MSP 1337
185 episodes - English - Latest episode: 3 days ago - ★★★★★ - 4 ratingsEducational sound bytes to help MSPs and their clients navigate Cyber Security. Cybersecurity maturity is a journey, don't go it alone. Interviews and guidance from fellow MSPs and other Industry experts.
Our goal is Secure Outcomes and together we can make a difference. Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Where MSP and an MSSP Intersect
April 23, 2024 21:00 - 31 minutes - 42.9 MBEver wonder if you should be offering cybersecurity services? Are you taking on liability that isn't worth it? I sit down with Scott McCrady CEO of SolCyber to discuss the opportunities and benefits of partnering with an MSSP. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Fireside Chat Control 13 Network Monitoring & Defense
April 16, 2024 21:00 - 36 minutes - 50.3 MBIt is the Third Tuesday of the month, and we bring you to Control 13. This is an exciting Control (they all are) because it is often confused with being legacy, it is also potentially cost-prohibitive, and we believe it will likely only be doable when partnering with third-party resources. Matt Lee brings it home as he always does! --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Collecting Evidence
April 09, 2024 21:00 - 1 hour - 84 MBMSP spend a lot of time and energy trying to align with standards from one of the many frameworks that are out there to improve their cybersecurity posture. Whether you do it to meet regulatory requirements, or are just looking to improve your business operations, how do you know when you are failing or succeeding? I sit down with Jim Harryman of Kinetic Technology Group to discuss how evidence comes into play. Policy Process and People are key to collecting that appropriate evidence and Ji...
Getting Started With Tabletop Exercises
April 03, 2024 21:51 - 37 minutes - 51.4 MBTabletop exercises or simulations can be daunting and scary. Join me as I sit down with Sarah O'Kelley from Choice Cyber Solutions as we discuss some tips and tricks to success with your first Tabletop. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Security Awareness and Skills Training
March 26, 2024 22:08 - 32 minutes - 44.1 MBIf you are familiar with CIS v8 Top 18 then you might be comfortable talking about Security Awareness and Skills Training. I sit down with Jim Harryman of Kinetic Technology Group to talk about the Why and the Proof that ever solution provider should be considering in their own traning. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Fireside Chat CIS Control 12
March 19, 2024 21:45 - 40 minutes - 55.8 MBWe are on Control 12 in our Fireside chat with Matt Lee and are digging into a control with only one IG1 safeguard and only one IG3 safeguard. Network Infrastructure comes with some rabbit holes and tangents, but I think you will find that this control is essential to most MSPs. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Parting ways with a client or prospect
March 12, 2024 21:00 - 29 minutes - 40.7 MBAs an MSP, many decisions go into taking on a new client or getting rid of an existing one. I sit down with Charles Love of Showtech Solutions to discuss when the decisions are tied to cybersecurity and where one should consider drawing a line in the sand. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Vendor and Product Evaluation
March 05, 2024 22:00 - 38 minutes - 52.2 MBWhat does it look like to have an employee request approval for a specific tool? Do you have an evaluation process? What types of risks are introduced that you need to consider when evaluating a new vendor, product, or service? All of these questions and more are discussed with Chad Holstead of BKS Group. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Is Cyber Insurance Enough?
February 27, 2024 22:00 - 23 minutes - 32.6 MBWhen a vendor fills a gap in cyber, they deserve to be heard. I sat down with Nick Wolf of Cork to discuss the cyber insurance industry and the space they fill. I'd say Cork is to cyber insurance like Aflac is to Medical insurance. Join Nick and I as we navigate the challenges with questionnaires, insurance questionnaires, and all the crazy around insurance and coverage. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Fireside Chat: Control 11 Data Recovery
February 20, 2024 15:19 - 33 minutes - 45.4 MBStorage costs are relatively cheap compared to the cost of storage, but one might say that data recovery is where most MSPs have been very successful. Years back, we were challenged with costs around storage and destination fees costs, so we had to be selective about what we backed up. In today's world, the cost of storage is relatively cheap in comparison, but so many new variables complicate this process. Listen to Matt Lee of Pax8 as we dive deep into CIS Control 11 Data Recovery and exp...
