BOXX Insurance

🏢 Founded and headquartered. BOXX Insurance Inc. is a cyber-focused insurtech and managing general agent (MGA) founded in 2018 and headquartered in Toronto.^[1][2] Zurich Insurance Group completed the acquisition of BOXX on 3 July 2025, positioning the company to provide retail and SME cyber insurance and services on a global basis.^[1] BOXX stated it would continue to operate as a standalone entity following the transaction.^[3]

🔧 Delegated authority model. BOXX operates as a licensed MGA and Lloyd's coverholder under a delegated authority model, meaning it underwrites, prices, and sells policies, manages renewals, and maintains partnerships with capacity providers.^[4] Public materials emphasize the MGA/coverholder framework using third-party insurer capacity rather than a proprietary licensed carrier balance sheet.^[4]

📋 U.S. and Lloyd's licensing. The U.S. entity, BOXX Insurance LLC, holds National Producer Number (NPN) 20139876 and is registered across multiple states as an insurance producer.^[5] BOXX publicly asserts Lloyd's coverholder status, and its policy wordings include endorsements signed on behalf of Certain Lloyd's Underwriters, confirming Lloyd's capacity participation.^[6][4]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

👤 Co-founders. BOXX was co-founded by Vishal Kundi and Mike Senechal. Kundi serves as CEO and brings approximately 20 years of experience in global insurance corporates.^[7][8] Senechal's career has been centred in technology; he built a software development company and co-founded a fintech firm subsequently acquired by SoFi.^[8]

👥 Senior leadership. Key officers identified in public materials include Jonathan Weekes (President, Canada), Philip Baker (Chief Underwriting Officer and policy signatory), Steve Penney (CTO), Neal Jardine (Chief Cyber Intelligence and Claims Officer), and Jack Brooks (Head of Hackbusters and Virtual CISO).^[9][6]

🪑 Board chair. Neil Morrison is listed as Chair of BOXX Insurance Inc. in Aviva plc AGM materials.^[10]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

💰 Venture financing. BOXX raised a total of US$24.5 million in institutional capital across two rounds over approximately 16 months, with Zurich Insurance Group serving as lead investor in both.^[7]

🤝 Zurich collaboration arc. Zurich initially described its relationship with BOXX as a global collaboration emphasising integrated cybersecurity and insurance solutions for SMEs and consumers, announced in September 2021.^[11] Zurich subsequently led the Series B in January 2023, and the relationship culminated in the full acquisition completed in July 2025.^[1] Following the acquisition, BOXX's capital strategy is expected to be driven by Zurich group priorities rather than standalone venture financing.^[1]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

⚙️ MGA economics. BOXX retains a fixed percentage of premiums collected to operate the business, while the remainder of premium supports claims and capital costs borne by its insurance backers — a standard MGA-style fee arrangement.^[4]

👥 Customer segments. BOXX is positioned across SME commercial cyber and consumer/personal cyber, and also distributes through affinity partners.^[2] As of January 2023, the company reported protecting over 250,000 individuals and 10,000 businesses.^[7] By the time of the July 2025 acquisition announcement, BOXX stated it had rapidly scaled to serve close to one million customers across five continents.^[3] The product suite spans offerings for businesses, households, and partner/affinity channels.^[12]

📊 Segment mix inference. The disclosed customer counts — hundreds of thousands of individuals and close to one million total customers — are structurally consistent with a material embedded/affinity and consumer component, because SME-only cyber MGAs typically require exceptionally large broker penetration to reach comparable customer volumes at commercial policy price points.^[7]

🏗️ Underwriting signals. The Cyberboxx Business application collects data including last-12-month gross revenue, employee count, and desired cyber limit.^[13] The Tech E&O application flags certain higher-risk activities for disclosure, including adult content, cannabis, cryptocurrency/blockchain, data aggregation, debt collection, managed IT services, payment processing, and gambling — reflecting a cyber and tech E&O underwriting posture sensitive to elevated digital risk classes.^[14]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

📦 Core product lines. BOXX markets an integrated model across cyber insurance and security services for businesses and households, supplemented by a tech E&O line. Key named products include Cyberboxx Business 5.0 (cyber, data, and privacy insurance), Cyberboxx Home (personal cyber insurance plus assistance), Tech E&O by BOXX (E&O, media, and cyber insurance), and Cyberboxx Assist (a tools and services layer for business and home customers).^{[6][15][16][17]}

