That’s the message from the insurance industry, or at least as relayed from one San Francisco-based cyber-specialty insurance company that recently received $40 million in venture capital funding. That message, presumably, is based on what appears to be a simple fact: For now, absent major, protracted and expensive engineering, the technological balance between offense and defense – between hacker and hacked – is heavily tipped toward the hacker. The insurer in this post, called Coalition, markets to small and medium-sized business and is said to have risk assessment and risk management tools that it will provide to organizations for free, with insurance apparently to be priced in part on the basis of what those tools come up with. “While companies can’t eliminate cyber risk, they can eliminate the cost of it,” says Coalition’s CEO. According to a general partner at the venture capital firm that provided the largest share of Coalition’s cash infusion, current revenue of the cyber insurance industry is $4 billion, while that of the cybersecurity industry is more than $100 billion. “The relative size of these two markets should be inverted,” he says.