How do many managed service providers (MSPs) broach the topic of cybersecurity with their clients? What percentage of MSPs carry cyber insurance? Does the cost of cyber insurance affect their pricing model?
To get the answers to these questions and more, we turned to the ConnectSecure Partner Panel of MSPs as part of our ongoing commitment to providing them with the tools and insights they need to thrive amid cyber threats and regulatory requirements.
The survey findings give you a unique glimpse into how the MSP community approaches some of today’s most critical challenges, whether it’s working with multiple insurance companies or establishing credibility as cybersecurity services providers. Let’s take a look at the numbers and hear the MSPs themselves explain their significance.
Do you recognize your own MSP in their takes?
A striking 94.3% of our Partner Panel MSPs report being proactive in their cyber sales efforts. This statistic highlights a notable trend: MSPs are increasingly taking the initiative to introduce cybersecurity solutions to their clients, rather than waiting for clients to seek them out.
One respondent shared, "Sales success in my cybersecurity practice starts with understanding each client's needs and regulations. Instead of just selling, I focus on educating and offering tailored solutions like security assessments and ongoing support."
Another noted, “The cybersecurity conversation with a client or prospect kicks off with a deep dive into their current defenses and potential weak spots, often sparked by real-world incidents, compliance demands, or even the latest cyber scare making headlines. Whether it's a data breach wake-up call, regulatory nudge, or just a proactive risk assessment, we're diving in headfirst to understand their unique needs and risk appetite.
“From there, it's all about crafting a customized plan of attack, weaving together strategies like security assessments, training drills, and tech upgrades into a shield that not only protects their assets and reputation but also fits snugly with their business goals. It's not just about locking down systems; it's about empowering them to stay one step ahead in the cybersecurity game.”
Almost half of the MSPs surveyed (47.1%) always use vulnerability scanning to kickstart cybersecurity conversations, while another 47.1% do so sometimes. Again, this approach not only highlights vulnerabilities but also demonstrates that our Partner Panel sees the value of taking a proactive stance in protecting their clients.
One MSP recounted the conversation with prospects, "I ask, ‘Tell me about your business and how reliant you are on your technology?’ When they reply, ‘The bad guys don't want anything I have,’ I reply, "Yes they do, they want your livelihood.’"
A significant 91.7% of MSPs carry cyber insurance specifically for their operations. This high percentage underscores the recognition of cyber insurance as an essential safeguard in the MSP industry.
Despite the rising costs of cyber insurance, only 17.6% of MSPs report these costs affecting their pricing models for end-users. So, while insurance costs are a concern, the finding may suggest MSPs are able to absorb these costs without passing them on to clients, maintaining competitive pricing.
An overwhelming 87.5% of MSPs deal with multiple cyber insurance firms for their clients, reflecting the complexity and administrative burden of managing multiple insurance providers. For 29.2% of our panel partners, it’s an unsustainable situation; they cite lengthy questionnaires as well as different processes and proof requirements as too much to handle. On the other hand, 33.7% replied the current state is sustainable (33% did not reply to this question).
One respondent shared, "We regularly meet with clients and discuss their security posture, and from that they sign up. However, we are receiving more and more requests from our clients and prospects to help with requirements from contracts or insurance."
Said one respondent, “I go over the advantages of our security stack and sell on completing cybersecurity insurance requirements and benefits of a secure network.”
Cyber frameworks play a crucial role in MSP sales motions, with 28.6% always using them and 48.6% sometimes incorporating them. Frameworks like CIS and NIST are particularly popular, providing a structured approach to cybersecurity that resonates with clients.
Noted one MSP, “In our target market (clients in regulated industries) they already know they need cybersecurity.”
Another respondent emphasized, “Our model is to provide a holistic approach to IT services, and so we build in more advanced security tools and methods into our standard offering for all of our customers.”
MSPs build cyber credibility through expertise, client references, and established trust. 44% of our Partner Panel highlighted their expertise and client references as key factors, while 27% relied on existing IT customer trust. This trust is further cemented by transparent communication and demonstrating the tangible benefits of their cybersecurity solutions, such as vulnerability assessments.
One MSP stated, "Educating our customers on the risks of bad cyber hygiene and offering clear, honest advice is crucial. Trust is built through transparency and proven expertise."
The survey also revealed significant insights into the demands placed on MSPs by their clients, particularly concerning cyber insurance applications and renewals.
Over 50% of our Partner Panel reports that at least 30% of their client base requires their input on their cyber insurance applications or renewals. This highlights the critical role MSPs play in helping clients navigate the complexities of cyber insurance.
Interestingly, only about 15% of our Partner Panel reports that the demands put on them by their clients create an undue burden. Many MSPs see this as an opportunity to strengthen their client relationships and enhance their service offerings. One respondent mentioned, "We are proactive about educating our clients on the threat landscape and what we can do to help them minimize their exposure and risk."
This proactive approach not only helps clients meet their insurance requirements but also positions MSPs as trusted advisors in the cybersecurity landscape. Another participant stated, "The requirement for Cyber Essentials Certification so they can deal with their customers" is a common trigger for initiating cybersecurity conversations with clients.
Overall, these findings underscore the importance of MSPs in supporting their clients' cybersecurity needs and the mutual benefits that arise from these interactions. As one MSP noted, "It's always happening. Almost every interaction with clients has a security-related aspect. From a structured perspective, our TAMs and vCIOs have a recurring process to ensure the customer understands the risks and available mitigations."
The Partner Panel surveys by ConnectSecure provide a comprehensive look into the strategic approaches MSPs are taking towards cybersecurity and cyber insurance. From proactive sales and client engagement to managing the complexities of multiple insurers and leveraging trusted frameworks, MSPs are demonstrating resilience and innovation in an ever-changing landscape.
For MSPs looking to strengthen their cybersecurity posture and drive more business, ConnectSecure offers a comprehensive solution for Vulnerability Management and Compliance Management that addresses these needs and more.
Discover how ConnectSecure can help you elevate your cybersecurity services, enhance client trust, and navigate the complexities of cyber insurance. See ConnectSecure in action. Take a 14-Day Free Trial or schedule a One-on-One Demo today.