📝 Cyberboxx Business 5.0. The Cyberboxx Business policy is written on a claims-made and reported basis and is modular: coverage applies only for insuring agreements for which a limit appears in the Declarations, meaning modules may be elective or tiered.^[6] First-party coverages include incident response costs (legal, forensics, notification, call centre, credit monitoring, identity monitoring, and public relations), cyber extortion, data recovery, bricking, business interruption (including contingent and system-failure variants), reputation protection, and key-person cover.^[6] Third-party coverages include information privacy liability, regulatory defence and awards, PCI DSS liability, media liability, and network security liability.^[6] The policy also incorporates financial crime modules covering social engineering and client social engineering loss.^[6]

⚔️ Notable exclusions. Cyberboxx Business includes a war and cyber operation endorsement referencing "Specified States" and defining "Impacted State," signed on behalf of Lloyd's.^[6] Additional exclusions address intellectual property in manufacturing/import/design/packaging contexts, unlawful biometric data collection, discrimination, and insured-versus-insured scenarios.^[6]

🏠 Cyberboxx Home. Cyberboxx Home is positioned as personal cyber insurance plus assistance, underwritten by the Boiler Inspection and Insurance Company of Canada, a Munich Re company.^[15] The product includes membership benefits tied to Equifax identity and credit monitoring services.^[15]

💼 Tech E&O by BOXX. The Tech E&O wording encompasses E&O, media, and cyber insurance, with third-party insuring agreements extending beyond pure cyber to include professional E&O, technology E&O, technology products liability, and technology discrimination liability.^[16] The policy also contains first-party cyber modules (incident response, extortion, data recovery, business interruption variants) and financial crime modules including invoice manipulation and social engineering of key personnel.^[16] A war and cyber operation endorsement in the Tech E&O specimen includes an attribution framework with an explicit carve-back for certain impacts on systems not physically located in an impacted state, signed on behalf of Certain Lloyd's Underwriters referencing a Unique Market Reference Number.^[16]

🛡️ Pre-bind and continuous services. BOXX's service layer encompasses pre-bind underwriting support, including external attack surface and vulnerability monitoring, and collection of security-control posture data (MFA, backups, patch cadence, EDR) during the application process.^[5][13] For in-force business policyholders, Cyberboxx Business provides real-time threat monitoring, dark web "hacker chatter" surveillance, external attack surface monitoring, actionable alerts, and vendor discounts for security tooling (EDR, XDR, MFA, cloud backups).^[5]

🚨 Hackbusters incident response. Hackbusters is positioned as support that can engage before a claim is filed, including continuous scanning and dark web monitoring. The service provides free assurance and guidance up to a threshold of three hours before a client needs to consider filing a claim.^[18] For consumer customers, Cyberboxx Assist for Home provides identity monitoring via breach scans, security assessments, guided assistance, and 24/7 incident response support.^[19]

🧠 Templarbit acquisition. In November 2022, BOXX acquired Templarbit, a Palo Alto–based cyber threat intelligence platform focused on vulnerability identification across digital assets, to strengthen proactive cyber risk protection capabilities. The acquired company's founder joined BOXX Labs.^[20]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

🌐 Distribution architecture. Policies are primarily sold through insurance brokers or partners, with certain plans enabling customers to manage policies and file claims via an app.^[4] BOXX also offers solutions for corporate partners in banking, insurance, retail/e-commerce, and mobile operator/telco verticals as part of its partner and affinity distribution strategy.^[12]

🗺️ Geographic presence. BOXX operates in Canada and the United States, with selective products or collaborations in Europe and other regions.^[16][4] Reported office locations include Toronto, Miami, Zurich, Dubai, and Mumbai.^[21][6] U.S. market entry was formally announced in October 2021 alongside the appointment of Hilario Itriago as President of BOXX USA.^[22]

🇪🇺 European partnerships. In Spain, BOXX partnered with AXA to launch a cyber risk mitigation solution for small businesses in January 2024.^[21] In Switzerland, BOXX announced a personal cyber product partnership with Zurich Insurance Group in May 2024.^[23]

📜 Licensing approach. BOXX's regulatory framework combines U.S. producer licensing at the entity level, Lloyd's capacity access via coverholder arrangements evidenced by policy endorsements signed on behalf of Lloyd's underwriters, and local admitted carrier underwriting for at least certain Canadian personal cyber cover through the Boiler Inspection and Insurance Company of Canada.^[6][15]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

🏦 Lloyd's and admitted capacity. Both the Cyberboxx Business and Tech E&O policy specimens contain Lloyd's-signed endorsements, confirming Lloyd's participation as a capacity provider for those product lines.^[6] Cyberboxx Home is separately underwritten by the Boiler Inspection and Insurance Company of Canada (Munich Re).^[15] BOXX states its insurance partners are rated A- or better and references backers including Munich Re and Hartford Steam Boiler.^[4]

