RESEARCH
Part 1: Threat Actors Don't Pick You. You Just Happen to Be There.
There's this idea that floats around—usually in boardrooms and in forums—that advanced threat actors operate like surgeons. They pick a target, they plan it out, they execute. Super deliberate. Undeniably cinematic. It implies that a breach is something that happens ...
Cyber Compliance
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Cyber Liability
One Misconfigured AI Agent Can Impact Every Client You Manage
When One Action Hits Every Client, Governance Decides the Outcome Imagine a hypothetical that’s taught in law school every semester: A delivery driver abandons his route to join a drum circle for three days. On his way back, he causes ...
They Already Have an IT Department. Good. That’s Why You Should Call.
Last night I was at dinner with the CEO of an MSP. Good operator. Growing. Adding clients. Doing the work. We were walking around his town before dinner talking about the usual founder stuff. Processes. How to get people to ...
Agentic AI at the Edge: Opportunity, Autonomy & the Coming Legal Minefield
You’ve probably heard executives gush about autonomous AI agents, the shiny new productivity booster that can automate workflows faster than you can say “zero-trust.” But what they don’t hype is how agentic AI turns your cybersecurity playbook into an existential ...
Insurance & MSP Liability
The Clients You're Ignoring Are the Ones Who Will Sue You
I said something on stage at XChange last week that made a lot of people in the room uncomfortable. "Your smallest clients are your biggest risk." Not your enterprise accounts. Not the ones with complex environments and demanding SLAs. The ...
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
More Articles
Only 33 Percent Of People Change Password After Data Breach
A new study was published by researchers from the Carnegie Mellon University's Security and Privacy Institute and was presented at the 2020 IEEE Workshop on Technology and Consumer Protection. The study has ...
Password Text Export Feature Coming To Firefox
Mozilla's Firefox browser, like most modern browsers, has a built-in password management feature that allows you to save passwords for sites you log into on a regular basis. Since the browser stores ...
A List Of Devices That Will Support The iOS 14 Update
By the time you read these words, Apple will likely be previewing iOS 14 and iPadOS 14 at the all-virtual WWDC 2020. While the latest version of Apple's OS will no doubt ...
Major Security Flaw Found In Some Cisco Routers
Recently, Cisco disclosed the existence of four serious security flaws in their routers that use iOS and iOS XE software. One of the four, CVE-2020-3227 is rated at a severity of 9.8 ...
Lawsuit Claims Google Private Browsing Isn’t Really Private
Google is in hot water with a complaint filed to the District Court of Northern California. The complaint alleges that the tech giant tracks users' browsing data and a variety of other ...
PonyFinal Is Another New Ransomware To Watch Out For
Microsoft recently issued a security advisory about a new strain of ransomware that's been cropping up with increasing frequency in India, Iran and the US. Called PonyFinal, one of the things that ...
Old LiveJournal Database Breach Is Now Being Leaked Online
Do you have an account on LiveJournal? If so, you may have heard the persistent rumors that have been circulating since 2014 that the company was breached and some 33 million user ...
Monetary Demands Are Skyrocketing For Ransomware Decryptions
Ransomware attacks have evolved quite a lot over the course of the past year, and have become one of the most visible threats organizations of all sizes face. That is, based on ...
Major WiFi Updates Came To Windows 10 Recently
Great news for the legions of Windows 10 users around the world. Version 2004 comes with a significant WiFi update that includes Wi-Fi6 and WPA3 support, which will give users better wireless ...
Hackers Set Their Sights On Cloud Services
Thanks to the pandemic, tens of millions of people are working from home. Even before then, the Cloud was experiencing a tremendous amount of growth, but since shelter in place orders were ...
Gmail Gets New Quick Menu Setting In Update
Google recently announced a change to Gmail that will make it easier for the service's 2 billion+ users to experiment with different themes, layouts and settings. Even better, users can see the ...
Wishbone App Database Leaked To Public By Hacker
The hacking group calling themselves 'The Shiny Hunters' has been busy. Recently, they put databases containing user records from eleven different companies up for sale on the Dark Web, including a massive ...
