4 Hurdles That MSPs Face After a Breach (And How to Regain Trust)

June 24, 2021 / by Frederid Palacios

As an MSP, your greatest priority is the security of your client's information and data. Ensuring information safety will keep both you and your clients' businesses growing, so this must be guaranteed. That being said, sometimes breaches are inevitable. The frequency and accuracy of data breaches are increasing, so your organization must know how to perform both reactively and proactively.

Security concept Lock on digital screen, illustration

56% of MSPs report attacks against their clients, and 60% of small and medium businesses do not recover from cyber-attacks. Not only is this detrimental for clients, but it significantly impacts MSPs and their ability to retain and attract new clients. Should a breach occur, it is the responsibility of the MSP to resolve it as quickly as possible, with minimum losses and a fast recovery.

Recovering from a breach quickly and accurately is crucial to minimizing losses and regaining the trust of your clients. Without your clients, you have no business, so they must trust you fully to avoid and recover from breaches. We will walk you through the key hurdles that you may face following a data breach and how to handle them so that you can regain trust and avoid further damages.


1. Cost of Recovery

When a client suffers from a data breach or cyber-attack, MSPs suffer with them. While they may not be directly impacted, they can create significant losses that could result in business failure. Furthermore, when one client is attacked, every downstream endpoint feels the impact, which is a big problem for MSPs. One of the most significant hurdles that an MSP may face following a breach is a high cost of recovery, which is a direct result of client downtime and churn.

When a client experiences downtime due to a breach, it extends far beyond a matter of hours. In reality, this downtime will last days or even weeks. For example, 52% of MSPs reported that their clients faced 3-6 of business downtime after a data breach, while 30% experience 7-14 days’ worth. Not only is this a significant waste of time, but it is extremely costly as well. Unprecedented and considerable costs such as these pose a serious threat to the survival of an organization. If an organization is fortunate enough to survive this, it will likely switch to a new and more reliable service provider in the future. With this in mind, the cost of recovery impacts much more than the breached client. It will also dramatically affect the MSP, who will face damages to their reputation and lose business as a result.


2. Liability

Another significant hurdle faced by MSPs following a breach is the matter of liability. Who is responsible when a client’s data is compromised while under contract with an MSP? If a client is attacked due to a piece of software provided by the MSP not being updated or patched, the MSP may be legally responsible. There are countless scenarios where the liability of the attack changes, but it depends on the terms of service signed when the client and MSP made a deal. Implementing a clear communication of terms of service can clear up any confusion about liability before it arises. 

Cyber Security as a Competitive Advantage

3. Insurance

As with any business, insurance plays an important role – particularly cyber insurance in an IT-driven organization. From the client’s perspective, cyber liability insurance is crucial to the longevity of their business. This will help the client cover expenses associated with downtime and recovery and protect them from data breaching and losses for which their MSP is not at fault.

For an MSP, professional liability insurance is vital when a client experiences a breach on your watch. This is specifically important if the client believes that negligence played a role in the attack. While this seems critical, 35% of MSPs claimed not to have liability insurance when their client experienced an attack. If this is the case, when a client experiences a breach, the MSP may fail, leaving their remaining clients without service or protection. So, while liability insurance may seem complex and expensive, it is essential for the survival of your organization.


4. Staffing

The final hurdle that an MSP may face is that of staffing. MSP staffing is a common bottleneck in detection and recovery from a breach of security. A typical MSP will operate using careful margins and thoughtfully placed team members. But, when a disaster strikes, this means that there may not be sufficient personnel and resources to handle the situation. Furthermore, the additional responsibility of recovering from a data breach can create costs that could disable a small MSP.

Many MSPs claim that they have too few team members to respond to an attack adequately. This lack of personnel results in them acquiring support from another service or allocating resources to take assistance from some clients to relocate to others. Not only do these actions incur high and unexpected costs, but they can also incur the wrath of an unsatisfied client base. As a result, the best method to avoid staffing issues and their associated challenges are to partner with a trusted resource for specialty services.


Find an MSP You Can Trust

MSPs are the frontline of security for organizations, detecting, preventing, and recovering from cyber-attacks. In a time where data breaches are on the rise, MSPs must efficiently protect their clients from threats, minimizing impacts and reducing downtime. To achieve this, MSPs require a new approach to security, which includes preparing for the unexpected.

Regardless of their size, MSP clients deserve the same security as organizations with large budgets and security operations teams – a small budget should not equal a less secure environment. With preparation to detect, prevent, and recover from breaches, an MSP should be able to optimize the security of their clients. It is not a question of if you will be hacked, but when. For this reason, MSPs must prepare to defend their clients from an attack.

Following a breach, an MSP should first prevent the attack from spreading further, thus minimizing the impact of the attack. Communication between an MSP and client is crucial at this stage, determining where the breach has taken place and isolating the attack. Following this, an MSP must jump into recovery mode, assess the damage, and make amends as quickly and efficiently as possible. A significant component to recovering after a breach is planning ahead. Knowing the steps following a breach is crucial to both a client's and MSPs' recovery. With a skilled and experienced MSP, any organization should be able to recover from a data breach with minimized losses and resilience to overcome future breaches.

contact us

Tags: Cyber Security, Technical Support Services

Frederid Palacios

Written by Frederid Palacios

Fred Palacios is a seasoned software architect with more than 20 years of experience participating in the entire software development cycle across a host of different industries--from automotive and services to petroleum, financial, and supply chain. In that time, his experience working closely with high-level stakeholders has provided him with a strategic vision for developing the right solutions to flexibly meet critical business needs. As CTO of Intertec, he's continuing to focus on the creation of business-critical applications for large enterprise projects, particularly those that handle high concurrency and large datasets. He is passionate about using technology as a tool to solve real-world problems and also mentoring technical teams to achieve their maximum potential and deliver quality software.

Leave A Comment