And I've said it before, and I'll probably end up saying a thousand times, but in the very near future, cyber could be a more important coverage than general liability in protecting particularly small business, but really all business.
And I think we're doing our clients a disservice by not pushing cyber harder. And what I like about EvolveMGA is that they are working to create a comprehensive program, but also educate agents and educate consumers on why cyber is important.
And Pat's just a good guy, very dynamic, enjoyed this conversation. I think you're going to get a lot out of it.
And it's conversations like these that really is why I love doing this

show because we're talking a little bit about business, a little bit about insurance, nerding

out on some coverage stuff. It's just all around an episode I think you will love.
Before we get

into our sponsors though, I just want to say something that I know every once in a while I

reiterate, but I just want you to know, I love you guys for listening to this show. I really do.

We are absolutely cranking at Rogue and we got a million things going on, and it is getting harder and harder to find time to create these episodes. That all being said, I'm dedicated to continuing to bring you this show because it seems to help.
I love your feedback. I hope it does.
You know, it just, it is such an honor. You know, and I feel it as a, as a, as a prerogative is the wrong word.
Obligation is certainly the wrong word. Feel it is my, maybe I guess I feel it is an obligation to give back to the industry in some way through these conversations in whatever way they may add value to you.
So I hope you continue to enjoy them. I just want you to know that it does not get past me, that you're choosing to listen to this show versus other shows versus other pieces of content that exist.
And I take the responsibility to help add value to your life very serious. And I just appreciate you listening.
So all right, with that, I want to give a quick shout out to Podium. Podium is kind of changing the game for how we collect leads here, how we communicate with our customers.
The web form to text functionality is incredibly powerful. We're getting, you know, we're almost at like 100% response rate for leads that come through the kind of Podium widget on our site.
They have a ton of other options, including payment options and all kinds of different things. Podium is one of those tools that I say, whether you choose to use Podium or not, you need to know what it does.
It's a tool to just understand its functionality. Maybe today isn't the actual day that you purchase or need the tool, but I think it's a type of functionality that you're going to want to have in your agency at some point.
And Podium's been a great partner for us. They really have.
I'm not always sure what you're going to get out of a partner when you first start working with them. And we use Podium every day.
And they've just been great. And I've enjoyed them both as a sponsor of the show.
I've enjoyed getting to know the people there. And I've enjoyed using them in my agency.
go to podium.com, reach out to Podium, let them know Hanley sent you and just get the demo, understand what they're doing. And if you like the tool, use it.
I do. All right.
With that, let's get on to Pat Costello of EvolveMGA. Yo, dude.
Hi. What's up, man? How are you? I'm good.
Yeah? Just, uh, you know, trying to get stuff done. Another day in the neighborhood here.
Yeah. Are you in upstate New York right now? Yeah.
Yeah. Yeah.
Yeah. We, we, so the agency is based here.
This is where I live. It's actually where I grew up too.
And I, my, I have teammates across the country in the world, which is the new, the new thing for, for, I think probably for a company like yours, that's not necessarily unique, but for a lot of brokers and agencies in particular, you know, I tell people like, Oh, you know, my producers in Chicago and I have a client success person who's down in Florida and I have a VA in the Philippines. I'm like, wow, what? Yes.
That is totally unique. You know, it's just, it's an interesting, it's an interesting thing.
Finding the right people to operate in that kind of ecosystem is, is definitely interesting. Totally.
And I get, I will say it was a huge learning experience with COVID happening and learning how to manage a remote culture and make sure people are happy, motivated,

performing, you know, all that stuff was, was a learning experience. So I, and I think we're, we're better off for it now that we're kind of coming out of it.
So yeah, man, we definitely went through some interesting experiences. I think it's been, and I'm interested in your take for me, you know, we were, we were always remote, right? Like I think I would love to have a home base someday.
We have a coworking space that kind of is our home base, but I would love to have a place where like, Oh, you know, bye honey. I'm going to the office.
You know what I mean? Like that kind of thing. Like that would be nice to have set that kind of separation.
Yeah. Have just a place where all our mail goes instead of the floor of my basement office.
And, you know, I think that would be nice at the same time, you know, we haven't had to deal with, well, how do we judge performance in a remote work environment? Cause we never had an in-person work environment. So those aren't even questions.

Like it's just, we have our way of judging performance and talking through things.

And we use the EOS system.

I don't know if you're familiar with the entrepreneur system.

So we use EOS.

And when you have a system for tracking performance

and you stick to it,

it's not necessarily any more difficult

with remote employees. But I do think if you have a standardized in-person culture to go remote is probably a huge shock.
Yeah. I think there's two areas where I'm like, I think having people in an office environment are huge.
One is like sales motivation. And, and, um, you know, if you have,

you know, if you have, uh, you know, a few sales folks, I love having them together in the same room to kind of motivate each other and feel the energy, feel the vibes. And we've seen our best sales folks have been in rooms with other sales folks that have been on islands have been a little bit slower and there's anomalies,

but I think, you know, if I had my preference, I'd like to have the sales folks on like a sales

floor for us underwriting as well. A lot of times it's really advantageous to have underwriters that

are kind of chatting about a risk to make sure they're fully understanding, comprehending

all the exposures associated. But just general, like, I think employee happiness and bonding and excitement about the workplace and what we're doing as a team and connecting with individuals outside of the, you know, normal, you know, I need to get this quote done.
I need to, you know, talk to this person about this risk. I need to do that.
It's, you know, it's the whole personal side of things where it's like, Oh, like, how was your day? What's going on? What are you doing for dinner? What are you doing for lunch? And that personal side of things, I just think makes it so much more fun. Yeah.
Which is kind of the culture that we're trying to cultivate.

