A digital checklist on a futuristic interface, representing cybersecurity compliance, documentation, and risk management for MSPs.

Cybersecurity isn’t just about defending against attacks—it’s about proving you made the right decisions when an attack inevitably gets through.

Because make no mistake: At some point, an attacker will get in.

And with the latest developments in state-sponsored cyber warfare, that moment may be coming sooner than you think.

We Just Kicked the Hornet’s Nest

Raising 25% tariffs on China didn’t just shift trade policy—it escalated an ongoing cyber battle.

The FBI, NSA, and Cyber National Mission Force just issued a warning about a massive, China-linked botnet that has already compromised hundreds of thousands of devices—many right here in the U.S.

These attackers aren’t just looking for easy targets. They are:

  • Exploiting zero-day vulnerabilities in firewalls, routers, and IoT devices.
  • Building botnets for large-scale attacks against businesses, service providers, and critical infrastructure.
  • Using compromised devices as launching points to hide their real locations while breaking into high-value targets.

This isn’t some theoretical threat. It’s already happening.

If an Attack Hits Your Client’s Business, Can You Defend Your Decisions?

Here’s the problem: A security program alone isn’t enough.

When a breach happens, you will need to prove that you:

  • Followed a standards-based security framework to guide your decisions.
  • Documented client security choices, especially when they refused critical protections.
  • Evaluated vendor security before trusting them with sensitive data.
  • Checked cyber insurance policies for carve-outs on state-sponsored attacks.

Without evidence, you have no defense.

What Happens If You Can’t Prove It?

If a client’s data is stolen and they come after you, what will you say?

If their cyber insurance refuses to pay because they didn’t meet security requirements, are you ready for that conversation?

If a state-sponsored attack cripples their business, will you be the one blamed for not preparing them?

These are real risks that MSPs and IT providers must be thinking about now.

What You Need to Do Today

  1. Adopt a Security Standard – Whether it’s NIST, CIS, or another recognized framework, use it as the foundation for security decisions. (This is as easy as assigning the security standard in the Galactic Portal)
  2. Document Client Decisions – If a client refuses security recommendations (like Compliance-as-a-Service a.k.a. Cyber Liability Guard), get written evidence that they understood the risks. (You will want to use the Sign Secure Now integration to gather evidence that you provided them this recommendation.)
  3. Assess Vendor Security – Don’t trust that your vendors are handling security properly. Verify it. Consider using the Supply Chain Toolkit for this.
  4. Check Cyber Insurance Exclusions – Look for state-sponsored attack carve-outs and ensure clients know their risk. There’s a cyber insurance assessment in the portal for this – make sure to work with the Security Desk to get access.
  5. Prepare for the Worst – Incident response planning, disaster recovery, and legal documentation aren’t optional—they’re essential. Don’t forget to add legal response to your tabletop exercises this year!

The Bottom Line

The cyber battlefield is shifting fast. State-sponsored attacks are ramping up. At some point, a breach will happen.

When it does, the only thing that will protect your business is the evidence you collected before the attack.

If you don’t have that evidence, you don’t have a defense.