In case you have not seen this lately, insurance companies are showing up with their own security teams. The other thing that we’re seeing out there is insurance companies are scanning your largest clients and then sending them a nasty note, basically talking about dropping their policy. They’re telling YOUR clients that they will drop their insurance coverage if YOU as their IT provider don’t address the things they found in their audit. They’re not just doing this at the end of their renewal cycle either. They’re doing this throughout the agreement…
It’s your biggest clients that are primarily getting these ultimatum emails.
It’s the ones that are spending a lot of money with you. They are also the ones that are spending a lot of money with the insurance company! Because the bigger the policy, the more interested they are in coming out and sending something like this now.
What does all that mean? Let me tell you…
Essentially, your client would get a message that would say something along the lines of, “Our security team identified this problem with Microsoft Exchange Server…” All of a sudden your client starts wondering what their managed service provider is doing wrong. The scarier part for you as a managed service provider is that they are finishing these messages with an offer to have one of their assigned security teams come to help you resolve these issues. And they are NOT filling you in on this conversation either.
They’re sending it to your client and they’re sending it to the CFO, or the CEO. They’re not sending it to the receptionist. This is really creating a problem leaving some providers to have to figure out how to defend themselves and recover from this exposure.
Insurance companies are also requesting concrete evidence that you have fixed the issues they found and that you remediated any possible compromise.
They will not just accept you saying that you found an attacker and got him out of the network… They want evidence that a third party has gone through and actually audited, and provided you, and the insurance company with proof that there are no longer any indicators of compromise.
You are probably wondering, “Who is their security team?” The answer: It’s another MSP.
It’s just another MSP that got friendly with the insurance company and they’re the ones providing this audit for the insurance companies. They’re also going into situations where they’re going through analyzing networks, but they’re using old domains that are still out there. And when that happens, who maintains those old domains?
Well, a lot of times they’re not maintained by anyone at all. Somebody buys them up and then they put stuff in that it is basically an abandoned location. And now your client thinks this looks bad and all of a sudden you have all these extra problems…
Finally, after everything is said and inspected, your client’s insurance company is still coming back and recommending another MSP for your client to switch to. It is portrayed as if they have been the hero, and their new recommended provider will be the best option for your client to move forward with instead of staying with you…
In actuality, the other MSP and your client’s insurance company, just made a business deal to try and steal your client from you!
Their offer comes along the lines of “We’ll give you a 20% discount on your cybersecurity if you use these new guys because we “know that they’re so secure.” The bottom line is, that this is something that you want to get in front of.
Again, this is not something that’s happening during the renewal period. It’s not something that they’re just doing at the end of the year… This is something that’s starting to happen throughout the year.
How do we recommend you as an MSP actually get in front of this?
One thing I know from working with Rusty Goodwin, who runs a large insurance company, is that you need to be selling compliance. Compliance as an actual service.
Myself, Rusty and Bruce are all presenting at this year’s IT Marketing Roadshow. We’ll be talking about growing your bottom line, selling compliance, raising profits and partnering with insurance agents to get a flood of quality new clients.
