RESEARCH
Threat Thursday: June 4th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories have a clear pattern: attackers didn't find obscure entry points or novel techniques but instead went after the things you were already using and already trusting. As always, ...
Communicating Risk
The Silent Killer in Your MSP: Ambiguity
You think you’re being clear. You told the client they needed MFA. You recommended better backups. You flagged that firewall. But when things go sideways—when data’s lost, insurance denies the claim, or the lawyers come knocking—they don’t remember your recommendations. ...
The #1 Role Every MSP Must Embrace Before a Competitor Replaces You
Your Clients Don’t Need Another IT Vendor. They Need a Cybersecurity Leader. If you’re still selling managed services like it’s 2015, you’re already losing. The MSP market has shifted. The stakes are higher. Clients aren’t asking how many tickets you ...
Your Marketing Sounds Like It Was Written by a Robot—Because It Was
Let’s be honest. You’re slammed with tickets, chasing down weird user issues, and trying not to lose your mind over Janet’s printer—again. So when someone suggests using AI to handle your marketing, it sounds like a miracle. Here’s the problem: ...
Dark Web Monitoring & Threat Intelligence
Google Predicts Top Cybersecurity Threats for 2025
Staying on top of cybersecurity threats as a business owner is no walk in the park. These strides demand the right antivirus programs, firewalls, and security teams, to name a few. However, because online attacks are always evolving, your business ...
Human Layer Security
The Deepfake Was Convincing. So Was My Backpack.
Why Social Engineering Still Works, Why AI is Making it Sharper, and the One Habit that Stops it In early 2024, an employee at Arup, a global engineering firm, joined a video call with several colleagues, including someone who appeared ...
New State Cyber Rules Are Coming—Will You Be Ready, or Be the One They Blame?
California. New York. Massachusetts. One by one, states are turning up the heat on cybersecurity regulations—and if you're not preparing your clients for what’s coming, you're not just behind. You're exposed. Last week I blogged about upcoming California rules requiring ...
16 Billion Reasons to Change Your Password—Now
You ever wake up and feel like the bad guys are winning? I do. Today especially. Because if you thought May’s headline—184 million stolen credentials splashed across the dark web—was terrifying, you’d better sit down for this one. The latest ...
More Articles
Skydiving Without a Waiver? That’s How Most MSPs Handle Security Decisions
Let’s talk about skydiving. Before you jump out of a plane, what’s the very first thing you’re required to do? Sign a waiver. You don’t even get on the plane until you acknowledge the risk—because when things go wrong at ...
Your Client Doesn’t Want “IT.” They Want Protection.
Let’s be honest. No one wakes up thinking, “I hope my MSP upgraded my RMM today.” They don’t care about patching schedules, firmware updates, or how many times your agent checked CPU usage. They care about one thing: Not getting ...
What Happens When the Small Client Becomes the Big Problem?
It’s your smallest client. The one who always pushes back on MFA. The one still using the same unmanaged laptop from 2016. The one who just “wants to keep it simple.” Now imagine they get breached. And it’s not just ...
Your Clients Think You’re Ready for a Breach—Are You?
Let me guess: your incident response plan is a two-page PDF that basically says “call IT and hang in there.” Maybe there’s a phone tree. Maybe a “stay calm” reminder. But if you’re honest—it’s not a plan. It’s a coping ...
Your Smallest Client Is Your Biggest Lawsuit Waiting to Happen
We just launched Cyber Liability Essentials, and here’s the wild part: Over 700 clients now have a fully documented Incident Response Plan—with communication playbooks, mapped responsibilities, and customized evidence ready to go. Let that sink in. While you’re still trying ...
If You’re Not Writing the Plan, You’re Writing the Check
When the breach hits, it won’t matter how fast you can spin up backups. What matters is who speaks first, who gets blamed, and who can prove they had a plan. Here’s the problem: most of your clients don’t have ...
Welcome to the Galactic Bubble—Now Let Me Pop It
I’m at Galactic Universe, and let me tell you: it’s electric. Everyone’s smiling. Everyone’s hugging. Everyone’s got a success story to share. You’d think we were celebrating unicorn valuations and flawless QBRs. It’s inspiring. It’s contagious. And honestly, I’m thrilled ...
The Breach Is Just the Beginning: Why Most MSPs Aren’t Ready for What Comes Next
You’re an MSP. You’ve got this. You’ve got backups the hackers can’t touch. You know how to restore a server faster than a barista makes espresso. Your EDR stack is top-notch, your RMM’s locked down, and you’ve got tabletop exercises ...
You’re Going to Universe—But You Left Your Engineer Behind?
I was talking to the CEO of an MSP this week. Sharp guy. He tells me, “Yeah, I’m going to Galactic Universe. So’s my sales guy.” I nodded… and waited. “And your service manager?” I asked. Silence. “No, just us.” ...
Stop Supporting Clients Who Don’t Want to Be Secure
I was on a call with the owner of an MSP the other day. Smart guy. He tells me, “We’ve got our Basic IT solution and our Advanced Security offering split out.” I nodded. That’s exactly how you should do ...
So, You Think Your Security Tools Have You Covered?
An attacker lands in your environment. It’s not ideal—but hey, you’ve done the right things. You’ve got a hardened stack. You’ve even deployed something bulletproof like SentinelOne. You’re sleeping well. Until you read this. There’s a Little Trick to Disable ...
One Lawsuit Away from Bankruptcy—And It’s Not Even Your Breach
I was talking to a lawyer recently—sharp guy, been through the wringer with business litigation. I asked him, “How do you avoid getting sued?” He didn’t even blink. “You don’t.” “If you’re running a business long enough, it’s not a ...
