Cogitanda: Difference between revisions
Created page with "== Corporate profile and regulatory identifiers == 🏢 '''Corporate trajectory.''' Cogitanda is a Germany-origin cyber risk specialist spanning cyber insurance distribution, underwriting design, and cyber risk services. The pre-insolvency operating model functioned as an Assekuradeur — the German market equivalent of an MGA/MGU operating under delegated authority — paired with in-house cyber prevention and claims/incident coordination capabilities.<ref name="heukin..." |
No edit summary |
||
| Line 1: | Line 1: | ||
{{Infobox company |
|||
== Corporate profile and regulatory identifiers == |
|||
| name = Cogitanda |
|||
| legal_name = COGITANDA Dataprotect AG |
|||
| logo = Logo of Cogitanda.svg |
|||
| logo_size = |
|||
| logo_alt = Cogitanda logo |
|||
| logo_caption = |
|||
| type = Private — cyber insurtech MGA (Assekuradeur) |
|||
| exchange = |
|||
| ticker = |
|||
| isin = |
|||
| lei = |
|||
| license_type = |
|||
| npn = |
|||
| coverholder_ref = |
|||
| incorporation = Germany |
|||
| founded = {{Start date and age|2016}} |
|||
| headquarter = Flensburg, Germany |
|||
| domicile = Germany |
|||
| insurance_jurisdictions = Germany<br/>Austria |
|||
| regulator = |
|||
| ultimate_parent = DGC AG |
|||
| shareholders = DGC AG |
|||
| key_people = Walid Schalesi, Group Chief Actuary<br/>Alain Bianco, Group Chief Underwriting Officer |
|||
| num_employees = approximately 70 (March 2025) |
|||
| customer_segments = Small and medium-sized enterprises<br/>Industrial companies |
|||
| lines_of_business = Cyber insurance |
|||
| segments = |
|||
| products = Cyber Pro+<br/>CYBERPROTECTION |
|||
| technology_platform = cyberscan.io (vulnerability detection)<br/>AXON (broker quoting portal)<br/>Cyber Defence Operation Center (CDOC) |
|||
| capacity_providers = SV SparkassenVersicherung Gebäudeversicherung AG<br/>Württembergische Versicherung AG<br/>Everest Insurance<br/>IQUW |
|||
| distribution = Broker-centric; portal-driven |
|||
| geographic_markets = Germany<br/>Austria |
|||
| num_customers = |
|||
| competitors = Stoïk<br/>Eye Security<br/>Baobab Insurance<br/>At-Bay<br/>Coalition<br/>Corvus Insurance<br/>Cowbell<br/>Resilience |
|||
| market_share_rank = |
|||
| financial_year = |
|||
| market_cap = |
|||
| revenue = |
|||
| insurance_revenue = |
|||
| operating_income = |
|||
| ebitda = |
|||
| net_income = |
|||
| gwp = |
|||
| nwp = |
|||
| loss_ratio = |
|||
| combined_ratio = |
|||
| commission_rate = |
|||
| total_assets = |
|||
| invested_assets = |
|||
| technical_reserves = |
|||
| csm = |
|||
| net_debt = |
|||
| equity = |
|||
| operating_margin = |
|||
| solvency_ratio = |
|||
| roe = |
|||
| total_funding = |
|||
| last_round = |
|||
| last_valuation = |
|||
| lead_investors = |
|||
| capital_structure = |
|||
| ifsr = |
|||
| capacity_partner_ratings = |
|||
| ratings = |
|||
| footnotes = |
|||
}} |
|||
{{Summary:Cogitanda|5}} |
|||
🏢 '''Corporate trajectory.''' Cogitanda is a Germany-origin cyber risk specialist spanning cyber insurance distribution, underwriting design, and cyber risk services. The pre-insolvency operating model functioned as an Assekuradeur — the German market equivalent of an MGA/MGU operating under delegated authority — paired with in-house cyber prevention and claims/incident coordination capabilities.<ref name="heuking">{{cite web |title=Heuking unterstützt die Cogitanda-Gruppe beim Verkauf aus der Insolvenz an DGC AG |url=https://www.heuking.de/de/news-events/aktuelle-meldungen/artikel/heuking-unterstuetzt-die-cogitanda-gruppe-beim-verkauf-aus-der-insolvenz-an-dgc-ag.html |publisher=Heuking |access-date=9 March 2026}}</ref> A material corporate discontinuity occurred in late 2024 to early 2025: multiple Cogitanda group entities entered insolvency proceedings and the operating business was transferred via an asset deal to a subsidiary of DGC AG,<ref name="jimmy">{{cite web |title=COGITANDA Cyber sind wir — Kundenflyer |url=https://jimmy-versicherung.de/wp-content/uploads/COGITANDA-Cyber-sind-wir.-Kundenflyer.pdf |publisher=Jimmy Versicherung |access-date=9 March 2026}}</ref> with the Cogitanda brand retained and operations stated as continuing.<ref name="luther">{{cite web |title=Luther advises DGC Group on the acquisition of cyber insurer Cogitanda |url=https://www.luther-lawfirm.com/en/newsroom/press-releases/detail/luther-advises-dgc-group-on-the-acquisition-of-cyber-insurer-cogitanda |publisher=Luther Rechtsanwaltsgesellschaft |access-date=9 March 2026}}</ref> |
|||
{{More details}} |
|||
🏛️ '''Pre-insolvency group structure.''' The documented Cogitanda group perimeter during the insolvency and sale process comprised five entities, all insolvent at the group level:<ref name="heuking"/> |
|||
{{Section separator}} |
|||
* COGITANDA Dataprotect AG (Germany) |
|||
* COGITANDA Risk Prevention GmbH (Germany; cyber prevention services) |
|||
== Corporate profile == |
|||
* COGITANDA Insurance Services GmbH (Germany; Assekuradeur operations) |
|||
* COGITANDA Claims Services GmbH (Germany; claims/incident services) |
|||
🏢 '''German cyber MGA.''' Cogitanda is a Germany-origin cyber risk specialist that combines cyber insurance distribution and underwriting design with cyber risk prevention and claims-coordination services. The pre-insolvency operating model was that of an Assekuradeur — the German market equivalent of an MGA operating under delegated authority — paired with in-house cyber prevention and incident management capabilities.<ref name="heuking">{{cite web |title=HEUKING unterstützt die COGITANDA-Gruppe beim Verkauf aus der Insolvenz an DGC AG |url=https://www.heuking.de/de/news-events/aktuelle-meldungen/artikel/heuking-unterstuetzt-die-cogitanda-gruppe-beim-verkauf-aus-der-insolvenz-an-dgc-ag.html |publisher=HEUKING |date=March 2025 |access-date=2026-03-09}}</ref> The company was founded in 2016 and historically operated from Germany, with documented expansion into Austria for at least part of its cyber product offering.<ref name="luther">{{cite web |title=Luther advises DGC Group on the acquisition of cyber insurer Cogitanda |url=https://www.luther-lawfirm.com/en/newsroom/press-releases/detail/luther-advises-dgc-group-on-the-acquisition-of-cyber-insurer-cogitanda |publisher=Luther Rechtsanwaltsgesellschaft |date=March 2025 |access-date=2026-03-09}}</ref><ref name="reinsurancenews">{{cite web |title=Cogitanda partners with Everest and IQUW to expand cyber offering |url=https://www.reinsurancene.ws/cogitanda-partners-with-everest-and-iquw-to-expand-cyber-offering/ |publisher=Reinsurance News |date=2024 |access-date=2026-03-09}}</ref> |
|||
* COGITANDA Managed Services GmbH (Germany; managed services) |
|||
⚠️ '''Insolvency and acquisition.''' A material corporate discontinuity occurred between late 2024 and early 2025. Multiple Cogitanda group entities entered insolvency proceedings, and the operating business was transferred via an asset deal to a subsidiary of DGC AG, with the Cogitanda brand retained and operations stated as continuing.<ref name="luther"/> The insolvency was filed in November 2024, at which point a preliminary insolvency administrator was appointed and continuity of customer coverage was asserted.<ref name="brinkmann">{{cite web |title=COGITANDA Gruppe – Vorläufiges Insolvenzverfahren |url=https://www.brinkmann-partner.de/cogitanda-gruppe-vorlaufigen-insolvenzverfahren/ |publisher=Brinkmann & Partner |date=November 2024 |access-date=2026-03-09}}</ref> The asset deal closed in March 2025, and the company now operates under the DGC group umbrella with headquarters in Flensburg.<ref name="cogitanda-web">{{cite web |title=Cogitanda – 360° Cyber Protection |url=https://www.cogitanda.com/ |publisher=Cogitanda |access-date=2026-03-09}}</ref> |
|||
🏛️ '''Pre-insolvency group entities.''' The most consistently documented group perimeter during the insolvency and sale process comprised five entities: COGITANDA Dataprotect AG, COGITANDA Risk Prevention GmbH (cyber prevention services), COGITANDA Insurance Services GmbH (part of the Assekuradeur model), COGITANDA Claims Services GmbH (claims and incident services), and COGITANDA Managed Services GmbH (managed services), all domiciled in Germany.<ref name="heuking"/> Buyer-side counsel characterized the group's integrated model as delegated-authority cyber policy placement with multiple risk carriers, end-to-end claims management on behalf of carriers, and prevention services for insureds and brokers.<ref name="heuking"/> |