I agree with that. I would, I would prefer in person, you know, I have, but I struggle with too,

you know, and this is nothing against anyone who listens to this, who lives in Albany, but

you know, this isn't like a bastion of insurance talent here. Not that there aren't incredibly

talented people, but this isn't like a place where one, it's not a huge market to begin with. Two, a lot of the all the colleges are geared more towards engineering.
Just we have RPI, we have union, our everything is kind of evolved around that. I mean, University of Albany is a liberal liberal arts college.
But most people who go to University of Albany do not stay here in Albany. They leave.
That's a problem that we have. So it's not like it's difficult to find people who are motivated to come in and work in an insurance agency, which, you know, even though there are most days, it's hard for us to even consider ourselves that it, it, it is, you know, it's still kind of is what it is.
You still have to have the licensing. And then in this space, like right here, like locally, like it's, it's been, it was a huge challenge.
And it wasn't until I started opening up our search to the, to the, basically the entire country that we started to find people who really fit our culture, believed in what we were doing. Like it became, you know, we got to really pick.
So I go back and forth on it. Like there's part of me that's like, I don't care where you live.
If you're working hard, if you believe you show up to the meetings, you do your work. I love it.
The other part of it is like, I would love to bump into everyone every day and know like what they're up to. Cause I do kind of like, I like the people that are on our team and we just don't get to see each other that much, you know? Yeah.
Yeah, totally. Um, yeah, it's, it's we, with our HQ here in Santa Fell, we've opened it back up and we have, you know, around 20 people kind of floating around here and just, it's been a total change because I was so used to work on my own, no interruptions, no distractions, no people come and ask me questions.
And, uh, so now I'm'm back now we're now we're fully up and running and it's like buzzing downstairs like yeah it's exciting it's fun and um but I'm totally like I don't have the solitude that I had to just focus on a project so that's really interesting the transition there but um if I had to choose between the two, I would just love to have, you know, full on office environment going. And then, you know, strategic days where now, because now it's like, like, I love the home office setup that you have, like, just what I can see from my screen behind you.
That's kind of what I've set up at my home office. Yeah.
And it's like, I spent all of COVID, like dialing the perfect home office And so now I'm like, now I'm like torn between the two. So yeah, a couple days here there to work from home, I think is a good thing.

There's definitely part of me that like we will eventually get an office at some point, probably in the next 12 months at some point.

And there's part of me that's like this space is so highly functional.

Right. Like I have video studio.
I can do a podcast. I can do videos right here.
I have a creative computer, which you can't see. So like I have a two screen window set up here for like insurance and business specific stuff.
And then I can swivel to my right 90 degrees. And here's my, you know, my, we'll call it creative computer, like Mac.
It's my Mac. It's got the, uh, you know, where I do all the videos where I do all the podcasts, like any of that kind of stuff.
And then if something's going on on this computer, I have another one right here. And then I got all this stuff.
I'm like, this is so functional. Like I can be 150% functional here.
And there's no way if we go to an office that I can have this same setup. Like it just won't happen.
It's the command center. Yeah.
Yeah. That's what it is.
Yeah. So it, um, I've, I've just basically said, when we go to an office, I'm not changing anything here.
I'm just going to get new stuff. I'll just get new stuff for the office.
Like this is staying exactly the way that it is. Yeah.
Yeah. I, I, I love it.
I have the same mindset. Yeah.
So, you know, I didn't, uh, as this is interesting, I didn't bring you on here to shoot shit about home, you know, remote versus home. You know, I'm interested in what you're doing.
I'm interested in your backstory. I know you've done a lot of podcasts and people have followed you.
Maybe there's some people who haven't heard your story. So maybe just if you could give us the 10 cent tour on getting, on founding Evolve and Evolve in general.
I mean, obviously, I'll do a little intro so they'll know kind of the basics, but I just want to catch people up so we can get to some more fun stuff. Absolutely.
If we're talking about my story and the founding of Evolve, I think it kind of it goes back to really growing up because my brother and I were fourth generation into the insurance industry. So we grew up working for a dad who was a retail agent in Northern California.
He owned his own agency and we would go in and work for him literally in high school, kind of just doing like administrative tasks. And in college, we ended up getting our PNC licenses, doing a little bit of selling.
My brother's 18 months younger and he's who co-founded Evolve with me. But in college, we also were able to intern at Lloyd's of London for a Lloyd's wholesale broker called Safe Online, which was really, really unique experience for all the agents that are listening.
Totally recommend going and checking out Lloyd's of London when you get the chance. It was really kind of the birthplace of insurance.
A lot of history there, very traditional environment, very fun, fun environment. And so we interned there for a summer and coming out of college, my first job was as an underwriter for ACE in San Francisco in the professional liability department.
My brother's first job was working for that same Lloyd's Wholesaler that we interned with, so we were kind of going down our respective paths, and I think both of us, we were always very entrepreneurial. We were always very independent.
I think in my personal experience on the carrier side of things, I was in working for a huge company and I didn't see a lot of ways where I could control my own destiny. I didn't see it.
There wasn't a ton of role models that I had access to that was like, I want to be like that. You know, I was, I was working hard and I, you know, didn't see a lot of people noticing what I was doing and the potential to move up and grow and come into my own wasn't necessarily available.
And so my brother and I started kind of looking at what's the next thing we're going to do. And cause he was kind of feeling similar ways in a much smaller organization where he was kind of, you know, ready to move on.
And so we started pitching different ideas to mentors. And we had a mentor that, you know, helped us kind of plan out and recommend the business model that we have today, which is Evolve MGA.
And so Evolve is a cyber insurance specialist. At the moment, all we do is cyber insurance.
We are a market for retail insurance brokers. So if there's an insurance broker that wants to get a cyber quote, we have one of the most comprehensive cyber policies that currently exists, which is a big statement to say right now, because the cyber market is getting harder and harder.
Claims are going up, particularly ransomware. And it is getting tougher and tougher for folks to get quality cyber coverage.
And from a retail broker perspective, one of the biggest issues that we see is understanding the exposures and then also understanding the quality coverage. And from a retail broker perspective, one of the biggest issues that we see is

understanding the exposures and then also understanding the quality coverage and having

those conversations with your clients. So we've done everything we can to make it as simple as

possible for a broker to show their client that they have tremendous exposure, which they do,

right? Which it should be explicitly clear at this point, but if there is any issues with that, we're really focused on that education. So, showing someone in a particular industry why they have tremendous cyber exposure with claims examples.
And then I think our, our quote proposals are really well laid out to out to really explain the exposure, explain the coverage.

