Pressure mounts on MSPs as enterprises flock to managed cybersecurity services
Expected to handle security for clients as well as themselves, MSPs feel they're battling on the front line


Organizations are relying more than ever on managed service providers (MSPs) for security as cyber risks skyrocket, and many are feeling the pressure.
More than half (58%) of MSP leaders believe customers are at more risk today than this time last year, and 84% said that customers now expect them to manage either their cybersecurity infrastructure or their cybersecurity and IT estate combined.
This marks a significant increase from last year, when the figure stood at just 65%.
30% off Keeper Security's Business Starter and Business plans
Keeper Security is trusted and valued by thousands of businesses and millions of employees. Why not join them and protect your most important assets while taking advantage of this special offer?
More than three-quarters (77%) of MSP leaders told CyberSmart researchers that they're experiencing increased scrutiny of their own businesses’ security capabilities over the past 12 months - meaning that MSPs need to choose their cybersecurity partners carefully.
“In light of the recent uptick of cyber incidents targeting MSPs, it is unsurprising that customers are scrutinizing MSPs more,” said Jamie Akhtar, CEO and Co-Founder of CyberSmart.
“This means that it’s critical for MSPs to work with cybersecurity partners that are able to provide a high level of confidence and security for both their own and their customers’ cybersecurity to align with increasingly stringent expectations and rising threats.”
Just over eight-in-ten MSPs have increased their spending on specialist cybersecurity hires, researchers found, while 78% have upped spending on their security capabilities.
Stay up to date with the latest Channel industry news and analysis with our twice-weekly newsletter
Similarly, six-in-ten have invested in specialist regulatory hires while 64% have increased spending on regulatory compliance capabilities.
AI tops the list of worries for MSPs
The biggest security worry is AI, CyberSmart found, which is now the main headache for 38% of MSPs. Ransomware or malware topped the list for the same number.
Meanwhile, 35% were most concerned about insider threats and 32% flagged concerns over unpatched vulnerabilities.
This is a big change from last year, when malware and ransomware were the top worry for 55%, and inflation and spiraling costs for 43%.
However, the study also indicated that MSP customers may be underestimating the threat of supply chain attacks, which are now viewed as a significant risk by just one-in-five.
Over the last year, there have been a number of high-profile breaches of MSPs, including the Advanced Computer Software Group, fined £3 million by the UK's Information Commissioner's Office (ICO) over security failings that led to a ransomware attack on the NHS.
More recently, the DragonForce ransomware gang breached an MSP’s remote monitoring and management (RMM) tool in order to carry out a supply chain attack.
Of the 900 MSP leaders surveyed by CyberSmart, 69% reported being breached at least twice in the last 12 months - slightly up on last year - while 47% said they'd had three or more breaches in the last year.
"As trusted partners to millions of businesses across the globe, MSPs typically have access to clients’ infrastructure and inner workings," the researchers warned. "This renders them a highly lucrative target, whether for their own data or their clients."
MORE FROM CHANNELPRO
- ManageEngine debuts new MSP platform to streamline IT operations
- SonicWall CEO Bob VanKirk hails ‘pivotal moment’ as firm unveils new MSP cyber solutions
- MSP security confidence remains high despite rising breaches, research finds
Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.
-
GitHub just launched a new 'mission control center' for developers to delegate tasks to AI coding agents
News The new pop-up tool from GitHub means developers need not "break their flow" to hand tasks to AI agents
-
The Allianz Life data breach just took a huge turn for the worse
News Around 1.1 million Allianz Life customers are believed to have been impacted in a recent data breach, making up the vast majority of the insurer's North American customers.
-
LevelBlue and Akamai are teaming up to launch a managed web application and API protection service
News The new Managed WAAP offering aims to help organizations secure their rapidly expanding web app and API ecosystems
-
SonicWall launches new firewalls as part of Generation 8 refresh
News The vendor’s latest update includes unified management and integrated ZTNA, backed by embedded warranty and co-managed services
-
MSPs beware – these two ransomware groups are ramping up attacks and have claimed hundreds of victims
News The Akira and Lynx ransomware groups are focusing on small businesses and MSPs using stolen or purchased admin credentials
-
Cybersecurity complexity and the channel
Industry Insights Channel partners must tackle cybersecurity complexity to drive outcomes and build trust
-
Nearly half of MSPs admit to having a ransomware kitty
News The firm’s annual MSP report highlights the mounting pressure on MSPs as attackers increasingly leverage the latest AI advancements
-
Okta and Palo Alto Networks are teaming up to ‘fight AI with AI’
News The expanded partnership aims to help shore up identity security as attackers increasingly target user credentials
-
MSPs emerge as key security partners for mid-market enterprises
News The MSP Customer Insight Report reveals 85% of mid-sized organizations now rely on MSPs for security support
-
IT management and security in the modern age: Moving away from fragmentation towards seamless success
Sponsored Content Proper endpoint, user, and business management demands a unified approach