Cogitanda

Corporate profile and regulatory identifiers

🏢 Corporate trajectory. Cogitanda is a Germany-origin cyber risk specialist spanning cyber insurance distribution, underwriting design, and cyber risk services. The pre-insolvency operating model functioned as an Assekuradeur — the German market equivalent of an MGA/MGU operating under delegated authority — paired with in-house cyber prevention and claims/incident coordination capabilities.^[1] A material corporate discontinuity occurred in late 2024 to early 2025: multiple Cogitanda group entities entered insolvency proceedings and the operating business was transferred via an asset deal to a subsidiary of DGC AG,^[2] with the Cogitanda brand retained and operations stated as continuing.^[3]

🏛️ Pre-insolvency group structure. The documented Cogitanda group perimeter during the insolvency and sale process comprised five entities, all insolvent at the group level:^[1]

COGITANDA Dataprotect AG (Germany)
COGITANDA Risk Prevention GmbH (Germany; cyber prevention services)
COGITANDA Insurance Services GmbH (Germany; Assekuradeur operations)
COGITANDA Claims Services GmbH (Germany; claims/incident services)
COGITANDA Managed Services GmbH (Germany; managed services)

🔗 Integrated model. Buyer-side counsel characterised the group's integrated model as encompassing delegated-authority cyber policy placement with multiple risk carriers, end-to-end claims management on behalf of those carriers, and prevention services for insureds and brokers.^[1] Following the acquisition, the Cogitanda brand continues under the DGC group umbrella, with the current website listing DGC as copyright holder and indicating a headquarters address in Flensburg, Germany.^[4]

📋 Regulatory status. Cogitanda operates as an Assekuradeur placing coverage with multiple external insurers as risk carriers and performing outsourced claims management for those insurers, rather than retaining insurance risk on its own balance sheet.^[1] Trade coverage reports a relationship with Lloyd's syndicate IQUW providing capacity, though no Lloyd's coverholder number is disclosed in accessible materials.^[5] The operating model — broker/MGA-like with delegated authority and multiple risk carriers — typically implies reliance on German insurance distribution permissions rather than an insurer authorisation.^[1]

📊 Scale indicators. During the preliminary insolvency process, the insolvency administrator stated total group employees were approximately 150, secured through insolvency wage pre-financing to the end of January 2025.^[6] A separate counsel statement references approximately 70 employees secured with the asset transfer.^[1] Following the acquisition, the DGC group increased to over 100 employees across Flensburg and Cologne — a group-wide figure rather than Cogitanda standalone.^[3]

~*~

Founders, leadership, and governance

⚰️ Founder. Jörg Wälder founded Cogitanda and served as its CEO.^[7]^[3] His sudden death in 2023 is cited as a key destabilising event that preceded the company's economic difficulties and subsequent insolvency filing.^[3]

👥 Current leadership. Post-acquisition materials confirm continuity of the core team, though no full role-by-role roster is publicly available.^[3] Named executives referenced in company-controlled channels include Walid Schalesi (Group Chief Actuary) and Alain Bianco (Group Chief Underwriting Officer).^[8]^[7] Jens Lison was quoted in 2024 capacity and market expansion coverage as CEO of COGITANDA Dataprotect AG, though this reference predates the acquisition and does not confirm current role.^[5]

🔍 AXA connection. No AXA connection was identified in the reviewed capacity-provider references or acquisition communications.^[3]

~*~

Business model and operating footprint

🛡️ Full-service cyber specialist. Cogitanda's model encompasses three pillars: delegated-authority placement of cyber insurance products with multiple external risk carriers (Risikoträger), end-to-end cyber claims management services performed for those carriers, and cyber risk prevention services — including IT audits, monitoring, and related offerings — delivered to policyholders and broker networks.^[1] The current website positions this combined offering as "360° cyber protection," integrating prevention, monitoring, insurance, and crisis management alongside DGC's cybersecurity capabilities.^[4]

🌍 Geographic footprint. Cogitanda historically operated in Germany with documented broker distribution and German-language product materials.^[2] Market expansion coverage and capacity commentary indicate an Austria component for at least part of the cyber offering.^[5]

