Nearly half (45%) of MSPs maintain a dedicated pool of money for paying ransomware demands, according to new research from Cybersmart.
Conducted in collaboration with OnePoll, the firm’s annual MSP Survey report dives into the security of MSPs and their customers, detailing responses from 900 MSPs located across the UK, Europe, Australia, and New Zealand.
The study revealed that many MSPs would rather prepare for the worst-case scenario of paying a ransom than follow the advice of insurers and global governments to focus on proactive prevention.
Guidance and best practice around ransomware payments has typically been inadequately defined across the industry. Earlier this year, the UK Government proposed a targeted ban on ransomware payments for public sector bodies and critical national infrastructure (CNI) in a bid to make things clearer.
Despite this, Cybersmart’s findings show that MSPs are suffering from the effects of a lack of clarity across the board, with uncertainty also likely to filter down to their SME clients and into the wider ecosystem.
While 45% rely on a ransomware fund in their battle against ransomware, 36% of respondents said they choose to protect themselves through cyber insurance.
Perhaps most concerningly, however, is that a staggering 11% of participants admitted to having no ransomware-focused budget or cyber insurance at all, drastically increasing the likelihood of critical financial and reputational consequences.
Concerns
As AI continues to expand its influence across industries at breakneck speed, the survey found the technology to be the number one concern for MSPs for 2025 (44%), with ransomware and malware in second place (40%).
That’s in stark contrast to last year’s iteration of the report, with AI nowhere to be found on its list of top concerns.
Attackers are now increasingly leveraging AI advancements to generate phishing emails, produce convincing deepfakes, as well as create advanced malware in order to dupe organizations.
In fact, 2024 saw 67% of MSPs report an AI-based attack, with Cybersmart reasoning that 2025 will likely see this figure increase as attackers continue to leverage the latest generative AI, agentic AI, and deepfake technology.
This challenge is compounded by a lack of easy-to-use tools for MSPs to counter attacks, leaving SME clients vulnerable at a time when many are looking for increased support against AI.
According to the data, 84% of MSP participants said their customers now expect them to manage either their cyber security infrastructure, or their cyber security and IT estate combined.
“With customers relying more on MSPs for cybersecurity, it is essential that MSPs are cyber secure and cyber confident themselves, which means tackling the evolving threat landscape head-on,” explained Jamie Akhtar, Cybersmart’s CEO and co-founder.
“Organizations shouldn’t rely on ransomware payments; rather, they should partner with organizations that can help proactively secure them.”
MORE FROM CHANNELPRO
- The Channel Recruiter and Nebula debut new global talent resourcing solution
- Snowflake names Chris Niederman as new channel chief
- Okta and Palo Alto Networks are teaming up to ‘fight AI with AI’
-
Microsoft could be preparing for a crackdown on remote workNews The tech giant is the latest to implement stricter policies around hybrid working without requiring a full five days in the office
-
JetBrains CEO on how developers must transform with AIInterview There may still be a place for strong developer progression in the age of AI, if workers can adapt to rapid changes
-
Cybersecurity complexity and the channelIndustry Insights Channel partners must tackle cybersecurity complexity to drive outcomes and build trust
-
MSPs emerge as key security partners for mid-market enterprisesNews The MSP Customer Insight Report reveals 85% of mid-sized organizations now rely on MSPs for security support
-
Pressure mounts on MSPs as enterprises flock to managed cybersecurity servicesNews Expected to handle security for clients as well as themselves, MSPs feel they're battling on the front line
-
IT management and security in the modern age: Moving away from fragmentation towards seamless successSponsored Content Proper endpoint, user, and business management demands a unified approach
-
MSP security confidence remains high despite rising breaches, research findsNews CyberSmart's annual MSP Survey has revealed that 69% of MSPs were hit by multiple breaches over the last year
-
Redstor and TitanHQ merge to create ‘MSP-first’ security provider
News The new business Redstor’s and TitanHQ’s solutions to create a unified and integrated MSP security platform
-
GoTo and Acronis partnership looks to bolster endpoint management for MSPsNews The new strategic partnership includes the launch of the LogMeIn Data Protection Suite powered by Acronis
-
SonicWall CEO Bob VanKirk hails ‘pivotal moment’ as firm unveils new MSP cyber solutionsNews The company is expanding its MSP solutions range and ramping up its focus on platform-based security
