RESEARCH
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
Cyber Compliance
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Why You Might Want to Reconsider Your WISP for Every Single Client
Why This Isn’t Just About Checking a Compliance Box If you’re running an MSP, you’ve probably heard about Written Information Security Plans (WISPs). Maybe you’ve even created one—for certain clients, in certain industries, under certain regulations. But here’s the question: ...
The Dangerous Compliance Shortcut That Could Put Your MSP on the Hook for Negligence
Imagine sitting across from your best client. They tell you they’ve found a company that can build out their entire HIPAA compliance program in under three days. No heavy lifting. Fully automated. ...
Cyber Liability
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
What a New Lawsuit Can Teach Us About Cyber Liability and Documentation
When a cyber insurance provider sues vendors after a ransomware incident, it’s not just about fault—it’s about proof. In Ace American Insurance Co. v. Congruity 360 and Trustwave, we see how courts allocate responsibility—and why the side with the best ...
Why Plaintiff Attorneys Are Watching Your Breaches—And Why You Can’t Hide
Managed Service Providers (MSPs) sit at the heart of their clients’ IT and cybersecurity. But when it comes to data breaches, MSPs often underestimate who’s paying attention. It’s not just regulators and customers—it’s also plaintiff attorneys eager to file class-action ...
Insurance & MSP Liability
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
If You Don’t Own the Security Stack, You’ll Be Replaced
There’s a quiet shift happening in the cyber insurance world—and if you’re not talking to your clients about it, someone else is. That someone is their insurance provider. And they’re not just selling policies anymore. They’re selling cybersecurity solutions too. ...
More Articles
If You’re Not Writing the Plan, You’re Writing the Check
When the breach hits, it won’t matter how fast you can spin up backups. What matters is who speaks first, who gets blamed, and who can prove they had a plan. Here’s the problem: most of your clients don’t have ...
Welcome to the Galactic Bubble—Now Let Me Pop It
I’m at Galactic Universe, and let me tell you: it’s electric. Everyone’s smiling. Everyone’s hugging. Everyone’s got a success story to share. You’d think we were celebrating unicorn valuations and flawless QBRs. It’s inspiring. It’s contagious. And honestly, I’m thrilled ...
The Breach Is Just the Beginning: Why Most MSPs Aren’t Ready for What Comes Next
You’re an MSP. You’ve got this. You’ve got backups the hackers can’t touch. You know how to restore a server faster than a barista makes espresso. Your EDR stack is top-notch, your RMM’s locked down, and you’ve got tabletop exercises ...
You’re Going to Universe—But You Left Your Engineer Behind?
I was talking to the CEO of an MSP this week. Sharp guy. He tells me, “Yeah, I’m going to Galactic Universe. So’s my sales guy.” I nodded… and waited. “And your service manager?” I asked. Silence. “No, just us.” ...
Stop Supporting Clients Who Don’t Want to Be Secure
I was on a call with the owner of an MSP the other day. Smart guy. He tells me, “We’ve got our Basic IT solution and our Advanced Security offering split out.” I nodded. That’s exactly how you should do ...
So, You Think Your Security Tools Have You Covered?
An attacker lands in your environment. It’s not ideal—but hey, you’ve done the right things. You’ve got a hardened stack. You’ve even deployed something bulletproof like SentinelOne. You’re sleeping well. Until you read this. There’s a Little Trick to Disable ...
One Lawsuit Away from Bankruptcy—And It’s Not Even Your Breach
I was talking to a lawyer recently—sharp guy, been through the wringer with business litigation. I asked him, “How do you avoid getting sued?” He didn’t even blink. “You don’t.” “If you’re running a business long enough, it’s not a ...
A $925,000 Wake-Up Call: How One MSP Got Dragged Into a Nightmare He Didn’t Cause
If you’ve been in the MSP business long enough, you’ve had this type of “client.” Not really a client. Not really not. The kind who doesn’t want your stack. Doesn’t want to be managed. Doesn’t believe in layered security or ...
You’re Testing Like It’s 2015—And Hackers Love That
I was just on a call with an engineer the other day—smart guy, lots of certifications, clearly well-meaning. We were walking through a penetration test report, and suddenly he hits me with this: “According to NIST, this pen test isn’t ...
Your People Aren’t the Problem. Your Lack of a Plan Is.
I was talking with an MSP CEO last week—let’s call him “Every MSP CEO Ever.” He had just hired a new service desk manager. This one, he told me, was different. This one was going to be successful. I asked, ...
The Clock Is Ticking: Windows 10 Is Dying, and You’re About to Be Buried in Bad Hardware
October 14, 2025. That’s the date Windows 10 joins the graveyard of obsolete operating systems. No patches. No updates. No support. And if your clients are still using it after that? They’re not just behind—they’re exposed. And when it all ...
Why Your Help Desk Is the New Front Line in the War on Data Extortion
You locked down the endpoints. You rolled out MFA. You trained your clients to spot suspicious emails like they were defusing bombs. And yet, here we are. They’re back. The callback phishers. The Luna Moth crew. The so-called “Silent Ransom ...
