RESEARCH
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
Cyber Compliance
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Why You Might Want to Reconsider Your WISP for Every Single Client
Why This Isn’t Just About Checking a Compliance Box If you’re running an MSP, you’ve probably heard about Written Information Security Plans (WISPs). Maybe you’ve even created one—for certain clients, in certain industries, under certain regulations. But here’s the question: ...
The Dangerous Compliance Shortcut That Could Put Your MSP on the Hook for Negligence
Imagine sitting across from your best client. They tell you they’ve found a company that can build out their entire HIPAA compliance program in under three days. No heavy lifting. Fully automated. ...
Cyber Liability
You’re Using Your Smartest Engineer Wrong (And So Are Your Clients)
What if I told you that you’re misusing the most powerful engineer on your team? No, not Josh. Not the guy with the beard who still thinks ZFS is the answer to everything. I’m talking about AI. And right now? ...
What a New Lawsuit Can Teach Us About Cyber Liability and Documentation
When a cyber insurance provider sues vendors after a ransomware incident, it’s not just about fault—it’s about proof. In Ace American Insurance Co. v. Congruity 360 and Trustwave, we see how courts allocate responsibility—and why the side with the best ...
Why Plaintiff Attorneys Are Watching Your Breaches—And Why You Can’t Hide
Managed Service Providers (MSPs) sit at the heart of their clients’ IT and cybersecurity. But when it comes to data breaches, MSPs often underestimate who’s paying attention. It’s not just regulators and customers—it’s also plaintiff attorneys eager to file class-action ...
Insurance & MSP Liability
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
If You Don’t Own the Security Stack, You’ll Be Replaced
There’s a quiet shift happening in the cyber insurance world—and if you’re not talking to your clients about it, someone else is. That someone is their insurance provider. And they’re not just selling policies anymore. They’re selling cybersecurity solutions too. ...
More Articles
Your Compliance Program Is a House of Cards (And You’re Playing with Fire)
I was at a security event last week, hanging out with some of the big brains in the MSP space. You know the type: sharp, seasoned, and absolutely certain they’ve got it all figured out. One MSP owner—a regional player ...
Your Operations Manager Won’t Be the One Getting Sued.
I was chatting with the owner of an MSP the other day when I noticed something weird. He seemed… relaxed. You know, like someone not carrying the weight of 2,500 endpoints and a 10-year liability tail on his back. So ...
Your Stack is a Joke—And Hackers Are Laughing All the Way to the Bank
Remember Indiana Jones and the Temple of Doom? Yeah, the one with booby traps around every corner. Spikes. Snakes. Fire pits. A crumbling rope bridge. Every step was unpredictable. Every move had consequences. The treasure? Locked down tighter than a ...
That Little Blinky Box? It Might Be the Hacker’s Way In.
Let’s skip the latest noise from Wall Street for a minute. Forget the tariffs. Forget the news drama. Did you catch what CISA just dropped into the “Known Exploited Vulnerabilities” catalog? No? You should have. Because this one’s not theoretical. ...
Your Clients Aren’t Paying for Security—They’re Paying for You
Let’s get one thing straight: security is not your value proposition. I know, that sounds insane coming from the security guy. But hear me out. Security is table stakes. It’s the cover charge to play in this game. You can—and ...
How One MSP Is Stealing Clients (Without Being the Bad Guy)
The Secret Sales Strategy That Turns Prospects into Clients—Even When They Say No I just got off the phone with one of our partners. He’s smiling—because his sales are working. And let me tell you, it’s not because he hired ...
Your Projects Are Dying—And It’s Your Help Desk’s Fault
You want to grow this quarter. You’ve got the usual goals—top-line revenue, smoother project execution, better support delivery. But there’s something broken in your org chart that’s killing your progress, and you don’t even see it. You’re blending projects with ...
Alert Fatigue Will Kill Your Team Before the Hackers Do
What a weekend. It kicked off Wednesday night—alarms started screaming. Storm alert. Tornado alert. Flash flood alert. Lightning alert. More flood alerts. Nashville was lighting up. Sirens, texts from Metro, calls from the city, weather apps melting down. And somewhere ...
Why Your Engineers Aren’t Getting Certified (And How to Fix It Fast)
Talked to an MSP last week who was frustrated. “I just can’t get my team to go after certifications.” So I asked, “What’s in it for them?” He said, “Well… it’ll make them better at their jobs.” Sure. That’s part ...
Green Checkmarks Don’t Mean You’re Safe (Just Ask the Hacker Who Got In)
I just got off the phone with an MSP owner. He was furious. And not in the “my espresso machine is broken” kind of way. He was mad because we found stuff—real stuff—during a third-party security assessment of his client’s ...
Stop Selling Cybersecurity Like You Just Discovered Fire
Let me guess—you’re out there telling prospects about your EDR. Your MDR. Maybe you even toss in a fancy SOC. You know what that sounds like in 2025? A caveman grunting about his shiny new flame. Newsflash: Everyone is selling ...
Your Incident Response Plan Is in the Fire. Literally.
You spent weeks building your incident response plan. Pulled your team together. Checked the boxes. Wrote out every step. You even ran a tabletop exercise. You were proud. You should be. You did the hard work. But here’s the question ...
