RESEARCH
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
Cyber Compliance
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Why You Might Want to Reconsider Your WISP for Every Single Client
Why This Isn’t Just About Checking a Compliance Box If you’re running an MSP, you’ve probably heard about Written Information Security Plans (WISPs). Maybe you’ve even created one—for certain clients, in certain industries, under certain regulations. But here’s the question: ...
The Dangerous Compliance Shortcut That Could Put Your MSP on the Hook for Negligence
Imagine sitting across from your best client. They tell you they’ve found a company that can build out their entire HIPAA compliance program in under three days. No heavy lifting. Fully automated. ...
Cyber Liability
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
What a New Lawsuit Can Teach Us About Cyber Liability and Documentation
When a cyber insurance provider sues vendors after a ransomware incident, it’s not just about fault—it’s about proof. In Ace American Insurance Co. v. Congruity 360 and Trustwave, we see how courts allocate responsibility—and why the side with the best ...
Why Plaintiff Attorneys Are Watching Your Breaches—And Why You Can’t Hide
Managed Service Providers (MSPs) sit at the heart of their clients’ IT and cybersecurity. But when it comes to data breaches, MSPs often underestimate who’s paying attention. It’s not just regulators and customers—it’s also plaintiff attorneys eager to file class-action ...
Insurance & MSP Liability
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
If You Don’t Own the Security Stack, You’ll Be Replaced
There’s a quiet shift happening in the cyber insurance world—and if you’re not talking to your clients about it, someone else is. That someone is their insurance provider. And they’re not just selling policies anymore. They’re selling cybersecurity solutions too. ...
More Articles
SpamGPT Just Weaponized the PDF. Now What?
You ever get that gut feeling when something smells off? That’s what one of our partners felt when a client forwarded them a resume last week. We helped them analyze it. The issue? It looked like a normal PDF. Clean, ...
What a New Lawsuit Can Teach Us About Cyber Liability and Documentation
When a cyber insurance provider sues vendors after a ransomware incident, it’s not just about fault—it’s about proof. In Ace American Insurance Co. v. Congruity 360 and Trustwave, we see how courts allocate responsibility—and why the side with the best ...
The Night Your Security Tools Died
Let’s start with a bedtime story. You've probably lived it. It’s 2:13 a.m. Your phone’s going off like a smoke alarm. Caller ID: CFO. “Nothing works. Are we—are we hacked?” You roll over, crack open the laptop. Your RMM is ...
Why Plaintiff Attorneys Are Watching Your Breaches—And Why You Can’t Hide
Managed Service Providers (MSPs) sit at the heart of their clients’ IT and cybersecurity. But when it comes to data breaches, MSPs often underestimate who’s paying attention. It’s not just regulators and customers—it’s also plaintiff attorneys eager to file class-action ...
The Tale of Two MSPs: Why Buying Every Shiny Security Tool Is Killing Your Business
This week, I’m at a security event. You know the scene: vendor hall packed with shiny solutions, MSP owners wandering the aisles, scratching their heads, trying to figure out what’s “must-have” and what’s just sales smoke. I talked to two ...
Overwhelmed by Alerts? Here’s How MSPs Can Finally Break Free from the Noise
The flood of alerts is killing your team’s focus—and your clients’ security. Default vendor alerts are too noisy. Engineers are drowning in false positives, ignoring real threats, and burning out in the process. If you’re running an MSP, you’ve seen ...
Your Clients Don’t Have a Cyber Playbook—And That Makes You the Scapegoat
Why MSPs Keep Taking the Fall If you are an MSP owner or operator, here is the hard truth. When your client experiences a cyber incident, you are going to be blamed. It doesn’t matter if the breach happened because ...
Part 2: For the Price of Coffee, You Can Avoid Buying a Hacker a Yacht
Last time we looked at why tabletop exercises matter and how they can reveal the cracks MSPs don’t notice until it’s ...
Dropping the Bricks and Picking Up What Matters
Have you ever felt like you’re carrying around a ton of bricks? Not the sturdy, well-stacked kind either. I’m talking about the ones someone tossed into your backpack one by one until you’re hunched over, wondering why your knees suddenly ...
Part 1: For the Price of Coffee, You Can Avoid Buying a Hacker a Yacht
It always starts like a normal day. You grab coffee, drop your lunch in the fridge, skim through tickets and emails, maybe ...
If You Missed the Security Chaos of the ‘90s, You’re in Luck!
We’re all seeing it. AI is changing how we approach nearly every part of business. It’s taking meeting notes, spitting out action items, and building chatbots to handle the flood of internal questions. The potential benefits for busy teams and ...
Shadow IT Just Went Legal—and It's Coming for Your MRR
Earlier this year, a quiet courtroom in the Central District of California made noise the entire cybersecurity industry should be hearing: for the first time ever: a federal judge used the term “Shadow IT” in a legal ruling. And just ...