And I know our team is always there to answer any questions.

But Ryan, we've gone so far down the education rabbit hole that our team, like our production underwriting team has in a given year, we'll do over 2000 educational face to face interactions, breaking down exposure, talking about a particular industry and their exposure, breaking down coverage, et cetera, breaking down the state of the market. So on top of that, in November, we're going to be hosting our second cyber sales Academy, which is going to be super cool.
We have Frank Abagnagnale from the movie cast me if you can coming to speak who a lot of people know him for check fraud but he also specialized in cyber security um wire transfer wire transfer fraud social engineering stuff like that which is the the second most common claim we see behind ransomware so he's going to be there we're going to going to be doing an event at the Cowboy Stadium. And so it's Dallas center, center of the country.
So we're going to have people come in from both sides. And so we're planning for about a hundred agents.
So we're about to release that, but education is huge. Comprehensive cover is huge.
And then we're always working on how we can better our service. So that's kind of a summary breakdown of how we started and what we're doing today.

It's been about six years since we were founded.

Why do you think that agents still sell cyber like it's a luxury and not like it's a necessity? I think the insurance industry and the way it's set up with renewals breeds an attitude of complacency for along with the fact that there's a pretty big age gap in the insurance industry. So you have these producers that have built these books over a number of years and they have renewal income that's coming in at a 90% rate or higher, not a ton of motivation to learn about a new complex product that isn't a high revenue producing line of business, especially a product that's changing all the time.
It's evolving. Um, so I just think the, the motivation isn't always top of mind, but I think the fact that claims are coming in, the market's getting hard and clients are now asking about this all the time.
I think that's going to be changing. I also will say it's a complex product.
And when you say cyber insurance, people can confuse it with techie, you know, they might think about the Internet. They might think about, you know, computers.
But if I were to break cyber insurance down to one sentence, cyber insurance is coverage for the costs associated with hacking attacks, data breaches, and system failures. Those are the three major triggers that I want people to remember.
So if you can break it down to one sentence, it makes it a lot easier to communicate to your clients. And that's, that's one of the big purposes of sales academy.
And simplification, I think is really key to make sure clients truly understand why they need this. Yeah.
It's funny. I think a lot of times people still think like, oh, I don't take credit.
I got people like, I don't take credit cards. So I don't need cyber insurance.
It's like, that was like insurance in 2005. That's not even close to what we're talking about today anymore.
And the fact that – so cross-selling cyber insurance, now, again, we're still getting started as an agency. So it's not like I can talk in like thousands when we talk about volume.
But cyber insurance is a huge part of our cross-sell process. And we know that a lot of times at the initial point of sale, you're not going to get that cyber purchase.
And where I think a lot of agents fall down is because at the immediate sale, when you're selling the BOP or the comp or maybe the commercial auto, whatever, because maybe cyber feels like an additional policy at that time. Oftentimes you get a, well, let me think about it.
And then they never get back around to it. So we've actually built three touch points into the course of the year post initial sale if they don't purchase a cyber policy at the point of contact to retouch on what those are.
And, you know, I firmly believe that we could be looking at, and I don't know of any legislation that's happening, maybe you do. But I do think in the next five to 10 years,

we could look at something where cyber liability becomes a mandated coverage,

much like having a worker's comp or personal auto,

only because it is absolutely insane what's happening out there.

And if agents are unaware of what's happening,

then just do a simple Google search.

I mean, you can't.

It is like every single day. I had a guy call me, and I don't know if I've told the story on the podcast before or not, but I had a guy call me because I've done a lot of cyber videos.
And he said, Hey man, I hope you can help me. I'm having a really tough time.
I said, well, what's up? He said, well, I just had a cyber incident, put me out of business and I'm hoping you could help me. I was like, well, I'm not really sure.
This would have been a good call before the claim happened, before the incident. But so he said, you know, I have a cyber policy and that policy covered tearing down.
So basically he had a ransomware attack, except when they left the system, they just destroyed the system as they were leaving the system. So it wasn't just like, oh, you're unlocked.
They just absolutely obliterated everything on the way out. There's all kinds of like, I don't know what you call them, but there's all kinds of like hooks and malware things like embedded in this.
And I don't mean destroyed it. Like they tore it apart.
I mean, like there's just all kinds of crap that they left,

like keystroke finders and stuff that were stuck in the system.

So they had to get rid of everything.

And that cost about $600,000, which the carrier that he had,

actually the cyber company paid for it.

So, okay, great.

You know, you'd think, listen to him going, okay, this sounds good.

He's up and running.

Two months later, he's got all his equipment back. Like, yes, he lost some data, but he was able to recoup some of it cleanly.
And he goes, but I said, well, what happened, man? And he said, my two biggest clients canceled their contracts on me for breach of contract because there's no way that they could have stayed with me post a cyber claim. Because if we had had another one, they would have all been fired by their, basically he placed nurses was his business.
Okay. And, uh, and so I said, well, send me your policy.
Cause I know that reputation and so there's, there's certain hooks on the end of policies, which, which actually cover you for lost clients or lost business because of reputational hits after cyber claim.. And he sent it to me and sure as shit, they didn't, it didn't have that.
Right. So I, I felt bad.
I actually probably lied to him a little cause I didn't want to like completely, I just said, look, man, there, there are some endorsements. Not every policy has them.
Unfortunately you don't have them. There's not a whole lot you can do because you had this policy for two years and it just didn't have that.
And it's like that level of detail in cyber policies could have changed that guy's life. You know what I mean? Like if someone, if his broker or wherever he bought it, we didn't get into that.
I felt bad. I thought I was going to start crying.
You know, if someone had said, hey, look, there are, there are endorsements that you can add to the end of this policy, which could at least maybe help with some of the financial hit of losing major clients because of reputation post post claim. He just didn't have those things.
And now he went out of business. Ryan, I think the example that you brought up is phenomenal because you are touching on a few first party coverage sections that a lot of carriers or cyber markets do not pick up.