Data Protection
February 13, 2024 22:00 - 33 minutes - 31.3 MBData protection is tough when you don't know where your data is or who might have access to it. Join me as I sit down with Prandar Das, cofounder of Sotero, as we discuss the challenges and the opportunities that AI and LLM bring as we continue to look at better ways to protect data. Stick around for the four tips to follow on your own journey to protect your data. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Risk of Risky AI...
February 06, 2024 22:05 - 35 minutes - 32.9 MBHow many buzzwords do we have in the MSP world? MSP, MSSP, Web 2.0, AI? At any rate, we now have AI as a buzzword to deal with. Kidding AI is a lot more than a buzzword. Join me as I discuss AI and the risks of AI with Jim Harryman of Kinetic Technology Group. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
ToDo or not ToDo
January 30, 2024 10:00 - 29 minutes - 27.5 MBHow we manage our time for a work life balance plays a role in how we work in both in our strategic and tactical workflow. I sit down with Jason Slagle of CNRW to discuss how important keeping track of what we do in a planner or in our PSA or other tools is critical when things happen. Evidence is hard to come by after the fact. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Selling Cybersecurity Services
January 23, 2024 22:00 - 27 minutes - 25.8 MBI have heard MSPs say, "we just eat the cost for some services." Whether they are services you have implemented internally are not, it doesn't mean you shouldn't sell those services. Liste to Bill Mulcahey of M6 Technology share his challenges and opportunities. Remember forward progress is good progress! --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Fireside Chat - Control 9 Email & Web Browser Protections
January 16, 2024 22:00 - 32 minutes - 30 MBWe have made it halfway through the CIS Top 18 and Matt Lee of Pax8 delivers again with a compelling argument for Control 9's demanding our undivided attention. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Hiring Security Resources
January 09, 2024 22:00 - 30 minutes - 28.5 MBHiring cybersecurity resources and the costs associated with it. What does the job description look like, and what are the responsibilities? Mike Stewart of Anchor Networks and I discuss the challenges and opportunities of hiring staff to help with cybersecurity. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Data Backup and Air gapped?
January 02, 2024 22:34 - 38 minutes - 36 MBI have had multiple conversations around backup vendors and the shift to solutions that are direct to cloud and other feature requirements that we didn't even consider 6-10 years ago. Remember the world before the data actors started doing data exfiltration. Join me with Matt Horning of Blue Tree Technology as we explore everything from the 3, 2, 1 and other backup models as well as airgapping. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
2024 Outlook in Cyber
December 26, 2023 22:00 - 31 minutes - 29.1 MBAs 2023 comes to a close and you I thought in traditional fashion, we share with you our outlook for 2024. Joshua Smith of Reliaquest and I have a few optimistic observations that might have been shadowed by some Sky Net references, but I think 2024 has a lot of potential. Enjoy the holidays and we will see you soon in 2024. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Fireside Chat - CIS Control 8 - Audit Logs
December 19, 2023 22:00 - 39 minutes - 37 MBCJ and Matt Lee of Pax8 discuss control 8, which pertains to audit logs. Some of the safeguards are easy to satisfy... just turn the logging function on and set to 90 days. Others will require more effort but all are reasonable for MSPs to pull off. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
2023 Look back in Cyber
December 12, 2023 22:00 - 29 minutes - 27.4 MBFrom tools and breaches to LLM, IoT and OT we talk about it all. Where we have been and how far we have come with Charles Love of ShowTech Solutions, and Joshua Smith of Reliaquest. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
My Cell Phone's Been Cloned
December 05, 2023 22:00 - 29 minutes - 27.2 MBWe all know the dangers of connecting to Airport Wifi... Join Sarah Goffman and I as we discuss the dangers of connecting even your cellphone to public wifi. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Ideals vs Reality
November 28, 2023 22:00 - 32 minutes - 30.2 MBWhat does future growth and sustainability look like in the MSP space? Acquisitions abound, SMBs and micro-SMBs bounce from one MSP to another... What is the future yield especially when we start discussing cybersecurity challenges and adopting even good cyber hygiene? I sit down with Eric Hanson of Inland Productivity to get his take on the future of client growth and where those net new clients might be. Whether with existing or new clients, they must recognize the need to improve their c...
