Cyber Insurance Broker Cold Outreach Kit

Solanasis — “Loss Control Partner” Positioning

Version: 1.0 Date: March 14, 2026 Owner: Dmitri Sunshine Purpose: Crack the cold outreach problem for cyber insurance brokers. Look like a firm that’s been doing this for years. Get first broker conversations. Companion docs: LinkedIn Cold Outreach Playbook, Master GTM Sprint, ORB Pack v2 Key insight from research: Cold email alone is bottom-10% effective with brokers. The REAL path is carrier approval + partner programs + professional presence. This kit gives you the cold outreach sequences AND the parallel carrier/partner program applications to run simultaneously.

⚠️ CRITICAL FINDINGS THAT CHANGE THE GAME

Before you send a single message, you need to understand how broker partnerships actually work. This isn’t like selling to an SMB.

How Brokers Actually Find Remediation Partners

Carrier-Approved Vendor Lists (Primary) — 71% of brokers partner with cybersecurity providers through carrier networks. AXIS, Chubb, AIG, Beazley all maintain “Approved Service Provider” lists. When a broker needs remediation, they check this list FIRST.
Formal Partner Programs — Secureworks, Arctic Wolf, Coalition run structured partner programs with co-branded portals and referral agreements.
Conference Relationships — NetDiligence Cyber Risk Summit is THE event. Toronto April 8-9, Philadelphia October 5-7.
Cold outreach — Dead last. Only works if you come in WITH carrier approval or look like you already belong in their world.

What Brokers Actually Care About (In Order)

Your own cyber liability insurance — Non-negotiable. They need to know you’re covered.
Response speed — 4-hour response SLA for critical issues, 24/7 availability
Track record — References, case studies, proof you’ve done this before
Certifications — Less important than track record, but CISSP/CISM signals credibility
Pricing structure — Flat fees > hourly rates. They want predictable economics.

The Language Shift — Sound Like You Belong

DON’T Say	DO Say	Why
”Cybersecurity consulting"	"Breach remediation and loss control”	Insurance language, not tech language
”Security vendor"	"Loss control partner”	Positions you inside their ecosystem, not outside it
”Managed security services"	"Pre-underwriting gap remediation + ongoing hardening”	Specific to their workflow
”We do assessments"	"We produce underwriting-ready attestation packages”	Maps to what they actually need
”Operational resilience"	"Insurable posture improvement”	Translates your value into their ROI
Hourly rates	”Flat-fee engagement: $X for the full remediation package”	Predictable for their client

THE DUAL-TRACK STRATEGY

You need to run TWO tracks simultaneously:

Track 1: Cold Outreach to Local Brokers (This Kit)

Direct outreach to Colorado brokers to test receptivity, learn the market, and get first conversations. Even if conversion is low, every conversation teaches you how brokers think.

Track 2: Carrier/Partner Program Applications (Parallel)

Apply to formal partner programs where brokers actually SOURCE remediation partners. This is the longer-term, higher-leverage play.

Partner Programs to Apply To This Week:

Coalition Service Provider Program — coalitioninc.com/serviceproviders — Serve their 160K+ policyholders
Cowbell Rx Marketplace — cowbell.insure/rx-all — 40+ remediation partners in their marketplace
DataStream MSP Partner Program — datastreaminsurance.com/msp-partner-program — Direct integration
CyberHoot Referral Program — 20% first-year revenue share on referrals
Secureworks Cyber Risk Partner Program — secureworks.com/partners/cyber-risk-program

What You Need for Applications:

Proof of your own cyber liability insurance (GET THIS IF YOU DON’T HAVE IT)
Your ORB methodology documentation (you have this — ORB Pack v2)
Service descriptions with SLA commitments
References or case studies (this is your chicken-and-egg problem — see “First Client Strategy” below)

COLD OUTREACH: THE BROKER SEQUENCE

Pre-Outreach Prep (Do This Before Sending Anything)

Get cyber liability insurance — Even a basic $1M policy. This is the #1 thing brokers check. Without it, you’re disqualified before the conversation starts. Contact one of the Colorado brokers on your list (Rick Baker, ABA Insurance) and buy a policy FROM them — now they’re your broker AND your prospect’s colleague. Smart.
Create your broker-facing one-pager (see below for content)
Prepare your SLA sheet — What response times do you commit to? For pre-underwriting remediation (not incident response), 48-hour triage + 10-business-day assessment is reasonable.
Update LinkedIn — Add “Loss Control Partner for Cyber Insurance” or “Pre-Underwriting Remediation” somewhere in your headline or summary. When brokers check your profile (they will), this signals you understand their world.

