RESEARCH
Part 1: For the Price of Coffee, You Can Avoid Buying a Hacker a Yacht
It always starts like a normal day. You grab coffee, drop your lunch in the fridge, skim through tickets and emails, maybe ...
Cyber Compliance
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Why You Might Want to Reconsider Your WISP for Every Single Client
Why This Isn’t Just About Checking a Compliance Box If you’re running an MSP, you’ve probably heard about Written Information Security Plans (WISPs). Maybe you’ve even created one—for certain clients, in certain industries, under certain regulations. But here’s the question: ...
The Dangerous Compliance Shortcut That Could Put Your MSP on the Hook for Negligence
Imagine sitting across from your best client. They tell you they’ve found a company that can build out their entire HIPAA compliance program in under three days. No heavy lifting. Fully automated. ...
Cyber Liability
Shadow IT Just Went Legal—and It's Coming for Your MRR
Earlier this year, a quiet courtroom in the Central District of California made noise the entire cybersecurity industry should be hearing: for the first time ever: a federal judge used the term “Shadow IT” in a legal ruling. And just ...
The Dangerous Assumptions You’re Making
Your clients are making assumptions about you right now. They assume you’ve got their security handled. They assume you’re gathering the evidence. They assume you’ve already written their incident response plan. But here’s the problem: they’re wrong. I was on ...
AI Is About to Cost You More Than You Think
Here’s the thing nobody wants to say out loud: Your employees are already using AI tools—whether you’ve approved them or not. And some of those tools? They’re fantastic productivity boosters. Others are ticking legal, compliance, and PR time bombs that ...
Insurance & MSP Liability
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
If You Don’t Own the Security Stack, You’ll Be Replaced
There’s a quiet shift happening in the cyber insurance world—and if you’re not talking to your clients about it, someone else is. That someone is their insurance provider. And they’re not just selling policies anymore. They’re selling cybersecurity solutions too. ...
More Articles
Your Help Desk Tickets Will Be Used Against You in a Court of Law
Most MSPs don’t realize the real danger of their ticket documentation — until it’s too late. They think tickets are just ...
How Can You Look Yourself in the Mirror?
Be honest—how much are you spending every month on security tools? $5,000? $10,000? More? Now tell me this: do you have a written incident response plan? Not a vague idea. Not “oh yeah, we’d figure it out.” I mean a ...
Think Your Team Has You Covered? You Might as Well Wear a “Hack Me” Sign
If you’re an MSP owner or operations leader and you think you’re covered because your engineers figured out how to run a few open-source pen testing tools, or because your vendor does your pen test right after patching your servers—congratulations. ...
The Backdoor Microsoft Won’t Talk About—And Why It’s Already Wide Open
You didn’t ask for this. But here we are. Hidden in plain sight, buried deep inside Microsoft Entra ID, lies a backdoor so dangerous it might as well come with a sign that says, “Hack Me.” This isn’t fearmongering. It’s ...
If You Think Getting Risk Acceptance Signed Is “Adversarial”—You’re doing it wrong
I’ve heard it more times than I can count. “I don’t like making my clients sign risk acceptance documents. It feels ...
If You’re Measuring the Wrong Metrics, You Can’t Tell If Your MSP Is Already Drowning
I was talking to an MSP owner the other day who wanted to “get to the next level.” I asked him what metrics he was tracking. He said, “Profitability.” Good start Then, “Topline revenue.” Meh. And then, “Number of employees.” ...
Shame. The Most Underrated Security Tool in Your Business
It’s 3:17 AM in Tokyo. The city is asleep. I’m not. Jet lag has me wandering quiet streets, watching the world work without me—and wondering how security works when no one’s looking. Here’s what I’ve noticed: There are no fences. ...
Are You Running an MSP or a Hardware Store?
Stop selling security like it’s the power tools aisle at your local hardware store. Start building a strategy. Start with a plan. Then pour the foundation. I got an email from a partner this week. It started with the usual ...
16 Billion Reasons to Change Your Password—Now
You ever wake up and feel like the bad guys are winning? I do. Today especially. Because if you thought May’s headline—184 million stolen credentials splashed across the dark web—was terrifying, you’d better sit down for this one. The latest ...
Is Your Digital Life a Dumpster Fire?
Your digital clutter isn’t just annoying—it’s a productivity vampire. Ever tried to sit down for a productive day only to be greeted by a desktop so messy it feels like the aftermath of a tornado? Or an inbox with 20,337 ...
What If the IRS Stopped Auditing You? Would You Roll the Dice?
Let’s be honest. If the IRS packed up their briefcases and decided to stop auditing tomorrow… would you get a little “creative” with your taxes? Would you push the edge just a little more than you used to? Maybe skip ...
The CPA Is Coming for Your Clients
There’s an email going around right now. It’s not from a vendor. Not from your competitor. Not from some shady LinkedIn lead-gen spammer promising 400% ROI in three clicks. It’s from the AICPA. And they’re telling every CPA in the ...