~*~

Cyber insurance product and coverage architecture

📦 Product set. Two distinct eras of product positioning are evidenced. The legacy "Cyber Pro+" product, available via an online portal/coverage configurator for broker partners, was described as modular with five coverage groups and extensive sub-components.^[9]^[2] Following the acquisition, a new "CYBERPROTECTION" product was introduced featuring a digital application workflow and a "CYBERPROTECTION Check" risk assessment component.^[4]

🗂️ First-party coverages. Legacy materials describe cyber coverage grouped into five Deckungsgruppen (coverage groups): attacks on reputation and identity (mapping to reputational harm and identity restoration), attacks on payment methods and accounts (associated with cybercrime and funds transfer contexts), attacks on hardware/software and data (mapping to data restoration and system repair costs), business interruption, and liability and data protection incidents.^[2] An additional "technical insurance" component covering electronics and machinery was positioned as a unique feature with simplified declaration mechanics, where device listing and subsequent reporting of new devices were not required.^[2]

⚖️ Third-party coverages. The stated coverage group "Haftpflicht sowie Datenschutzvorfälle" (liability and data protection incidents) indicates inclusion of liability and privacy/data protection incidents in the configurable product structure.^[2]

🚨 Breach response and claims services. A Cogitanda cyber emergency plan details the incident reporting and post-notice coordination workflow: a 24/7 cyber claims hotline (Germany and international numbers), an incident reporting email, prompt assembly of an expert crisis team with potential on-site support, structured daily technical and management briefings during response, and operational guidance designed to preserve forensic integrity.^[10]

⚠️ War exclusion. The "Cyber Pro+" product had an explicit war exclusion clause in its AVB (policy conditions), referenced as "AVB COGITANDA Cyber Pro+ Version 1.0 Stand 26.07.2019" in a comparative war-clause study.^[7] Ambiguous "war" constructs in cyber insurance can create significant coverage uncertainty and litigation risk, particularly around nation-state attribution disputes — an issue relevant to due diligence even in the absence of specific wording.^[11]

📐 Coverage segmentation. Legacy public materials describe servicing small and medium-sized as well as industrial companies, implying a target extending beyond micro-SME packaged business.^[9] The post-acquisition CYBERPROTECTION product features tiering (Smart, Advanced, Extended) with quantitative underwriting workflow signals such as simplified risk questioning up to a revenue threshold, along with a stated maximum capacity figure.^[12]

~*~

Cybersecurity services and technology stack

🔐 Pre-bind and in-force services. Cogitanda's current website references specific cybersecurity capabilities contributed by DGC: external vulnerability detection and monitoring via "cyberscan.io®," penetration tests, security awareness training, and a 24/7 Cyber Defence Operation Center (CDOC).^[4] Legacy brochures also describe a prevention stack including employee training, audits, vulnerability analyses, and monitoring, though without naming specific third-party tooling.^[13]

🛠️ Post-incident services. The emergency plan document provides a concrete depiction of crisis orchestration steps and the data required for coordinated response, including server/client counts, network topology, logs, communications, backups, and law enforcement references.^[10]

~*~

Distribution, capacity, and strategic partnerships

🤝 Distribution model. Cogitanda's legacy model is broker-centric, featuring a partner onboarding flow, a portal-driven process for configuring coverage and generating placements (broker access required), and customer guidance directing insureds to work through their broker.^[9] A third-party broker reference confirmed continued access to the quoting platform ("AXON") during the insolvency period, reinforcing that production was executed through a portal workflow.^[14]

🏦 German risk carriers retained post-acquisition. Two incumbent risk carriers continued to support new business and renewals following the acquisition: SV SparkassenVersicherung Gebäudeversicherung AG and Württembergische Versicherung AG.^[10]^[5]^[15] Board members of these carriers explicitly framed their ongoing support and emphasised the value of integrating prevention, insurance, and claims management.^[15]

🌐 International capacity. Trade press reports that Cogitanda partnered with Everest Insurance and IQUW to expand its cyber product offering for clients with revenues up to €250 million in Germany and Austria, with a stated policy limit up to €7.5 million for that expanded segment.^[5]

~*~

Funding, financial signals, and competitive positioning

💼 Ownership and insolvency. Insolvency was filed in November 2024 and pursued across the group entities, culminating in an asset deal and operational continuation under DGC.^[3] No capital raise disclosures — venture rounds, institutional equity financing amounts, or valuations — were identified in accessible sources.