Fireside Chat - Control 07 Continuous Vulnerability Mgmt.
November 21, 2023 22:00 - 43 minutes - 40.4 MBDeep dive into control 7 with some influences of other controls. We know that OS patch management, change management, Third Party App management and third party app patching aren't always prioritized the way it should be considering today's threat landscape. Matt Lee is on a pedestal on this control so stay tuned through the end as we run a bit long on this one. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
ITN Connect Recap 2023
November 14, 2023 22:00 - 34 minutes - 31.7 MBI sat down with Matt Fisch of Fortmesa to discuss observations and highlights from ITN Connect. From new vendors in the pavilion tackling niche cybersecurity challenges to conversations with Solution providers that show our industry is maturing. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Business Email Compromise
November 07, 2023 22:00 - 33 minutes - 31 MBMaybe we have talked about this before? At any rate Business email compromise is a constant threat. We do Phishing simulations and other security awareness training to help our staff and clients make good choices, but we aren't always perfect. I sit down with Dan Gilligan with Integra MSP to hear his journey in dealing with this issue and the tools and training that have changed over the years to keep up with this evolving threat. --- Support this podcast: https://podcasters.spotify.com/p...
Insider Threats
October 31, 2023 21:00 - 40 minutes - 37.1 MBWhat are insider threats? Tim Schnurr and I discuss the importance of cybersecurity in protecting digital assets and preventing insider threats in organizations. There is a overwhelming need for employee education, the use of data classification tools, and the implementation of monitoring tools to track data flow. This is a great way to have open conversations with your employees and your clients as to why it is so important to think before you click on a link, hit send in an email, or downl...
Industry Conference Overload
October 24, 2023 21:00 - 30 minutes - 27.9 MBThinking back ten-plus years on the industry conferences we have attended in person and online. With vendor mergers and acquisitions it is hard to determine which shows you should still attend and every day it seems there is a new road show, quarterly show or another membership conference. How do you make decisions to attend what is relevant? --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Fireside Chat - CIS Control 10 - Malware Defense
October 17, 2023 21:00 - 41 minutes - 38 MBAs we go through the CIS controls we try to stay in sequence but as a result of some discussions at recent events, we decided to jump to Malware Defenses. Hopefully, Matt Lee's insights and my humor will be enough for you to endure 30 minutes on what you should do in your journey to address Malware Defenses. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Getting an Assessment...
October 10, 2023 21:00 - 26 minutes - 24.8 MBWe talk about frameworks, compliance, cybersecurity, and many things in between but we haven't discussed getting assessed against a framework or even the new CompTIA Cybersecurity Trustmark. I sat down with Omer Kasim Aslim of Lake Ridge to discuss assessments. How the different frameworks, whether prescriptive or not, are often looking for compliance to protect a specific type of data and not an organization's overall security. We go through several scenarios and Omer offers many tips and ...
Should I Sell Compliance Services?
October 03, 2023 21:00 - 31 minutes - 29.3 MBIn recent years we have seen Solution Providers begin offering services that are showing a shift in our industry around our client and client prospect needs. Five years ago very few solution providers would be comfortable talking about risk registers, GRC tools, PoAMs, and take a leadership role with our clients. Joine me as I sit down with Chad Holstead of BKS Group to talk about challenges, risks, and opportunities for positioning compliance as a service. --- Support this podcast: https...
