MSP 1337 | Cybersecurity Education & Security Guidance
Educational sound bytes to help MSPs and their clients navigate Cybersecurity. Cybersecurity maturity is a journey; don't go it alone. Interviews and guidance from fellow MSPs and other Industry experts. Our goal is Secure Outcomes, and together we can make a difference.
Episodes
This episode explores how cybersecurity is evolving from point-in-time assessments to continuous, intelligence-driven operations. Galena Koh of Cyber Bay shares how predictive analytics, crowdsourced ethical hackers, and AI are reshaping how organizations understand and manage risk. We discuss how to scale security without adding headcount, why human expertise remains essential, and how governance and trust underpin effective secur...
In this special episode of MSP 1337, CJ is joined by Brooke Lee (Rev.io) and Stacey Whitley (GTIA) to unpack how ITSPs can translate industry engagement into measurable outcomes. Attending events is easy, but most organizations struggle to turn what they learn into real operational outcomes.
Brooke and Stacey share how their collaborative event recap initiative is helping bridge that gap by distilling key takeaways from major chann...
In this episode, Josh Hohbein of CentrexIT breaks down a practical, MSP-centric approach to risk assessments that moves beyond complex, consultant-driven reports and toward clear, actionable business outcomes. He shares how combining vulnerability scans, client interviews, and system configuration reviews, anchored in a cyber maturity model, helps MSPs translate technical findings into meaningful risk conversations, especially duri...
In this MSP1337 fireside chat, you and Matt Lee unpack the idea of a “vulnpocalypse”, a rapidly emerging reality in which AI-driven tools are accelerating vulnerability discovery at a pace organizations can't keep up with. While much of the industry is focused on the fear and hype, the conversation shifts to what actually matters: operational response. You highlight that the shrinking gap between proof of concept and ac...
In this episode, Chris Johnson sits down with Eric Shoemaker of Genius GRC to unpack one of the most misunderstood shifts in the MSP space: the move from tool-driven cybersecurity to standards-aligned governance, risk, and compliance programs.
Eric explains why Genius GRC isn’t a software platform and why that distinction matters. Together, they explore how early automation wins (like continuous access reconciliations) impress...
In this episode of MSP1337, Chris Johnson is joined by Jeff Majka, founder of Security Bulldog, to unpack why MSP‑delivered SOC services are at a breaking point, and how AI and automation are forcing a reset. They explore why traditional tiered SOC models and white‑label thinking no longer scale, how ungoverned AI adoption collides with zero trust, and why speed and decision quality now matter more than raw data or CVE counts. From...
Chris Johnson sits down with Ido Green of Espresso Labs to explore how AI and local agents can reduce cybersecurity noise, offload Level 1 work, and continuously enforce compliance, without losing human control. They discuss guardrails for safe automation, multi-vendor telemetry, drift detection, evidence collection at scale, and why “reporting gaps” isn’t enough if you can’t execute remediation and preserve...
A sit-down with Hamid Ganadan, author of “Not Buying It: The Art of Selling to Scientists, Doctors, and Other Professional Skeptics,” on how MSPs can sell to skeptical, highly educated buyers. This is an exploration of the psychology of decision-making, shifting prospects from skepticism to curiosity, leading with feelings over facts, crafting insights that differentiate offerings, and timing data to validate rather tha...
In this episode of MSP 1337, Chris Johnson sits down with Jim Harryman to break down why passing audits doesn’t equal real security, and why MSPs get into trouble when frameworks turn into checklists.
Drawing from firsthand experience with SOC 2 Type 2, CIS Controls, and the GTIA Cybersecurity Trustmark, Jim shares practical lessons on evidence quality, shared responsibility, inherited security, and the dangers of assumptions....
Most MSPs don’t fail at cybersecurity because of missing tools; they stall because they miss the maturity inflection point where governance must replace tactics. In this episode, we break down what actually defines cybersecurity maturity, contrasting technical frameworks with governance-driven models that reflect real organizational behavior.
