Beyond the Firewall: �Strengthening IT MSP Collaboration for Incident Readiness
In the first half of 2025, the Beazley Security Labs team has observed:
new CVEs published by the National Institute of Standards and Technology (NIST)
23,829
About this report
In recent years, the industry has seen a stark change in threat actors’ tools and behaviors, and our teams are constantly adapting as these tactics evolve.
Read full report
Read full report
Alton Kizziah
CEO, Beazley Security
See five-year breakdown
The ability to share these experiences proactively with clients is key to the Beazley Security value proposition. This is why I’m so excited to introduce our new Cyber Risk | In Focus series. Part explainer, part analysis, and part data resource, these reports are designed to dig deep into emerging trends as they’re unfolding and help you make informed decisions about your cyber defenses.
Let’s dive in. Read on to learn what edge device exploitation could mean for your businesses and what you can do preemptively to protect your environment.
Cyber Risk | In Focus
We see more than 5,000 incidents per year, giving us�unique insight into the changing risk environment.
What our experts have to say
84
CVEs added to CISA Known Exploited Vulnerabilities Catalog
4648
total posts on ransomware�leak sites
To access the full report, �please fill in your details below
Introduction
MSPs add value – and vulnerability
Understanding the risks
Putting the risks in context
Best Practices
Conclusion
A boom in technological innovation in recent years has driven the need for expertise and support of specialized IT management services. As a result, organizations have increasingly engaged IT managed service providers (MSPs) to support their IT and infrastructure.
Today’s MSPs are a crucial part of the IT ecosystem, often delivering levels of cybersecurity along with valuable technical support for both established and growing businesses. Helping organizations scale their IT infrastructure (and thus grow more quickly) makes MSPs an asset to the organizations they partner with. As an added benefit, their extensive knowledge of the businesses they serve allows them to act quickly as a supportive, boots-on-the-ground resource.
However, despite the undeniable support MSPs provide, their level of access and influence within systems can also introduce risk. As we increasingly see threat actors targeting tools commonly used by MSPs, organizations need to understand how their MSP is securing access to their environment, even if the MSP itself experiences a compromise. Further, they must set expectations about the MSP's role in incident response, including what is to be done, what is not to be done, and where specialized expertise should be engaged. One key concern is that the goals of an MSP may differ from those of the organization. For example, MSPs may have more incentive to get their clients up and running quickly following an incident than to investigate the causes. In the event of a breach, this gap can lead to inadvertent actions – such as accidentally copying over forensic artifacts or deleting critical information in the pursuit of rapid restoration – that can hinder investigations or obscure the original access vector.
Just as cybersecurity is not a “set it and forget it” exercise, organizations must treat MSPs and third-party vendors as collaborative partners in security. In this edition of the Beazley Security Cyber Risk | In Focus, we take a deep dive into the latest trends, the greatest risks, and the essential best practices to manage the MSP relationship, mitigate risk, and respond as a team in the event of an incident.
Introduction
MSPs add value – and vulnerability
Understanding the Risks
Putting the risks in context
Best Practices
Conclusion
DE
FR
DE
FR
Alton Kizziah
CEO, Beazley Security