MSP security confidence remains high despite facing a torrent of cyber threats

Managed service providers (MSPs) have reported high rates of cyber confidence despite the majority having been hit by at least one security breach in the last year, new research shows.

SMB security solutions provider CyberSmart has released the findings of its MSP survey for 2024, which quizzed 250 senior leaders at UK-based MSPs on cyber security issues.

It found that 87% of participants had experienced at least one data breach in the past 12 months – with 16% stating they had been hit by more than five incidents in that time.

Despite this widespread threat, an overwhelming majority of surveyed MSPs said they had confidence in their organization’s cyber capabilities, with 97% stating they had either a ‘fair’ amount or a ‘great deal’ of cyber confidence.

Commenting on the findings, Jamie Akhtar, co-founder and CEO at CyberSmart, said the cybersecurity industry must work closer with MSPs to better protect SMEs and their customers.

“The associated confidence noted by MSPs is heartening but needs to reflect the reality on the ground for MSPs, and their own perception of their security posture is concerning and highlights the need for cybersecurity to step up and work closer with managed service providers,” he said.

Due to their privileged access to multiple businesses, Akhtar said MSPs represent an “appealing target” for cyber criminals looking to exploit their customer base.

MSPs are also an attractive proposition because they can typically remotely access clients’ networks and IT environments.

“This, coupled with the fact they are responsible for the IT infrastructure of companies without IT or security resources, means it is paramount that security providers work closer with them to protect the 5.5 million SMBs who in many cases turn to MSPs to keep them safe,” he added.

“Failure to do this could be existential for many of their customers.”

MSPs remain wary of ransomware and malware threats

CyberSmart’s survey also examined the areas of cybersecurity causing the most concern across the MSP landscape. 

According to the findings, both customers (55%) and providers (57%) highlighted ransomware and malware infection as the top concern today.

Behind that, MSPs and customers took slightly different paths, with inflation and spiraling costs being the second biggest concern at 43%, followed by exploitation of unpatched or undisclosed vulnerabilities at 41%.

For customers, exploitation of unpatched or undisclosed vulnerabilities was the second most concerning cyber threat with 44%, with inflation and spiraling costs in third with 41%.

Firms are beefing up response capabilities

When quizzed on what it would take to achieve improved security posture, MSPs said a focus on cyber security training, IT policies, and fostering a more security-conscious culture would be key to achieving “complete cyber confidence”.

The findings also revealed that nearly 70% of the surveyed businesses have increased their security capabilities over the last year as they adapt to the ever-changing security landscape.

These improvements include investment in products and services, as well as specialist security or regulatory hires.