So the first one you mentioned is system damage and data restoration.

So cyber policies to take a step back are third party coverage and first party coverage.

Third party is typically based around someone making a claim against the insured for losing their information, some sort of liability coverage. First party coverage is for the costs that the insured is directly responsible for paying out based on someone hacking them.
So their system goes down, they need business interruption coverage, right? They need system damage coverage. If someone does exactly what you mentioned, where, you know, they can't use their system anymore and they need, they might need a, for example, in the insurance world, if someone hacks, you know, one of our agencies, they might need all the client information recreated because maybe that information is deleted or compromised or encrypted.
um and then beyond that um the the biggest areas where we see claims are crime, cybercrime. So ransomware, those extortion payments, social engineering.
And so those are the areas where cyber policies are getting more and more limited. So for all the agents out there, if you're offering a cyber policy, you want to make sure you have strong, comprehensive, first party cyber coverage.
And to throw a couple stats at you, I mean, ransomware attacks during the pandemic increased by 800%. The scary thing about ransomware attacks.
Go ahead. It's just insane.
It's so much. It's crazy.
It's crazy. the scary thing about ransomware attacks.
Go ahead. Go ahead.
It's just insane. It's so much.

It's crazy.

It's crazy. The scary thing about ransomware attacks is most people don't report them.
Because another thing that you mentioned is you're insured lost vendor relationships because there's a negative connotation with businesses getting hacked and that being out in the news. what a lot of times that that company has done everything they can from a cyber security

standpoint there's no no cybersecurity that is 100% effective. So it's kind of sad to see that there's this huge negative connotation in the public for, and obviously, you know, you want to make sure you're as secure as possible.
And some people are more responsible than others, but a lot of times there's just no control there. But the FBI gets about 4,000 complaints per day about businesses getting hit by ransomware attacks.
4,000. The scary thing is the majority of people don't report them because they don't want to have that negative connotation with their vendors.
One thing to be clear on, this guy was not my insured. He had just called me.
He would have had that, he would have had that coverage if he was my insured, but no, he did not. He was not, he just, he just called me because he found me on YouTube, but I just want to, but I did have an insured.
I did have an insured, have another claim. And this is just another example.
Cause I think a lot of, I think a lot of agents and this isn't a knock, like this is a coverage that in general is relatively new to that as an industry, we don't spend enough time on three. I think the way it was initially taught was so wonky that it was like impossible to understand.
Right. You just when this first hit, what, about a decade ago, like maybe 10, about 10 years ago.
Right. It really started to become, I mean, it existed before that, but it started to become a coverage that people were talking about.
And it just was like, I mean, insurance is boring enough. And then the people who are teaching cyber, like it was almost like they were purposefully making it more boring.
And it was just very tough to get your head around. So I think people struggle with selling it for a lot of those reasons.
I think that's changing. I think you guys are a big part of it.
And just the, you know, you got the podcast, you do a lot of podcasts, you have a lot of content, you can share a lot, you make it fun. It's just more inviting, which is a very good thing.
But that being said, I still feel like a lot of agents just don't understand how this can work. So I gave that one example, a claim that we thankfully avoided, but was very nearly a claim was actually, we had a wire fraud incident.
So I have a furniture store that I insure. Someone emailed one of his commercial clients with an invoice that said, hey, you owe us $50,000.
Can you pay the invoice? Guy doesn't even look at it, sees who it's from, forwards it on to his whoever. That person gets it, pays the invoice.
No big deal. Okay.
Two days later, he emails my client goes, hey, man, you know, I just got an invoice for you. And I didn't really think about it at the time we paid it.
But like, what was that for? What do we buy? And he's like, you don't know. You don't owe us any.
We didn't send you an invoice. So this is the thing that the tightly, the closely related, you know, email that if you actually look at the thing is different.
And then the email looked the same. The signature was very close in terms of, you know, Hey, my client president or whatever.
And then one, it's kind of weird. It's coming from the president.
So maybe that should have been a key, but he didn't, he didn't check it out. He's just going through his day fast for his email on.
She wires this money for this payment. And thankfully they were able to get all $50,000 back.
So the bank transfer hadn't cleared all the way. Cause it was international.
Like they didn't know, you know, and they were able to get the 50,000 back and they didn't, they didn't end up putting a claim and note and there was no loss. He got all the money back.
That's great. But, um, but that easily, that money easily could have gone off into nowhere.
And if that guy comes back and goes, Hey man, I need that 50,000 bucks. Then that's a cyber.
I mean, that's social engineering, right? I mean, am I describing a social engineering claim? What's up guys? Sorry to take you away from the episode, but as you know, we do not run ads on this show. And in exchange for that, I need your help.
If you're loving this episode, if you enjoy this podcast, whether you're watching on YouTube or you're listening on your favorite podcast platform, I would love for you to subscribe, share, comment if you're on YouTube, leave a rating review if you're on

