Business, News, Security

Demand for cyber insurance support surges

Brendyn Lotz

30th May 2024

Sophos has published the MSP Perspectives 2024 report based on a survey of managed service providers.
The big take away is that MSPs are worried they don’t have the skills to meet the needs of clients.
Because of this, MSPs lean heavily on other providers to fully cover them and their clients.

Results from the MSP Perspectives 2024 survey release by Sophos reveals that while many companies have cyber insurance, most don’t have the skills needed to meet the requirements for that cover.

Cyber insurance comes with a laundry list of requirements for the insured. This can include having sufficient protection and mitigation measures in place but that is easier said than done. This is because threats are constantly evolving and protections that work today, may not be as effective against all threats.

This presents a challenge as businesses, especial managed service providers, often can’t keep up with the pace at which cybercrime evolves.

“The speed of innovation across the cybersecurity battleground means it’s harder than ever for MSPs to keep up with threats and the cyber controls designed to stop them. When you couple this with a global skills shortage, which has made it infinitely more difficult for many MSPs to attract and retain cybersecurity analyst resources, its unsurprising that MSPs feel unable to keep pace with the changing threat landscape,” explains vice president of managed service providers at Sophos, Scott Barlow. “This is all compounded by the need for 24×7 coverage as indicated in our 2023 Active Adversary report for Tech Leaders, which finds that 91% of ransomware attacks now happen out of business hours.”

Participants in the survey – 71 percent – indicated that when looking for a managed detection and response solution they would consider the ability to plug their existing security tools into a third-party solution is essential or very important.

Perhaps most interesting however, is how concerned MSPs are about skills. A staggering 39 percent of MSPs surveyed said that their biggest challenge is keeping up with new solutions and technologies. This is likely why there is such reliance on third-party vendors as MSPs try to plug their skill gaps while at the same time trying to expand their capabilities and service offering.

“While MSPs have a huge job to do in protecting their customers against fast moving adversaries, there’s tremendous opportunity to grow their business and profitability if they can find the right security set up. The data shows that MSPs are strengthening their proposition and reducing overheads by amalgamating the platforms they use and engaging with third-party MDR vendors to expand their service offerings. As they look to build their security offering of the future, they should prioritize vendors that can offer a complete portfolio of industry-best, fully managed security services and solutions,” Barlow adds.

It’s interesting to see this development take shape. Businesses initially turned to MSPs to manage their security needs and now MSPs are outsourcing those needs to another party. This has the risk of creating too much complexity in the chain and may end up being detrimental.

Indications from the survey suggest that as many as 83 percent of respondents are using between one and five third party cybersecurity vendors so chances are high that your MSP is using a third party to full manage its security needs.

You can page through the MSP Perspectives 2024 report here.

About Author

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.