CompTIA Cybersecurity Trustmark Progress
September 26, 2023 20:57 - 33 minutes - 31.4 MBFrom the trenches... I sit down with Jim Harryman of Kinetic Technology Group to discuss their progress through the new CompTIA Cybersecurity Trustmark. What are the significant challenges and what are the easy wins. A glipse into the journey that got Kinetic Technology Group to where they are today and preparing for their asessment at the end of the year. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Fireside Chat - CIS Control 6 Access Management
September 19, 2023 21:00 - 32 minutes - 29.7 MBFireside chat with Matt Lee brings us control 6. Access Management goes hand in hand with Account Management but if you have been following along we coverd control 5 last month. Join Matt Lee and I as we deep dive into each safeguard and discuss what you should be doing and then mapping it to the safeguards we cover. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Do I know my assets (IoT, IIoT, and OT)?
September 12, 2023 21:00 - 34 minutes - 31.7 MBEach day we are bombarded by cybersecurity threats and this episode adds another vector you should be looking at as you address your asset inventory. Are you looking at the asset that controls your thermostat? How about the IP cameras you use to secure your office? These are just some of the many questions as I sit down with Huxley Barbee of Run Zero. It isn't all doom and gloom but the outlook is definitely scary if we don't start taking action to secure the devices that often are ignored ...
Committing Fraud Through CMMC.
September 05, 2023 20:00 - 33 minutes - 31.4 MBThere is no question that CMMC is here to stay. It is a much-needed maturity model for measuring companies that cater to the Defense space and are doing what is needed to protect Confidential Unclassified Information (CUI). I sit down with Adam Duman of Vanta to discuss frameworks, contracts, cybersecurity challenges, and how all of these things impact a company looking to keep or add contracts within the defense space. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp...
Preparing For A Storm.
August 29, 2023 21:00 - 36 minutes - 33.9 MBIn Cyber we often focus only on the events that come from the ether, the dark web, and we forget that disasters can come from all sorts of events. With a hurricane less than 24 hours from making landfall, I sit down with Charles Love of ShowTech Solutions to discuss their prep. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Was I a victim?
August 22, 2023 21:00 - 30 minutes - 28.3 MBI am a big fan of Scott Augenbaum's book, "The Secret to Cybersecurity." Specifically, the 4 truths that we talk about with Tye Male, Senior Pastor of Wellspring church. Suspicious email, inconvenient timing, stress-inducing, and when it is all said and done... it has the potential to damage your reputation. Listen in to hear what Tye learned as it pertains to being vigilant and communicating the cyber dangers with friends and loved ones. --- Support this podcast: https://podcasters.spoti...
Fireside Chat - CIS Control 5 Hurdles
August 15, 2023 21:00 - 36 minutes - 33.5 MBWe are 1/3 of the way through the CIS Top 18 and I think Control 5 might be my favorite. Matt Lee joins me as we dive into all six safeguards and how important they are in the journey toward cyber resilience. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Cybersecurity for Big and Small MSPs
August 08, 2023 21:00 - 29 minutes - 27.2 MBI remember the days when Joshua Smith and I decided we should build our own MSP. It was simpler times and Cybersecurity was defined largely by firewalls and antivirus. Today starting an MSP or even being a small MSP trying to get arms around cybersecurity is a daunting task. I discuss with Dor Eisner to talk about why he decided to build Guardz. Why the desire to focus on a solution for the smaller MSP and his overall look at the threat landscape. Together we can we can make it more diff...
MSPs Need Compliance
August 01, 2023 21:00 - 23 minutes - 22 MBThere are lots of frameworks to choose from and some are more complicated than others. What is important is that you use some set of controls/safeguards or standards that are measurable and can be aligned with. I sit down with Alex Spigel to talk bout her approach to compliance and how things like responsibility matrixes can help. We are at channelcon23 and I hope to see many of you in person. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Showing Evidence
July 25, 2023 21:00 - 31 minutes - 29 MBOver the past few months we have spent time on policies, how to tackle controls and safeguards in CIS Top 18, and we have even pointed out cybersecurity areas that might be overlooked. In this episode, as we all look at maturing our cybersecurity practice we look at how one might show evidence to support all of the efforts in creating policies, processes, and procedures. Thanks to Chase Griffin for highlighting that sometimes you do need some tools. --- Support this podcast: https://podca...