|||
🔗 '''Integrated model.''' Buyer-side counsel characterised the group's integrated model as encompassing delegated-authority cyber policy placement with multiple risk carriers, end-to-end claims management on behalf of those carriers, and prevention services for insureds and brokers.<ref name="heuking"/> Following the acquisition, the Cogitanda brand continues under the DGC group umbrella, with the current website listing DGC as copyright holder and indicating a headquarters address in Flensburg, Germany.<ref name="cogitanda">{{cite web |title=Cogitanda |url=https://www.cogitanda.com/ |publisher=Cogitanda / DGC AG |access-date=9 March 2026}}</ref> |
|||
📋 '''Regulatory |
📋 '''Regulatory posture.''' Available evidence points to a delegated-authority model with external risk carriers rather than Cogitanda retaining insurance risk on its own balance sheet.<ref name="heuking"/> The operating model is broker- and MGA-like — involving delegated authority, multiple risk carriers, and broker distribution — which in Germany typically implies reliance on insurance distribution permissions and registers rather than an insurer authorization. A relationship with Lloyd's syndicate IQUW providing capacity has been reported, though no Lloyd's coverholder number is disclosed.<ref name="reinsurancenews"/> |
||
👥 '''Scale.''' During the preliminary insolvency process, total group employees were approximately 150, secured through insolvency wage pre-financing to the end of January 2025.<ref name="brinkmann"/> In the asset sale, approximately 70 employees were secured with the transfer.<ref name="heuking"/> Following the acquisition, DGC's group headcount increased to over 100 employees across Flensburg and Cologne, though this is a group-wide figure and not Cogitanda on a standalone basis.<ref name="luther"/> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Founders, leadership, and governance == |
|||
== Leadership and governance == |
|||
⚰️ '''Founder.''' Jörg Wälder founded Cogitanda and served as its CEO.<ref name="assekurata">{{cite web |title=Assekurata Studie Cyber Kriegsklausel |url=https://www.assekurata-rating.de/wp-content/uploads/2021/09/Assekurata_PM_03_05_2022_Assekurata_Studie_Cyber_Kriegsklausel.pdf |publisher=Assekurata |date=May 2022}}</ref><ref name="luther"/> His sudden death in 2023 is cited as a key destabilising event that preceded the company's economic difficulties and subsequent insolvency filing.<ref name="luther"/> |
|||
🪦 '''Founder.''' Jörg Wälder founded Cogitanda and served as its central leadership figure. His sudden death in 2023 is widely cited as a key destabilizing event that preceded the company's economic difficulties and subsequent insolvency filing.<ref name="luther"/> |
|||
👥 '''Current leadership.''' Post-acquisition materials confirm continuity of the core team, though no full role-by-role roster is publicly available.<ref name="luther"/> Named executives referenced in company-controlled channels include Walid Schalesi (Group Chief Actuary) and Alain Bianco (Group Chief Underwriting Officer).<ref name="linkedin360">{{cite web |title=COGITANDA 360° CyberProtection post |url=https://de.linkedin.com/posts/cogitanda_cogitanda-360-cyberprotection-cyberversicherung-activity-7399731293942620160-H86k |publisher=LinkedIn |access-date=9 March 2026}}</ref><ref name="assekurata"/> Jens Lison was quoted in 2024 capacity and market expansion coverage as CEO of COGITANDA Dataprotect AG, though this reference predates the acquisition and does not confirm current role.<ref name="reinsurancenews"/> |
|||
👔 '''Current leadership.''' The acquisition-era materials confirm continuity of the core team and key personnel, though a full role-by-role roster is not publicly available.<ref name="luther"/> Named executives referenced in company-controlled channels include Walid Schalesi (Group Chief Actuary) and Alain Bianco (Group Chief Underwriting Officer).<ref name="linkedin-cyberprotection">{{cite web |title=Cogitanda – CYBERPROTECTION product announcement |url=https://de.linkedin.com/posts/cogitanda_cogitanda-360-cyberprotection-cyberversicherung-activity-7399731293942620160-H86k |publisher=LinkedIn |date=2025 |access-date=2026-03-09}}</ref> Jens Lison was quoted in 2024 capacity and market expansion coverage as CEO of COGITANDA Dataprotect AG, though that reference predates the acquisition and may not reflect his current role.<ref name="reinsurancenews"/> |
|||
🔍 '''AXA connection.''' No AXA connection was identified in the reviewed capacity-provider references or acquisition communications.<ref name="luther"/> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Business model and operating footprint == |
|||
== Business model == |
|||
🛡️ '''Full-service cyber specialist.''' Cogitanda's model encompasses three pillars: delegated-authority placement of cyber insurance products with multiple external risk carriers (Risikoträger), end-to-end cyber claims management services performed for those carriers, and cyber risk prevention services — including IT audits, monitoring, and related offerings — delivered to policyholders and broker networks.<ref name="heuking"/> The current website positions this combined offering as "360° cyber protection," integrating prevention, monitoring, insurance, and crisis management alongside DGC's cybersecurity capabilities.<ref name="cogitanda"/> |
|||
🔄 '''Integrated cyber specialist.''' Cogitanda's model spans three interconnected functions: delegated-authority placement of cyber insurance products with multiple external risk carriers, end-to-end cyber claims management services performed for those carriers, and cyber risk prevention services delivered to policyholders and broker networks.<ref name="heuking"/> The current website positions this combined offering as "360° cyber protection," integrating prevention, monitoring, insurance, and crisis management alongside DGC's cybersecurity capabilities.<ref name="cogitanda-web"/> |
|||
🌍 '''Geographic footprint.''' Cogitanda historically operated in Germany with documented broker distribution and German-language product materials.<ref name="jimmy"/> Market expansion coverage and capacity commentary indicate an Austria component for at least part of the cyber offering.<ref name="reinsurancenews"/> |
|||
🌍 '''Geographic footprint.''' Cogitanda historically operated in Germany with broker distribution and German-language product materials.<ref name="jimmy-flyer">{{cite web |title=COGITANDA Cyber sind wir – Kundenflyer |url=https://jimmy-versicherung.de/wp-content/uploads/COGITANDA-Cyber-sind-wir.-Kundenflyer.pdf |publisher=Jimmy Versicherung |access-date=2026-03-09}}</ref> Market expansion and capacity commentary indicate an Austrian component for at least part of the cyber product offering, with the Everest and IQUW partnership specifically targeting clients in Germany and Austria with revenues up to €250 million.<ref name="reinsurancenews"/> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Cyber insurance product and coverage architecture == |
|||
== Cyber insurance products == |
|||
📦 '''Product set.''' Two distinct eras of product positioning are evidenced. The legacy "Cyber Pro+" product, available via an online portal/coverage configurator for broker partners, was described as modular with five coverage groups and extensive sub-components.<ref name="degenia2">{{cite web |title=COGITANDA Broschüre — Versicherung |url=https://degenia.de/wp-content/uploads/2019/06/COGITANDA_Brosch%C3%BCre_2_Versicherung.pdf |publisher=Degenia |date=June 2019}}</ref><ref name="jimmy"/> Following the acquisition, a new "CYBERPROTECTION" product was introduced featuring a digital application workflow and a "CYBERPROTECTION Check" risk assessment component.<ref name="cogitanda"/> |
|||
