It's becoming increasingly difficult to qualify for cyber insurance. Insurance providers are wary of multimillion dollar payouts resulting from costly ransomware attacks, and so the onus is on companies to prove that they can meet certain minimum cyber hygiene standards. One of the potential paths to reach this objective is by contracting a managed security provider who can ensure that you meet coverage criteria. But just how big of a difference does this strategy make -- enough for MSSPs to make insurance a key selling point? Conversely, do cyber insurance companies judge MSSPs' coverage worthiness based on the clients they keep? And what are some examples of exclusionary language that cyber insurance policy holders in an MSP relationship should watch out for? There is a basic expectation that an MSP should create a single, standardized stack of tools that they will use to service every one of their customers. And while that makes perfect sense for the MSP, it puts the client in a tricky position: either abandon the infrastructure and processes they already have in place and make a big adjustment to align with the MSP’s standards… or accept that they cannot access the MSP’s services. This segment will examine the pro and cons of this dilemma.

Show Notes: https://scmagazine.com/cfh2