MSP 1337 | Cybersecurity Education & Security Guidance

What is a PenTest? What if I can't afford a PenTest? How is a pentest different from a vulnerability assessment? These questions and many more Matt Lang and I attempt to give some direction. Perhaps redefining what a pentest is will be our next endeavor.

Our first fireside chat was about Physical Assets and the hurdles or obstacles faced when trying to get a complete inventory. In this month's special edition, a fireside chat with Matt Lee, we are addressing control 2. This is a focus on really understanding and going about having a good handle on the software and operating systems. As always Matt has great insights and our conversation does drift a bit to other controls. Our hope is that this episode will help you build your foundation as you continue on your journey of Cybersecurity Maturity!

I love a good origin story. Sitting down with Matt Lang of SVAM International showed me just how alike many of our stories are. How we got started in IT, why we started an MSP, and in some cases why we became super passionate about educating our friends, peers and colleagues about Cybersecurity risks. Stick around to the end as Matt shares some great tips on getting more out of the CompTIA ISAO.

We are all too familiar with regulatory requirements and penalties for failing to comply. The FTC has put into effect June 9, 2023 requirements that will directly impact financial institutions. In this episode, we talk specifically about the impact this will have on the automotive industry, very specifically, car dealerships. I am joined this week by Jay Lamb of Core Plus discussing the impact of not properly protecting PII and the areas of focus are not limited to the following: Designate a qualified individual to oversee their information security program, Implement 2FA, Develop an IR plan and several other specifics that sound all too familiar.

Domain Registrations and an extra invoice that has a bit of sticker shock... This and more with Charles Love of ShowTech Solutions. We have talked about doom and gloom in the past but this story is one that I am already losing sleep over. I'd love to hear your thoughts on this one.

If you haven't met me, you know that my passion is to help others with improving their cybersecurity posture. In an effort to make a bigger impact, I have brought Matt Lee of Pax8 on to the show as a special guest to talk about the noise our MSP audience is dealing with. In this episode we talk about some of the challenges we have heard MSPs struggle with and we think this will help our friends and colleagues get past asset inventory in a meaningful way.

We are all to familiar with our own mortality. In this episode we talk about the scenarios that can arise when a key person in a company holds all of the keys and is suddenly taken from us. While there is some morbidity to this episode and it helps us tell the story, it should make you pause and consider what if a key person in the organization is just un reachable? Have you done a tabletop exercise? You don't want to miss out as Sarah Goffman paints a pretty painful picture that I am sure all of us would like to avoid.

As a podcast we pride ourselves in the focus of cybersecurity topics. This is an episode focused on Cybersecurity without talking about cybersecurity. Crazy, I think Ian Richardson of Richardson and Richardson make it almost twenty minutes in before we really do talk about anything tech related. Risk anyone?

CompTIA's research team Seth Robinson and Carolyn April join me in discussing some interesting research trends that cover 4 pillars or steps that I like to refer to as the 4 Ps. Policy, Process, People, and Product. Be forewarned that much of the research is coming from the end-user perspective, but I think you will find the insights are very much important and relevant to the changes happening in our industry and the new opportunities presented as we go into the second quarter of 2023.

Cybersecurity challenges exist in every aspect of our daily lives. Join me as I discuss with Dom Kirby of Pax8 an approach to cybersecurity with friends and family. Technology helps but it doesn't solve it all.