From business interruptions to rising incident response costs to Russian cyberthreats looming as the war in Ukraine continues, cyber insurance companies aren’t taking any more risks. With a 300% increase in cyberattacks since the onset of the pandemic, cyber insurers are adjusting their policies and weighing customer liability based on the preventative measures managed service providers (MSPs) are taking, including a robust password management system.
It is now more important than ever for MSPs to evaluate their own cybersecurity coverage to ensure they are protected in the event of an attack.
Cyber insurance mitigates losses from cyber incidents like data destruction and/or theft, extortion demands, hacking, denial-of-service attacks, crisis management activity related to data breaches, and legal claims for defamation, fraud, and privacy violations. Cyber insurance policies also cover the costs of data recovery, system forensics, legal defense, customer reparations, and more. This type of coverage benefits MSPs as it would any of their customers; however, many times MSPs have more data at risk given the nature of their business.
When a cyber attacker successfully gains access to a MSP’s data, it’s also gaining access to clients’ secured data, which is the crème de la crème of breaches for a cybercriminal. This is also one of the biggest concerns for an MSP—how to keep client data safe.
The sad truth is that many MSPs still do not see the benefit in making this investment in cyber insurance. In fact, a recent survey found that 35% of MSPs who were a victim of a cyberattack did not have cyber insurance, which not only resulted in major losses in funds, but the loss of customers and overall brand trust.
Ways to Protect MSPs
A lingering question remains: Does cyber insurance protect an MSP against breaches? Just as car insurance doesn’t prevent a car accident from happening, cyber insurance doesn’t prevent a cyberattack from occurring. However, it does support MSPs in the aftermath of an attack.
With cyberattacks increasing and insurance policy pricing on the rise, there are a few steps MSPs can take to assure their customers that they are investing in keeping their data safe while also potentially lowering their own policy premiums. Sticking with the car insurance scenario, just as drivers can give an insurer proof of safe driving practices to keep those around them safe, MSPs can similarly show a cyber insurance provider that they are taking steps to keep customers’ data safe through additional resources. As a result, this can increase trust in MSPs and potentially lower premiums.
Additional steps that can be taken to gain trust from insurance providers and customers include:
- Limit the access to administrative data to the fewest number of employees as possible. While this seems simple even with a small number of employees at a company, it’s often easy for information to slip through the cracks over time.