Spotify or Apple iTunes, et cetera. This helps the show grow.
It helps me bring more guests in. We have a tremendous lineup of people coming in, men and women who've done incredible things, sharing their stories around peak performance, leadership, growth, sales, the things that are going to help you grow as a person and grow your business.
But they all check out comments, ratings, reviews. They check out all this information before they come on.
So as I reach out to more and more people and want to bring them in and share their stories with you, I need your help. Share the show, subscribe if you're not subscribed.
And I'd love for you to leave a comment about the show because I read all the comments. Or if you're on Apple or Spotify, leave a rating review of this show.
I love you for listening to this show. And I hope you enjoy it listening as much as I do creating the show for you.
All right, I'm out of here. Peace.
Let's get back to the episode. You're describing it exactly as what it is.
Social engineering is the most common claim we see behind ransomware. We have started to refer to it as wire transfer fraud because the acronym is WTF, right? That's exactly what someone would be thinking when they transfer money out.
And that's something that's happened to the biggest companies in the world, the Facebooks, the Apples, it's huge in real estate, huge in law firms right now. It's, but it's ransomware and wire transfer fraud are industry agnostic, right? If you have an email address and a bank account, you can be victim of one of those hacking attacks.
So that's why I say, I mean, those are, those are great claims examples to bring up to any client, because if you're a legitimate business, you're going to have an email address and a bank account and you want to make sure those are protected.

So I think that when you bring up, uh, or when, when, uh, brokers are looking for examples, I think that's a great place to start. but I also think brokers need to know that a lot of times small to medium-sized businesses assume that they are not going to be victims of hacking attacks.
That, you know, the hackers are only targeted at the huge businesses of the world because that's what we see in the news, right? We always see when a major company has a hacking attack occur, but we don't see a lot of times are the small to mid-sized businesses. when the is those are the low hanging fruit because they usually don't have the cybersecurity in place that they probably should.
And they're much more willing to pay a ransom just to get their systems back online. So it's something that I think folks should think about if they, you know, initially believe that only big businesses get hacked.
Yeah. So anyone that's listening, you can steal those two examples, but because stories sell, right.
But, but I think we need to find, we need to find our own and hopefully we can find them and they're not our clients. We can, you know, just read the trade journals.
You'll find tons of examples and just use those examples. Cause I, I said this before, I said this maybe about a year ago during the pandemic, when all the stats were coming out about how hard everyone was getting hit with these.

And I actually read that there were a couple homeowners insurance companies that were thinking about adding personal cyber liability because these guys are not, I say these guys, I'm assuming they're all disgusting men sitting in basements somewhere.

You know what I mean?

They're doing all this hacking.

I don't know.

That's just a visual I have.

But like eating Doritos and like regular Coca-Cola, like these, you know what I mean? They're doing all this hacking. I don't know, that's just a visual I have.
But like eating Doritos and like regular Coca-Cola,

like these, you know, awful humans.

And they're pinging like home routers

and then using those as like proxies

to then blast out all this malicious content.

