Blacksmith Launches GTIA Cybersecurity Trustmark Framework Support for MSPs and Solution Providers

Managed service providers and solution providers need practical ways to turn cybersecurity standards into repeatable operational workflows. Blacksmith’s new support for the GTIA Cybersecurity Trustmark framework is built to do exactly that, giving partners a more streamlined path to manage, operationalize, and demonstrate progress toward the Trustmark inside the Blacksmith platform. This launch reflects a collaboration between Blacksmith and the Global […]
The Gate Moved, the Bar Didn’t: What CMMC’s Phase 2 Suspension Really Means for MSPs

At 3:30 PM Eastern on July 13, 2026, the Department of War (DoW) dropped two memos and kicked off a lot of speculation. The subject lines: “Implementing Department of War Chief Information Officer’s Suspension of the Advancement to Cybersecurity Maturity Model Certification Phase 2 Requirements” and “Removing Barriers to Defense Industrial Base Expansion: Immediate Suspension […]
Cyber Risk Review: Phantom Squatting, Slopsquatting, and HalluSquatting

AI hallucinations are creating a new supply-chain problem for MSPs and the organizations they protect, and the threat has a few names worth remembering: phantom squatting for domains, slopsquatting for packages, and hallusquatting (HalluSquatting) as the broader pattern of weaponizing invented names and links. In the domain version, attackers register the fake web addresses that LLMs […]
The Checkbox Isn’t the Point: Does Speed Undermine Compliance Credibility?

A new piece of research landed recently that should make any MSP concerned with cybersecurity and compliance stop and think. According to a June 2026 study⁽¹⁾ by business resilience specialists IO — conducted among 251 senior UK cybersecurity managers — 87% of respondents believe the speed at which compliance certification is achieved affects its credibility . […]
ClickFix Is Winning Right Now. MSPs Need to Treat It Like a Tier-1 Delivery Threat

ClickFix has become one of the most noteworthy malware delivery methods in 2026 because it bypasses the normal technical choke points MSPs rely on and instead turns end users into the execution mechanism. Recent reporting indicates the technique dominated malware delivery in the March-May 2026 period and should no longer be treated as an emerging tactic […]
Compliance as a Service: Turning Red Tape into Client Value

Most MSPs talk about security as a way to “keep you safe.” That’s fine, but it misses the reason your clients are suddenly paying attention to compliance: their ability to win business, keep contracts, and stay insurable now depends on being able to prove they’re safe to work with. Compliance frameworks are not just about […]
Don’t Blame the Drill: Why Your Security Stack Isn’t Your Security Strategy

Imagine you hire a handyman to mount your new TV. A few days later, it crashes off the wall. Your first instinct isn’t to question the brand of drill he used. You blame the man who held it. Something he did wasn’t up to par — the anchor placement, the stud check, the torque on […]
Industry Pros Are Talking About the End of Human Pen Testing. Are They Right?

The “death of human pen testing” makes a great headline, but what we are really watching is the death of traditional pen testing: slow, point‑in‑time, human‑only engagements that cannot keep up with AI‑accelerated attack surfaces or modern compliance expectations. Automated and AI‑assisted testing will gut the old model — but they are far more likely to […]
Shadow AI Is Now Your Problem: Why Doubling Sensitive Data Uploads Should Keep MSPs Up at Night

There has been a 93% year-over-year increase in employees transferring enterprise data to AI tools. — Zscaler 2026 AI Threat Report Managed service providers are quietly inheriting a new kind of data‑loss problem: clients’ employees are shoveling sensitive data into AI tools at a rate that has doubled in the last year, with the average […]
Stop Selling Cybersecurity and Compliance With Negative Social Proof

Most MSPs are accidentally talking prospects out of buying cybersecurity and compliance. By leaning on “shock” statistics about how few businesses take security seriously, they normalize doing nothing instead of making action feel urgent and expected. Stop selling security like a bad cheeseburger Imagine trying to sell a burger by saying, “Did you know 80% […]