📊 Cogitanda — key financial indicator, pre-insolvency period
KPI	Most recent figure	Source
Headcount	~150 (prelim. insolvency) / ~70 (transfer-secured)	Brinkmann & Partner statement; Heuking deal note^[6]^[1]

📈 Competitive positioning. Within the cyber insurtech peer set, Cogitanda most closely aligns to the "European cyber MGA + services" cluster — specialist underwriting design under delegated authority paired with prevention, monitoring, and incident orchestration. Peers in adjacent clusters include US-based integrated cyber platforms such as At-Bay, Coalition, Corvus Insurance, Cowbell, and Resilience, as well as European challengers such as Stoïk and Eye Security.^[3]^[8] Additional European or ecosystem peers include Baobab Insurance, BOXX Insurance, Converge Insurance, Elpha Secure, Emergence Insurance, Evolve MGA, Invision Cyber, Measured Analytics and Insurance, Onda, Pera, SafeInside Insurance, Sync Underwriting, and Dattak.^[3]

🏰 Competitive moat. The integrated prevention-plus-insurance-plus-incident-management model is a central differentiation claim, supported by operational documents and acquisition communications emphasising a combined security and insurance solution.^[10] Distribution lock-in is indicated by broker onboarding and the portal-driven coverage configuration workflow.^[2] Capacity access and continuity following insolvency represents a key strategic asset, with two major risk carriers explicitly maintaining support post-acquisition.^[15]

📚 Market context. Academic and policy sources highlight structural issues directly relevant to a cyber MGA's sustainability, including aggregation and systemic cyber risk, uncertainty around exclusions (especially war attribution), and the need for clearer coverage constructs and risk transfer mechanisms.^[16] These themes frame Cogitanda's risk posture given its reliance on external carriers and emphasis on prevention and crisis management as risk-mitigating levers.

~*~

Risks, outlook, and appendices

⚡ Capacity dependency risk. The model is strongly dependent on third-party risk carriers, and post-acquisition continuation explicitly depends on retained and newly arranged carrier support.^[1]

🌊 Systemic cyber aggregation risk. Cyber risk is structurally prone to accumulation and systemic events that can affect multiple insureds simultaneously — a core constraint of cyber insurability that directly affects carrier appetite and delegated authority terms.^[16]

🔥 Coverage dispute risk. War and state-sponsored cyber attribution remain a stress point for cyber insurance coverage. The broader market dynamic and the presence of war clauses in comparable AVBs represent a continuing due diligence issue for placement, claims handling, and reputational exposure.^[7]

🔄 Transition and integration risk. An asset deal typically requires re-establishing contracts, delegated authority, systems, and controls under new group governance. The integration of security operations with insurer-facing processes suggests execution and compliance risk during the ramp-up phase.^[3]

👤 Key-person risk. The founder's death is repeatedly cited as a major destabilising factor preceding insolvency, indicating historical dependence on key individuals and associated governance continuity risk.^[3]

🧭 Strategy and outlook. Cogitanda's post-acquisition strategy centres on a combined "360°" proposition encompassing risk prevention, monitoring, insurance, and crisis management.^[4] Product communications indicate a push toward a more digitised underwriting workflow — including a digital application process and a structured cyber risk check — and a tiered product architecture.^[8]

📅 Timeline of key events.

