Cyber Threat Insure launches new model for MSPs in Aust

Cyber Threat Insure has launched a new cyber liability insurance distribution model targeted at Managed Service Providers (MSPs), with IT First Responder announced as the first partner.

The new model aims to fill what Cyber Threat Insure describes as a significant gap in the Australian cyber insurance market by enabling MSPs to provide cyber liability coverage to their clients without incurring the advisory risks traditionally involved in selling insurance products.

Recent data from the Office of the Australian Information Commissioner (OAIC) highlights the urgency of this offering, with reported data breaches in the first half of 2024 reaching the highest level since late 2020 and malicious attacks accounting for 67% of notifications. Despite this rise in incidents, Cyber Threat Insure notes that only around 20% of Australian small and medium-sized businesses (SMBs) have standalone cyber insurance policies.

Traditionally, MSPs have been hesitant to recommend or facilitate cyber insurance for their clients due to complex application processes, outdated terminology, and concerns about taking on advisory liability. Many have therefore avoided involvement in insurance matters altogether.

"One of the biggest challenges we consistently face was helping clients navigate complex and outdated cyber insurance forms that didn't align with modern security practices," said Olga Burtseva, General Manager of IT First Responder. "Clients often misunderstood the relationship between cybersecurity controls and insurance requirements, creating friction and inaccuracies."

As the inaugural partner for Cyber Threat Insure, IT First Responder brings prior experience supporting SMBs in Australia and New Zealand with a focus on proactive cyber security. Burtseva added, "Technical measures alone aren't enough to safeguard a business. With Cyber Threat Insure, we can offer clients a true last line of defence—financial protection that complements our cybersecurity services, without exposing us to advisory risk."

Cyber Threat Insure was established by Daniel Boufarhat, an MSP industry professional, and Kristopher Mudd, an insurance specialist, to address what they identify as a disconnect in the industry between the technical expertise of MSPs and the underwriting criteria of insurers.

"The current model for cyber insurance distribution is fundamentally broken," said Kristopher Mudd, Chief Insurance Officer for Cyber Threat Insure. "MSPs understand their clients' technical vulnerabilities but aren't insurance experts, while insurance brokers understand policies but lack technical expertise. Cyber Threat Insure bridges this gap by enabling MSPs to facilitate proper coverage without assuming advisory risks. We've simplified everything—from the application process to claims handling—ensuring technical controls align perfectly with insurance underwriting requirements."

Cyber Threat Insure's solution offers several features for MSPs and their clients. Purpose-built policies are designed to fit MSP-managed IT environments and align closely with existing cyber security infrastructure. The claims handling process enables MSPs to coordinate directly with insurance underwriters and incident response teams in the event of a cyber incident, aiming to reduce response times. All policy documentation is in plain English.

The insurance cover provides SMBs with a range of protections, including 24/7 breach response and professional services such as forensic investigation and legal advice, support for regulatory obligations such as privacy breach notifications and insurable regulatory costs, ransomware and extortion coverage, and protection for business interruptions, including lost income and costs for data restoration following a cyber event.

The partnership between Cyber Threat Insure and IT First Responder establishes new options for MSPs across Australia and New Zealand to extend cyber liability cover to SMBs without assuming the risks associated with giving insurance advice to clients.