MSP Survey: Kaseya Cyberattack Prompts More Questions, Concerns from Customers

"I don't tell them they are safe. That would be untrue," one MSP told us.

Edward Gately, Senior News Editor

August 23, 2021

4 Min Read
Businessman concerned
Shutterstock

Channel Futures’ latest benchmark MSP survey shows MSPs weren’t impacted much by last month’s Kaseya ransomware attack. However, current and potential customers are voicing more concerns about cybersecurity.

Channel Futures surveyed more than 200 organizations. To qualify for the quarterly MSP survey, respondents has to be an MSP, an MSSP, have a managed service business or have managed services as part of their portfolio.

This latest survey included questions addressing the Kaseya attack:

  • When asked about the level of fallout on their organization from the Kaseya attack, 42% said no impact, while 28% reported nominal impact and 25% reported moderate impact. Five percent reported high impact.

  • When asked whether they’ve lost or gained customers due to the Kaseya attack, 74% reported no change, while 18% gained customers and 9% lost customers.

  • Some 77% of MSPs said current and potential customers are voicing more concerns about cybersecurity due to recent high-profile ransomware attacks. The remaining 23% reported no change.

When asked how they’re addressing customers’ concerns, responses ranged from “honesty,” to “I am telling customers that we are using best-in-class products and suppliers.” Another said, “I don’t tell them they are safe. That would be untrue. If you use the internet, you are not safe.”

Finally, when asked which technologies had the biggest gain during the quarter, almost half (49%) cited cybersecurity, It beat all others, including cloud, which garnered 34%.

Kaseya Was Transparent, Available

Phillip Walker is customer advocate CEO at Network Solutions Provider (NSP), an MSP and Kaseya customer. He said Kaseya was transparent and available from the start of the attack.

Walker-Phillip_NSP-2021.jpg

NSP’s Phillip Walker

“It gave us a lot of collaboration, which I think is vital to keep us more safe,” he said. “It gave us the ability to say with confidence, ‘Hey, this is what’s going on, this is what we’re doing, this is where it’s going, things of that nature. The response was great. Our response was great.”

Walker said the attack didn’t impact his customers. Within an hour of learning of the attack, Kaseya shut down access to the VSA software in question.

“We have tools in place to help protect them, and since Kaseya turned off the systems proactively, my clients were not a risk,” he said. “We ran for free extended detection and response (XDR) and network scans on my clients to ensure everyone was safe.”

Gaining Customers After Kaseya

NSP gained customers after the attack, Walker said.

“Our talk about the network as a defense made business sense after the attack,” he said. “And since Kaseya did a fantastic job on being transparent and direct, it made it easy on us as an MSP.”

Current and potential customers are raising more concerns about cybersecurity in the aftermath of Kaseya, Walker said.

“I think the reality of ransomware attacks has finally driven customers to must-have in cybersecurity cases,” he said. “NSP has launched a cyber shield defense team to take on deeper security issues and expand our solutions. We are adding the next layer of people and processes to cybersecurity tools for our clients.”

Walker said the main lesson learned from the Kaseya attack is ” partnerships really matter.”

“And being partnered with Kaseya was an amazing thing because they made the hard decision, the right choice and protected their core customer base,” he said. “I’m not sure other people would have made the same decision in that boat. The other lesson learned is that it’s no longer a theoretical threat; these hackers are getting more and more sophisticated. So we have to get more and more [vigilant]. So as much as we get tired of talking about cybersecurity, and as exhausting as the work and the budget are, it’s all going to a good cause and it’s all going in the right direction.”

Acting Quckly

Kevin Peterson owns Peterson Technology Group, an MSP and Kaseya customer.

Peterson-Kevin_Peterson-Technology-Group.jpg

Peterson Technology Group’s Kevin Peterson

“The Kaseya ransomware attack did affect our organization,” he said. “We took proactive steps to shut down our VSA servers and followed Kaseya’s best practices for securing them and bringing them back online. Our servers were fully patched so we were not at risk but still followed all of the best practices.”

Peterson Technology hasn’t lost or gained customers because of the Kaseya attack.

“We have discussed the Kaseya attack with our clients and prospects,” Peterson said. “We preach defense-in-depth security so we are doing everything we can to help protect our clients. This incident has made some of these conversations easier as they have heard some of the news stories.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

MSPsChannel Research

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like