2016 — Cogitanda founded as an early specialised cyber insurance provider in Germany.^[3]
2019 (July) — Formal AVB conditions for "Cyber Pro+ Version 1.0" dated 26 July 2019, confirmed by a subsequent comparative market study.^[7]
2023 — Sudden death of founder Jörg Wälder, triggering economic difficulties.^[3]
November 2024 — Insolvency filing by the group and appointment of a preliminary insolvency administrator; customer coverage continuity asserted.^[6]
March 2025 — Asset deal sale to DGC group subsidiary; Cogitanda brand retained and operations continuing.^[3]
2025 onward — Public positioning emphasises integrated cybersecurity and insurance, and launch of the new "CYBERPROTECTION" product with a digital process and risk check.^[4]

📖 Glossary.

MGA / MGU / Assekuradeur — A delegated authority intermediary that designs, prices, and administers insurance products on behalf of a risk-bearing insurer, often including underwriting and sometimes claims authority. In Germany, "Assekuradeur" is the common term for such structures.^[1]
Coverholder (Lloyd's) — An entity authorised by a Lloyd's managing agent to enter into contracts of insurance on behalf of a Lloyd's syndicate under a binder agreement.^[5]
Binder / Delegated authority — A contract granting authority to underwrite and bind insurance, typically specifying classes, limits, controls, reporting, and performance terms.^[1]
GWP (Gross Written Premium) — Total premiums written on policies in a period, before reinsurance and cancellation adjustments.
Loss ratio — Claims incurred divided by premium earned (or written), measuring underwriting performance.
Quota share / Excess of loss reinsurance — Quota share: the reinsurer takes a fixed percentage of premiums and losses. Excess of loss: the reinsurer covers losses above a retention up to a limit.
Systemic cyber risk — Cyber risk characterised by cascades, common-cause failures, or correlated events leading to simultaneous losses across many insureds.^[16]
War exclusion / Nation-state attribution issues — Policy exclusions that may bar coverage for warlike acts or state-sponsored events; attribution uncertainty can drive disputes.^[11]

~*~

References

↑ ^1.00 ^1.01 ^1.02 ^1.03 ^1.04 ^1.05 ^1.06 ^1.07 ^1.08 ^1.09 ^1.10 "Heuking unterstützt die Cogitanda-Gruppe beim Verkauf aus der Insolvenz an DGC AG". Heuking. Retrieved 9 March 2026.
↑ ^2.0 ^2.1 ^2.2 ^2.3 ^2.4 ^2.5 ^2.6 "COGITANDA Cyber sind wir — Kundenflyer" (PDF). Jimmy Versicherung. Retrieved 9 March 2026.
↑ ^3.00 ^3.01 ^3.02 ^3.03 ^3.04 ^3.05 ^3.06 ^3.07 ^3.08 ^3.09 ^3.10 ^3.11 ^3.12 ^3.13 "Luther advises DGC Group on the acquisition of cyber insurer Cogitanda". Luther Rechtsanwaltsgesellschaft. Retrieved 9 March 2026.
↑ ^4.0 ^4.1 ^4.2 ^4.3 ^4.4 ^4.5 "Cogitanda". Cogitanda / DGC AG. Retrieved 9 March 2026.
↑ ^5.0 ^5.1 ^5.2 ^5.3 ^5.4 ^5.5 "Cogitanda partners with Everest and IQUW to expand cyber offering". Reinsurance News. Retrieved 9 March 2026.
↑ ^6.0 ^6.1 ^6.2 "Cogitanda-Gruppe im vorläufigen Insolvenzverfahren". Brinkmann & Partner. Retrieved 9 March 2026.
↑ ^7.0 ^7.1 ^7.2 ^7.3 ^7.4 "Assekurata Studie Cyber Kriegsklausel" (PDF). Assekurata. May 2022.
↑ ^8.0 ^8.1 ^8.2 "COGITANDA 360° CyberProtection post". LinkedIn. Retrieved 9 March 2026.
↑ ^9.0 ^9.1 ^9.2 "COGITANDA Broschüre — Versicherung" (PDF). Degenia. June 2019.
↑ ^10.0 ^10.1 ^10.2 ^10.3 "COGITANDA Notfall Plan" (PDF). Cogitanda. Retrieved 9 March 2026.
↑ ^11.0 ^11.1 "Wargames: Analyzing the Act of War Exclusion in Insurance Coverage and its Implications for Cybersecurity Policy". Yale Journal of Law and Technology. Retrieved 9 March 2026.
↑ "COGITANDA DGC AG Cyberversicherung post". LinkedIn. Retrieved 9 March 2026.
↑ "COGITANDA Broschüre — Prävention" (PDF). Degenia. June 2019.
↑ "Cogitanda Insolvenz — Fragen und Antworten". Hendricks Makler. Retrieved 9 March 2026.
↑ ^15.0 ^15.1 ^15.2 "COGITANDA hat neuen Eigentümer — DGC AG übernimmt Cyberversicherer". Experten.de. Retrieved 9 March 2026.
↑ ^16.0 ^16.1 ^16.2 "Systemic Cyber Risk". Risk Analysis (Wiley). Retrieved 9 March 2026.

