Nearly half of MSPs admit to having a ransomware kitty
The firm’s annual MSP report highlights the mounting pressure on MSPs as attackers increasingly leverage the latest AI advancements


Nearly half (45%) of MSPs maintain a dedicated pool of money for paying ransomware demands, according to new research from Cybersmart.
Conducted in collaboration with OnePoll, the firm’s annual MSP Survey report dives into the security of MSPs and their customers, detailing responses from 900 MSPs located across the UK, Europe, Australia, and New Zealand.
The study revealed that many MSPs would rather prepare for the worst-case scenario of paying a ransom than follow the advice of insurers and global governments to focus on proactive prevention.
Guidance and best practice around ransomware payments has typically been inadequately defined across the industry. Earlier this year, the UK Government proposed a targeted ban on ransomware payments for public sector bodies and critical national infrastructure (CNI) in a bid to make things clearer.
Despite this, Cybersmart’s findings show that MSPs are suffering from the effects of a lack of clarity across the board, with uncertainty also likely to filter down to their SME clients and into the wider ecosystem.
While 45% rely on a ransomware fund in their battle against ransomware, 36% of respondents said they choose to protect themselves through cyber insurance.
Perhaps most concerningly, however, is that a staggering 11% of participants admitted to having no ransomware-focused budget or cyber insurance at all, drastically increasing the likelihood of critical financial and reputational consequences.
Stay up to date with the latest Channel industry news and analysis with our twice-weekly newsletter
Concerns
As AI continues to expand its influence across industries at breakneck speed, the survey found the technology to be the number one concern for MSPs for 2025 (44%), with ransomware and malware in second place (40%).
That’s in stark contrast to last year’s iteration of the report, with AI nowhere to be found on its list of top concerns.
Attackers are now increasingly leveraging AI advancements to generate phishing emails, produce convincing deepfakes, as well as create advanced malware in order to dupe organizations.
In fact, 2024 saw 67% of MSPs report an AI-based attack, with Cybersmart reasoning that 2025 will likely see this figure increase as attackers continue to leverage the latest generative AI, agentic AI, and deepfake technology.
This challenge is compounded by a lack of easy-to-use tools for MSPs to counter attacks, leaving SME clients vulnerable at a time when many are looking for increased support against AI.
According to the data, 84% of MSP participants said their customers now expect them to manage either their cyber security infrastructure, or their cyber security and IT estate combined.
“With customers relying more on MSPs for cybersecurity, it is essential that MSPs are cyber secure and cyber confident themselves, which means tackling the evolving threat landscape head-on,” explained Jamie Akhtar, Cybersmart’s CEO and co-founder.
“Organizations shouldn’t rely on ransomware payments; rather, they should partner with organizations that can help proactively secure them.”
MORE FROM CHANNELPRO
- The Channel Recruiter and Nebula debut new global talent resourcing solution
- Snowflake names Chris Niederman as new channel chief
- Okta and Palo Alto Networks are teaming up to ‘fight AI with AI’
Dan is a freelance writer and regular contributor to ChannelPro, covering the latest news stories across the IT, technology, and channel landscapes. Topics regularly cover cloud technologies, cyber security, software and operating system guides, and the latest mergers and acquisitions.
A journalism graduate from Leeds Beckett University, he combines a passion for the written word with a keen interest in the latest technology and its influence in an increasingly connected world.
He started writing for ChannelPro back in 2016, focusing on a mixture of news and technology guides, before becoming a regular contributor to ITPro. Elsewhere, he has previously written news and features across a range of other topics, including sport, music, and general news.
-
Let’s talk about digital sovereignty
In the age of AI and cloud, where data resides is a key consideration
-
Lack of visibility creates "cascade" of security risk, says Kiteworks
News Organizations that don't keep track of data breaches, shadow AI, and third-party counts face dramatically worse outcomes across every metric
-
Blackpoint Cyber and NinjaOne partner to bolster MSP cybersecurity
News The collaboration combines Blackpoint Cyber’s MDR expertise with NinjaOne’s automated endpoint management platform
-
LevelBlue and Akamai are teaming up to launch a managed web application and API protection service
News The new Managed WAAP offering aims to help organizations secure their rapidly expanding web app and API ecosystems
-
SonicWall launches new firewalls as part of Generation 8 refresh
News The vendor’s latest update includes unified management and integrated ZTNA, backed by embedded warranty and co-managed services
-
MSPs beware – these two ransomware groups are ramping up attacks and have claimed hundreds of victims
News The Akira and Lynx ransomware groups are focusing on small businesses and MSPs using stolen or purchased admin credentials
-
Cybersecurity complexity and the channel
Industry Insights Channel partners must tackle cybersecurity complexity to drive outcomes and build trust
-
MSPs emerge as key security partners for mid-market enterprises
News The MSP Customer Insight Report reveals 85% of mid-sized organizations now rely on MSPs for security support
-
Pressure mounts on MSPs as enterprises flock to managed cybersecurity services
News Expected to handle security for clients as well as themselves, MSPs feel they're battling on the front line
-
IT management and security in the modern age: Moving away from fragmentation towards seamless success
Sponsored Content Proper endpoint, user, and business management demands a unified approach