And that can, you know,

if they can track it back to your home router, you can be brought in a lot. And you know, there's just all this malicious content and that can you know if they can track it back to your home router you can be brought in a lot and you know there's just all this crazy stuff and i and i said like i just put out a couple messaged did a video or something i just was like cyber there's a very realistic possibility that in the in the near future cyber liability is as or more important than general liability like if i had to rogue, you know, it's a cyber is a million times larger exposure than a slip trip and fall third party bodily injury or property damage.
I mean, that's general liability, right? And a stroke, like, is there, is, is it more likely that someone slips and falls on a property that I'm responsible for, or someone hacks into my system and steals their information or uses my system from ransomware or whatever? Like, it's just, but yeah, we won't, we don't think about it that way. We think, ah, you know, I own a small agency, so I don't need it.
You know, I own a small business and it just couldn't be farther from the truth. Yeah.
Well, Ryan, as, as everything gets more connected to the internet and as people start using technology more, there's more potential for things to get hacked. If something is connected to the internet, it has the potential to be hacked.
And so everything that we are doing on a day-to-day basis is getting more and more technology driven. So I don't think there is a more crucial coverage for the 21st century than cyber insurance.
So I think it's something that really, really needs to be top of mind. And yeah, I mean, if there's any agents out there that have any questions on it, like we have the luxury of being a specialist where we can go really deep on this, not only in our coverage, but all the coverage that's floating out there in the market, what's really working from a broker standpoint in terms of making sure this hits, like you mentioned claims examples, we have like 75 industries, all the major industries like laid out of, you know, their five major exposures in the claims examples associated with that industry.
So for example, someone needs claims examples on restaurants or manufacturers or contractors, lawyers, we have claims examples aggregated. So the other, the other thing that I really like that helps identify exposure is dark web scanning.
Most people don't realize that they have probably over a hundred accounts that they are, their information is in. When you talk about being a member of LinkedIn, of Facebook, of Instagram, of, you know, your gym, of your bank account, right? You have all these credentials and what you don't realize is the majority of these companies have had some sort of data breach at some point, right? And it's likely that your email address and password are associated with that data breach.
So on the first page of all of our core proposals is an automatic dark web scan that we do for everybody associated with their domain name. And it shows you the credentials that are floating out there on the dark web right now that are being bought and sold.
And if you haven't changed your password, some hacker out there, someone on the dark web could buy your information and try to log into Wells Fargo or whatever it is. So the dark web is a scary place.
And the fact that people aren't actively changing their password, using password managers, practicing quality cyber hygiene, that's just got to be, you know, multi-factor authentication. That's just got to be part of the normal day-to-day to make sure you're secure.
And we have, you know, a list of things that folks can do to secure their home office, to make sure they're taking the right cybersecurity steps. In fact, Ryan, we have six free services, cybersecurity services that we provide to all of our insureds for free if they want access to them for proactive cybersecurity.
Which password manager do you recommend? Like LastPass or? LastPass is my go-to. Yeah.
Yeah. I know.
I got to get on the Last pass train. I logging in and out of systems is the biggest is like, that is like one of those nightmare things that we all deal with.
Carriers are the worst because they make you change your password. Like some of them it's every two days.
Some of them it's never. And you're just like, Oh my God, I can't have no more iterations.
And I don't have the brain cycles to remember. And then everyone just goes last.
And I'm like, God, I just got to sign up for it. But so, so you had said before that cyber insurance is the only product that you offer at this time.
What does that mean? So I think that we've set up a really great network of insurance agents across the US. We've gone really, really deep when it comes to cyber.
And I think if we can find another product that is a specialty quality product that our agents would, that would add value to our agents and would add value to their insureds. Like a tech E&O or something like that? Could be tech E&O, could be D&O, could be E&O, could be, you know, I know there's a really big need right now for brokers that are working in the cannabis space because there's very few markets and there's lots of lines that could be associated with that.
So we are actively exploring what could be the next product that would add value. And I think we would only move on it if we felt it was, you know, a great product that was comprehensive and that we know our distribution network.
Because I think we work with about 2,000 insurance agencies across the UF about 2000 offices. So if it paired well with cyber and it was something that, you know, worked within our business model to have our folks be able to communicate and explain and show our brokers why it's relevant, then I think that's something that we would want to bring on.
Yeah. One of the things that I think is a huge opportunity is tech, you know, and the reason I think it's an opportunity, not necessarily for you guys, but just in general is because it's very, it has a very narrow bandwidth and what's considered tech, you know, today.
And I feel like that bandwidth is, I think it's, I think it's just, I think the carriers that are writing it, I think they're just a little behind in updating what a technology related company is. Like, you know, when you look at some of the exposure, when even look at some of the exposures that Rogue has, right? Let's take my own business.
We have a lot of technology related errors and omissions issues that we could have as we build our own tech, and we build our own connections into different systems and, and what could happen there. And, you know, right now, it's like, do you develop an app? Yes.
Okay, tech, you know, what about websites that develop functionality on those sites that are proprietary to their business? It's not actually an app that they're selling, but it's proprietary tech that is delivering a service inside a web portal or form or whatever. Like, how does that, you know, you really have to search to find someone who will classify that inside of a tech E&O.
But when you get that dial into the policy forms, standard E&O isn't covering that. And it's certainly not covered under a B bop.
So like maybe media liability, but that's a stretch. I mean, that's a big stretch to think that media liability is going to cover that.
So I feel like there's a big gap in that market just because it, I think it was originally for like app developers. You know what I mean? Like that's really what it is.
It's like they're thinking like high functionality technology or technology that's running maybe a manufacturing plant, maybe like something that's driving it through a system. But there's, to me, there's a much broader spectrum of tech exposures that are seeping into businesses because, because, because today everyone is, is bolting on their, I shouldn't say everyone, a lot of businesses are bolting on their own technology solutions and products that maybe they're not selling to the market, but are, but are highly, that are, but are being used to drive their business, maybe even conjunction with some off the rack stuff.
And that technology that you're building and implementing and delivering services through, that's a, that, I believe, in the current structure of BOP and errors and omissions if you don't have that tech terminology built in. So, you know, I don't say that's probably way more detailed than anyone really cares about.
But, you know, this is just something that I've seen with some of our clients is I'm like, how do I cover this feature of their product delivery, right? They have this, that's pretty standard. This is pretty standard.
But what about this piece right here in the middle that connects these two things and does this that they built? You know, well, it's the future. Because there's so many business functions that are reliant on technology.

And if you have someone that makes a mistake in creating that, it could be massively costly to that business. So there's no doubt it's an option for the future.
And I also would love to just clarify, because people always confuse cyber and tech E&O. yep the reason why we standalone cyber does not include tech you know is because there's a double trigger so for example um if i'm a hacker and i'm looking to um get into somebody's businesses business excuse me i could potentially exploit an error that a programmer made in putting that software or that program together.
So therefore, it could trigger a tech ENO policy, could trigger a cyber policy. So that's why we don't include tech ENO in our form.
And like you said in the beginning, cyber policies in the past, a lot of times combine the two two but at this point we're separating it out because hacking attacks are so real and there's so much going on that combining the exposure of the two on the one policy is too much yeah i agree with you i think they need to be i think they could be sold as a package but the forms have to be separated yeah yeah i think that's the way it has to be i mean that's my personal opinion on how it should be sold as a package, but the forms have to be separated. Yeah.
Yeah. I think that's the way it has to be.
I mean, that's my personal opinion on how it should be sold as separate forms, but packaged together mostly to make it understandable and easy for brokers and customers insureds to understand what the hell they're purchasing. Cause you know, but if, so if it came as a package, but, but was technically separate forms, I think that would be an incredible way to deliver that, especially if you had a, whether it was a broader industry or just a broader sense of what techie covered.
I think there's a lot of opportunity there. It feels very narrow to me as a coverage.
Yeah, yeah, totally. And I actually personally live that space a bit because my dad has specialized in insuring tech companies in Silicon Valley.
That was, you know, his niche as a producer and still is really tech, venture capital and private equity. So I've seen him go through that process.
And it's been a really interesting market because I think tech, you know, is much harder to get now than it was five, ten years ago.

There's people pulling out. And I think the underwriting is still being perfected in that space.
Well, it's what is tech? You know what I mean? It's such an ethereal thing that I think there are some very straightforward senses of what that is. And then it gets, you know, the gray fringes are very wide or, you know, there's a lot of breadth to the fringes, to what constitutes, where does it tech, when is this just a standard E&O policy? And when is it a tech E&O policy? When do you need neither? And what is the real trigger to the exposure? And when do you just need cyber coverage, right? I mean, these are, these are real questions.
I think everyone outside of true specialists have, and even there, you know, I think you get confused by what is a moving target in terms of underwriting guidelines and appetite and all that kind of stuff, because no one can figure it out. And it doesn't help that every system is being tested a thousand times a day by hackers.
I mean, you want to run it. You want to like get the shit scared out of you.
Launch a brand new website. Don't ever go to it.
Just launch it and then watch the traffic, right? Just watch the traffic. You'll have your bot traffic will be 200, 500 hits within like a day or two.
Yeah. And you're like, it doesn't even exist.
It's just a, there's nothing even there. How are they finding? Because these freaking bots are just scanning the web all day long, constantly.
And it's just wild. And people just don't realize this.
They don't, they don't, they have no idea.

