Who’s Breach Is It – The Legal Grey Area of MSP Client Transitions cover art

Who’s Breach Is It – The Legal Grey Area of MSP Client Transitions

Who’s Breach Is It – The Legal Grey Area of MSP Client Transitions

Listen for free

View show details

Here's a scenario that's playing out right now, for several MSPs across the country, and based on our research, most do not have it covered in writing.

A client decides to switch providers. The new MSP starts rolling out EDR and standing up monitoring. The old MSP begins winding down. Somewhere in that overlap, credentials are still active, agents are only half deployed, and it isn't clear who's actually watching. Then the breach hits.

Now two MSPs are pointing at each other, the client's data is exposed, and everyone reaches for the contract, only to find the transition period was not CLEARLY defined. Who was responsible? When did one watch end and the other begin? The MSA doesn't say. The SOW doesn't say.

This is one of the biggest gray areas in managed services, and it's the one that ends up in court.

To help us walk through it, we are joined by Melissa Ventrone, attorney at Clark Hill, who has lived this from the incident response side, where she sees what happens after the handoff goes wrong. We're going to dig into the controls and monitoring gap, who owns the risk during a transition, and what every MSP should put in writing before they ever take on, or hand off, a client.

adbl_web_anon_alc_button_suppression_t1
No reviews yet