📦 '''Legacy product family.''' The established pre-2025 cyber product, "Cyber Pro+," was a configurable offering accessed via an online portal and coverage configurator for broker partners.<ref name="degenia-insurance">{{cite web |title=COGITANDA Cyber Versicherung – Broschüre |url=https://degenia.de/wp-content/uploads/2019/06/COGITANDA_Brosch%C3%BCre_2_Versicherung.pdf |publisher=Degenia |date=2019 |access-date=2026-03-09}}</ref> The product was modular, organized around five coverage groups: attacks on reputation and identity, attacks on payment methods and accounts, attacks on hardware/software and data, business interruption, and liability and data protection incidents.<ref name="jimmy-flyer"/> A comparative market study references formal policy conditions (AVB COGITANDA Cyber Pro+ Version 1.0, dated July 26, 2019), confirming the product's maturity by that date.<ref name="assekurata">{{cite web |title=Assekurata Studie: Cyber-Kriegsklausel |url=https://www.assekurata-rating.de/wp-content/uploads/2021/09/Assekurata_PM_03_05_2022_Assekurata_Studie_Cyber_Kriegsklausel.pdf |publisher=Assekurata |date=May 2022 |access-date=2026-03-09}}</ref> |
|||
🗂️ '''First-party coverages.''' Legacy materials describe cyber coverage grouped into five Deckungsgruppen (coverage groups): attacks on reputation and identity (mapping to reputational harm and identity restoration), attacks on payment methods and accounts (associated with cybercrime and funds transfer contexts), attacks on hardware/software and data (mapping to data restoration and system repair costs), business interruption, and liability and data protection incidents.<ref name="jimmy"/> An additional "technical insurance" component covering electronics and machinery was positioned as a unique feature with simplified declaration mechanics, where device listing and subsequent reporting of new devices were not required.<ref name="jimmy"/> |
|||
🚀 '''Post-acquisition product.''' Following the DGC acquisition, "CYBERPROTECTION" was launched as a new cyber insurance product featuring a digital application workflow and a "CYBERPROTECTION Check" risk assessment component.<ref name="cogitanda-web"/> Company communications describe tiered structuring (Smart, Advanced, Extended) with quantitative underwriting workflow signals, including streamlined risk questioning below certain revenue thresholds and a stated maximum capacity figure.<ref name="linkedin-dgc">{{cite web |title=Cogitanda – DGC AG partnership announcement |url=https://de.linkedin.com/posts/cogitanda_cogitanda-dgcag-cyberversicherung-activity-7388856248101937152-c5mI |publisher=LinkedIn |date=2025 |access-date=2026-03-09}}</ref> |
|||
⚖️ '''Third-party coverages.''' The stated coverage group "Haftpflicht sowie Datenschutzvorfälle" (liability and data protection incidents) indicates inclusion of liability and privacy/data protection incidents in the configurable product structure.<ref name="jimmy"/> |
|||
🛡️ '''First-party coverages.''' The five coverage groups encompass reputational harm and identity restoration costs, cybercrime and funds-transfer-related losses, data restoration and system repair costs, and business interruption.<ref name="jimmy-flyer"/> An additional component described as "technical insurance" (electronics and machinery insurance) was positioned as a unique supplementary coverage protecting electronics and machines, with simplified declaration mechanics that do not require device listing or subsequent reporting obligations for new devices.<ref name="jimmy-flyer"/> |
|||
🚨 '''Breach response and claims services.''' A Cogitanda cyber emergency plan details the incident reporting and post-notice coordination workflow: a 24/7 cyber claims hotline (Germany and international numbers), an incident reporting email, prompt assembly of an expert crisis team with potential on-site support, structured daily technical and management briefings during response, and operational guidance designed to preserve forensic integrity.<ref name="notfallplan">{{cite web |title=COGITANDA Notfall Plan |url=https://s3.eu-central-1.amazonaws.com/cogitanda.official/files/pdf/live/COGITANDA_Notfall_Plan.pdf |publisher=Cogitanda |access-date=9 March 2026}}</ref> |
|||
⚖️ '''Third-party coverages and claims services.''' The liability and data protection incidents coverage group indicates inclusion of third-party liability and privacy/data protection incident coverage within the configurable product structure.<ref name="jimmy-flyer"/> Cogitanda's emergency plan details embedded incident coordination including a 24/7 cyber claims hotline (Germany and international numbers), an incident reporting email address, prompt assembly of an expert crisis team with potential on-site support, and structured daily technical and management briefings during response. Operational guidance emphasizes preserving forensic integrity during incidents.<ref name="notfallplan">{{cite web |title=COGITANDA Cyber-Notfallplan |url=https://s3.eu-central-1.amazonaws.com/cogitanda.official/files/pdf/live/COGITANDA_Notfall_Plan.pdf |publisher=Cogitanda |access-date=2026-03-09}}</ref> |
|||
⚠️ '''War exclusion.''' The "Cyber Pro+" product had an explicit war exclusion clause in its AVB (policy conditions), referenced as "AVB COGITANDA Cyber Pro+ Version 1.0 Stand 26.07.2019" in a comparative war-clause study.<ref name="assekurata"/> Ambiguous "war" constructs in cyber insurance can create significant coverage uncertainty and litigation risk, particularly around nation-state attribution disputes — an issue relevant to due diligence even in the absence of specific wording.<ref name="yjolt">{{cite web |title=Wargames: Analyzing the Act of War Exclusion in Insurance Coverage and its Implications for Cybersecurity Policy |url=https://yjolt.org/wargames-analyzing-act-war-exclusion-insurance-coverage-and-its-implications-cybersecurity-policy |publisher=Yale Journal of Law and Technology |access-date=9 March 2026}}</ref> |
|||
⚔️ '''War exclusion.''' Cyber Pro+ contained an explicit war exclusion clause within its general policy conditions, as documented in a comparative war-clause study across cyber insurers.<ref name="assekurata"/> Ambiguous war constructs in cyber insurance can create coverage uncertainty and litigation risk, particularly in relation to state-sponsored cyber events and attribution disputes — an issue of broad market relevance to cyber underwriting and claims.<ref name="yjolt">{{cite web |title=Wargames: Analyzing the Act of War Exclusion in Insurance Coverage and Its Implications for Cybersecurity Policy |url=https://yjolt.org/wargames-analyzing-act-war-exclusion-insurance-coverage-and-its-implications-cybersecurity-policy |publisher=Yale Journal of Law and Technology |access-date=2026-03-09}}</ref> |
|||
📐 '''Coverage segmentation.''' Legacy public materials describe servicing small and medium-sized as well as industrial companies, implying a target extending beyond micro-SME packaged business.<ref name="degenia2"/> The post-acquisition CYBERPROTECTION product features tiering (Smart, Advanced, Extended) with quantitative underwriting workflow signals such as simplified risk questioning up to a revenue threshold, along with a stated maximum capacity figure.<ref name="linkedindgc">{{cite web |title=COGITANDA DGC AG Cyberversicherung post |url=https://de.linkedin.com/posts/cogitanda_cogitanda-dgcag-cyberversicherung-activity-7388856248101937152-c5mI |publisher=LinkedIn |access-date=9 March 2026}}</ref> |
|||
🎯 '''Segment targeting.''' Legacy materials describe servicing small and medium-sized as well as industrial companies, implying a target market extending beyond micro-SME packaged business.<ref name="degenia-insurance"/> The CYBERPROTECTION product introduces additional tiering and digitized workflows intended to streamline underwriting for specific revenue bands.<ref name="linkedin-dgc"/> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Cybersecurity services and technology stack == |
|||
== Cybersecurity services == |
|||
🔐 '''Pre-bind and in-force services.''' Cogitanda's current website references specific cybersecurity capabilities contributed by DGC: external vulnerability detection and monitoring via "cyberscan.io®," penetration tests, security awareness training, and a 24/7 Cyber Defence Operation Center (CDOC).<ref name="cogitanda"/> Legacy brochures also describe a prevention stack including employee training, audits, vulnerability analyses, and monitoring, though without naming specific third-party tooling.<ref name="degenia1">{{cite web |title=COGITANDA Broschüre — Prävention |url=https://degenia.de/wp-content/uploads/2019/06/COGITANDA_Brosch%C3%BCre_1_Pr%C3%A4vention.pdf |publisher=Degenia |date=June 2019}}</ref> |
