Cybersecurity insurance, MSP, MSSP, MDR

Cyberinsurance Company Offers MDR to MSPs

Share
Credit: Adobe Stock Images

Managed security service providers (MSPs) are getting some new competition.

Cybersecurity insurance companies are rolling out their own stacks of cybersecurity services to customers, including enterprises and managed service providers.

For instance, Beazley Security has rolled out a managed XDR service, potentially putting it in competition with more traditional MSSPs.

MSSP Alert recently caught up with John Roberts, general manager of security at Coalition, another big cybersecurity insurance company that works with MSPs and has rolled out a growing portfolio of cybersecurity services.

Roberts was one of the first employees at the company when it started in 2017, having previously worked with cofounder Josh Motta at Cloudflare. Coalition was founded with a mission to provide comprehensive protection against cyber threats, combining insurance coverage with security tools and services. The services business is an outgrowth of the company’s roots in cybersecurity.

Coalition’s Cybersecurity Services Stack

What cybersecurity services Coalition offers? They include an attack surface monitoring tool called Coalition Control offered for free to its policy holders. This tool provides vulnerability scanning to identify cybersecurity gaps.

But it’s not just policy holders that can get the benefit of Coalition Control, Roberts said. Coalition offers a multi-tenant version of this platform for MSPs, enabling them to manage the security of their clients more effectively, he said.

For those MSPs that are not policy holders, they can access a freemium version of Coalition Control that Roberts describes as a “starter scan” that the MSP can use with any of their customers. The MSP can opt to resell a more in-depth scan to paying customers, Roberts said.

MDR is a separate opportunity, and some of Coalition’s MSP partners are offering it and some are not.

Coalition is currently working with 60 MSPs, Roberts said, and those companies include Harbor Networks and North Star Technology.

Why Does Coalition Offer Cybersecurity Services?

Coalition insures 80,000 organizations across four countries, Roberts said. A significant portion of these organizations are small businesses, which often rely on MSPs for their IT needs. This dependency has driven Coalition to develop tools that MSPs can use to enhance their service offerings and improve their clients' security postures, according to Roberts.

With that in mind, Coalition introduced a managed detection and response (MDR) service in Q2 2023. Roberts says the service is a natural outgrowth of the company’s incident response services.

“Our customers were like, 'You helped us on our worst day ever. We trust you. Can you please stick around?'” Roberts said.

Coalition also provides incident response retainers and security awareness training, integrated into the Coalition Control platform, which offer MSPs a range of options to support their clients, Roberts said.

Incident response was among the first services offered by Coalition. Coalition regularly scans the internet for threats. It also sets up honey pots to track threat activity. Both those activities provide Coalition with data about threats. Coalition's incident response work also provides Coalition with data about vulnerabilities that are being exploited and threats that are trending. It seems obvious to say, but gathering data about risks is core to what an insurance company does. Cybersecurity services are a natural partner to that risk assessment business.

Roberts said when it comes to offering incident response, Coalition is happy to lead with endpoint detection and response agents from companies such as SentinelOne or Crowdstrike or Microsoft Defender.

“The important part is the M in MDR to have that sort of extra talent and team and the data that we know from helping 80,000 organizations and what goes wrong through both the scanning and the honeypots we run,” he said.

Does Roberts consider Coalition to be an MSSP?

“In the broadest definition, sure. The way I think of it is that we are offering services that help MSPs become MSSPs,” he said.

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.