RESEARCH
Value That Converts: Why Your vCSO Pitch Keeps Getting Pushed to IT
You walked out of that meeting feeling like a closer. Your credentials were on point. You covered the whole stack: EDR, SIEM, MDR, quarterly risk assessments, tabletop exercises, NIST alignment. Your vCSO offering was solid. You even had a phased ...
Cyber Compliance
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Cyber Liability
One Misconfigured AI Agent Can Impact Every Client You Manage
When One Action Hits Every Client, Governance Decides the Outcome Imagine a hypothetical that’s taught in law school every semester: A delivery driver abandons his route to join a drum circle for three days. On his way back, he causes ...
They Already Have an IT Department. Good. That’s Why You Should Call.
Last night I was at dinner with the CEO of an MSP. Good operator. Growing. Adding clients. Doing the work. We were walking around his town before dinner talking about the usual founder stuff. Processes. How to get people to ...
Agentic AI at the Edge: Opportunity, Autonomy & the Coming Legal Minefield
You’ve probably heard executives gush about autonomous AI agents, the shiny new productivity booster that can automate workflows faster than you can say “zero-trust.” But what they don’t hype is how agentic AI turns your cybersecurity playbook into an existential ...
Insurance & MSP Liability
The Clients You're Ignoring Are the Ones Who Will Sue You
I said something on stage at XChange last week that made a lot of people in the room uncomfortable. "Your smallest clients are your biggest risk." Not your enterprise accounts. Not the ones with complex environments and demanding SLAs. The ...
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
More Articles
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Your Copilot Might Be Working for the Other Side
Let’s play a game. Imagine you hire a new assistant. Bright. Helpful. Always eager to please. You ask it to pull a report. It delivers. You ask it to summarize last quarter’s numbers. Done in seconds. Now imagine that same ...
The Dangerous Assumptions You’re Making
Your clients are making assumptions about you right now. They assume you’ve got their security handled. They assume you’re gathering the evidence. They assume you’ve already written their incident response plan. But here’s the problem: they’re wrong. I was on ...
The Silent Killer in Your MSP: Ambiguity
You think you’re being clear. You told the client they needed MFA. You recommended better backups. You flagged that firewall. But when things go sideways—when data’s lost, insurance denies the claim, or the lawyers come knocking—they don’t remember your recommendations. ...
The #1 Role Every MSP Must Embrace Before a Competitor Replaces You
Your Clients Don’t Need Another IT Vendor. They Need a Cybersecurity Leader. If you’re still selling managed services like it’s 2015, you’re already losing. The MSP market has shifted. The stakes are higher. Clients aren’t asking how many tickets you ...
AI Is About to Cost You More Than You Think
Here’s the thing nobody wants to say out loud: Your employees are already using AI tools—whether you’ve approved them or not. And some of those tools? They’re fantastic productivity boosters. Others are ticking legal, compliance, and PR time bombs that ...
The Policy That Could Save Your MSP from a Lawsuit and Why You're Likely Ignoring It
Most MSPs think cybersecurity starts with tools—firewalls, MDR, backups. But there’s a silent killer in your stack: the lack of an Acceptable Use Policy (AUP). You probably have one. Maybe it’s buried in your documentation platform. Maybe your client signed ...
Why You Might Want to Reconsider Your WISP for Every Single Client
Why This Isn’t Just About Checking a Compliance Box If you’re running an MSP, you’ve probably heard about Written Information Security Plans (WISPs). Maybe you’ve even created one—for certain clients, in certain industries, under certain regulations. But here’s the question: ...
AI Acceptable Use Policy: The Shield Every MSP Must Build Before AI Builds a Case Against You
Artificial intelligence is no longer a distant experiment reserved for Silicon Valley. It’s here, woven into the daily workflows of businesses large and small. AI helps teams write reports, analyze data, answer questions, generate code, and even draft marketing campaigns. ...
Lawsuits, Loopholes, and Liability: The Cyber Insurance Disaster Waiting to Bankrupt Your Business
Why Didn’t the Chicken Cross the Road? Because it was stuck litigating whether the crosswalk was closed on January 1. The punchline’s cute, but the lawsuit is real—and the stakes are no joke. In December 2024, Harrison Poultry Inc. suffered ...
You’re Not Selling Security. You’re Selling a Defense Strategy.
Let’s have a come-to-Jesus moment. Your clients think they’re secure because they’ve got antivirus, backups, and a firewall that hasn’t been patched since the Obama administration. You know they’re not. But they don’t. And that’s your biggest opportunity. Enter Cyber ...
“Why Bother?”: A Technician’s Perspective on Security Tools, Ownership, and What Happens Next
Look, I’ll be straight with you. Most of us aren’t ignoring that new security tool because we’re lazy or don’t care. We’re ignoring it because deep down, we already know what it’s going to say. And if we open that ...
