MSP as Compliance Coach: Educating Clients to Prevent Regulatory Mistakes Before They Happen
Managed service providers are more than just technical troubleshooters — they’re essential compliance coaches, guiding clients through complex requirements and helping them avoid costly mistakes before they happen. Here’s how smart MSPs can position themselves as compliance coaches, using technology and education to drive measurable client success (and how tools like Blacksmith make that journey […]
Free, Open Source Risk Assessment Tool for MSPs and vCISOs
We Just Released a Free Risk Assessment Tool! We’ve been talking with a lot of our partners lately, and a couple of things keep coming up: risk assessments and sales enablement. MSPs want a simple tool to evaluate client risk and show value early in the conversation without getting buried in complexity or licensing costs. […]
The Rise of DragonForce — How Ransomware Cartels Reshape Cybercrime
DragonForce has quickly transformed from the shadows of obscurity into one of the most watched ransomware cartels of 2025, marking a significant evolution in both the scale and style of cyber extortion. First identified by security researchers in 2023, DragonForce initially operated as a Ransomware-as-a-Service (RaaS) enterprise, rapidly gaining notoriety in 2024 with high-profile attacks […]
The Hidden Compliance Crisis: Shadow AI in the Workplace
As artificial intelligence reshapes business operations, one of the most pressing yet underappreciated compliance risks is the rise of Shadow AI — employees using unsanctioned AI tools without organizational oversight. From ChatGPT-style assistants and automated copilots to image generators and workflow agents, these tools have infiltrated workplaces at astonishing rates. According to Microsoft’s 2025 Work Trend […]
MSPs Face Compliance Crossroads: Managing Supply Chain, Third-Party, and Data Privacy Risks in 2026
MSPs (Managed Service Providers) are facing an urgent need to elevate their risk and compliance programs due to evolving supply chain, third-party, privacy, and disclosure requirements in 2025 and into 2026. For compliance leaders, keeping pace with these changes is no longer optional — it’s both a survival strategy and a proactive way to leverage […]
CISA Flags Rapid7 Velociraptor Vulnerability as Active Ransomware Target
A critical vulnerability in Rapid7’s Velociraptor — tracked as CVE-2025-6264 — has recently been highlighted by the Cybersecurity and Infrastructure Security Agency (CISA), underscoring new risks faced by organizations relying on security tools for endpoint monitoring and threat hunting. The flaw, now included in CISA’s Known Exploited Vulnerabilities catalogue, has become a key target for […]
Ransomware as a Service: The Shift in Cybercrime Targeting MSPs and Their Clients
Understanding Ransomware as a Service (RaaS) Ransomware-as-a-Service (RaaS) is transforming the way MSPs face cybercrime, allowing anyone — not just technical experts — to launch devastating attacks through rented ransomware platforms. These service models reduce the barriers to entry for ransomware actors by providing them with ready-made toolkits, infrastructure, and support, while developers take a […]
MSPs and Incident Response Plans — An Overview
For Managed Service Providers (MSPs), incident response planning is a critical part of cybersecurity preparedness. With cyber threats targeting not only their own infrastructure but also their clients’ systems, MSPs face unique risks and high stakes when it comes to incident response. Having a clear, actionable incident response plan can mean the difference between business […]
Exploring the October 2025 Discord Data Leak
In early October 2025, Discord disclosed a significant data breach that exposed confidential user data through a compromise at a third-party customer support provider. This incident has triggered renewed concerns about supply chain security and the risks associated with trusted external vendors in today’s interconnected IT ecosystem. The breach not only affected Discord’s own systems […]
Semi-Autonomous Security Operations: How AI and Humans Team Up
Semi-autonomous security operations are reshaping how organizations defend against evolving threats, marrying the strengths of AI-driven platforms with the irreplaceable judgement of human analysts. Advanced Security Operations Center (SOC) tools now automate initial triage, evidence gathering, and even aspects of incident response, enabling faster, around-the-clock threat detection and significantly reducing repetitive manual toil for security […]