RESEARCH
Part 1: Threat Actors Don't Pick You. You Just Happen to Be There.
There's this idea that floats around—usually in boardrooms and in forums—that advanced threat actors operate like surgeons. They pick a target, they plan it out, they execute. Super deliberate. Undeniably cinematic. It implies that a breach is something that happens ...
Cyber Compliance
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Cyber Liability
One Misconfigured AI Agent Can Impact Every Client You Manage
When One Action Hits Every Client, Governance Decides the Outcome Imagine a hypothetical that’s taught in law school every semester: A delivery driver abandons his route to join a drum circle for three days. On his way back, he causes ...
They Already Have an IT Department. Good. That’s Why You Should Call.
Last night I was at dinner with the CEO of an MSP. Good operator. Growing. Adding clients. Doing the work. We were walking around his town before dinner talking about the usual founder stuff. Processes. How to get people to ...
Agentic AI at the Edge: Opportunity, Autonomy & the Coming Legal Minefield
You’ve probably heard executives gush about autonomous AI agents, the shiny new productivity booster that can automate workflows faster than you can say “zero-trust.” But what they don’t hype is how agentic AI turns your cybersecurity playbook into an existential ...
Insurance & MSP Liability
The Clients You're Ignoring Are the Ones Who Will Sue You
I said something on stage at XChange last week that made a lot of people in the room uncomfortable. "Your smallest clients are your biggest risk." Not your enterprise accounts. Not the ones with complex environments and demanding SLAs. The ...
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
More Articles
Lenovo Models Affected By Medium Severity Vulnerabilities
If you own a Lenovo laptop, be aware that researchers at ESET have recently discovered a trio of bugs reported to Lenovo that could allow an attacker to disable security features and ...
Microsoft 365 Suggests Rollback After Issues From Update
Does your company use Microsoft 365? If so, and you've noticed that your Office apps have begun to crash mysteriously and inexplicably, be aware that the latest update (build 15330.20298) is the ...
IoT Security With Microsoft Defender
The Internet of Things (IoT) has seen explosive growth in recent years. If you like, you can now build your own smart home with intelligent toasters, washing machines, dishwashers, and refrigerators. They ...
Hackers Use VoIP Systems To Install PHP Web Shells
Security researchers at Unit 42, a division of Palo Alto Networks, have been tracking the efforts of a massive campaign aimed at Elastix VoIP telephony servers. They are used by companies of ...
Google Experiences International Outage
"Just Google it." You've probably heard that phrase a thousand times. In fact, you may use it yourself on a regular basis. Unfortunately, Googling it wasn't possible recently. The iconic search giant ...
Apple Users Will Want To Update As Soon As Possible
Do you own a device running macOS Monterey 12.5.1, or iOS/iPadOS 15.6.1? If so, you'll want to download and install the latest patches as soon as possible. Apple recently released a small ...
Raspberry Robin Worm In Hundreds Of Windows Networks
Analysts at Red Canary Intelligence have recently spotted a Windows worm on hundreds of networks belonging to a wide range of organizations around the world. Dubbed "Raspberry Robin" by the research team ...
The Importance Of Having An Email Newsletter
Most business owners understand the importance of being active on at least one social media channel. That's fine as far as it goes, but have you considered supplementing your social media presence with ...
Prepare For Windows Server 2012 End Of Support
Another week, another Microsoft "End of Life" reminder to write about. This time, it's Windows Server 2012 R2. If you're a user, then you're probably already aware of the looming deadline. If ...
Microsoft Is Phasing Out Windows 8.1
If you are still using Windows 8.1 and if you've somehow managed to avoid seeing the parade of notices Microsoft has been sending out, you should know that the end is nigh. ...
Twilio Data Breach Happened Via Employee Smishing
Twilio is the Cloud Communications Company. They are the latest to fall victim to a data breach. The company recently disclosed that some of its customer data was accessed by unknown attackers ...
OpenSea Warns Users Of Phishing Attacks From Data Breach
Are you a fan of NFTs? If so, you've probably heard of OpenSea, which is the largest marketplace for non-fungible tokens. If you have an account there, be aware that recently the ...
