Cyber Insurance vs Technology Errors & Omissions
By Dustin Bolander, Founder, Beltex Insurance
Over the last several years, cyber insurance has become a contentious issue. While managed services providers (MSPs) struggle to deal with vague questions on applications, competing security services from insurance carriers, and complex claims situations, they also face rapidly increasing costs and headaches with their own policies.
In the insurance industry, professional liability and errors and omissions (E&O) policies cover mistakes made during the delivery of services, such as an MSP providing cybersecurity to a customer. The specific type of E&O for MSPs is “Technology Errors & Omissions” or Tech E&O. These policies often, but not always, provide cyber coverages in addition to covering the services an MSP delivers to their customers.
Table of Contents
What does cyber insurance cover?
Cyber insurance has slowly converged towards an industry-standard set of coverages. These include legal, forensics, ransomware, business interruption, and more. While not all policies are created equal, there is a rough standard of coverages available. The core concepts in cyber insurance are first and third-party coverage. First party refers to your business, such as an MSP itself being the victim of a ransomware attack. Third party refers to other individuals or businesses. One example would be a breach resulting in hackers acquiring the personal information of employees; in that case, the employee would be the impacted third party.
What about professional services being delivered?
MSP’s services to its customers are defined as professional services. These are NOT included as part of third-party coverage. This is where Tech E&O comes into play, it is specifically designed to cover the professional services aspect of an MSP’s business.
As with other insurance, not all policies are created equal. Some policies may cover professional services only, while others have full coverage for first-party, third-party, and services delivered.
What if your MSP cannot afford a full policy?
Smaller MSPs often struggle with the cost of a comprehensive Tech E&O policy. While ideally, an MSP will be fully covered if forced to choose a less comprehensive option, most MSP claims occur around professional services.
How is Tech E&O priced?
There are a few major factors that drive the price of a Tech E&O policy:
- Total annual revenue
- Headquarters state: this is due to differing regulatory requirements and potential fines. Think Texas vs NY or California.
- In-house security operations center (SOC) can cause a significant increase depending on the carrier. Some carriers will not offer a policy at all, while others will increase pricing substantially. Beltex recently helped one MSSP with an in-house SOC move to a new carrier that would not penalize as heavily for an in-house SOC, resulting in savings of over $20k per year for the same coverage.
- Private cloud/datacenter hosting will significantly increase premiums. Hackers look at MSPs as high-value targets due to the number of businesses they can access, and hosting environments only make this more appealing to them.
How can your MSP save on a Tech E&O policy?
At Beltex, we may be biased, but find an agent who is somewhat familiar with the MSP industry. If your agent cannot explain MRR vs RMM, you probably should look elsewhere. While not overly complicated, this is a niche section of insurance with specific requirements.
Have a solid MSA and SLA Agreement (here is a template for a good start on a BDR SLA Agreement). Carriers typically expect to see a limitation of liability (the previous 12 months of invoicing is very standard in the MSP industry) and indemnification clauses. Looking for a good MSP attorney? Beltex has a list of attorneys that many of our clients have happily used.
Get in touch with the Beltex team for an intro call about how their policies can save your MSP money and keep you and your clients protected: https://www.beltexins.com/contact
Looking to Learn More About MSP Cyber Liability Insurance?
Sign up for our April 22nd Product Team call – learn more on how to secure your MSP with a cyber liability insurance deep dive. Join Axcient’s Director of Product and Dustin Bolander, Founder of Beltex Insurance and MSP owner, for a critical webinar on cyber liability insurance tailored for MSPs.
Are you wondering if your MSP is truly protected from the devastating financial impact of a cyberattack? Understanding and securing comprehensive cyber liability insurance can be paramount for your business’s survival and your clients’ peace of mind.
In this essential webinar, you’ll gain:
- Expert Insight from this author, Dustin Bolander, MSP owner, and Founder of Beltex Insurance: Learn the nuances of cyber liability policies, understand the key requirements, and navigate the complexities of coverage- including the Spectra certification.
- Essential Requirements for MSPs: Demystify the application process and understand the specific criteria insurers look for.
- “Get Insured, Get Paid Out” Strategies: Learn how to maximize your coverage and streamline the claims process in the event of a disaster.
- Actionable Advice: Gain practical strategies to mitigate risks and strengthen your overall cybersecurity posture.
- Axcient Product Insights: Discover how Axcient’s solutions bolster your security posture and impact your insurability.
- Q&A Session: Get your burning questions answered by industry experts.
Author
Related posts
How well could you sleep with reliable cloud-based backups and recovery?
Take a deep dive into Axcient’s proprietary, automated security features to see how we’re ensuring uninterrupted business continuity — no matter what:
