By Ryan Windt | Head of Growth Marketing | Updated June 2026
Most MSPs know they need Tech E&O insurance. Fewer understand what MSP-specific E&O coverage actually looks like, how it differs from the generic technology professional liability form written for software companies, and what underwriters are evaluating when they write it for a managed services business.
This post covers the MSP-specific questions the general explainers do not answer: what claims look like in practice, how coverage coordinates with your cyber policy when both are triggered, what a dual-trigger claim actually costs and how the two policies split it, what underwriters scrutinize on an MSP application, and how to size limits against your actual contractual exposure.
For a general overview of Tech E&O before diving into the MSP specifics, start with Technology E&O Insurance: A Plain-English Guide for Tech Companies and MSPs. For a scenario-by-scenario breakdown of which policy responds to what, see Tech E&O vs. Cyber Insurance: How Each Policy Responds Across Real-World Scenarios.
What MSP Tech E&O Claims Actually Look Like
Tech E&O for a SaaS company is primarily about product failures: a bug in the code, a platform outage, a miscalculated output. The claim originates in the software.
Tech E&O for an MSP is primarily about service failures: a technician made an error, a script ran against the wrong scope, a migration did not go as planned, an SLA was missed. The claim originates in the work your team performed inside a client’s environment.
Scripting and automation errors. A script deployed across the client base that deletes the wrong files, modifies the wrong registry keys, or corrupts data at scale. The damage can span multiple clients simultaneously if the script runs through your RMM.
Botched migrations. A server migration, cloud transition, or system upgrade that corrupts data, causes extended downtime, or fails to meet agreed-upon specifications. Clients frequently bring claims when a migration promised to take a weekend takes two weeks and disrupts operations.
Missed SLAs. Your MSA promised four-hour response times and the ticket sat for 14 hours. A critical patch was supposed to be deployed within 72 hours of release and was not. A backup was supposed to run nightly and had been silently failing for three weeks. When the resulting incident produces a quantifiable client loss, that is an E&O claim.
Monitoring failures. Your endpoint protection or SOC monitoring was supposed to catch threats your contract said you would catch. A client suffers a ransomware attack and argues your tools or team missed indicators that should have triggered a response. These claims sit at the intersection of E&O and cyber liability, and having both policies coordinated is the only way to avoid a gap when both are triggered.
Recommendations that did not pan out. You recommended a solution, the client implemented it, and it did not perform as expected. When the resulting financial harm is significant, some clients pursue the recommending MSP rather than the vendor.
How Tech E&O and Cyber Coordinate for MSPs: A Dollar-Figure Example
The most important coverage question for MSPs is not whether to buy Tech E&O. It is how Tech E&O and cyber liability work together when a single incident triggers both.
Here is how that plays out in practice with real numbers.
The incident. Your team deploys a misconfigured firewall rule during a routine change window. An attacker identifies the vulnerability within 48 hours and uses it to move laterally into a client’s environment, exfiltrating 60,000 customer records before your monitoring detects the activity. The client is a healthcare organization subject to HIPAA.
The costs that follow.
| Cost Item | Estimated Amount | Policy That Responds |
|---|---|---|
| Forensic investigation (your environment) | $45,000 | Cyber (first-party) |
| Breach notification to 60,000 individuals | $90,000 | Cyber (first-party) |
| Credit monitoring for affected individuals | $60,000 | Cyber (first-party) |
| Your business interruption during remediation | $30,000 | Cyber (first-party) |
| Regulatory defense (HHS OCR investigation) | $75,000 | Cyber (third-party) |
| Client claim: damages for professional error (misconfiguration) | $350,000 | Tech E&O (third-party) |
| Legal defense against client claim | $80,000 | Tech E&O (third-party) |
| Total | $730,000 |
In this scenario, cyber handles $300,000 in first-party and regulatory costs. Tech E&O handles $430,000 in client claim and defense costs. Neither policy alone would have covered the full exposure. If only cyber was in place, the $430,000 client claim would be uncovered. If only Tech E&O was in place, the $300,000 in breach response costs would be uncovered.
If the two policies are not coordinated, the client claim could also be disputed: the cyber carrier may argue it is a professional liability matter, and the E&O carrier may argue it is a security incident. A broker who places both and confirms the coordination language before binding eliminates that argument before it starts.
At minimum, confirm two things before you bind: your Tech E&O policy does not exclude claims arising from security incidents, and your cyber policy does not exclude professional liability claims. Both exclusions exist in the market and neither is obvious from a summary of benefits.
What Underwriters Evaluate for MSP Tech E&O
Tech E&O underwriting for MSPs focuses on three areas that differ from the standard tech company application.
Your MSA language. Underwriters review the service obligations you have accepted in client contracts. The specific language around liability caps, indemnification, and defined security responsibilities determines how much exposure flows back to you when a client brings a claim. An MSA with uncapped liability and broad indemnification language is a material underwriting concern. Underwriters want to see a liability cap, typically tied to fees paid under the contract, and clearly defined responsibility boundaries between what you manage and what the client owns.
Client concentration. What percentage of your revenue comes from your single largest client? A client representing 40 or 50 percent of revenue creates a severity exposure that underwriters price accordingly. A claim from that client has a potential magnitude that a diversified book does not.
Change management and QA processes. Scripting errors, bad deployments, and botched migrations are the most common MSP E&O claims. Underwriters look for evidence that you have internal controls to catch errors before they reach client environments: peer review on scripts before deployment, test environments that mirror production, documented change management procedures, and rollback plans for major changes. An MSP that can demonstrate a structured change management process is a meaningfully better E&O risk than one that deploys ad hoc.
For a full breakdown of how underwriters evaluate MSP submissions on the cyber side, see How Underwriters Evaluate an MSP’s Client Base.
What Tech E&O Costs for MSPs
Premiums for MSP Tech E&O vary based on revenue, client concentration, MSA terms, and claims history. Most carriers offer it as a combined form with cyber, which is generally more cost-effective than purchasing separately.
| MSP Annual Revenue | Typical Tech E&O + Cyber Combined Premium | Standalone Tech E&O Estimate |
|---|---|---|
| Under $1M | $3,000 to $6,000 | $1,500 to $3,000 |
| $1M to $3M | $6,000 to $12,000 | $3,000 to $6,000 |
| $3M to $10M | $12,000 to $25,000 | $5,000 to $12,000 |
| $10M to $30M | $25,000 to $60,000 | $10,000 to $25,000 |
MSPs with clean loss histories, documented change management processes, and well-structured MSAs typically land at the lower end of these ranges. MSPs with prior E&O claims, high client concentration, or uncapped MSA liability will price higher. For current cyber-side premium benchmarks by MSP revenue tier, see Cyber Insurance for MSPs.
Sizing Your Tech E&O Limits
The most common limit selection mistake for MSPs is sizing Tech E&O based on their own revenue rather than their contractual exposure.
Your revenue tells you what your business earns. Your contractual exposure tells you what you could owe if something goes wrong. Those two numbers are often very different.
The right starting point is your largest client contract. What is the maximum liability you could face under that contract if your team’s error caused a significant loss? If your MSA caps liability at fees paid under the contract, your maximum single-client exposure is bounded. If your MSA has no cap, your exposure is bounded only by what a court awards.
From there, consider your aggregated exposure. If a scripting error runs across your entire client base simultaneously, what is the total potential loss across all affected clients? That number, not your annual revenue, is what your Tech E&O limit needs to address.
Most small MSPs start at $1M per occurrence / $1M aggregate. MSPs managing enterprise environments under contracts with broad indemnification language frequently carry $2M to $5M. For a full limit-sizing framework, see How Much Cyber Insurance Do I Need?
Frequently Asked Questions
Does Tech E&O cover a client claim if my team’s error also caused a data breach?
It can, and this is one of the most important coverage questions for MSPs. If a client brings a claim alleging your professional error created the conditions for their breach, that claim can trigger both Tech E&O and cyber liability depending on how it is structured. Having both policies coordinated, ideally from the same carrier, is the cleanest way to ensure coverage responds without a gap.
Does Tech E&O cover claims from multiple clients in a single incident?
Yes, subject to your aggregate limit. If a scripting error affects multiple clients simultaneously, claims from each client are covered up to the aggregate limit of your policy. This is one reason MSPs with large client bases need to size their aggregate limit against their total potential exposure, not just their largest single client.
What if my MSA has no liability cap?
An uncapped MSA means your potential liability on a significant claim is bounded only by what a court awards. That exposure needs to be reflected in your Tech E&O limit. It is also a strong argument for working with legal counsel to add a liability cap before your next renewal, both to reduce your actual exposure and to improve your underwriting terms.
Do I need separate Tech E&O and cyber policies or can I buy them together?
Most carriers that specialize in MSP coverage offer a combined policy form. A combined form is generally preferable because it eliminates the coordination risk on dual-trigger events. If you buy separately, confirm with your broker that the two policies are coordinated and that neither excludes the scenarios most likely to affect an MSP.
What is prior acts coverage and why does it matter when switching carriers?
Tech E&O is a claims-made policy. Prior acts coverage extends protection to incidents that occurred before your current policy period began, as long as you were not aware of them when the policy started. When switching carriers, confirm that your new policy provides prior acts coverage back to your original retroactive date. Letting that coverage lapse creates a gap for claims that arise from work done during the uncovered period.
Related Resources
• Technology Errors and Omissions Insurance: A Plain-English Guide for Tech Companies and MSPs
• Tech E&O vs. Cyber Insurance: How Each Policy Responds Across Real-World Scenarios
• Cyber Insurance for MSPs
• How Underwriters Evaluate an MSP’s Client Base
• Cyber Insurance Requirements: Minimum Controls Checklist
• How Much Cyber Insurance Do I Need?
SeedPod Cyber works with MSPs to place Tech E&O and cyber coverage that reflects how managed services businesses actually operate, including aggregation risk, MSA liability exposure, and the coordination questions that matter when both policies are triggered. Contact us to talk through your coverage, or learn about our coverages.