RESEARCH
Before You Sell Security, Ask Yourself This: Who’s Liable When It Fails?
Every MSP wants to talk about cybersecurity when things are going well. New tools, new programs, and a clean vCSO pitch that sounds great in a sales call and looks great in a slide deck. Dashboards, frameworks, and maturity models that promise progress and control. ...
Cyber Compliance
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Cyber Liability
AI Is Already Inside Your Walls. You Just Haven’t Looked Hard Enough.
Think your clients are the ones playing fast and loose with AI? Guess again. Your techs are doing it—right now—on your network. Not because they’re reckless. Because they’re efficient. They’re pasting configs into ChatGPT. Running SOPs through Gemini. Copying proposals ...
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
What a New Lawsuit Can Teach Us About Cyber Liability and Documentation
When a cyber insurance provider sues vendors after a ransomware incident, it’s not just about fault—it’s about proof. In Ace American Insurance Co. v. Congruity 360 and Trustwave, we see how courts allocate responsibility—and why the side with the best ...
Insurance & MSP Liability
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
If You Don’t Own the Security Stack, You’ll Be Replaced
There’s a quiet shift happening in the cyber insurance world—and if you’re not talking to your clients about it, someone else is. That someone is their insurance provider. And they’re not just selling policies anymore. They’re selling cybersecurity solutions too. ...
More Articles
The Day They Found Out Their Insurance Was Useless
It happened again. Last Monday morning, 7:44 AM. The office lights flicked on, the smell of burnt coffee filled the breakroom—and every single computer screen was black. Everything was locked down by ransomware. Hackers had another successful weekend. They did ...
“We Just Can’t Afford That.”
(The Five Words That Will Haunt Your MSP—And How to Make Sure They Don’t) Have you ever had a client look ...
The Dangerous Compliance Shortcut That Could Put Your MSP on the Hook for Negligence
Imagine sitting across from your best client. They tell you they’ve found a company that can build out their entire HIPAA compliance program in under three days. No heavy lifting. Fully automated. ...
Your Help Desk Tickets Will Be Used Against You in a Court of Law
Most MSPs don’t realize the real danger of their ticket documentation — until it’s too late. They think tickets are just ...
How Can You Look Yourself in the Mirror?
Be honest—how much are you spending every month on security tools? $5,000? $10,000? More? Now tell me this: do you have a written incident response plan? Not a vague idea. Not “oh yeah, we’d figure it out.” I mean a ...
Think Your Team Has You Covered? You Might as Well Wear a “Hack Me” Sign
If you’re an MSP owner or operations leader and you think you’re covered because your engineers figured out how to run a few open-source pen testing tools, or because your vendor does your pen test right after patching your servers—congratulations. ...
The Backdoor Microsoft Won’t Talk About—And Why It’s Already Wide Open
You didn’t ask for this. But here we are. Hidden in plain sight, buried deep inside Microsoft Entra ID, lies a backdoor so dangerous it might as well come with a sign that says, “Hack Me.” This isn’t fearmongering. It’s ...
If You Think Getting Risk Acceptance Signed Is “Adversarial”—You’re doing it wrong
I’ve heard it more times than I can count. “I don’t like making my clients sign risk acceptance documents. It feels ...
If You’re Measuring the Wrong Metrics, You Can’t Tell If Your MSP Is Already Drowning
I was talking to an MSP owner the other day who wanted to “get to the next level.” I asked him what metrics he was tracking. He said, “Profitability.” Good start Then, “Topline revenue.” Meh. And then, “Number of employees.” ...
Shame. The Most Underrated Security Tool in Your Business
It’s 3:17 AM in Tokyo. The city is asleep. I’m not. Jet lag has me wandering quiet streets, watching the world work without me—and wondering how security works when no one’s looking. Here’s what I’ve noticed: There are no fences. ...
Are You Running an MSP or a Hardware Store?
Stop selling security like it’s the power tools aisle at your local hardware store. Start building a strategy. Start with a plan. Then pour the foundation. I got an email from a partner this week. It started with the usual ...
16 Billion Reasons to Change Your Password—Now
You ever wake up and feel like the bad guys are winning? I do. Today especially. Because if you thought May’s headline—184 million stolen credentials splashed across the dark web—was terrifying, you’d better sit down for this one. The latest ...