[heuking-1] 1.00 ^1.01 ^1.02 ^1.03 ^1.04 ^1.05 ^1.06 ^1.07 ^1.08 ^1.09 ^1.10 "Heuking unterstützt die Cogitanda-Gruppe beim Verkauf aus der Insolvenz an DGC AG". Heuking. Retrieved 9 March 2026.

[jimmy-2] 2.0 ^2.1 ^2.2 ^2.3 ^2.4 ^2.5 ^2.6 "COGITANDA Cyber sind wir — Kundenflyer" (PDF). Jimmy Versicherung. Retrieved 9 March 2026.

[luther-3] 3.00 ^3.01 ^3.02 ^3.03 ^3.04 ^3.05 ^3.06 ^3.07 ^3.08 ^3.09 ^3.10 ^3.11 ^3.12 ^3.13 "Luther advises DGC Group on the acquisition of cyber insurer Cogitanda". Luther Rechtsanwaltsgesellschaft. Retrieved 9 March 2026.

[cogitanda-4] 4.0 ^4.1 ^4.2 ^4.3 ^4.4 ^4.5 "Cogitanda". Cogitanda / DGC AG. Retrieved 9 March 2026.

[reinsurancenews-5] 5.0 ^5.1 ^5.2 ^5.3 ^5.4 ^5.5 "Cogitanda partners with Everest and IQUW to expand cyber offering". Reinsurance News. Retrieved 9 March 2026.

[brinkmann-6] 6.0 ^6.1 ^6.2 "Cogitanda-Gruppe im vorläufigen Insolvenzverfahren". Brinkmann & Partner. Retrieved 9 March 2026.

[assekurata-7] 7.0 ^7.1 ^7.2 ^7.3 ^7.4 "Assekurata Studie Cyber Kriegsklausel" (PDF). Assekurata. May 2022.

[linkedin360-8] 8.0 ^8.1 ^8.2 "COGITANDA 360° CyberProtection post". LinkedIn. Retrieved 9 March 2026.

[degenia2-9] 9.0 ^9.1 ^9.2 "COGITANDA Broschüre — Versicherung" (PDF). Degenia. June 2019.

[notfallplan-10] 10.0 ^10.1 ^10.2 ^10.3 "COGITANDA Notfall Plan" (PDF). Cogitanda. Retrieved 9 March 2026.

[yjolt-11] 11.0 ^11.1 "Wargames: Analyzing the Act of War Exclusion in Insurance Coverage and its Implications for Cybersecurity Policy". Yale Journal of Law and Technology. Retrieved 9 March 2026.

[linkedindgc-12] "COGITANDA DGC AG Cyberversicherung post". LinkedIn. Retrieved 9 March 2026.

[degenia1-13] "COGITANDA Broschüre — Prävention" (PDF). Degenia. June 2019.

[hendricks-14] "Cogitanda Insolvenz — Fragen und Antworten". Hendricks Makler. Retrieved 9 March 2026.

[experten-15] 15.0 ^15.1 ^15.2 "COGITANDA hat neuen Eigentümer — DGC AG übernimmt Cyberversicherer". Experten.de. Retrieved 9 March 2026.

[wiley-16] 16.0 ^16.1 ^16.2 "Systemic Cyber Risk". Risk Analysis (Wiley). Retrieved 9 March 2026.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]