LINKEDIN CONNECTION REQUEST NOTES (Under 300 Characters)

Version 1 — The Insurance-Native Angle

Hey [Name] — I run a remediation firm that helps cyber insurance clients pass underwriting. When your clients have security gaps blocking coverage, we fix them and provide the attestation docs. Would love to connect.

Version 2 — The Loss Control Angle

Hey [Name] — I work as a loss control partner for professional services firms that need to meet cyber insurance requirements. Noticed you’re in the cyber insurance space in CO. Would love to connect.

Version 3 — The Local + Specific Angle

Hey [Name] — fellow Colorado firm here. We do pre-underwriting security remediation for SMBs — the hands-on fix work when clients need to close gaps before binding. Thought it’d be worth connecting.

Version 4 — The Results Angle

Hey [Name] — quick thought: when your clients get flagged on underwriting controls (EDR, backup testing, MFA), we’re the team that fixes it in 10 business days with full documentation. Worth connecting?

AFTER THEY ACCEPT — FIRST DM (Wait 24 Hours)

Version A — The Partnership Pitch (Primary)

Thanks for connecting, [Name]. Here’s the short version of why I reached out:

I run Solanasis — we do pre-underwriting security remediation for professional services firms (CPAs, law firms, financial advisors). When your clients get flagged on controls — EDR gaps, untested backups, missing incident response plans, no MFA — we fix it in 10 business days and produce the attestation documentation your underwriters need.

The economics: we bill the client directly at a flat fee ( $5 K -$ 7.5K depending on scope). You make the introduction, we handle everything, and you look great to your client because the gap is closed and they get covered.

I know you probably have existing partners for this. I’m not trying to replace anyone — I’m specifically focused on the smaller professional services firms (10-50 employees) that the big platforms tend to skip.

Worth a 15-minute call to see if there’s a fit? Either way, glad to be connected.

Version B — The Curiosity Approach (Softer)

Thanks for connecting, [Name]. Appreciate it.

Quick question — when your clients hit underwriting roadblocks on the security side (weak EDR, no backup testing, missing policies), what typically happens? Do they have someone to call, or does the application just stall?

I ask because that’s exactly what I solve. We do a 10-day remediation sprint that closes the top gaps and produces documentation for your underwriting file. Flat fee, clean handoff.

If that’s ever relevant for your clients, I’d love to learn more about what you’re seeing in the market. No pitch — genuinely curious about the broker side of this.

Version C — The Value-First Approach (Give Before You Ask)

Thanks for connecting, [Name].

I put together a quick checklist of the top 10 security controls that cyber insurers are checking during underwriting — MFA enforcement, EDR coverage, backup testing, IR plans, etc. It’s a one-pager your clients could use to self-assess before applying.

Happy to share it if useful. We use it as the starting point for our pre-underwriting remediation work, but it’s valuable on its own.

Either way, glad to be in your network.

EMAIL OUTREACH SEQUENCES (When Domain Is Ready)

Important: Email Domain Status

Your solanasishq.com domain needs warm-up before cold emailing. If it’s not ready, use LinkedIn first. Once warm:

Sequence 1: The Pre-Underwriting Remediation Partner Pitch

Target: Cyber insurance brokers, agency owners, commercial lines producers Cadence: 4 touches over 18 days

Email 1 — Day 1 Subject: Pre-underwriting remediation for your professional services clients

[Name],

When your CPA, law firm, or financial advisory clients get flagged during cyber underwriting — no EDR, untested backups, missing incident response plan — what happens next? Does the application stall, or do they have someone to call?

I run Solanasis. We do pre-underwriting security remediation for professional services firms with 10-50 employees. Flat fee. 10 business days. Full attestation documentation for your underwriting file.

The gap we fill: the big MDR platforms handle enterprise. Your smaller professional services clients need hands-on remediation from someone who understands their compliance obligations — FTC Safeguards for CPAs, ABA Rule 1.6(c) for attorneys, SEC Reg S-P for advisors.