|||
🔍 '''Prevention and monitoring.''' Cogitanda's current website emphasizes prevention services that draw on DGC's cybersecurity capabilities, including external vulnerability detection and monitoring via the cyberscan.io platform, penetration testing, security awareness training, and a 24/7 Cyber Defence Operation Center (CDOC).<ref name="cogitanda-web"/> Legacy brochures also describe a prevention stack encompassing employee training, audits, vulnerability analyses, and monitoring.<ref name="degenia-prevention">{{cite web |title=COGITANDA Cyber Prävention – Broschüre |url=https://degenia.de/wp-content/uploads/2019/06/COGITANDA_Brosch%C3%BCre_1_Pr%C3%A4vention.pdf |publisher=Degenia |date=2019 |access-date=2026-03-09}}</ref> |
|||
🚨 '''Post-incident response.''' The emergency plan document provides a detailed depiction of crisis orchestration steps and the data requirements for coordinated response, including server and client counts, network topology, logs, communications records, backup status, and law enforcement reference information.<ref name="notfallplan"/> This operational workflow reflects embedded crisis management and incident coordination capability within the insurance product offering. |
|||
💼 '''Service delivery model.''' Legacy materials indicate that prevention services can be provided on request and that the group combines insurance with cyber prevention services.<ref name="jimmy-flyer"/> The post-acquisition positioning under DGC further integrates the cybersecurity service stack, leveraging DGC's security operations infrastructure alongside Cogitanda's insurance-specific processes.<ref name="cogitanda-web"/> |
|||
🛠️ '''Post-incident services.''' The emergency plan document provides a concrete depiction of crisis orchestration steps and the data required for coordinated response, including server/client counts, network topology, logs, communications, backups, and law enforcement references.<ref name="notfallplan"/> |
|||
{{Section separator}} |
{{Section separator}} |
||
== Distribution, capacity, and strategic partnerships == |
|||
== Distribution and capacity == |
|||
🤝 '''Distribution model.''' Cogitanda's legacy model is broker-centric, featuring a partner onboarding flow, a portal-driven process for configuring coverage and generating placements (broker access required), and customer guidance directing insureds to work through their broker.<ref name="degenia2"/> A third-party broker reference confirmed continued access to the quoting platform ("AXON") during the insolvency period, reinforcing that production was executed through a portal workflow.<ref name="hendricks">{{cite web |title=Cogitanda Insolvenz — Fragen und Antworten |url=https://hendricks-makler.de/cogitanda-insolvenz-fragen-und-antworten/ |publisher=Hendricks Makler |access-date=9 March 2026}}</ref> |
|||
🤝 '''Broker-centric distribution.''' Cogitanda's distribution model centers on broker and partner networks, evidenced by a dedicated onboarding flow for broker partners, a portal-driven process for configuring coverage and generating placements, and customer guidance directing insureds to work through their insurance broker.<ref name="degenia-insurance"/> Third-party broker commentary confirmed continued access to the AXON quoting platform during the insolvency period, reinforcing that production was executed through a digital portal workflow.<ref name="hendricks">{{cite web |title=Cogitanda Insolvenz – Fragen und Antworten |url=https://hendricks-makler.de/cogitanda-insolvenz-fragen-und-antworten/ |publisher=Hendricks Makler |access-date=2026-03-09}}</ref> |
|||
🏦 '''German risk carriers retained post-acquisition.''' Two incumbent risk carriers continued to support new business and renewals following the acquisition: SV SparkassenVersicherung Gebäudeversicherung AG and Württembergische Versicherung AG.<ref name="notfallplan"/><ref name="reinsurancenews"/><ref name="experten">{{cite web |title=COGITANDA hat neuen Eigentümer — DGC AG übernimmt Cyberversicherer |url=https://www.experten.de/id/4938211/COGITANDA-hat-neuen-Eigentuemer-DGC-AG-uebernimmt-Cyberversicherer/ |publisher=Experten.de |access-date=9 March 2026}}</ref> Board members of these carriers explicitly framed their ongoing support and emphasised the value of integrating prevention, insurance, and claims management.<ref name="experten"/> |
|||
🏦 '''German risk carriers.''' Two incumbent German risk carriers — SV SparkassenVersicherung Gebäudeversicherung AG and Württembergische Versicherung AG — continued to support new business and renewals following the DGC acquisition. Board members of these carriers publicly emphasized the value of Cogitanda's integrated prevention, insurance, and claims management model as a basis for their continued partnership.<ref name="experten">{{cite web |title=COGITANDA hat neuen Eigentümer – DGC AG übernimmt Cyberversicherer |url=https://www.experten.de/id/4938211/COGITANDA-hat-neuen-Eigentuemer-DGC-AG-uebernimmt-Cyberversicherer/ |publisher=Experten.de |date=2025 |access-date=2026-03-09}}</ref> |
|||
🌐 '''International capacity.''' Trade press reports that Cogitanda partnered with Everest Insurance and IQUW to expand its cyber product offering for clients with revenues up to €250 million in Germany and Austria, with a stated policy limit up to €7.5 million for that expanded segment.<ref name="reinsurancenews"/> |
|||
🌐 '''International capacity.''' Cogitanda partnered with Everest Insurance and IQUW to expand its cyber product offering for clients with revenues up to €250 million in Germany and Austria, with a stated policy limit up to €7.5 million for that expanded segment.<ref name="reinsurancenews"/> The precise legal mechanism governing these relationships — whether a Lloyd's coverholder arrangement or another London market access model — is not publicly documented. |
|||
{{Section separator}} |
{{Section separator}} |
||
== Funding, financial signals, and competitive positioning == |
|||
== Financial profile and competitive positioning == |
|||
💼 '''Ownership and insolvency.''' Insolvency was filed in November 2024 and pursued across the group entities, culminating in an asset deal and operational continuation under DGC.<ref name="luther"/> No capital raise disclosures — venture rounds, institutional equity financing amounts, or valuations — were identified in accessible sources. |
|||
📊 '''Financial opacity.''' Cogitanda experienced economic distress after 2023 and entered insolvency in late 2024, followed by business transfer and continuation under DGC.<ref name="luther"/> Audited financial KPIs including gross written premium, revenue, net income, and loss ratio are not available in public filings. |
|||
{| class="wikitable sortable" style="width:100%; font-size:0.85em" |
{| class="wikitable sortable" style="width:100%; font-size:0.85em" |
||
|+ |
|+ 📋 Cogitanda, headcount indicators, pre- and post-insolvency, 2024–2025 |
||
! scope="col" style="text-align:center" | Metric |
|||
! scope="col" style="text-align:center; width:9em" | Figure |
|||
! scope="col" style="text-align:center" | Context |
|||
|- |
|- |
||
| Total group employees (prelim insolvency) |
|||
! scope="col" style="text-align:center" | KPI |
|||
| style="text-align:right" | ~150 |
|||
| Secured through insolvency wage pre-financing to end of January 2025<ref name="brinkmann"/> |
|||
! scope="col" style="text-align:center" | Source |
|||
|- |
|- |
||
| Employees transferred (asset deal) |
|||
| Headcount |
|||
| style="text-align:right" | |
| style="text-align:right" | ~70 |
||
| |
| Secured with the DGC asset transfer<ref name="heuking"/> |
||
|- |
|||
| DGC group headcount (post-acquisition) |
|||
| style="text-align:right" | >100 |
|||
| Group-wide across Flensburg and Cologne; not Cogitanda standalone<ref name="luther"/> |
|||
|} |
|} |
||
