How to Make Security Awareness Stick With Your Clients (Without Scare Tactics)
Every October, inboxes fill with ghostly warnings, skeleton memes, and stats about lurking cyber threats — because Halloween is peak season for “scary” security marketing. Vendors and MSPs have leaned on puns and percentages for years, hoping to rattle clients into paying attention. Yet research shows that fear-based tactics, while momentarily grabbing attention, rarely create […]
What is Couch to Compliance?
This is a bit of a teaser introduction to our brand-new Couch to Compliance program. (If you’re a partner or you’ve been on a Blacksmith demo, you might have already seen some emails about it. 😎) Couch to Compliance is all about making the leap from the sidelines into the action, turning the complex world […]
What Is Decision Debt — and Why It Matters for Compliance and MSPs
In the fast-moving tech economy, every organization faces pressure to evolve quickly. But when leaders hesitate, delay, or defer critical choices, they accumulate something rarely tracked on any report: decision debt. Like technical debt in code, decision debt silently compounds interest until progress, compliance, and culture are all burdened by its weight. What Is Decision […]
5 Compliance Myths That Deserve to Be Busted
Managed Service Providers have evolved far beyond their origins as break/fixers and IT caretakers. In 2025, MSPs operate inside a tightening mesh of cybersecurity obligations, data privacy regulation, and AI governance frameworks. Yet even as MSPs step up to protect client networks, many still stumble over long-standing myths about compliance — myths that can prove […]
The Hidden Compliance Crisis: Shadow AI in the Workplace
As artificial intelligence reshapes business operations, one of the most pressing yet underappreciated compliance risks is the rise of Shadow AI — employees using unsanctioned AI tools without organizational oversight. From ChatGPT-style assistants and automated copilots to image generators and workflow agents, these tools have infiltrated workplaces at astonishing rates. According to Microsoft’s 2025 Work Trend […]
MSPs Face Compliance Crossroads: Managing Supply Chain, Third-Party, and Data Privacy Risks in 2026
MSPs (Managed Service Providers) are facing an urgent need to elevate their risk and compliance programs due to evolving supply chain, third-party, privacy, and disclosure requirements in 2025 and into 2026. For compliance leaders, keeping pace with these changes is no longer optional — it’s both a survival strategy and a proactive way to leverage […]
State Breach Laws, SEC Regulation S-P, and CIRCIA Drive Urgent Changes for 2025
Major regulatory and compliance changes in 2025 will transform how Managed Service Providers (MSPs) operate, manage risk, and support clients. Getting serious about compliance now is critical for MSPs who want to hedge against steep penalties and regulatory disruption in the years ahead. State Breach Notification Law Updates U.S. states such as California, New York, […]
CISA Flags Rapid7 Velociraptor Vulnerability as Active Ransomware Target
A critical vulnerability in Rapid7’s Velociraptor — tracked as CVE-2025-6264 — has recently been highlighted by the Cybersecurity and Infrastructure Security Agency (CISA), underscoring new risks faced by organizations relying on security tools for endpoint monitoring and threat hunting. The flaw, now included in CISA’s Known Exploited Vulnerabilities catalogue, has become a key target for […]
Blacksmith Wins Channel Program Category Leader Badge
Blacksmith has just been awarded the Channel Program’s prestigious Category Leader badge, a distinction reserved for the top-rated vendors in the IT channel across more than 80 technology categories. This achievement is a powerful endorsement from the Managed Service Provider (MSP) community, as Category Leader badges are earned through verified, real-world peer reviews and evaluations […]
Ransomware as a Service: The Shift in Cybercrime Targeting MSPs and Their Clients
Understanding Ransomware as a Service (RaaS) Ransomware-as-a-Service (RaaS) is transforming the way MSPs face cybercrime, allowing anyone — not just technical experts — to launch devastating attacks through rented ransomware platforms. These service models reduce the barriers to entry for ransomware actors by providing them with ready-made toolkits, infrastructure, and support, while developers take a […]