DataStream: Cyber Insurance Fuels MSP Sales, Security Posture
‘When you’re involved in a major incident, that may be one of the most important days of your career—it’s sort of like the Super Bowl, you just didn’t know it was going to happen that day,’ says DataStream Cyber Insurance CEO Andy Anderson at XChange August 2022.
MSPs can pull through hundreds of thousands of dollars when setting up a customer’s cyber insurance policy while at the same time critically securing them from attacks that could ruin their business.
DataStream Cyber Insurance founder and CEO Andy Anderson told XChange August 2022 attendees this week that MSPs can both drive customer spending and create a more secure IT security environment via cyber insurance.
“Putting insurance in place and the process of getting insurance, rapidly accelerates the things that your clients are buying,” said Anderson. “They’re improving their security posture, and that’s all work that you end up doing for them.”
For example, DataStream was able to provide a $40,000 cyber insurance policy for a customer who then ended up spending close to $750,000 wit hits MSP preparing for the insurance.
“So the money that they made really out of all of that and the services that they deliver was driven by the insurance transaction,” said Anderson, adding that DataStream also provides partners with compensation programs and market development funding (MDF) to boost sales.
[Related: Cybersecurity Strategist: The Real Threat Is The ‘Human Hack’]
DataStream Cyber Insurance offers comprehensive cyber insurance coverage along with full cybersecurity assessments, data analysis of cyber risk in financial terms, and cybersecurity training. The Sunnyvale, Calif.-based company currently provides coverage throughout North America for both first- and third-party losses.
Major Attack ‘May Be One Of The Most Important Days Of Your Career’
DataStream’s CEO said when a customer is hit by a major cyberattack, it’s a massive undertaking for MSPs.
“ When you’re involved in a major incident, that may be one of the most important days of your career—it’s sort of like the Super Bowl, you just didn’t know it was going to happen that day,” said Anderson.
MSPs need to be extremely careful to make sure they reach out to security insurance experts immediately to get them “early in the game,” he said.
“We’ve seen [MSPs] get themselves in trouble by trying to address this themselves. Their heart is in the right place, but if you go start wiping machines and rebuilding servers, you can potentially destroy all the forensics,” Anderson said.
“So now there’s a problem that could have been maybe on only a few machines, suddenly, you have to assume that it touched everything. So then you took an issue that was a couple of thousand dollars and added a couple of zeros on the end. That’s what we’re here for,” he said. “We have a hotline. You can call to start talking to the breach coach law firms. The first call is always free.”
DataStream provides financial, legal and technical support in the wake of an incident to help businesses quickly get up and running again.
Ransomware Attacks Increasing Rates
From an MSP perspective, Art Ocain—vice president of cybersecurity and incident response for Miami-based Airaim—said the cyber insurance industry is increasing rates due to ransomware attacks. However, buying cyber insurance helps customers follow security best practices.
“If you go for a cyber policy now, it used to be that they would just sign the policy and charge you a monthly bill. Now, there’s a lot of pre-qualifications. They have to make sure that you have EDR in place, that you’re patching your systems, that you have segmentation, and zero trust with stuff in place,” said Ocain. “You’re really following cybersecurity best practices.”
Ocain applauded cyber insurance companies like DataStream for helping MSPs better protect their customers.
The three key things that insurance companies are asking for right now are managed detection and response (MDR), multifactor authentication (MFA), and immutable backups, which are backups that can’t be deleted or encrypted by ransomware, Ocain said.
Specifically, Ocain hailed the emerging extended detection and response (XDR) vendors that are providing better visibilty for MSPs with unified security platforms for customers to put their solutions on.
“So if you have an XDR platform, it’ll give you a single pane of glass for your firewall logging, for your endpoint detection response stuff, for your antivirus—all the stuff is pulling into one platform, so you’re able to really see it,” said Ocain. “And if you have the automation set up correctly, it can help you solve the ransomware problem by actually blocking the ransomware.”