🏅 '''Competitive positioning.''' Within the broader cyber insurance landscape, Cogitanda aligns most closely with the European cyber MGA and services cluster — specialist underwriting design under delegated authority paired with cyber prevention, monitoring, and incident orchestration. US integrated cyber platform peers include At-Bay, Coalition, Corvus Insurance, Cowbell, and Resilience. European challengers with comparable profiles include Stoïk and Eye Security. Additional ecosystem peers span Baobab Insurance, BOXX Insurance, Converge Insurance, Elpha Secure, Emergence Insurance, Evolve MGA, Invision Cyber, Measured Analytics and Insurance, Onda, Pera, SafeInside Insurance, Sync Underwriting, and Dattak.<ref name="luther"/><ref name="linkedin-cyberprotection"/> |
|||
🏰 '''Competitive moat.''' |
🏰 '''Competitive moat.''' Cogitanda's central differentiation claim rests on its integrated prevention, insurance, and incident management offering, supported by operational documents and acquisition communications.<ref name="notfallplan"/> Distribution lock-in is indicated by broker onboarding and portal-driven configuration processes.<ref name="jimmy-flyer"/> Capacity access and continuity following insolvency, with two major risk carriers explicitly maintaining support post-acquisition, represents a key strategic asset for the reconstituted business.<ref name="experten"/> |
||
📚 '''Market context.''' Academic and |
📚 '''Market context.''' Academic and institutional research highlights structural challenges directly relevant to cyber MGA sustainability, including aggregation and systemic cyber risk, uncertainty around exclusions (especially war and attribution clauses), and the need for clearer coverage constructs and risk transfer mechanisms.<ref name="wiley-risa">{{cite web |title=Systemic Cyber Risk and Aggregate Uncertainty |url=https://onlinelibrary.wiley.com/doi/10.1111/risa.13715 |publisher=Risk Analysis (Wiley) |access-date=2026-03-09}}</ref> These themes are especially pertinent given Cogitanda's reliance on external carriers and its emphasis on prevention and crisis management as risk-mitigating levers. |
||
{{Section separator}} |
{{Section separator}} |
||
== Risks, outlook, and appendices == |
|||
== Risks and outlook == |
|||
⚡ '''Capacity dependency risk.''' The model is strongly dependent on third-party risk carriers, and post-acquisition continuation explicitly depends on retained and newly arranged carrier support.<ref name="heuking"/> |
|||
🔗 '''Capacity dependency.''' Cogitanda's model is strongly dependent on third-party risk carriers, and post-acquisition continuation explicitly depends on retained and newly arranged carrier support.<ref name="heuking"/> Any withdrawal or non-renewal of delegated authority by a material capacity provider could directly affect production capability and portfolio continuity. |
|||
🌊 '''Systemic cyber aggregation risk.''' Cyber risk is structurally prone to accumulation and systemic events that can affect multiple insureds simultaneously — a core constraint of cyber insurability that directly affects carrier appetite and delegated authority terms.<ref name="wiley"/> |
|||
🌊 '''Systemic aggregation risk.''' Cyber risk is structurally prone to accumulation and systemic events that can affect multiple insureds simultaneously, a core constraint on cyber insurability that directly affects carrier appetite and delegated authority terms.<ref name="wiley-risa"/> This dynamic is amplified for specialist MGAs whose portfolios are concentrated in a single line of business. |
|||
🔥 '''Coverage dispute risk.''' War and state-sponsored cyber attribution remain a stress point for cyber insurance coverage. The broader market dynamic and the presence of war clauses in comparable AVBs represent a continuing due diligence issue for placement, claims handling, and reputational exposure.<ref name="assekurata"/> |
|||
⚔️ '''War exclusion disputes.''' War and state-sponsored cyber attribution remain a persistent stress point for cyber insurance coverage. The broader market dynamic and the documented presence of war clauses in comparable policy conditions create ongoing due diligence exposure for placement, claims handling, and reputational risk.<ref name="assekurata"/><ref name="yjolt"/> |
|||
🔄 '''Transition and integration risk.''' An asset deal typically requires re-establishing contracts, delegated authority, systems, and controls under new group governance. The integration of security operations with insurer-facing processes suggests execution and compliance risk during the ramp-up phase.<ref name="luther"/> |
|||
🔧 '''Integration risk.''' An asset deal typically requires re-establishing contracts, delegated authority agreements, systems, and controls under a new group governance model. The integration of security operations with insurer-facing processes suggests execution and compliance risk during the transition ramp-up.<ref name="luther"/> |
|||
👤 '''Key-person risk.''' The founder's death is repeatedly cited as a major destabilising factor preceding insolvency, indicating historical dependence on key individuals and associated governance continuity risk.<ref name="luther"/> |
|||
👤 '''Key-person risk.''' The founder's death is repeatedly cited as a major destabilizing factor preceding insolvency, indicating historical dependence on key individuals and associated governance continuity risk.<ref name="luther"/> |
|||
🧭 '''Strategy and outlook.''' Cogitanda's post-acquisition strategy centres on a combined "360°" proposition encompassing risk prevention, monitoring, insurance, and crisis management.<ref name="cogitanda"/> Product communications indicate a push toward a more digitised underwriting workflow — including a digital application process and a structured cyber risk check — and a tiered product architecture.<ref name="linkedin360"/> |
|||
🔭 '''Strategic outlook.''' Cogitanda's post-acquisition strategy centers on the combined "360°" proposition of risk prevention and monitoring paired with insurance and crisis management.<ref name="cogitanda-web"/> Product communications signal a push toward digitized underwriting workflows (digital application process and structured cyber risk check) and tiered product architecture, reflecting a modernization trajectory under DGC ownership.<ref name="linkedin-cyberprotection"/> |
|||
📅 '''Timeline of key events.''' |
|||
{{Section separator}} |
|||
* '''2016''' — Cogitanda founded as an early specialised cyber insurance provider in Germany.<ref name="luther"/> |
|||
* '''2019 (July)''' — Formal AVB conditions for "Cyber Pro+ Version 1.0" dated 26 July 2019, confirmed by a subsequent comparative market study.<ref name="assekurata"/> |
|||
* '''2023''' — Sudden death of founder Jörg Wälder, triggering economic difficulties.<ref name="luther"/> |
|||
* '''November 2024''' — Insolvency filing by the group and appointment of a preliminary insolvency administrator; customer coverage continuity asserted.<ref name="brinkmann"/> |
|||
* '''March 2025''' — Asset deal sale to DGC group subsidiary; Cogitanda brand retained and operations continuing.<ref name="luther"/> |
|||
* '''2025 onward''' — Public positioning emphasises integrated cybersecurity and insurance, and launch of the new "CYBERPROTECTION" product with a digital process and risk check.<ref name="cogitanda"/> |
|||
== Timeline == |
|||
📖 '''Glossary.''' |
|||
* '''2016''' — Cogitanda is founded as an early specialized cyber insurance provider in Germany.<ref name="luther"/> |
|||
* '''MGA / MGU / Assekuradeur''' — A delegated authority intermediary that designs, prices, and administers insurance products on behalf of a risk-bearing insurer, often including underwriting and sometimes claims authority. In Germany, "Assekuradeur" is the common term for such structures.<ref name="heuking"/> |
|||
* ''' |
* '''2019 (July)''' — Formal policy conditions for Cyber Pro+ (AVB Version 1.0, dated July 26, 2019) are established.<ref name="assekurata"/> |
||
* '''2023''' — Sudden death of founder Jörg Wälder triggers economic difficulties for the group.<ref name="luther"/> |
|||
* '''Binder / Delegated authority''' — A contract granting authority to underwrite and bind insurance, typically specifying classes, limits, controls, reporting, and performance terms.<ref name="heuking"/> |
|||
* '''2024''' — Cogitanda partners with Everest Insurance and IQUW to expand cyber capacity for mid-market clients in Germany and Austria.<ref name="reinsurancenews"/> |
|||
* '''GWP (Gross Written Premium)''' — Total premiums written on policies in a period, before reinsurance and cancellation adjustments. |
|||
* '''November 2024''' — Insolvency filing by the group and appointment of a preliminary insolvency administrator; continuity of customer coverage is asserted.<ref name="brinkmann"/> |
|||
* '''Loss ratio''' — Claims incurred divided by premium earned (or written), measuring underwriting performance. |
|||
* '''March 2025''' — Asset deal sale to a DGC AG subsidiary closes; Cogitanda brand is retained and operations continue.<ref name="luther"/> |
|||
* '''Quota share / Excess of loss reinsurance''' — Quota share: the reinsurer takes a fixed percentage of premiums and losses. Excess of loss: the reinsurer covers losses above a retention up to a limit. |
|||
* '''2025 onward''' — Public positioning emphasizes integrated cybersecurity and insurance, with launch of the CYBERPROTECTION product featuring a digital process and risk check.<ref name="cogitanda-web"/> |
|||
* '''Systemic cyber risk''' — Cyber risk characterised by cascades, common-cause failures, or correlated events leading to simultaneous losses across many insureds.<ref name="wiley"/> |
|||
* '''War exclusion / Nation-state attribution issues''' — Policy exclusions that may bar coverage for warlike acts or state-sponsored events; attribution uncertainty can drive disputes.<ref name="yjolt"/> |
|||
{{Section separator}} |
{{Section separator}} |
||
== See also == |
|||
* [[Cyber insurtech MGAs and underwriting agencies]] |
|||
{{Section separator}} |
|||
== References == |
== References == |
||
{{reflist}} |
{{reflist}} |
||
Latest revision as of 14:12, 9 March 2026
Cogitanda | |
|---|---|
| COGITANDA Dataprotect AG | |
 | |
| Corporate identity | |
| Type | Private — cyber insurtech MGA (Assekuradeur) |
| Incorporation | Germany |
| Founded | 2016 |
| Headquarters | Flensburg, Germany |
| Domicile | Germany |
| Licensed jurisdictions | Germany Austria |
| Ultimate parent | DGC AG |
| Major shareholders | DGC AG |
| Key people | Walid Schalesi, Group Chief Actuary Alain Bianco, Group Chief Underwriting Officer |
| Number of employees | approximately 70 (March 2025) |
| Business & markets | |
| Customer segments | Small and medium-sized enterprises Industrial companies |
| Lines of business | Cyber insurance |
| Main products & services | Cyber Pro+ CYBERPROTECTION |
| Technology platform | cyberscan.io (vulnerability detection) AXON (broker quoting portal) Cyber Defence Operation Center (CDOC) |
| Capacity providers | SV SparkassenVersicherung Gebäudeversicherung AG Württembergische Versicherung AG Everest Insurance IQUW |
| Distribution | Broker-centric; portal-driven |
| Geographic markets | Germany Austria |
| Competitors | Stoïk Eye Security Baobab Insurance At-Bay Coalition Corvus Insurance Cowbell Resilience |
🏢 Cogitanda is a Germany-origin cyber insurance MGA (Assekuradeur) founded in 2016 that operates under delegated authority, placing cyber coverage with multiple external risk carriers while providing end-to-end claims management and cyber risk prevention services. The pre-insolvency group comprised five German entities — COGITANDA Dataprotect AG, Risk Prevention GmbH, Insurance Services GmbH, Claims Services GmbH, and Managed Services GmbH — spanning the full cycle from underwriting design to incident coordination. Following the sudden death of founder Jörg Wälder in 2023 and subsequent economic distress, the group entered insolvency in November 2024 and was acquired via asset deal by DGC AG in March 2025, with the brand retained and operations continuing from Flensburg.
👥 Leadership. Named executives include Walid Schalesi (Group Chief Actuary) and Alain Bianco (Group Chief Underwriting Officer), confirmed in post-acquisition product communications. Jens Lison was referenced as CEO of COGITANDA Dataprotect AG in 2024 capacity expansion coverage, though his current post-acquisition role is unconfirmed. The acquisition preserved the core team and key personnel, with approximately 70 employees transferred in the asset deal from a pre-insolvency group of roughly 150.
🔄 Business model. Cogitanda's integrated model spans three functions: delegated-authority placement of cyber insurance with multiple external risk carriers, end-to-end cyber claims management performed on behalf of those carriers, and cyber risk prevention services for policyholders and broker networks. The current website positions this as "360° cyber protection," integrating prevention, monitoring, insurance, and crisis management alongside DGC's cybersecurity infrastructure. The company historically operated in Germany with documented expansion into Austria.
📦 Legacy products. The established Cyber Pro+ product was a modular, configurable offering organized around five coverage groups: attacks on reputation and identity, attacks on payment methods and accounts, attacks on hardware/software and data, business interruption, and liability and data protection incidents. Formal policy conditions (AVB Version 1.0) date to July 2019, and the product included an explicit war exclusion clause. An additional "technical insurance" component covered electronics and machinery with simplified declaration mechanics.
🚀 Post-acquisition products. CYBERPROTECTION was launched after the DGC acquisition as a new cyber insurance product with a digital application workflow and a built-in CYBERPROTECTION Check risk assessment. The product features tiered structuring (Smart, Advanced, Extended) with streamlined underwriting for specific revenue bands. Embedded incident coordination includes a 24/7 cyber claims hotline, expert crisis team assembly, structured daily briefings, and forensic integrity protocols.
🔍 Cybersecurity services. Prevention and monitoring capabilities draw on DGC's infrastructure, including external vulnerability detection via cyberscan.io, penetration testing, security awareness training, and a 24/7 Cyber Defence Operation Center (CDOC). Legacy brochures describe a prevention stack encompassing employee training, audits, vulnerability analyses, and monitoring. Post-incident response orchestration is documented in a detailed emergency plan covering forensic data requirements, network topology collection, and law enforcement coordination.
🤝 Distribution and capacity. Distribution is broker-centric with a portal-driven workflow; the AXON quoting platform remained accessible during the insolvency period. Two German risk carriers — SV SparkassenVersicherung Gebäudeversicherung AG and Württembergische Versicherung AG — continued to support new business and renewals post-acquisition. International capacity from Everest Insurance and IQUW expanded the product for clients with revenues up to €250 million in Germany and Austria, with policy limits up to €7.5 million.
🏅 Competitive positioning. Cogitanda aligns with the European cyber MGA and services cluster, competing against US platforms such as At-Bay, Coalition, Corvus Insurance, Cowbell, and Resilience, and European challengers including Stoïk, Eye Security, Baobab Insurance, and Dattak. Its competitive moat rests on integrated prevention-insurance-incident management, broker portal lock-in, and demonstrated capacity continuity through insolvency. Academic research underscores structural challenges including systemic aggregation risk and war exclusion uncertainty.
⚠️ Risks and outlook. Key risk factors include strong dependency on third-party capacity providers, systemic cyber aggregation exposure, war exclusion and attribution dispute risk, post-insolvency integration challenges in re-establishing contracts and controls under new group governance, and historical key-person risk sharply demonstrated by the founder's death as a direct precursor to insolvency. Cogitanda's post-acquisition strategy centers on the combined cybersecurity and insurance proposition, leveraging DGC's security operations and a digitized underwriting workflow to rebuild and scale the business under new ownership.
The following sections provide further details.
