RESEARCH
Before You Sell Security, Ask Yourself This: Who’s Liable When It Fails?
Every MSP wants to talk about cybersecurity when things are going well. New tools, new programs, and a clean vCSO pitch that sounds great in a sales call and looks great in a slide deck. Dashboards, frameworks, and maturity models that promise progress and control. ...
Cyber Compliance
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Cyber Liability
AI Is Already Inside Your Walls. You Just Haven’t Looked Hard Enough.
Think your clients are the ones playing fast and loose with AI? Guess again. Your techs are doing it—right now—on your network. Not because they’re reckless. Because they’re efficient. They’re pasting configs into ChatGPT. Running SOPs through Gemini. Copying proposals ...
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
What a New Lawsuit Can Teach Us About Cyber Liability and Documentation
When a cyber insurance provider sues vendors after a ransomware incident, it’s not just about fault—it’s about proof. In Ace American Insurance Co. v. Congruity 360 and Trustwave, we see how courts allocate responsibility—and why the side with the best ...
Insurance & MSP Liability
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
If You Don’t Own the Security Stack, You’ll Be Replaced
There’s a quiet shift happening in the cyber insurance world—and if you’re not talking to your clients about it, someone else is. That someone is their insurance provider. And they’re not just selling policies anymore. They’re selling cybersecurity solutions too. ...
More Articles
The Silent Killer in Your MSP: Ambiguity
You think you’re being clear. You told the client they needed MFA. You recommended better backups. You flagged that firewall. But when things go sideways—when data’s lost, insurance denies the claim, or the lawyers come knocking—they don’t remember your recommendations. ...
The #1 Role Every MSP Must Embrace Before a Competitor Replaces You
Your Clients Don’t Need Another IT Vendor. They Need a Cybersecurity Leader. If you’re still selling managed services like it’s 2015, you’re already losing. The MSP market has shifted. The stakes are higher. Clients aren’t asking how many tickets you ...
AI Is About to Cost You More Than You Think
Here’s the thing nobody wants to say out loud: Your employees are already using AI tools—whether you’ve approved them or not. And some of those tools? They’re fantastic productivity boosters. Others are ticking legal, compliance, and PR time bombs that ...
The Policy That Could Save Your MSP from a Lawsuit and Why You're Likely Ignoring It
Most MSPs think cybersecurity starts with tools—firewalls, MDR, backups. But there’s a silent killer in your stack: the lack of an Acceptable Use Policy (AUP). You probably have one. Maybe it’s buried in your documentation platform. Maybe your client signed ...
Why You Might Want to Reconsider Your WISP for Every Single Client
Why This Isn’t Just About Checking a Compliance Box If you’re running an MSP, you’ve probably heard about Written Information Security Plans (WISPs). Maybe you’ve even created one—for certain clients, in certain industries, under certain regulations. But here’s the question: ...
AI Acceptable Use Policy: The Shield Every MSP Must Build Before AI Builds a Case Against You
Artificial intelligence is no longer a distant experiment reserved for Silicon Valley. It’s here, woven into the daily workflows of businesses large and small. AI helps teams write reports, analyze data, answer questions, generate code, and even draft marketing campaigns. ...
Lawsuits, Loopholes, and Liability: The Cyber Insurance Disaster Waiting to Bankrupt Your Business
Why Didn’t the Chicken Cross the Road? Because it was stuck litigating whether the crosswalk was closed on January 1. The punchline’s cute, but the lawsuit is real—and the stakes are no joke. In December 2024, Harrison Poultry Inc. suffered ...
You’re Not Selling Security. You’re Selling a Defense Strategy.
Let’s have a come-to-Jesus moment. Your clients think they’re secure because they’ve got antivirus, backups, and a firewall that hasn’t been patched since the Obama administration. You know they’re not. But they don’t. And that’s your biggest opportunity. Enter Cyber ...
“Why Bother?”: A Technician’s Perspective on Security Tools, Ownership, and What Happens Next
Look, I’ll be straight with you. Most of us aren’t ignoring that new security tool because we’re lazy or don’t care. We’re ignoring it because deep down, we already know what it’s going to say. And if we open that ...
Would You Hand Your Intern the Keys to Your Datacenter? Why You Need to Rethink AI—Before It’s Too Late
AI is the latest shiny object in tech, and your team is probably already using it. But here's the uncomfortable truth: too many people are treating AI like it’s their smartest engineer—when in reality, it’s the intern who just showed ...
This Type of Blame Will Destroy Your MSP Unless You Do This First
It starts the same way every time. Something breaks. A phishing email slips through. An account gets compromised. Ransomware locks up a server. The client panics. Then the questions begin. What happened? How bad is it? And then the one ...
Phishing: The Big, Hairy Problem Nobody Has Solved (Until Now)
Let’s talk about the elephant in the room. Phishing is still the single biggest way attackers get in. IBM just put out their latest report for 2025, and for the first time phishing has officially overtaken stolen credentials as the ...