🔗 Strategic partnerships. Zurich's involvement with BOXX evolved from a global collaboration announced in September 2021, through lead investment in both venture rounds, to completed acquisition in July 2025.^[11][1] The Templarbit acquisition in November 2022 internalised cyber threat intelligence and attack surface capabilities.^[20] Cyberboxx Home embeds identity and credit monitoring services through a partnership with Equifax.^[15] In India, BOXX supports Housing.com customers with cyber protection as a partner distribution example.^[4]

🅰️ AXA partnership. A direct partnership between BOXX and AXA, evidenced through a January 2024 press release, centres on a cyber risk mitigation solution for small businesses.^[21] The solution includes external perimeter scanning with a cyber risk score and peer benchmarking, 24/7 dark web monitoring and compromised credential alerts, employee awareness training with digital risk assessments, and an "instant response wallet" for post-breach guidance.^[21] The initial launch geography was Spain, and the announcement included remarks attributed to Alfonso Zayas Satrustegui of AXA Seguros España.^[21]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

📈 Operational scale. BOXX disclosed the following operational milestones: as of January 2023, over 250,000 individuals and 10,000 businesses protected; staff growth from 5 to 36 employees in the preceding year; and by July 2025, close to one million total customers served.^[7][3]

🏰 Competitive moat. BOXX is best characterised as a prevention-led cyber MGA operating across consumer and SME segments with embedded service delivery and partner distribution. Key differentiators include 24/7 incident response access without immediate claim filing, vCISO guidance, and continuous monitoring (dark web, password leaks, attack surface).^[5] The Cyberboxx Business wording includes a comparatively expansive set of first-party, third-party, and financial crime modules, positioning the product closer to a "cyber plus crime" package.^[6] The Templarbit acquisition supports an argument for proprietary threat intelligence capabilities rather than pure reliance on third-party tooling.^[20] Post-acquisition integration into Zurich's platform strategy via Zurich Global Ventures is likely to strengthen distribution access and long-term capacity stability relative to standalone MGAs.^[1]

🌍 Peer context. Within the cyber insurtech MGA ecosystem — which includes peers such as At-Bay, Coalition, Corvus Insurance, Cowbell, Resilience, Stoïk, and Eye Security, among others — BOXX clusters most closely with "cyber insurance plus security services" platforms.^[15] BOXX stands out by maintaining a visible personal/household cyber line alongside SME and partner-distributed offerings, as evidenced by its published customer counts and explicit household product documentation.^[15]

⚠️ Risk factors. Several structural risks merit attention:

• Capacity dependency: As a coverholder/MGA reliant on external insurer paper, BOXX is exposed to capacity repricing, underwriting authority constraints, and performance management tightening.^[4]
• Systemic cyber aggregation: War and cyber operation endorsements in policy specimens illustrate ongoing market tightening and potential coverage disputes in state-linked cyber events, a structural portfolio risk for cyber MGAs.^[6]
• Regulatory complexity: Products contemplate privacy breach response, regulatory defence, and cross-jurisdiction considerations, implying compliance complexity as BOXX scales internationally.^[24]
• Acquisition integration: Execution risk remains around product integration, distribution alignment, and technology platform consolidation under Zurich ownership, with limited disclosed post-close operational detail.^[1]
• Services scalability: Maintaining service quality (vCISO, Hackbusters response, monitoring) at scale is cost-intensive and operationally complex as customer counts approach seven figures.^[18]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

📖 Managing general agent (MGA). An intermediary with delegated authority from an insurer to perform underwriting functions, often including pricing, binding, and policy administration, and in some cases claims management.^[4]

📗 Coverholder. A Lloyd's delegated authority arrangement in which a firm is authorised by a Lloyd's managing agent to enter into insurance contracts on behalf of Lloyd's syndicates under a binding authority agreement.^[26]

📘 Binding authority. The contract enabling a coverholder to bind risks on behalf of the capacity provider, subject to agreed underwriting guidelines and controls.^[26]

📙 Claims-made and reported. A coverage trigger requiring that a claim be first made and typically reported during the policy period or any applicable extended reporting period.^[6]

{{safesubst:#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Center with unknown parameter "_VALUE_"|ignoreblank=y| 1 | style }}

{{#invoke:Check for unknown parameters|check|unknown=|preview=Page using Template:Reflist with unknown parameter "_VALUE_"|ignoreblank=y| 1 | colwidth | group | liststyle | refs }}