Would it make sense to talk? I can walk you through the process in 15 minutes.

Dmitri Sunshine Solanasis | Operational Resilience, Proven 303-900-8969 | solanasis.com

Email 2 — Day 5 (The Evidence Email) Subject: Re: Pre-underwriting remediation for your professional services clients

[Name],

Quick follow-up. Here are the specific controls we remediate — these are the ones carriers are checking hardest in 2026:

✓ MFA enforcement across all systems (not just email) ✓ EDR/MDR deployment and configuration verification ✓ Backup testing — actual restore verification, not just “we have backups” ✓ Written incident response plan with designated roles ✓ Written Information Security Plan (WISP) for FTC/IRS compliance ✓ Vendor access audit and privileged credential review ✓ AI-use policy documentation (new for 2026 underwriting)

We produce a bound attestation package that documents each control — ready for your underwriting file.

Worth 15 minutes?

— Dmitri

Email 3 — Day 10 (The Insight Email) Subject: What we’re seeing in SMB cyber underwriting (quick stat)

[Name],

One number that keeps coming up in our work: 70% of the SMBs we assess have backups that have never been tested with a real restore.

They think they’re covered. Their backup provider says they’re covered. But when we run an actual restore test, it fails — wrong configurations, outdated snapshots, untested recovery procedures.

That’s the gap between “we have backups” and “we can actually recover.” And it’s the #1 thing that surprises underwriters.

If this resonates with what you’re seeing from your clients, I’d love to compare notes. Even if there’s no partnership fit, I think we’d have a useful conversation.

— Dmitri

Email 4 — Day 18 (The Graceful Close) Subject: Re: Pre-underwriting remediation for your professional services clients

[Name],

I know you’re busy, so I’ll keep this short.

If your professional services clients ever need pre-underwriting remediation — especially CPAs dealing with FTC Safeguards or attorneys dealing with ABA compliance — we’re an easy call. 10 business days, flat fee, full documentation.

I’ll leave it here. If the timing ever lines up, I’m at dmitri@solanasis.com or 303-900-8969.

Appreciate you taking the time.

— Dmitri

Sequence 2: The Post-Renewal Pain Point

Target: Brokers whose clients just went through a tough renewal Trigger: Reach out January-March (renewal season) or post-renewal season

Email 1 — Day 1 Subject: Making next renewal easier for your [CPAs / law firms / advisors]

[Name],

After renewals, I usually hear the same thing from brokers: “My client’s premium jumped 30% because they couldn’t demonstrate [specific control].”

We fix that. Solanasis does 10-day security remediation sprints that close the exact gaps carriers flag during renewal — EDR, backup verification, incident response plans, MFA.

When your clients come back next year with a clean attestation package, the renewal conversation is completely different.

Worth a quick call to see if this could help any of your professional services clients?

— Dmitri

PHONE CALL SCRIPT (When You Get a Broker on the Phone)

Opening (15 seconds — don’t waste it)

“Hey [Name], this is Dmitri from Solanasis. We’re a remediation firm that helps professional services clients — CPAs, attorneys, financial advisors — close security gaps before or after cyber underwriting. I know you’re busy so I’ll be quick: do you ever run into situations where a client’s application stalls because of security issues?”

If YES: “That’s exactly what we solve. We do a 10-day flat-fee remediation sprint and produce the attestation documentation your underwriters need. Can I tell you how it works in 2 minutes?”

If NO / NOT INTERESTED: “Totally understand. If that ever comes up, I’m an easy call — Dmitri at Solanasis, 303-900-8969. Appreciate your time.”

If “WE ALREADY HAVE SOMEONE”: “Glad to hear it — that means your clients are being taken care of. Quick question: does your current partner specifically cover the smaller professional services firms? CPAs with WISP requirements, attorneys with ABA compliance? That’s our specialty. If there’s ever a gap or overflow, I’d love to be a backup option.”

Key Questions to Ask on the Call

“How many of your clients typically hit underwriting roadblocks on the security side?”
“What controls are carriers flagging most in your book right now?”
“When clients get flagged, what typically happens? Do they have an IT person who handles it, or does it just stall?”
“What’s the typical size of the professional services firms in your book?”
“How do you currently handle the remediation side? Do you have preferred partners?”
“If I could fix your clients’ top gaps in 10 business days with full documentation, what would that be worth to your practice?”

