Bridging Visibility and Governance: What Next-Gen Compliance Should Look Like for MSPs
Modern Managed Service Providers (MSPs) face a new reality: compliance isn’t just about going through the motions for an auditor’s checklist — it’s about equipping organizations to detect, defend, and adapt to ever-evolving threats. Achieving true compliance maturity requires orchestrating both visibility into technical environments and governance through actionable, business-ready controls. Why Traditional Approaches Fall Short Many MSPs […]
Blacksmith InfoSec and Liongard Announce Strategic Integration
At Blacksmith InfoSec, we’ve always believed that real security outcomes should drive compliance. That’s why we’re thrilled to announce our latest integration with Liongard, a move that transforms how Managed Service Providers (MSPs) approach compliance audits. This integration empowers MSPs to automate user-centric security audits across Microsoft 365, Google Workspace, and any system connected via Liongard […]
Demystifying CMMC for MSPs
The Cybersecurity Maturity Model Certification (CMMC) has become a central compliance requirement for organizations in the U.S. defense supply chain. For Managed Service Providers (MSPs), understanding CMMC is essential — not only to support clients but also to ensure their own operations align with evolving Department of Defense (DoD) expectations. This article breaks down what […]
Understanding Security Policies for MSPs and IT Professionals
Security policies are the backbone of an organization’s information security program. These policies are shaped not only by internal business needs but also by a complex landscape of federal and state regulations. Security policies define how information assets are protected, who is responsible for safeguarding them, and the standards by which compliance is measured. For […]
The Great Password Purge: Why 2025 is the Year to Finally Kill Legacy Authentication
The era of passwords could be ending — and if that’s true, 2025 marks the tipping point. With password attacks surging to 7,000 per second and legacy authentication becoming the weakest link in organizational security, the shift to passwordless methods is no longer optional but a critical business imperative. As Microsoft phases out password support in Authenticator […]
AI Model Poisoning: The Silent Threat to Your Organization’s Machine Learning Infrastructure
As organizations rapidly integrate artificial intelligence into their operations, a insidious new attack vector has emerged that threatens the very foundation of machine learning systems. AI model poisoning represents a sophisticated form of cyberattack that manipulates training data to corrupt AI models, potentially causing catastrophic failures in critical business systems. Understanding the Attack Vector AI model poisoning […]
A Practical Guide to Choosing the Right Frameworks for Your Organization
Navigating compliance in 2025 feels like standing in front of a wall of acronyms — SOC 2, HIPAA, PCI DSS, NIST CSF, CIS Controls, CMMC — each promising to solve your security and regulatory challenges. For managed service providers and IT organizations, this abundance of frameworks creates a paradox of choice that can paralyze decision-making […]
Mid-Year Cyber Threat Landscape Review: What’s Changed in 2025
As we reach the halfway point of 2025, the cybersecurity realm has undergone dramatic shifts that demand immediate attention from security professionals worldwide. The first six months of this year have revealed unprecedented changes in attack methodologies, threat actor sophistication, and the integration of artificial intelligence into cybercriminal operations. This comprehensive review examines the most […]
Summer Security Slump: Protecting Your Organization During Vacation Season
Summer vacation season presents a perfect storm of cybersecurity challenges for organizations worldwide. While employees enjoy well-deserved time off, cybercriminals are ramping up their efforts, taking advantage of reduced staffing, delayed incident response capabilities, and relaxed end-user vigilance. With 85% of organizations scaling down their security operations center staffing during holidays and weekends, the summer months […]
FAQs: Answering the Most Common Compliance Questions for Businesses
Navigating compliance is not optional for many organizations operating in the United States — and the number of businesses affected by regulations is growing. As it stands, U.S. businesses must adhere to a wide range of federal, state, and local regulations that govern everything from data privacy and workplace safety to tax reporting and employment […]