Late last week, while working with my team on our continued search for a Next Gen Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), and User and Entity Behavior Analytics (UEBA) platform, an invite to MSSP Alert Live was shared with me. This inaugural conference was hosted by the CyberRisk Alliance (CRA) – a group formed to help cybersecurity professionals face the challenges and obstacles that threaten the success and prosperity of their organizations. The agenda was appealing so I decided to attend. I wanted to see firsthand some products that I am keenly interested in as well as meet and hear some fellow cybersecurity professionals who were scheduled to deliver some excellent sessions. Kudos to Joe Panettieri and his team for producing a fantastic event. Here are the key takeaways I had from my day at MSSP Alert Live.
The Journey from an MSP to MSSP
Most Managed Service Providers (MSPs) provide basic security in the form of endpoint management, patching, firewalls, and malware protection; However, the cybersecurity threat landscape calls for multi-layered protection. In order to stay protected from potential threats, most MSPs know that a well-managed security services portfolio that provides advanced cybersecurity solutions is essential. To achieve that, their choice is to either partner with a Managed Security Service Provider (MSSP) or embark on their journey to become an MSSP. MSPs are reviewing their business model, capacity, and skills to see if they can fill this market gap. Although the specialized nature of security services makes it difficult for most MSPs to deliver MSSP offerings, the rewards are well worth the effort. In the expo hall, I saw various technologies and services demos, including Extended Detection and Response (XDR), Managed Detection and Response (MDR), SIEM, SOAR, UEBA, and Security Operations Center (SOC) as-a-service. Depending on the direction the MSP wants to take (partner or transition), the tools that I witnessed at the event will enable them to provide advanced cybersecurity solutions to their client base.
The Evolution of Cyber Insurance and the Impact on an MSP
Cyber insurance has evolved from traditional insurance policies and early cyber-risk insurance policies to current comprehensive cyber insurance products. That said, do MSPs understand what this evolution means for them? Cyber insurance premium rates are skyrocketing and, in some cases, have gone up to 5x since 2020. Direct written premiums have risen 3.5x since 2017. This means that everybody wants cyber insurance, but now insurance companies are rejecting applications due to the sheer volume of claims and payouts over the last couple of years. Insurance companies are hiring serious cybersecurity talent to evaluate applications and, in some cases, outright acquiring small MSSPs for evaluation. MSPs need to understand the sub-limits of the policy from a liability perspective as well as what is included and, more importantly, what is excluded. MSPs that help their clients fill out their cyber insurance applications need to ensure that responding to cybersecurity insurance applications is included in the Master Services Agreement (MSA). This is important because this could impact both parties even if the MSP is not involved if/when the client files an insurance claim.
Overall, I came back enriched with valuable information that will help me move forward in my journey as the CISO of Afinety. Staying aware of cybersecurity protection methods and cyber insurance policies is a top priority of mine. Thank you to Joe Panettieri and the team at CyberRisk for putting on a wonderful event. It was a day well spent learning and networking with some great people.