What to Listen For (Buying Signals)

“Yeah, we see that a lot” — They have the problem
“Our clients usually struggle with…” — They’re telling you what to solve
“We don’t really have a go-to for that” — OPEN DOOR
“Send me something” — They want the one-pager (see collateral section)
“Who else do you work with?” — They’re vetting you, which means they’re interested
“What does it cost?” — They’re pricing, which means they’re comparing

What to Listen For (Not Buying)

“We’re all set” — Politely exit, ask to be a backup option
“Our carrier handles that” — They use carrier-approved vendors, you need to be on that list
“Send me an email” (dismissive tone) — Send it, but don’t expect a response

COLORADO BROKER TARGET LIST

Priority 1: Boulder/Denver Cyber Specialty Brokers

These brokers specifically handle cyber insurance and are most likely to need remediation partners:

Name	Location	Phone	Why Target
Rick Baker Insurance	Boulder	303-444-3334	Local, personal service, likely smaller clients
ABA Insurance	Boulder	303-449-6677	Local, may have professional services clients
AllIns Group	Denver	TBD (LinkedIn)	Cyber liability specialty
Riverbend Insurance	Denver	TBD (LinkedIn)	Customized cyber coverage
Leavitt Group of Colorado	Multi-location	TBD (website)	Dedicated cyber practice, larger book
The Allen Thomas Group	Colorado	TBD (LinkedIn)	20+ years, CO-specific

Priority 2: Regional/National Brokers with Colorado Presence

These are larger firms where you’d target the local producer or account manager who handles cyber:

Name	Why Target
Lockton Denver	Major national broker, significant cyber practice
Gallagher Denver	Top-10 broker, active cyber specialty
HUB International Colorado	Regional powerhouse, growing cyber book
Marsh McLennan Denver	Enterprise broker, may have mid-market clients

Priority 3: Independent Agents (IIABA Members)

Search the IIABA / Big “I” directory for Colorado independent agents who sell cyber insurance. These are often smaller agencies where the owner makes the decisions — easier to reach.

THE FOLLOW-UP CADENCE

After LinkedIn DM — No Response

Day 5: “Hey [Name] — just floating this back up. If pre-underwriting remediation isn’t relevant for your practice, no worries. But if you ever hit a situation where a client’s application is stalling on security controls, I’m an easy call.”

Day 14: “Hey [Name] — I put together a quick reference: the top 7 controls carriers are flagging hardest in 2026 underwriting. Happy to share — useful for your client conversations whether we work together or not.”

Day 30: “Hey [Name] — last note from me. If the remediation side ever comes up for your professional services clients, I’m at dmitri@solanasis.com or 303-900-8969. Appreciate you connecting.”

After Email Sequence — No Response

Stop after Email 4. Add them to your quarterly newsletter (when you have one). They’re not ready now, but they might be in 6 months.

After a Positive Response

Move to phone/Zoom immediately. Don’t try to close anything in DM or email. The goal is: “Can we do 15 minutes on the phone so I can learn about your practice and show you how this works?”

Title: Pre-Underwriting Security Remediation for Your Clients Subtitle: Close the gaps that stall coverage. 10 business days. Full documentation.

Section 1: The Problem Your Clients Face

Carrier flagged security controls during underwriting
Application stalls or premium increases
Client doesn’t know how to fix it or who to call
Clock is ticking on the coverage window

Section 2: What We Do

10-business-day remediation sprint
Flat fee: $5, 000 -$ 7,500 (client-direct billing)
Specific controls we address:
- MFA deployment and verification
- EDR/MDR configuration audit
- Backup restore testing (actual recovery, not checkbox)
- Written Incident Response Plan
- Written Information Security Plan (WISP)
- Vendor access audit
- AI-use policy documentation

Section 3: What You Get

Bound attestation package for your underwriting file
Control-by-control documentation of remediation
90-day maintenance roadmap for your client
You look great because the gap is closed and they get covered

Section 4: How It Works

You introduce us to your client (5 minutes)
We run a 2-hour triage call (free)
We deliver a flat-fee proposal (24 hours)
We execute remediation (10 business days)
We deliver attestation package to you and your client

Section 5: About Solanasis

Dmitri Sunshine, Founder — 23+ years in enterprise architecture and systems
Based in Boulder, CO
Specialty: Professional services firms (CPAs, attorneys, financial advisors)
“Operational Resilience, Proven”

Footer: 303-900-8969 | dmitri@solanasis.com | solanasis.com

THE “FIRST CLIENT” PROBLEM (How to Get References When You Have None)

This is your chicken-and-egg: brokers want references, but you need broker referrals to get references.

