New Study Exposes Hard Truth About the State of MSP Cybersecurity

BOSTON, MA – October 15, 2019 – Continuum®, the Platform for What’s Next, announced today new data revealing how managed service providers (MSPs) and their small-and medium-sized business (SMB) customers lack the tools and resources needed to sufficiently defend against rising cyberattacks and threats. The report, entitled “Under Attack: The State of MSP Cybersecurity in 2019,” found significant shortcomings in how MSPs offer cybersecurity, emphasizing the need for both MSPs and their SMB customers to reevaluate their cybersecurity strategies and identify effective solutions to bridge the widening IT skills gap.

Commissioned by Continuum and conducted by Vanson Bourne, the study surveyed 200 MSPs across the United States, and found that, in the past year, 74 percent of MSPs have suffered a cyberattack, with 83 percent reporting that their SMB customers have suffered one as well. The research also identified how turbulence in the market has made MSPs question their confidence and capabilities, as two thirds worry that they wouldn’t be able to defend their customers during a cyberattack. Additionally, 80 percent of MSPs are running into barriers when selling cybersecurity solutions to their customers/prospects.

The cybersecurity skills gap continues to burden MSPs, with more than one in five reporting that their organization does not have the right technical skills, certifications and knowledge to adequately and proactively defend their own organization and their customers against attacks. Inaccessibility to resources also poses as a significant problem, with 40 percent of MSPs saying that their organization struggles to obtain and retain the skills necessary to deliver and sell security services.

As the rate of cyberattacks grows, MSPs could suffer severe consequences. 43 percent of MSPs claim that their organization would be held solely accountable if one of their customers experienced a cyberattack. Additionally, 83 percent of MSPs say that their customers would take legal action against them in the event of a cyberattack, putting even more pressure on organizations to adapt and optimize their cybersecurity approach.

“With threats and attacks still on the rise, MSPs should be looking to spark more meaningful conversations around cybersecurity—both internally and with their customers,” says Brian Downey, vice president of security product, Continuum. “From knowledge comes confidence, and this research clearly indicates that the confidence level of MSPs in adequately supporting SMB cybersecurity needs is not where it needs to be right now. Finding the top talent, implementing the right cybersecurity solutions, and facilitating training programs to bring IT staff up to speed should be top priorities for any MSP as they continue to seek out ways to proactively protect their customers and themselves.”

While this research highlights areas for improvement, it also offers valuable insight into new opportunities for MSPs and how to capture more revenue from their cybersecurity solutions. Shifting to a proactive approach, addressing the skills gap, and re-enforcing security training and education with customers could be keys to success identified by this research. As a result, MSPs with the proper security strategy and solution are likely to reap the financial rewards, with previous research finding that SMBs are willing to spend 27 percent more for the right cybersecurity offering.

To download the full report, please visit: Continuum and Vanson Bourne will also be holding a webinar on the research results on October 29, and registration is now open.

About Continuum

Continuum is the proactive platform for what’s next. With technologies and services spanning security to backup to monitoring, the Continuum platform anticipates and tackles MSPs’ next challenge—enabling them to grow with confidence.

Have news to share? We want to help you spread the word. Submit your media releases to Please submit releases in Word or text docs or in the body of an email. Please do NOT send PDF documents.