Corporate profile
🏢 German cyber MGA. Cogitanda is a Germany-origin cyber risk specialist that combines cyber insurance distribution and underwriting design with cyber risk prevention and claims-coordination services. The pre-insolvency operating model was that of an Assekuradeur — the German market equivalent of an MGA operating under delegated authority — paired with in-house cyber prevention and incident management capabilities.[1] The company was founded in 2016 and historically operated from Germany, with documented expansion into Austria for at least part of its cyber product offering.[2][3]
⚠️ Insolvency and acquisition. A material corporate discontinuity occurred between late 2024 and early 2025. Multiple Cogitanda group entities entered insolvency proceedings, and the operating business was transferred via an asset deal to a subsidiary of DGC AG, with the Cogitanda brand retained and operations stated as continuing.[2] The insolvency was filed in November 2024, at which point a preliminary insolvency administrator was appointed and continuity of customer coverage was asserted.[4] The asset deal closed in March 2025, and the company now operates under the DGC group umbrella with headquarters in Flensburg.[5]
🏛️ Pre-insolvency group entities. The most consistently documented group perimeter during the insolvency and sale process comprised five entities: COGITANDA Dataprotect AG, COGITANDA Risk Prevention GmbH (cyber prevention services), COGITANDA Insurance Services GmbH (part of the Assekuradeur model), COGITANDA Claims Services GmbH (claims and incident services), and COGITANDA Managed Services GmbH (managed services), all domiciled in Germany.[1] Buyer-side counsel characterized the group's integrated model as delegated-authority cyber policy placement with multiple risk carriers, end-to-end claims management on behalf of carriers, and prevention services for insureds and brokers.[1]
📋 Regulatory posture. Available evidence points to a delegated-authority model with external risk carriers rather than Cogitanda retaining insurance risk on its own balance sheet.[1] The operating model is broker- and MGA-like — involving delegated authority, multiple risk carriers, and broker distribution — which in Germany typically implies reliance on insurance distribution permissions and registers rather than an insurer authorization. A relationship with Lloyd's syndicate IQUW providing capacity has been reported, though no Lloyd's coverholder number is disclosed.[3]
👥 Scale. During the preliminary insolvency process, total group employees were approximately 150, secured through insolvency wage pre-financing to the end of January 2025.[4] In the asset sale, approximately 70 employees were secured with the transfer.[1] Following the acquisition, DGC's group headcount increased to over 100 employees across Flensburg and Cologne, though this is a group-wide figure and not Cogitanda on a standalone basis.[2]
Leadership and governance
🪦 Founder. Jörg Wälder founded Cogitanda and served as its central leadership figure. His sudden death in 2023 is widely cited as a key destabilizing event that preceded the company's economic difficulties and subsequent insolvency filing.[2]
👔 Current leadership. The acquisition-era materials confirm continuity of the core team and key personnel, though a full role-by-role roster is not publicly available.[2] Named executives referenced in company-controlled channels include Walid Schalesi (Group Chief Actuary) and Alain Bianco (Group Chief Underwriting Officer).[6] Jens Lison was quoted in 2024 capacity and market expansion coverage as CEO of COGITANDA Dataprotect AG, though that reference predates the acquisition and may not reflect his current role.[3]
Business model
🔄 Integrated cyber specialist. Cogitanda's model spans three interconnected functions: delegated-authority placement of cyber insurance products with multiple external risk carriers, end-to-end cyber claims management services performed for those carriers, and cyber risk prevention services delivered to policyholders and broker networks.[1] The current website positions this combined offering as "360° cyber protection," integrating prevention, monitoring, insurance, and crisis management alongside DGC's cybersecurity capabilities.[5]
🌍 Geographic footprint. Cogitanda historically operated in Germany with broker distribution and German-language product materials.[7] Market expansion and capacity commentary indicate an Austrian component for at least part of the cyber product offering, with the Everest and IQUW partnership specifically targeting clients in Germany and Austria with revenues up to €250 million.[3]
Cyber insurance products
📦 Legacy product family. The established pre-2025 cyber product, "Cyber Pro+," was a configurable offering accessed via an online portal and coverage configurator for broker partners.[8] The product was modular, organized around five coverage groups: attacks on reputation and identity, attacks on payment methods and accounts, attacks on hardware/software and data, business interruption, and liability and data protection incidents.[7] A comparative market study references formal policy conditions (AVB COGITANDA Cyber Pro+ Version 1.0, dated July 26, 2019), confirming the product's maturity by that date.[9]
🚀 Post-acquisition product. Following the DGC acquisition, "CYBERPROTECTION" was launched as a new cyber insurance product featuring a digital application workflow and a "CYBERPROTECTION Check" risk assessment component.[5] Company communications describe tiered structuring (Smart, Advanced, Extended) with quantitative underwriting workflow signals, including streamlined risk questioning below certain revenue thresholds and a stated maximum capacity figure.[10]
🛡️ First-party coverages. The five coverage groups encompass reputational harm and identity restoration costs, cybercrime and funds-transfer-related losses, data restoration and system repair costs, and business interruption.[7] An additional component described as "technical insurance" (electronics and machinery insurance) was positioned as a unique supplementary coverage protecting electronics and machines, with simplified declaration mechanics that do not require device listing or subsequent reporting obligations for new devices.[7]
⚖️ Third-party coverages and claims services. The liability and data protection incidents coverage group indicates inclusion of third-party liability and privacy/data protection incident coverage within the configurable product structure.[7] Cogitanda's emergency plan details embedded incident coordination including a 24/7 cyber claims hotline (Germany and international numbers), an incident reporting email address, prompt assembly of an expert crisis team with potential on-site support, and structured daily technical and management briefings during response. Operational guidance emphasizes preserving forensic integrity during incidents.[11]
⚔️ War exclusion. Cyber Pro+ contained an explicit war exclusion clause within its general policy conditions, as documented in a comparative war-clause study across cyber insurers.[9] Ambiguous war constructs in cyber insurance can create coverage uncertainty and litigation risk, particularly in relation to state-sponsored cyber events and attribution disputes — an issue of broad market relevance to cyber underwriting and claims.[12]
🎯 Segment targeting. Legacy materials describe servicing small and medium-sized as well as industrial companies, implying a target market extending beyond micro-SME packaged business.[8] The CYBERPROTECTION product introduces additional tiering and digitized workflows intended to streamline underwriting for specific revenue bands.[10]
Cybersecurity services
🔍 Prevention and monitoring. Cogitanda's current website emphasizes prevention services that draw on DGC's cybersecurity capabilities, including external vulnerability detection and monitoring via the cyberscan.io platform, penetration testing, security awareness training, and a 24/7 Cyber Defence Operation Center (CDOC).[5] Legacy brochures also describe a prevention stack encompassing employee training, audits, vulnerability analyses, and monitoring.[13]
🚨 Post-incident response. The emergency plan document provides a detailed depiction of crisis orchestration steps and the data requirements for coordinated response, including server and client counts, network topology, logs, communications records, backup status, and law enforcement reference information.[11] This operational workflow reflects embedded crisis management and incident coordination capability within the insurance product offering.
💼 Service delivery model. Legacy materials indicate that prevention services can be provided on request and that the group combines insurance with cyber prevention services.[7] The post-acquisition positioning under DGC further integrates the cybersecurity service stack, leveraging DGC's security operations infrastructure alongside Cogitanda's insurance-specific processes.[5]
Distribution and capacity
🤝 Broker-centric distribution. Cogitanda's distribution model centers on broker and partner networks, evidenced by a dedicated onboarding flow for broker partners, a portal-driven process for configuring coverage and generating placements, and customer guidance directing insureds to work through their insurance broker.[8] Third-party broker commentary confirmed continued access to the AXON quoting platform during the insolvency period, reinforcing that production was executed through a digital portal workflow.[14]
🏦 German risk carriers. Two incumbent German risk carriers — SV SparkassenVersicherung Gebäudeversicherung AG and Württembergische Versicherung AG — continued to support new business and renewals following the DGC acquisition. Board members of these carriers publicly emphasized the value of Cogitanda's integrated prevention, insurance, and claims management model as a basis for their continued partnership.[15]
🌐 International capacity. Cogitanda partnered with Everest Insurance and IQUW to expand its cyber product offering for clients with revenues up to €250 million in Germany and Austria, with a stated policy limit up to €7.5 million for that expanded segment.[3] The precise legal mechanism governing these relationships — whether a Lloyd's coverholder arrangement or another London market access model — is not publicly documented.
