RESEARCH
Before You Sell Security, Ask Yourself This: Who’s Liable When It Fails?
Every MSP wants to talk about cybersecurity when things are going well. New tools, new programs, and a clean vCSO pitch that sounds great in a sales call and looks great in a slide deck. Dashboards, frameworks, and maturity models that promise progress and control. ...
Cyber Compliance
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Cyber Liability
AI Is Already Inside Your Walls. You Just Haven’t Looked Hard Enough.
Think your clients are the ones playing fast and loose with AI? Guess again. Your techs are doing it—right now—on your network. Not because they’re reckless. Because they’re efficient. They’re pasting configs into ChatGPT. Running SOPs through Gemini. Copying proposals ...
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
What a New Lawsuit Can Teach Us About Cyber Liability and Documentation
When a cyber insurance provider sues vendors after a ransomware incident, it’s not just about fault—it’s about proof. In Ace American Insurance Co. v. Congruity 360 and Trustwave, we see how courts allocate responsibility—and why the side with the best ...
Insurance & MSP Liability
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
If You Don’t Own the Security Stack, You’ll Be Replaced
There’s a quiet shift happening in the cyber insurance world—and if you’re not talking to your clients about it, someone else is. That someone is their insurance provider. And they’re not just selling policies anymore. They’re selling cybersecurity solutions too. ...
More Articles
The Control Creep Problem: Why MSPs Keep Adding Controls but Still Miss the Point
If you’ve been in the MSP world for long, you’ve probably noticed this pattern. A new product hits the channel, and we rush to add a control. A vendor releases a shiny capability, and we bolt that on. A client asks, “Are we protected from this?” and ...
Your SOW Is Costing You Clients: The MSP Blind Spot That Destroys Trust Before the Work Even Starts
A while back, I got a call from an MSP owner who sounded like he had just finished gargling battery acid. He told me he lost a client he had supported for ...
Your Security Tools Are Lying to You. Here’s Proof.
It starts like every other sales call with an organization that has its own internal IT department. The prospect’s IT team walks you through their stack. They brag about their EDR. They’ve got a fancy firewall. They’ve got “AI‑powered everything.” ...
Cyber Lawsuits Are the New Cyber Threat: What Every MSP Needs to Know About Economic Loss and Legal Exposure
In 2024, class action lawsuits cost businesses over $42 billion globally. But for MSPs, the costliest threat isn’t ransomware—it’s litigation. And the legal doctrines you're relying on to protect you? They're not nearly as safe as you think. Class action ...
The First Four Hours of a Breach: Why They’ll Make or Break Your Holidays
It’s Christmas Day. You’re finally off the clock, enjoying time with family and friends when the dreaded call comes. Customer systems are going down. Ransomware demands are popping up. Your phone lights up like a Christmas tree…and you’re hours away ...
Stop Building Custom Security Programs. They Will Burn You.
Every MSP has lived this moment. A client calls and says they want a “custom” security program. They want their policies to sound like them. They want controls that are “unique to their workflow.” They want you to bend your ...
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
Your AI Assistant Just Got Hijacked And You Didn’t Even Notice
If a hacker walked into your office and started whispering instructions to your best engineer — would you let it happen? Of course not. But that’s exactly what’s happening… quietly… invisibly… right now. Your AI just got hijacked. And it’s still smiling, taking notes, and answering ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
Hackers Are Using AI to Trick Your Clients — And It’s Working
Let’s cut through the holiday wrapping and get right to it: Your clients are going to screw up. They’re going to click the link. They’re going to open the attachment. They’re going to enter their credentials into a “Microsoft password ...
AI Is Already Inside Your Walls. You Just Haven’t Looked Hard Enough.
Think your clients are the ones playing fast and loose with AI? Guess again. Your techs are doing it—right now—on your network. Not because they’re reckless. Because they’re efficient. They’re pasting configs into ChatGPT. Running SOPs through Gemini. Copying proposals ...
Negligence, Gross Negligence, and the Clauses That Decide Your Fate
Most MSP disputes aren’t about who’s perfect. They’re about who looks reasonable on paper. When claims from a client, an insurer, ...
