[email protected] | 212.731.4230 | Book an Appointment Here (34) Madhur Duggar | LinkedInWhether or not you provide cyber services to your client, you are still exposed to cyber liability. I sit down with one of the most prominent lawyers in the country specializing in MSP legal practices, Thomas Fafinski. Thomas is joining to talk about a topic that is front and center in the MSP space today – Cybersecurity and what are some of the best practices MSPs should be following when protecting themselves against cyber liability. As an MSP, your clients expect you to "handle everything cybersecurity"—but when a breach happens, who's really liable?Cyber insurance can be your safety net—or a false sense of protection—if you don’t understand the fine print. Here are 5 critical best practices every MSP should implement to protect themselves, their clients, and their reputation:✅ 1. Know What You’re Actually Responsible For Most breaches are due to admin or physical errors—not tech failures. Make sure your MSA is crystal clear about what you do (and don’t) cover.✅ 2. Don’t Rely on Generic Contracts Include language in your MSA that limits liability for 3rd-party criminal acts, requires clients to carry cyber coverage, and defines scope precisely. (Look up Travelers v. Portal Healthcare if you want to see how vague language can lead to years of litigation.)✅ 3. Watch Out When Switching Policies That lower premium? It likely comes with a tighter coverage window. If you're on a claims-made policy and switch carriers, you could lose retroactive coverage and end up footing a massive bill.✅ 4. Understand What’s Not Covered Some insurers deny claims for “nation-state” attacks like NotPetya, citing “act of war” exclusions. Ask your broker about gaps related to ransomware, cloud outages, and regulatory fines.✅ 5. Choose a Carrier Who Shows Up Fast The best insurance isn’t just about reimbursement—it’s about real-time help. Look for 24–48 hour response times, breach response coordinators, and a vetted incident response panel.👉 Bonus: Proactively reduce risk by offering vCISO services, enforcing MFA, and requiring client-side security hygiene.📌 Final Thought: The best MSPs aren't just tech experts—they’re risk managers. If you’re not reviewing your insurance language annually, you’re leaving your firm exposed.💬 Curious how others in the space are structuring their MSAs or choosing carriers? Let’s start a conversation.Madhur Duggar is a Senior M&A Advisor at Excendio Advisors and focuses on IT ServicesReach out to Madhur at [email protected] or 212.731.4230  Book an Appointment with him on his LinkedIn at www.linkedin.com/in/madhur-duggarCheck out Excendio Advisors and our amazing content at www.excendio.comwww.linkedin.com/in/madhur-duggar

Ver todos los episodios