RESEARCH
Part 1: Threat Actors Don't Pick You. You Just Happen to Be There.
There's this idea that floats around—usually in boardrooms and in forums—that advanced threat actors operate like surgeons. They pick a target, they plan it out, they execute. Super deliberate. Undeniably cinematic. It implies that a breach is something that happens ...
Cyber Compliance
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Cyber Liability
One Misconfigured AI Agent Can Impact Every Client You Manage
When One Action Hits Every Client, Governance Decides the Outcome Imagine a hypothetical that’s taught in law school every semester: A delivery driver abandons his route to join a drum circle for three days. On his way back, he causes ...
They Already Have an IT Department. Good. That’s Why You Should Call.
Last night I was at dinner with the CEO of an MSP. Good operator. Growing. Adding clients. Doing the work. We were walking around his town before dinner talking about the usual founder stuff. Processes. How to get people to ...
Agentic AI at the Edge: Opportunity, Autonomy & the Coming Legal Minefield
You’ve probably heard executives gush about autonomous AI agents, the shiny new productivity booster that can automate workflows faster than you can say “zero-trust.” But what they don’t hype is how agentic AI turns your cybersecurity playbook into an existential ...
Insurance & MSP Liability
The Clients You're Ignoring Are the Ones Who Will Sue You
I said something on stage at XChange last week that made a lot of people in the room uncomfortable. "Your smallest clients are your biggest risk." Not your enterprise accounts. Not the ones with complex environments and demanding SLAs. The ...
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
More Articles
Are You Manipulating Your Prospects… or Saving Their Business?
You sit down with a prospect and walk them through the results of their third-party security assessment. Your team didn’t perform it—an independent security firm did. A fresh set of eyes. No bias. Just the cold, hard facts. And the ...
The MSP Nightmare No One Talks About—Until It’s Too Late
Last night, I had dinner with a business owner who just went through personal bankruptcy. Not because he was reckless. Not because he mismanaged his finances. Because he lost a lawsuit. I want you to stop and really think about ...
Why Phishing Simulations Are Failing (and What Actually Works)
Imagine you’re trying to teach someone to swim. But instead of giving them lessons, showing them how to float, or even letting them practice in the shallow end, you just shove them into the deep end, over and over, and ...
If You’re Just Using One Vendor, You’re Begging to Get Hacked
Once upon a time, you could assume you were safe online as long as you were careful. Those days are long gone. Now? Your data can leak even if you do everything right. Your passwords can be compromised before you ...
A Major Update That Will Change the Way You Manage Evidence
For years, we’ve been working to help MSPs operationalize compliance—not just check boxes, but actually secure their clients’ environments. And now, we’ve cracked the code. This week, we’re rolling out a major update that will make your compliance program scalable, ...
Why Your IT Projects Are Failing—and How to Fix Them Fast
I woke up in a cold sweat this morning. Nightmare? Not exactly. Just the aftermath of a conversation that stuck with me. Over dinner last night, one of our partners hit me with something every MSP knows too well but ...
AI-Driven Security Isn’t Enough: What 1,100 Pen Tests Just Revealed About Your MSP’s Biggest Blind Spots
There’s a dangerous myth spreading through the MSP world right now. It goes like this: “We’ve got AI-driven security tools, so we’re covered.” Let’s burst that bubble. After performing over 1,100 penetration tests in the last 90 days, the results ...
Is CMMC the Lego Fortress You’re About to Tear Down?
Remember when you were a kid, and you spent all afternoon building the most epic Lego fortress imaginable? Towers, traps, a moat made of blue bricks—this thing was your masterpiece. And then, just as you were adding the finishing touches, ...
AI Agents: Will They Defend Your Clients—or Hack It from the Inside Out?
Let’s cut through the noise—AI agents are here, and they’re not just another shiny tech buzzword. They’re either your biggest advantage or the fastest way to lose everything. The question is, are you ready for the fallout? You might think ...
Your Clients Are Walking Into a Lawsuit—And They’re About to Drag You With Them
Do you have clients who ignore your security recommendations? They say they can’t afford it. They tell you they aren’t a target. They assume cyber insurance will cover them. Then they get hacked. And that’s just the beginning of the ...
Would One of Your Employees Let an Attacker In?
I know what you’re thinking—“No way. My team is too smart for that.” They are all engineers. They know security. No one can phish the help desk. That kind of thinking is exactly what hackers are counting on. Overconfidence is ...
Hackers Are Getting Smarter—And Meaner. Are Your Clients Ready?
Last week was a bad week for firewalls. New vulnerabilities were discovered, and the worst part? If these flaws are exploited, the ...
