By Ryan Windt | Head of Growth Marketing | Updated May 2026
Most MSPs know they need Tech E&O insurance. Fewer understand what MSP-specific E&O coverage actually looks like, how it differs from the generic technology professional liability form written for software companies, and what underwriters are evaluating when they write it for a managed services business.
This post covers the MSP-specific questions the general explainers do not answer: what claims look like in practice, how coverage coordinates with your cyber policy when both are triggered, what underwriters scrutinize on an MSP application, and how to size limits against your actual contractual exposure.
For a general overview of Tech E&O before diving into the MSP specifics, start with Technology E&O Insurance: A Plain-English Guide for Tech Companies and MSPs. For a scenario-by-scenario breakdown of which policy responds to what, see Tech E&O vs. Cyber Insurance: What’s the Difference and Which Do You Need?
What MSP Tech E&O Claims Actually Look Like
Tech E&O for a SaaS company is primarily about product failures: a bug in the code, a platform outage, a miscalculated output. The claim originates in the software.
Tech E&O for an MSP is primarily about service failures: a technician made an error, a script ran against the wrong scope, a migration did not go as planned, an SLA was missed. The claim originates in the work your team performed inside a client’s environment.
Scripting and automation errors. A script deployed across the client base that deletes the wrong files, modifies the wrong registry keys, or corrupts data at scale. The damage can span multiple clients simultaneously if the script runs through your RMM.
Botched migrations. A server migration, cloud transition, or system upgrade that corrupts data, causes extended downtime, or fails to meet agreed-upon specifications. Clients frequently bring claims when a migration promised to take a weekend takes two weeks and disrupts operations.
Missed SLAs. Your MSA promised four-hour response times and the ticket sat for 14 hours. A critical patch was supposed to be deployed within 72 hours of release and was not. A backup was supposed to run nightly and had been silently failing for three weeks. When the resulting incident produces a quantifiable client loss, that is an E&O claim.
Monitoring failures. Your endpoint protection or SOC monitoring was supposed to catch threats your contract said you would catch. A client suffers a ransomware attack and argues your tools or team missed indicators that should have triggered a response. These claims sit at the intersection of E&O and cyber liability, and having both policies coordinated is the only way to avoid a gap when both are triggered.
Recommendations that did not pan out. You recommended a solution, the client implemented it, and it did not perform as expected. When the resulting financial harm is significant, some clients pursue the recommending MSP rather than the vendor.
How Tech E&O and Cyber Coordinate for MSPs
The most important coverage question for MSPs is not whether to buy Tech E&O. It is how Tech E&O and cyber liability work together when a single incident triggers both.
A common example: your team deploys a misconfigured firewall rule that opens a vulnerability. An attacker exploits it and exfiltrates client data. The client brings a claim.
Your cyber policy covers your first-party costs: forensics, breach notification, your own business interruption. Your Tech E&O covers the client’s claim against you for the professional error that created the vulnerability. Two policies, two distinct coverage lines, one incident.
If the policies are not coordinated, you can end up with each carrier pointing to the other when the claim comes in. The practical solution is to buy both from the same carrier where possible, or work with a broker who can confirm the coordination language before you bind.
At minimum, confirm two things before you bind:
Your Tech E&O policy does not exclude claims arising from security incidents. Some forms do, which creates a gap precisely where MSPs are most exposed.
Your cyber policy does not exclude professional liability claims. Again, some forms do.
Both exclusions exist in the market. Neither is obvious from a summary of benefits.
What Underwriters Evaluate for MSP Tech E&O
Tech E&O underwriting for MSPs focuses on three areas that differ from the standard tech company application.
Your MSA language. Underwriters review the service obligations you have accepted in client contracts. The specific language around liability caps, indemnification, and defined security responsibilities determines how much exposure flows back to you when a client brings a claim. An MSA with uncapped liability and broad indemnification language is a material underwriting concern. Underwriters want to see a liability cap, typically tied to fees paid under the contract, and clearly defined responsibility boundaries between what you manage and what the client owns.