No, that's a great point. That's a great point for people to know how often hacking attacks are happening.
I mean, even in our own industry, Ryan, when you look at the last few months, AXA hacked, CNA, CNA, $40 million ransom. um uh Arthur Jagher, right? Like, you couldn't get a quote from it.
We were getting brokers that were coming to us. They're like, hey, we usually go to, you know, Gallagher or, you know, RPS to get our cyber quotes.
But they just didn't have access, right? So, man, and honestly, like the, a lot of insurance agencies we work with have experienced

hacking attacks themselves. So, you know, they, they, at the end of the day serve as great claims examples for clients and how real things are.
So, but it's the new world that we're living in. Yeah.
So is there anything coming down the pipe in the cyberspace just in general that people should look out for? Is there any new coverages? Is there any talk in the cyber nerd forums of new things that we need to be prepared for that we need to consider? I mean, most people probably found half the shit that we've said so far to be beyond what they've thought about. And that doesn't make them bad but like is there anything new that that that we're going to see in the next 12 24 months that that we should be prepared for from a cyber respect well from a coverage standpoint one thing i'm excited that we recently introduced in our into our forum is uh cyber coverage for senior executive officers personal personal funds.
Because a lot of times we see the CEO or the CFO or, you know, the principal or somebody that's high up get targeted specifically by hackers. And a lot of times you'll see these C-level folks, really anybody at a company doing their personal banking at work.

Going to wellsfargo.com. You mentioned key logging malware.
If someone puts that on your computer, they just get your username and password to your Bank of America bank account. They can transfer funds out.
So that's specifically covered within our form. Another crazy thing is in the last year or so, there was the first death associated with a cyber attack.
It was a German hospital, I believe they got hit by a ransomware attack, the technology was down, so they couldn't admit patients. So something something happened, there was an accident that happened or someone needed medical urgent medical care, they were not able to be admitted to this hospital.
And unfortunately, they ended up passing away. So that is another form of coverage.
So bodily injury coverage associated with hacking attacks is something that we have built into our form recently. And I think when you look at the future, you know, you can talk about more comprehensive bodily injury covers.
You can talk about property damage. You know, when you talk about someone hacking into a Tesla or something like that, that's a really interesting space.
But like I said, in the beginning, if something's connected to the internet, it can be hacked. So, you know, when you talk about your thermostat being connected to the internet, you know, when you talk about like, like, you know, your smart home, whether it's your smart refrigerator, your smart range, your smart washer dryer, your smart locks, right? Those all could be the initiation of significant financial loss if they're hacked.
So it's there, there's significant potential for the market to grow. And that's, that's one of the reasons in the beginning, why we named the company Evolve, because we knew that the, not only would the hacking attacks change, but the coverage would change along with it.
So it's funny. We, enjoyed the name Evolve just because when we go to cyber conferences and cyber events, it's just free marketing because everyone's saying evolve, evolve, evolve as things change.
Yeah. Yeah, that's wild.
It is pretty, you just think about, you know, you just think about everything that's connected as it gets more connected. You know, obviously, good cybersecurity is always a good first line of defense.
But like always, if you don't have a good insurance policy, there's no one showing up after that. You know, I had some guy say to me one time, I have a cybersecurity firm to help me.
I said, OK, great. But do they offer you cyber insurance? He's like, no, I'll just sue them if something goes wrong.
And I'm like, that is a wild way. Like, that's a wild mindset.
Like, versus, I mean, I'm telling you, the policy that I quoted him was like 1,400 bucks. Like, this wasn't like some big, huge policy.
Like, just the mentality of, I'd rather have nothing because of whatever reason. And I'll just sue my my cybersecurity company.
I'm like, one, how do you know you'd win? They probably, they're probably doing most things right to like, what the, what? Like this mentality. I just.
Yeah. And if it's a legitimate cybersecurity or it company, they probably have a contract in place that spells out what happens if there's something that they don't catch.
But yeah, that is wild. And the other thing I want to reiterate about cyber policies is they give you access to forensics firms, to PR firms, to folks that literally have ransomware negotiators on their team.
Like that is the forensics firm associated with our cyber policy. They have ransomware war rooms where they're going to be acting on the insurance behalf.
And not only are they going to be figuring out because it's extremely expensive to have the forensics firms come. Like if you were just not have a cyber policy to get the forensics firms to come in, figure out what's in your system, figure out what happened, figure out how to get it back to normal, repair it if need be.
And then, oh, wait, you just lost 5,000 people's information. Now we need to bring in a legal firm to figure out what you need to do because you just lost all their data.
It's been exposed. And now you need to notify, you need to figure out what regulations you need to comply with.
And then, you know what, now we've been down for four days. And how much revenue have we lost per day? What's the business interruption costs associated with that, right? And then if there's an extortion itself, do we have to pay that? Do we not, right? Like we saw in the colonial pipeline attack, I believe it was negotiated down from 10 million and they ended up paying 5 million on that ransom.
But a lot of times these ransomware hackers literally have call centers. It's a business where they're like, okay, you know, they're communicating with the forensics firms.
The forensics firms are very used to it. So that's why I'm excited for this sales academy because we're going to have like the forensics guys, like the ransomware negotiators come in and talk about, you know, this is how it typically works.
This is what we need to be prepared for. And, uh, kind of talking about the major things that active selling points for brokers and that business owners should be aware of.
It's a pretty wild idea that somewhere, uh, there is just like showing up for work, you know, just hat, you know, whatever, lunch, walk out the door, like, bye, honey, you know, have a nice day. And like, you show up to like, hackers, you know, whatever.
And like, that's what you would, that's what you do today. Like today, I'm gonna,'m going to send out like 10 million emails.
Hopefully one of them will hook someone. And then I'm going to start talking to them on the phone and negotiating, you know, their ransom.
And that's, and you come home and like, how's your day? Well, I got like, I got 25,000 out of this business in Maine. And, you know, I mean like, right.
I mean, that's, it's just crazy. That's like what their day is like.

