For years, auto insurers have rewarded responsible drivers with reduced premiums and discounts. If an individual avoids accidents and traffic citations, they are likely taking precautions to stay safe on the road. 

And why not encourage good habits?

Now, imagine if auto insurers proactively warned drivers of upcoming threats, like high-risk intersections or nearby reckless behavior, to reduce the likelihood of a crash. We’d have a feedback loop that not only rewarded drivers for avoiding risky behaviors, but also helped to prevent collisions in the first place. 

To combat cyber risk, we do both: Notify policyholders about critical security vulnerabilities and discount their retentions when they take proactive measures that lead to a claim-free year. 

As part of Coalition’s new Active Cyber Policy, we introduced Vanishing Retention to acknowledge and reward policyholders that prioritize security. Below, learn why prevention matters, how Vanishing Retention works, and what businesses can do to reduce their cyber risk.

Preventive measures can effectively reduce risk

Businesses face a revolving door of new threats, including sophisticated supply-chain attacks, AI-powered phishing, and a record-high number of vulnerabilities that could lead to an incident. A traditional approach to insurance doesn't provide the necessary support required to prevent attacks in the first place.

Enter Active Insurance. At Coalition, we’ve always believed that the most effective cyber insurance policy doesn’t just respond after a policyholder experiences a cyber incident — it actively helps prevent losses before they occur. 

And preventive measures are working. Despite a highly turbulent threat landscape, Coalition policyholders experience 73% fewer claims than the industry average.

By providing continuous digital attack surface monitoring, cyber risk assessments, and timely alerts to policyholders about critical vulnerabilities, we help businesses prioritize the right security efforts to prevent cyber attacks.

Despite an ever-changing threat landscape, Coalition policyholders experience 73% fewer claims than the industry average.

How Vanishing Retention works

Offering coverages that incentivize and reward security-conscious policyholders is the natural next step in our mission to innovate alongside the rapidly evolving digital landscape. 

Now, Coalition policyholders can reduce their retention by taking meaningful (yet simple) actions that demonstrate they’re proactively thinking about cybersecurity: 

• Access Coalition Control®: All Coalition policyholders receive full access to Coalition Control, our unified cyber risk management platform. Inside, businesses can find security checklists, risk assessments, and more.

• Stay connected: Establish and maintain up-to-date contact information for both the policyholder and their designated IT/Security contact in Control. 

• Complete the Ransomware Supplemental Application (RSA): This provides us with current information about a policyholder’s cybersecurity practices.

• Resolve vulnerabilities: Fix any critical vulnerabilities identified in Coalition Control within 30 days of notification. 

By completing these steps, businesses can put themselves in a stronger position to avoid a cyber attack. In recognition of this effort, policyholders automatically receive a reduced retention over a three-year period for every claim-free year:

• Year 1: 25% reduction

• Year 2: 50% reduction

• Year 3: 100% reduction

After three claim-free years while maintaining these security practices, policyholders successfully eliminate their retention.* Learn more about eligibility here.

Take action to prevent attacks with Control

Just like driving the speed limit or wearing a seatbelt, most businesses recognize that preventative cybersecurity measures are vital to reducing cyber risk — but they don’t always know what to prioritize. 

With access to Coalition Control, policyholders have full visibility to internal and external security risks, as well as access to tools to take action and mitigate them. Imagine a roadmap with clearly defined instructions for a more secure organization.

Businesses are less likely to experience a claim when they swiftly resolve vulnerabilities, which is why policyholder involvement plays an integral role in reducing policy retention. 

Based on past behavior from threat actors, we can predict which vulnerabilities are likely to result in active exploitation. By sending alerts through Control and directly to policyholders’ inboxes, businesses know exactly when urgent action is needed. 

In 2024, we issued 85,000 security alerts to policyholders via Control, directly resulting in the mitigation of more than 32,000 security issues. Businesses are less likely to experience a claim when they swiftly resolve vulnerabilities, which is why policyholder involvement plays an integral role in reducing policy retention. 

Additionally, integrated security solutions designed to enhance an organization’s cyber defenses while addressing the most common cause of claims are available for purchase within Control. Policyholders can work with Coalition Security™, an organization already invested in their security, while saving on premiums and maximizing coverage:

Active Cyber Policy: A new standard in cyber insurance

Active Insurance is built on the premise that proactive security measures can significantly reduce both the frequency and severity of claims. By providing real-time insights and guidance to policyholders, we’re working together to combat cyber risk. 

Our new Active Cyber Policy delivers comprehensive coverage that reflects the reality of digital risk — and it doesn’t stop with Vanishing Retention. We’ve introduced other innovative features that reward businesses for prioritizing cybersecurity, including:

• Reduced Retention for Early FTF Reporting: Policyholders who report funds transfer fraud (FTF) incidents within 72 hours after the initial transfer of money to receive a lower FTF retention, incentivizing quick policyholder action that often impacts recovery outcomes.

• $0 Retention for Coalition Incident Response: Policyholders that opt to use Coalition Incident Response’s digital forensic and incident response services when experiencing a cyber threat see no out-of-pocket costs for these services.

We’ve also expanded other protections for emerging risks, including AI-related security events and SEC cybersecurity disclosure requirements.

Coalition is setting a new standard in cyber insurance. Explore the benefits of Vanishing Retention and beyond in the new Active Cyber Policy.

INNOVATIVE COVERAGE. EXPANDED PROTECTION.

Meet the Next Generation of Active Insurance

Explore Coalition’s new Active Cyber Policy >

*The foregoing example is offered only for discussion and illustration purposes. The information contained herein is not to be relied on in any particular situation when pursuing coverage. Coverage is subject to and governed by the language of the policy as actually issued. Please see a copy of your policy for the full terms, and conditions.

**Credit eligibility is determined during the quote process and based on underwriting factors, including risk profile. Exclusions and limitations apply. Customers with MDR other than Coalition’s MDR may be eligible for a premium credit; contact MDRsales@coalitioninc.com for more information.

***Current policyholders will be eligible for coverage benefits upon renewal, provided they purchased training. Eligibility for coverage benefits available with the purchase of SAT depends on risk profile, underwriting approval and qualifications at the time of quote or renewal. Limitations and exclusions apply; see Terms of Service.

Insurance products are offered in the U.S. by Coalition Insurance Solutions Inc. (“CIS”), a licensed insurance producer and surplus lines broker, (Cal. license # 0L76155), acting on behalf of a number of unaffiliated insurance companies, and on an admitted basis through Coalition Insurance Company (“CIC”) a licensed insurance underwriter (NAIC # 29530). See licenses and disclaimers. 

Products and services provided by Coalition Incident Response, Inc. (d/b/a Coalition Security), a wholly-owned affiliate of Coalition, Inc. Coalition Incident Response services provided through Coalition Security are offered to Coalition policyholders as an option via Coalition’s Panel Provider list.

This blog post is designed to provide general information on the topic presented and is not intended to construe or the rendering of legal or other professional services of any kind. If legal or other professional advice is required, the services of a professional should be sought. The statements contained herein are not a proposal of insurance but are for informational purposes only. Insurance coverage is subject to and governed by the terms and conditions of the policy as issued. Coalition makes no representations regarding coverages, exclusions or limitations in any products offered on behalf of any insurer. Neither Coalition nor any of its employees make any warranty of any kind, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, product or process disclosed. The blog post may include links to other third-party websites. These links are provided as a convenience only. Coalition does not endorse, have control over nor assumes responsibility or liability for the content, privacy policy or practices of any such third-party websites. Copyright © 2025. All rights reserved. Coalition and the Coalition logo are trademarks of Coalition, Inc.