Client concentration. What percentage of your revenue comes from your single largest client? A client representing 40 or 50 percent of revenue creates a severity exposure that underwriters price accordingly. A claim from that client has a potential magnitude that a diversified book does not.
Change management and QA processes. Scripting errors, bad deployments, and botched migrations are the most common MSP E&O claims. Underwriters look for evidence that you have internal controls to catch errors before they reach client environments: peer review on scripts before deployment, test environments that mirror production, documented change management procedures, and rollback plans for major changes. An MSP that can demonstrate a structured change management process is a meaningfully better E&O risk than one that deploys ad hoc.
For a full breakdown of how underwriters evaluate MSP submissions on the cyber side, see How Underwriters Evaluate an MSP’s Client Base.
Sizing Your Tech E&O Limits
The most common limit selection mistake for MSPs is sizing Tech E&O based on their own revenue rather than their contractual exposure.
Your revenue tells you what your business earns. Your contractual exposure tells you what you could owe if something goes wrong. Those two numbers are often very different.
The right starting point is your largest client contract. What is the maximum liability you could face under that contract if your team’s error caused a significant loss? If your MSA caps liability at fees paid under the contract, your maximum single-client exposure is bounded. If your MSA has no cap, your exposure is bounded only by what a court awards.
From there, consider your aggregated exposure. If a scripting error runs across your entire client base simultaneously, what is the total potential loss across all affected clients? That number, not your annual revenue, is what your Tech E&O limit needs to address.
Most small MSPs start at $1M per occurrence / $1M aggregate. MSPs managing enterprise environments under contracts with broad indemnification language frequently carry $2M to $5M. For a full limit-sizing framework, see How Much Cyber Insurance Do I Need?
For current premium benchmarks by MSP revenue tier, see Cyber Insurance for MSPs. Buying Tech E&O and cyber as a combined policy form from a single carrier is typically more cost-effective than purchasing them separately and eliminates the coordination risk between two separate policy forms.
Frequently Asked Questions
Does Tech E&O cover a client claim if my team’s error also caused a data breach?
It can, and this is one of the most important coverage questions for MSPs. If a client brings a claim alleging your professional error created the conditions for their breach, that claim can trigger both Tech E&O and cyber liability depending on how it is structured. Having both policies coordinated, ideally from the same carrier, is the cleanest way to ensure coverage responds without a gap.
Does Tech E&O cover claims from multiple clients in a single incident?
Yes, subject to your aggregate limit. If a scripting error affects multiple clients simultaneously, claims from each client are covered up to the aggregate limit of your policy. This is one reason MSPs with large client bases need to size their aggregate limit against their total potential exposure, not just their largest single client.
What if my MSA has no liability cap?
An uncapped MSA means your potential liability on a significant claim is bounded only by what a court awards. That exposure needs to be reflected in your Tech E&O limit. It is also a strong argument for working with legal counsel to add a liability cap before your next renewal, both to reduce your actual exposure and to improve your underwriting terms.
Do I need separate Tech E&O and cyber policies or can I buy them together?
Most carriers that specialize in MSP coverage offer a combined policy form. A combined form is generally preferable because it eliminates the coordination risk on dual-trigger events. If you buy separately, confirm with your broker that the two policies are coordinated and that neither excludes the scenarios most likely to affect an MSP.
What is prior acts coverage and why does it matter when switching carriers?
Tech E&O is a claims-made policy. Prior acts coverage extends protection to incidents that occurred before your current policy period began, as long as you were not aware of them when the policy started. When switching carriers, confirm that your new policy provides prior acts coverage back to your original retroactive date. Letting that coverage lapse creates a gap for claims that arise from work done during the uncovered period.
Related Resources
Technology E&O Insurance: A Plain-English Guide for Tech Companies and MSPs
Tech E&O vs. Cyber Insurance: What’s the Difference and Which Do You Need?
How Underwriters Evaluate an MSP’s Client Base
Cyber Insurance Requirements Checklist
SeedPod Cyber works with MSPs to place Tech E&O and cyber coverage that reflects how managed services businesses actually operate, including aggregation risk, MSA liability exposure, and the coordination questions that matter when both policies are triggered.
Contact us to talk through your coverage, or learn about our coverages.