It's just like, and then, you know, you throw a big like champagne party on the pipeline one or whatever, you know, it's. Yeah, it's wild.
And frankly, you don't even have technical expertise. Like, you know, a lot of people have that image of that hacker in the basement, you know, eating chips.
but you can literally buy ransomware on the dark web and then you just get a bunch of email addresses and send it out to them like that that's how simple it is so it's not as complex as people might think that's actually would be a good sass company like you take like five percent of all your ransomware hits and you just sell ransomware as a service. And, and, you know, you just sell it to hackers.
They put the emails through and you get five to 10% of whatever ransomware they get. Right.
We've seen that. We've seen that exact thing where they, there's literally taking commissions from the software that they are the malware that they are putting out there on the dark web.
Yeah. So, uh, well, Hey, everybody's got to make a buck, you know, but it's our job to make sure that buck doesn't come from our clients or easily.
If it does, we can, uh, we can get it back. So dude, I appreciate you spending this time.
I'm a big fan of what you're doing. Where can people learn one more about evolve and two about the conference that you're putting on if they're super interested in cyber and up in their cyber game? Yeah.
So to learn more about evolve you can go to evolvemga.com. And we work with retail brokers across the U S and if someone's looking to get a quote or get appointed, if you just go to our website, evolvemga.com and click the get a quote, you fill out your insurance information, the agency's information, we can get folks appointed.
The other area is going to underwriting at evolvemga.com, emailing underwriting at evolvemga.com with anything they would like, any questions that they have. We're happy to act as an educational resource.
And then I'd say for the upcoming Sales Academy, I'm super excited about it. It's going to be the first week of November, November 2nd and 3rd.
And it's going to be in Dallas, just a couple highlights, but we're going to have the whole purpose of the conference is any agent that attends, they should be able to leave that conference, being able to explain cyber exposure and quality cyber coverage to any one of their clients in under two minutes. And we're going to have the best of the best in the industry from forensic professionals to Frank Abagnale from Catch Me If You Can to, you know, one of the number one cyber producers at Hub to talk about his sales process.
And then you're going to have access to all of our underwriting team to ask them questions. And so I think at the end, we're going to give our like kind of like sales playbook for cyber to anyone that attends.
So I'm very excited, especially because it's really our first conference coming out of COVID as well. So it's going to be great to see people face to face.
Yeah, that's awesome. Where can people get more info on that? Is it on the website as well? Or where do they sign up if they're interested? You know, we are creating a webpage for people to register.
It is not up official yet. So if there are folks that are interested, just emailing underwriting at evolvemj.com saying I'm interested in attending the Cyber Sales Academy.
We're probably going to reserve it to about 100 seats. So I know we have a lot of folks in Texas alone, a lot of folks that attended our last one in Chicago.
So the seats will fill up quick, but emailing underwriting and evolvemga.com is the best way for us to make sure people get reserved. Awesome, man.
Well, hey, I appreciate you. I appreciate you coming on the show and sharing.
And I've just been following you guys for a while. We're an appointed Evolve MGA.
And as we start to have more policies roll in, you guys are in the mix and we look forward to writing more business with you. And hopefully some of the listeners here will get on the train too.
And just speaking to the agents before we sign off, guys, I mean, I've said this a bunch on the show, dropped a lot. I wanted to do this episode specifically because cyber is one, it's a great way to add more value to your customers.
It's a great way to put money into your bottom line. But you are providing, I mean, this is really what we do is getting out ahead of these things and getting coverage in our clients' hands.
And I just, to me, cyber is an absolute no-brainer. Like we have to get this in our clients' hands for commercial clients.
So appreciate you, man. Of course, Ryan.
Thank you so much for having me on. I love what you're doing and love the energy, love the entrepreneurial spirit.

So if there's anything you ever need, anytime then.

Thank you.

Close twice as many deals by this time next week. Sound impossible? It's not.
With the one call close system, you'll stop chasing leads and start closing deals in one call. This is the exact method we use to close 1200 clients in under three years during the pandemic.
No fluff, no endless follow-ups, just results fast. Based in behavioral psychology and battle-tested, the one-call closed system eliminates excuses and gets the prospect saying yes more than you ever thought possible.
If you're ready to stop losing opportunities and start winning, visit masteroftheclosed.com. That's masteroftheclothes.com.
Do it today.

Top reasons your dog wants you to move to Ohio.

Amazing dog parks to stretch your legs.

All four of them.

Dog-friendly patios.

Even gourmet hot dogs loaded with the good stuff.

Bon Appetit.

And Ohio has so many high-paying jobs, you'll be top dog in no time. Jobs in technology, engineering, science, advanced manufacturing, and more.
The career you want and a life you'll love. Have it all in the heart of it all.
Go to callohiohome.com. I need directions for paying down debt.
Starting route. Apply for a SoFi personal loan and consolidate your debt into one fixed payment.
Turn right into a positive outlook and get $5,000 to $100,000 as soon as the same day you sign with no fees required.

Got it.

You could get out of high interest credit card debt with a SoFi personal loan.

View your rate at SoFi.com slash debt in 60 seconds with no impact to your credit score.

Loans originated by SoFi Bank and A.

Member FDIC.

Terms and conditions at SoFi.com slash debt.

NMLS 696891.