Fireside Chat - CIS Control 4 Hurdles
July 19, 2023 12:40 - 25 minutes - 24 MBIt is the 3rd Tuesday of the month and it is time for Control 4 With Mat Lee. This is a shorter episode but we get it done and got great insights on how to go about addressing CIS Control 4. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Policy Creation Involves Everyone!
July 04, 2023 21:00 - 38 minutes - 35.2 MBPolicies are the one thing no company wants to create but everyone has to have. We see them show up in employee handbooks, Written Information Security Plans (WISP), and System Security Plans (SSP), and there is no shortage coming from HR. In this episode, Charles Love of ShowTech Solutions, and I explore why policies should involve all staff. Either everyone gets it and acknowledges the need to follow them or they tend to not get followed at all. --- Support this podcast: https://podcas...
Policies are for everyone?
July 04, 2023 21:00 - 38 minutes - 35.2 MBPerspective on policies… we talk about employee handbooks and acceptable use polices but what about cyber polices. Well this week Charles Love really hits me between the eyes. It isn’t just for leadership and if your employees don’t buy in or understand then all is lost. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Do You Know Who Your Users Are?
June 27, 2023 21:00 - 27 minutes - 25.7 MBI don't often have vendors as guests on the show and so when there is an exception made it is because they are bringing something to the table that is exceptional. Discussing Single Sign-on with Nick Wolf Of Evo Security is a topic that we have touched on before but never in the context of how it might help you address CIS controls or other challenges within your internal management of users or users client-facing. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/...
Fireside Chat - CIS Control 3 Hurdles
June 20, 2023 21:00 - 41 minutes - 38.2 MBA little Chutes and Ladders, a little Yellow Brick Road. In this episode, I think you will find that Data Protection is a rather complex beast but through the guidance of Matt Lee of Pax8 you will have the tools you need to better protect what is important to you and your clients. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Counterintelligence and TikTok
June 13, 2023 21:00 - 39 minutes - 36.1 MBThis week we put a thought towards adding counterintelligence as something that should be part of your Business Continuity, Disaster Recover, and Incident Response. It makes sense when you hear what Darren Mott has to say. As a former FBI agent, his insights both from his time in the field and even now in his new role, are not to be missed. Why is TikTok bad? What are the personal risks that I am taking on by the decisions I make to use technologies like TikTok? What are the potential rami...
Check Vendor's Security Posture
June 06, 2023 21:00 - 32 minutes - 30.2 MBAfter we did, "A Doozy of a Story." I was presented with this Gem. It almost feels like a perfect storm but in fact it is a legitimate business and as I discuss the details with Eric Hanson, I want you to think about CIS Control Service Provider Management and Software Management. It is easy to forget that our vendors don't always take a security-first approach. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Cyber Insurance Industry Maturation
May 30, 2023 21:00 - 22 minutes - 21.2 MBWhen cybersecurity insurance first came on the scene it was a new frontier. Everyone seemed to be selling it and everyone seemed to qualify for it. That was then... Sitting down with Reid Wellock of FifthWall was an enlightening discussion of where the industry is at and hope for the future. There are several pointers in this episode and even a book recommendation. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Do I need a PenTest?
May 23, 2023 21:00 - 36 minutes - 33.5 MBWhat is a PenTest? What if I can't afford a PenTest? How is a pentest different from a vulnerability assessment? These questions and many more Matt Lang and I attempt to give some direction. Perhaps redefining what a pentest is will be our next endeavor. --- Support this podcast: https://podcasters.spotify.com/pod/show/msp1337/support
Fireside Chat - CIS Control 2 Hurdles
May 16, 2023 21:00 - 39 minutes - 36.1 MBOur first fireside chat was about Physical Assets and the hurdles or obstacles faced when trying to get a complete inventory. In this month's special edition, a fireside chat with Matt Lee, we are addressing control 2. This is a focus on really understanding and going about having a good handle on the software and operating systems. As always Matt has great insights and our conversation does drift a bit to other controls. Our hope is that this episode will help you build your foundation as...