Sales and marketing, Governance, Risk and Compliance, MSP, Content

Evergreen Launches Cyber Insurance Practice for MSPs

Credit: Getty Images
Dylan Lee of Evergreen Services Group
Dylan Lee of Evergreen Services Group

Evergreen Services Group has launched a cyber insurance service that MSPs can offer to their end-customers.

The move comes amid a painful and undeniable reality: MSPs worldwide are now prime cyberattack targets. Moreover, hackers increasingly Island Hop across supply chains -- leaping from MSP systems into end-customer systems.

Evergreen, backed by privater equity firm Alpine Investors, is best known for acquiring and/or investing in more than a dozen MSPs. Evergreen certainly wants those MSPs and their end-customers to practice proper risk management, cybersecurity and business continuity.

But if a cyber disaster strikes, Evergreen also wants to make sure MSPs and their end customers are protected -- with proper cyber insurance. That's where Evergreen P&C Insurance Solutions enters the picture. For more details about the service, ChannelE2E interviewed Evergreen's Dylan Lee. Here's the conversation.

ChannelE2E: When and why did Evergreen decide to build a cyber insurance practice?

Lee: We thought of the idea about a year ago, but then it took a lot of time and effort to seek out a quality insurance platform that could support our initiative, build a website, become a licensed insurance agent and get the business off the ground.

As a home for MSPs, we constantly think about unique ways we can be helpful to our companies while giving them a lot of autonomy to run their business. Offering cyber insurance in a seamless fashion was a logical choice. It was important to our MSPs that their end customers were covered, but it was tough to find an insurance facilitator that understood IT. In addition, our companies didn’t have the bandwidth to become licensed insurance agents themselves.

Even with the greatest security experts in the world protecting your business, no one is completely immune to a cyberattack. Think un-shredded documents found in the garbage, disgruntled employees, accidentally lost laptops, etc., cyber insurance can no longer be thought of as an option. It should be a line item in company budgets to ensure they are doing everything in their power to protect and manage risk with their business, employees, and customers. Our cyber insurance offering allows companies to easily access cyber insurance coverage from a trusted and quality source that understands IT.

ChannelE2E: Did you need to align with an insurance carrier or other types to build the practice?

Lee: Yes, we’ve contracted with a company and their platform which is supported by an A+ rated Insurance company rated by the rating service AM Best. Part of their platform includes a risk purchasing group that allows for a streamlined approach for the delivery of cyber coverage.

ChannelE2E: Is the insurance designed for MSPs or their end-customers – or both?

Lee: Coverage is available to both MSPs and their customers; however, it is designed for their end-customers.

ChannelE2E: Is this a potential revenue generator for MSPs – or more of a risk mitigation strategy for the MSPs and Evergreen?

Lee: This is simply another channel of protection and coverage that MSPs can offer their clients. In our opinion, it’s an important component of a managed security offering. If your clients aren’t insured against cyberattacks, they aren’t sufficiently protected, even if they have a comprehensive managed security offering.

ChannelE2E: Is the cyber insurance only designed for Evergreen’s MSPs, or are you extending the offering out to third-party MSPs?

Lee: Our cyber insurance policies are available to all MSPs and their customers, not just Evergreen MSPs. We’re happy to work with third-party MSPs to help them find the right insurance policy for their clients.

ChannelE2E: Lots of MSPs are confused about what cyber insurance covers – and what it doesn’t cover. Can you offer a brief bullet list of what’s typically covered, and what isn’t covered?

Lee: A typical cyber insurance policy offers coverage against typical risk areas such as:

  • Ransomware demands (negotiation and payment)
  • Data recovery expenses (costs to restore and recover data backup of electronic data)
  • Social engineering fraud (loss through fraudulent transfer instructions)
  • Telecommunication fraud (loss through unauthorized or fraudulent use of telephone, fax, or data transmission services)
  • E-theft (loss through unauthorized an electronic transfer of money)
  • Fraud response expenses (identity and credit monitoring services)
  • Legal and public relations expenses related to a cyber attack
  • Business interruption expenses (loss sustained during a period of restoration because of a system disruption)

What isn’t typically covered with a cyber insurance policy?

  • Possible future lost profits
  • Loss of value due to theft of Intellectual Property
  • Costs associated with improving your business’s technology systems, including software or security upgrades, following a cyber incident

ChannelE2E: Any tips or advice you’d offer to MSPs that are just beginning the search for proper cyber insurance?

Lee: Make sure you align with companies that understand the services you provide to your clients and make sure you understand what’s covered and what isn’t. Pointing your customers to cyber insurance providers is an opportunity to deepen your relationship with the customer, but if you don’t align correctly, it can reflect poorly on you if a breach does indeed occur.

ChannelE2E: Any other key thoughts you’d care to share about the cyber insurance effort and/or Evergreen?

Lee: When we started Evergreen P&C Insurance Solutions, we prioritized making the process of getting cyber insurance coverage as easy and simple as possible. It takes just 5 minutes from landing onto our homepage to having coverage in-hand and even less time to getting your free quote.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.