Financial profile and competitive positioning
📊 Financial opacity. Cogitanda experienced economic distress after 2023 and entered insolvency in late 2024, followed by business transfer and continuation under DGC.[2] Audited financial KPIs including gross written premium, revenue, net income, and loss ratio are not available in public filings.
| Metric | Figure | Context |
|---|---|---|
| Total group employees (prelim insolvency) | ~150 | Secured through insolvency wage pre-financing to end of January 2025[4] |
| Employees transferred (asset deal) | ~70 | Secured with the DGC asset transfer[1] |
| DGC group headcount (post-acquisition) | >100 | Group-wide across Flensburg and Cologne; not Cogitanda standalone[2] |
🏅 Competitive positioning. Within the broader cyber insurance landscape, Cogitanda aligns most closely with the European cyber MGA and services cluster — specialist underwriting design under delegated authority paired with cyber prevention, monitoring, and incident orchestration. US integrated cyber platform peers include At-Bay, Coalition, Corvus Insurance, Cowbell, and Resilience. European challengers with comparable profiles include Stoïk and Eye Security. Additional ecosystem peers span Baobab Insurance, BOXX Insurance, Converge Insurance, Elpha Secure, Emergence Insurance, Evolve MGA, Invision Cyber, Measured Analytics and Insurance, Onda, Pera, SafeInside Insurance, Sync Underwriting, and Dattak.[2][6]
🏰 Competitive moat. Cogitanda's central differentiation claim rests on its integrated prevention, insurance, and incident management offering, supported by operational documents and acquisition communications.[11] Distribution lock-in is indicated by broker onboarding and portal-driven configuration processes.[7] Capacity access and continuity following insolvency, with two major risk carriers explicitly maintaining support post-acquisition, represents a key strategic asset for the reconstituted business.[15]
📚 Market context. Academic and institutional research highlights structural challenges directly relevant to cyber MGA sustainability, including aggregation and systemic cyber risk, uncertainty around exclusions (especially war and attribution clauses), and the need for clearer coverage constructs and risk transfer mechanisms.[16] These themes are especially pertinent given Cogitanda's reliance on external carriers and its emphasis on prevention and crisis management as risk-mitigating levers.
Risks and outlook
🔗 Capacity dependency. Cogitanda's model is strongly dependent on third-party risk carriers, and post-acquisition continuation explicitly depends on retained and newly arranged carrier support.[1] Any withdrawal or non-renewal of delegated authority by a material capacity provider could directly affect production capability and portfolio continuity.
🌊 Systemic aggregation risk. Cyber risk is structurally prone to accumulation and systemic events that can affect multiple insureds simultaneously, a core constraint on cyber insurability that directly affects carrier appetite and delegated authority terms.[16] This dynamic is amplified for specialist MGAs whose portfolios are concentrated in a single line of business.
⚔️ War exclusion disputes. War and state-sponsored cyber attribution remain a persistent stress point for cyber insurance coverage. The broader market dynamic and the documented presence of war clauses in comparable policy conditions create ongoing due diligence exposure for placement, claims handling, and reputational risk.[9][12]
🔧 Integration risk. An asset deal typically requires re-establishing contracts, delegated authority agreements, systems, and controls under a new group governance model. The integration of security operations with insurer-facing processes suggests execution and compliance risk during the transition ramp-up.[2]
👤 Key-person risk. The founder's death is repeatedly cited as a major destabilizing factor preceding insolvency, indicating historical dependence on key individuals and associated governance continuity risk.[2]
🔭 Strategic outlook. Cogitanda's post-acquisition strategy centers on the combined "360°" proposition of risk prevention and monitoring paired with insurance and crisis management.[5] Product communications signal a push toward digitized underwriting workflows (digital application process and structured cyber risk check) and tiered product architecture, reflecting a modernization trajectory under DGC ownership.[6]
Timeline
- 2016 — Cogitanda is founded as an early specialized cyber insurance provider in Germany.[2]
- 2019 (July) — Formal policy conditions for Cyber Pro+ (AVB Version 1.0, dated July 26, 2019) are established.[9]
- 2023 — Sudden death of founder Jörg Wälder triggers economic difficulties for the group.[2]
- 2024 — Cogitanda partners with Everest Insurance and IQUW to expand cyber capacity for mid-market clients in Germany and Austria.[3]
- November 2024 — Insolvency filing by the group and appointment of a preliminary insolvency administrator; continuity of customer coverage is asserted.[4]
- March 2025 — Asset deal sale to a DGC AG subsidiary closes; Cogitanda brand is retained and operations continue.[2]
- 2025 onward — Public positioning emphasizes integrated cybersecurity and insurance, with launch of the CYBERPROTECTION product featuring a digital process and risk check.[5]
See also
References
- ↑ 1.0 1.1 1.2 1.3 1.4 1.5 1.6 1.7 "HEUKING unterstützt die COGITANDA-Gruppe beim Verkauf aus der Insolvenz an DGC AG". HEUKING. March 2025. Retrieved 2026-03-09.
- ↑ 2.00 2.01 2.02 2.03 2.04 2.05 2.06 2.07 2.08 2.09 2.10 2.11 2.12 "Luther advises DGC Group on the acquisition of cyber insurer Cogitanda". Luther Rechtsanwaltsgesellschaft. March 2025. Retrieved 2026-03-09.
- ↑ 3.0 3.1 3.2 3.3 3.4 3.5 "Cogitanda partners with Everest and IQUW to expand cyber offering". Reinsurance News. 2024. Retrieved 2026-03-09.
- ↑ 4.0 4.1 4.2 4.3 "COGITANDA Gruppe – Vorläufiges Insolvenzverfahren". Brinkmann & Partner. November 2024. Retrieved 2026-03-09.
- ↑ 5.0 5.1 5.2 5.3 5.4 5.5 5.6 "Cogitanda – 360° Cyber Protection". Cogitanda. Retrieved 2026-03-09.
- ↑ 6.0 6.1 6.2 "Cogitanda – CYBERPROTECTION product announcement". LinkedIn. 2025. Retrieved 2026-03-09.
- ↑ 7.0 7.1 7.2 7.3 7.4 7.5 7.6 "COGITANDA Cyber sind wir – Kundenflyer" (PDF). Jimmy Versicherung. Retrieved 2026-03-09.
- ↑ 8.0 8.1 8.2 "COGITANDA Cyber Versicherung – Broschüre" (PDF). Degenia. 2019. Retrieved 2026-03-09.
- ↑ 9.0 9.1 9.2 9.3 "Assekurata Studie: Cyber-Kriegsklausel" (PDF). Assekurata. May 2022. Retrieved 2026-03-09.
- ↑ 10.0 10.1 "Cogitanda – DGC AG partnership announcement". LinkedIn. 2025. Retrieved 2026-03-09.
- ↑ 11.0 11.1 11.2 "COGITANDA Cyber-Notfallplan" (PDF). Cogitanda. Retrieved 2026-03-09.
- ↑ 12.0 12.1 "Wargames: Analyzing the Act of War Exclusion in Insurance Coverage and Its Implications for Cybersecurity Policy". Yale Journal of Law and Technology. Retrieved 2026-03-09.
- ↑ "COGITANDA Cyber Prävention – Broschüre" (PDF). Degenia. 2019. Retrieved 2026-03-09.
- ↑ "Cogitanda Insolvenz – Fragen und Antworten". Hendricks Makler. Retrieved 2026-03-09.
- ↑ 15.0 15.1 "COGITANDA hat neuen Eigentümer – DGC AG übernimmt Cyberversicherer". Experten.de. 2025. Retrieved 2026-03-09.
- ↑ 16.0 16.1 "Systemic Cyber Risk and Aggregate Uncertainty". Risk Analysis (Wiley). Retrieved 2026-03-09.