Nearly half of MSPs admit to having a ransomware kitty

Ransomware concept image showing a warning symbol in red with binary code in background.

(Image credit: Getty Images)

Nearly half (45%) of MSPs maintain a dedicated pool of money for paying ransomware demands, according to new research from Cybersmart.

Conducted in collaboration with OnePoll, the firm’s annual MSP Survey report dives into the security of MSPs and their customers, detailing responses from 900 MSPs located across the UK, Europe, Australia, and New Zealand.

The study revealed that many MSPs would rather prepare for the worst-case scenario of paying a ransom than follow the advice of insurers and global governments to focus on proactive prevention.

Guidance and best practice around ransomware payments has typically been inadequately defined across the industry. Earlier this year, the UK Government proposed a targeted ban on ransomware payments for public sector bodies and critical national infrastructure (CNI) in a bid to make things clearer.

Despite this, Cybersmart’s findings show that MSPs are suffering from the effects of a lack of clarity across the board, with uncertainty also likely to filter down to their SME clients and into the wider ecosystem.

While 45% rely on a ransomware fund in their battle against ransomware, 36% of respondents said they choose to protect themselves through cyber insurance.

Perhaps most concerningly, however, is that a staggering 11% of participants admitted to having no ransomware-focused budget or cyber insurance at all, drastically increasing the likelihood of critical financial and reputational consequences.

Concerns

As AI continues to expand its influence across industries at breakneck speed, the survey found the technology to be the number one concern for MSPs for 2025 (44%), with ransomware and malware in second place (40%).

That’s in stark contrast to last year’s iteration of the report, with AI nowhere to be found on its list of top concerns.

Attackers are now increasingly leveraging AI advancements to generate phishing emails, produce convincing deepfakes, as well as create advanced malware in order to dupe organizations.

In fact, 2024 saw 67% of MSPs report an AI-based attack, with Cybersmart reasoning that 2025 will likely see this figure increase as attackers continue to leverage the latest generative AI, agentic AI, and deepfake technology.

This challenge is compounded by a lack of easy-to-use tools for MSPs to counter attacks, leaving SME clients vulnerable at a time when many are looking for increased support against AI.

According to the data, 84% of MSP participants said their customers now expect them to manage either their cyber security infrastructure, or their cyber security and IT estate combined.

“With customers relying more on MSPs for cybersecurity, it is essential that MSPs are cyber secure and cyber confident themselves, which means tackling the evolving threat landscape head-on,” explained Jamie Akhtar, Cybersmart’s CEO and co-founder.

“Organizations shouldn’t rely on ransomware payments; rather, they should partner with organizations that can help proactively secure them.”

MORE FROM CHANNELPRO

TOPICS

Dan is a freelance writer and regular contributor to ChannelPro, covering the latest news stories across the IT, technology, and channel landscapes. Topics regularly cover cloud technologies, cyber security, software and operating system guides, and the latest mergers and acquisitions.

A journalism graduate from Leeds Beckett University, he combines a passion for the written word with a keen interest in the latest technology and its influence in an increasingly connected world.

He started writing for ChannelPro back in 2016, focusing on a mixture of news and technology guides, before becoming a regular contributor to ITPro. Elsewhere, he has previously written news and features across a range of other topics, including sport, music, and general news.