Cybersecurity insurance, MSP, MSSP

Fixing the MSP/MSSP Cyber Insurance Problem

Cyber insurance

One of the big pain points for security service providers over the last several years is cybersecurity insurance. Rates skyrocketed after a few high-profile attacks hit small businesses, some even through tools used by managed service providers such as Solar Winds and Kaseya.

Insurance carriers’ lack of knowledge about cybersecurity has just compounded the problem.

But as they often do, managed service providers set out to work with industry partners to improve a difficult situation.

SaaS Alerts Partners with FifthWall

Last week at Right of Boom cloud-based cybersecurity monitoring platform SaaS Alerts announced a partnership with insurance wholesaler FifthWall Solutions and their new Beltex MSP insurance policy.

MSPs that implement SaaS Alerts for their clients will be provided with a special Beltex link, enabling those clients to verify their eligibility for cyber insurance. In many instances, customers can receive immediate quotes and coverage. Beltex is designed to streamline the entire insurance application and issuance process for MSPs and their clients.

The deal follows on another recent partnership between security information and event management (SIEM) provider Blumira, which also struck a deal with MSP insurance policy company Beltex and insurance wholesaler FifthWall Solutions to provide enhanced cybersecurity insurance solutions for small to mid-sized businesses (SMBs) via managed services providers.

Both partnership deals enable the companies to provide better access to better coverage, lower rates.

These partnerships are the culmination of many changes for cybersecurity insurance in the MSP and MSSP market over the past few years.  

Beltex: The Origin Story

Beltex is a company that emerged from this morass. Longtime MSP Dustin Bolander, frustrated with the state of cybersecurity insurance for MSPs decided to do something about it.

“As cyberinsurance started really ramping up, it was frankly annoying,” he told MSSP Alert. His typical process when he’s annoyed with something that he knows will be a part of the business is to ask himself, “How do we tackle this head-on to make it into a competitive advantage?”

That’s when Bolander went out and got his insurance license. That’s also the year, 2019, when he and MSP cybersecurity entrepreneur Wes Spencer were recruited by insurance wholesaler FifthWall (Like Pax8, but for insurance, Bolander explained), to build out FifthWall’s channel partner program.

“Once we figured out the process, we went all in on education in 2022 and added 700-plus MSPs to FifthWall’s partner program in 14 months,” Bolander told ChannelE2E.

In late 2023, Bolander founded another company called Beltex, an insurance company that has created an insurance policy specifically designed for MSPs’ customers. Beltex is a sister company to Fifthwall, Bolander said. Beltex debuted that insurance policy at the beginning of 2024.

“We have our own policy where we can do certain things with the underwriting requirements and claims/incident response," he said. "We are the only MSP-centric policy, fixing all the pain points that MSPs have around insurance.”

Why MSPs Need a Specialized Policy

For instance, Bolander does not require that MSPs or their customers run enterprise software “that no MSP anywhere has ever used."

As he explained, "The MSP has to be involved in the application process, but then we’ve also built in some safeguards so there is less liability for them. When there’s a claim or an incident, the MSP is the initial point of contact for that and is involved in the whole process, rather than the traditional insurance approach of, ‘Hey, MSP, get out of the way.’”

According to Bolander, Beltex’s policy offers the following benefits:

  • Clarity of application questions
  • Having and recognizing what good security looks like (i.e. requiring 24x7 MDR/EDR)
  • A fast and easy application process that is 100% online with instant quote and sign for $1 million coverage
  • The MSP is involved in the claims/incident response process and eligible to be paid for their work

“We took out all the MSP pain points and built it into our process,” Bolander said. “We’ve built everything around the way MSPs work, the tools that MSPs use.”

Wes Spencer: Insurance Carriers Don't Understand MSPs

Most insurance carriers don’t understand MSPs, said Wes Spencer, who worked with Bolander at FifthWall. Spencer sold his cybersecurity startup Perch Security to ConnectWise in 2020 and recently founded a new company, an educational platform/marketplace for MSP and their employees called Empath.

Spencer said that there’s been a disconnect in the industry. Insurers would sell cybersecurity policies directly to customers, but customers wouldn’t understand the cybersecurity jargon that the policies contained. So, the customers would then take the one-pager document to their MSP.

“The client would say this is a bunch of nerd words. I don’t get it. I never heard of MFA. I don’t know what EDR is,” Spencer explained. “They go to their MSP and say, hey, MSP, fill this out for me and don’t come back until it’s done. And then the MSP is in an awkward position because they have to explain to the client why they weren’t delivering those services and why they’re not eligible for insurance. It’s just a mess. The whole thing is an absolute mess.”

Spencer’s new company Empath is addressing the education part of this mess.

Beltex is addressing the MSP-centric cybersecurity insurance part.

“All of this is converging to really finally bring the MSP to the center of the insurance ecosystem instead of being the third wheel. It’s desperately needed,” Spencer said.

The Blumira Partnership Background

As a preferred Beltex vendor partner, Blumira MSP partners will be able to offer customers improved coverage and potentially lower cybersecurity insurance rates. In addition, MSPs will gain exclusive access to apply for the Beltex Certified Incident Response program. The IR program will enable MSPs to participate in customers’ IR processes and open avenues for potential reimbursement for their contributions.

“Blumira’s partnership with Beltex is a game changer for MSPs," Jeremy Young, director of partner strategy at Blumira, said in a prepared statement. "Creating an insurance product that considers the specific security tools MSPs are using to offer higher limits at lower costs is desperately needed in our space. What better proof of value could there be than to tell a client that they qualify for a higher quality cyber insurance offering simply by using Blumira? Additionally, Beltex understands the MSP’s role in the IR process and, in doing so, has created the ability for them to get reimbursed for their work; it’s never happened before.”

Beltex insurance is available for MSP customers located in the U.S. with under $100 million annual revenue. The availability of Beltex policies currently spans 48 states, with an additional two states anticipated to be accessible soon.

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.