Strategy 1: Do a Free Remediation for a Broker’s Client

Offer to do your first broker-referred engagement at no cost to the client (you eat the $5K). In exchange:

The broker introduces you to 3 more clients
The client provides a testimonial
You get a real case study with real numbers

The pitch to the broker: “I’m building our broker partner program and I’d like to prove the value with one of your clients — no charge. I want you to see the quality of work before we formalize anything. All I ask is that if it goes well, you introduce me to a few more clients at full price.”

Strategy 2: Do the Assessment on YOUR OWN Insurance Broker

You need to buy cyber liability insurance anyway (see pre-outreach prep). When you buy it, ask YOUR broker: “Can I show you what I do? I’ll run a quick assessment on a willing client in your book — no charge — so you can see the output.”

Strategy 3: Use Your ORB Pack Deliverables as Proof

You have fully built deliverable templates (Exec Summary, Risk Register, 30/60/90 Plan, Maturity Scorecard, Restore Runbook). Create a SAMPLE version using anonymized/fictional data that shows brokers exactly what the output looks like. This isn’t a case study, but it demonstrates your methodology.

METRICS: WHAT TO TRACK

Metric	Target (Week 1)	Target (Month 1)
Broker connection requests sent	10-15	30-40
Connection acceptance rate	30-40%	30-40%
DMs sent after acceptance	100% of accepts	100%
DM response rate	15-25%	15-25%
Calls booked	1-2	4-6
Partner program applications submitted	2-3	5
Free assessment offered	0-1	1-2
Carrier approval applications	0 (research phase)	1-2

TIMELINE: WHAT’S REALISTIC

Timeframe	What Happens
Week 1	Send 10-15 broker connections on LinkedIn. Submit 2-3 partner program applications. Buy your own cyber liability policy (if you don’t have one).
Weeks 2-4	Follow up on connections. First broker calls. Refine messaging based on feedback. Attend 1 local event.
Weeks 5-8	Offer 1 free assessment through a broker. Submit carrier approval applications. Start email outreach (if domain is warm).
Weeks 9-12	First paid engagement through broker channel. First case study. Formalize 1-2 broker partnerships.
Months 4-6	Steady pipeline from 2-3 broker partners. Apply to NetDiligence Philadelphia (October 5-7).

PRO TIPS

Buy your cyber liability insurance FROM a broker on your target list. Now you’re a customer AND a potential partner. That’s a warm intro disguised as a business expense.
The “attestation package” is your secret weapon. Most MSPs and security vendors deliver a report. You deliver a bound attestation package that goes directly into the underwriting file. This is what brokers actually need — not a PowerPoint, but documentation that closes the loop.
Brokers talk to each other. If you do great work for one broker’s client, word spreads. The inverse is also true — screw up one engagement and you’re done in the local market.
“Loss control” is the magic phrase. In insurance, “loss control” = proactive measures to prevent claims. Position yourself as a loss control partner, not a cybersecurity vendor. It puts you inside their mental model.
Flat fees > hourly rates. Brokers want to tell their clients “this costs $5K and takes 10 days.” They don’t want to say “it depends on hours.” Predictability is a competitive advantage.
The triage call is your real sales tool. Offer a free 2-hour triage call to any broker-referred client. In 2 hours, you can identify the top 3-5 gaps and quote the remediation. This is low-risk for the broker and high-value for the client.
NetDiligence Philadelphia (October 5-7, 2026) is your target conference. 6 months away gives you time to: get 1-2 client engagements done, build case studies, and show up with proof. Exhibitor booth or sponsorship gets you in front of hundreds of brokers.

Document prepared: March 14, 2026 Sources: Primary research across carrier partner programs, broker industry publications, cybersecurity vendor partner models

Solanasis Docs

Explorer

Cyber_Insurance_Broker_Cold_Outreach_Kit_v1