Using the GTIA Cybersecurity Trustmark’s four-level maturity lens alongside Jos...
In this episode, we unpack one of the most misunderstood topics in the MSP industry: insurance. From Errors & Omissions to cyber insurance, we break down what these policies actually cover, and more importantly, what they don’t. The conversation challenges the assumption that buying insurance equals risk transfer and explores how liability really plays out across MSPs, clients, and third‑party vendors.
We discuss why cyber...
Clear communication is one of the most overlooked and most costly challenges in IT service providers. In this episode, Chris sits down with Amy Reczek, communication and presence expert, to unpack why misalignment happens between leadership, teams, and clients, and how understanding the “why” behind communication changes everything. From ineffective meetings and virtual body language to intent versus impact, this conver...
The critical importance of going beyond just getting technology to work, addressing the underlying security, scalability, and proper implementation, rather than just fixing symptoms. Eric Hansen, of Inland Productivity Solutions, emphasized the importance of starting troubleshooting at the very beginning, even when engineers claim they've already done everything. He discussed their hiring process, which prioritizes people skills an...
A real-world phishing incident. Real financial impact. Real lessons for MSPs.
In this episode, we unpack a phishing attack that led to unauthorized access to an Azure subscription and significant financial loss for an MSP client. The conversation goes beyond the incident itself to examine where policy gaps, weak controls, and unclear ownership increased liability, and what changed when the MSP committed to cybersecurity maturity.
Joi...
Google Ads can disappear overnight, and for millions of businesses, it has. In this episode, John Horn of Stub Group breaks down the growing cybersecurity risks behind Google Ads account suspensions and why 39 million accounts were shut down in 2024.
We explore Google’s automated, all‑or‑nothing enforcement model, how website vulnerabilities, phishing attacks, and account takeovers trigger suspensions, and why recovery is ofte...
Cybersecurity maturity isn’t earned in audits, it’s earned in the operational moments where governance either shows up… or it doesn’t. Today’s conversation with Mike Stewart of Anchor Networks goes deep on MSP maturity. How leadership tone, culture, and repeatable decision systems turn policies into actual behavior.
We cover why security awareness must be frequent (not annual), why “the why&rdquo...
Managed Service Providers are being pushed to “get compliant fast.” In my discussion with Bruno Leqoc, we reframe the challenge. Compliance isn’t security, and lasting compliance depends on security maturity first. Highlighting how AI policy can extend existing governance frameworks, why Microsoft Secure Score is a practical readiness indicator, and why foundational controls (MFA, patching, device management/remot...
Exploring the fast-moving intersection of AI governance, ethics, and cybersecurity, examining how organizations are struggling to adopt AI responsibly while keeping pace with innovation. The conversation highlights a growing disconnect between enthusiasm for AI tools and the absence of clearly defined use cases, governance models, and security guardrails.
As AI capabilities rapidly expand, Dr. Adeel Sheikh Mohammed emphasizes that o...
Phishing simulations are one of the most debated tools in cybersecurity awareness, but do they actually work?
In today’s episode, we’re joined by David Shipley, former soldier turned cybersecurity researcher and founder of Beauceron Security, to unpack what the data really says about phishing simulations, human behavior, and why zero clicks has never been, and will never be, the goal.
Have you ever been stuck in an elevator? What happens when you push the call button? Physical safeguards managed by a 3rd party are often ignored or marked as N/A. What happens when processes and procedures don't get updated after a change? Listen in as Charles Love of ShowTech Solutions shares his experience of being trapped in an elevator and what we should all take away in lessons learned.
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Hey Jonas! The official Jonas Brothers podcast. Hosted by Kevin, Joe, and Nick Jonas. It’s the Jonas Brothers you know... musicians, actors, and well, yes, brothers. Now, they’re sharing another side of themselves in the playful, intimate, and irreverent way only they can. Spend time with the Jonas Brothers here and stay a little bit longer for deep conversations like never before.
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by Audiochuck Media Company.
Building on the belief that a deeper understanding of the natural world enriches all of our lives, host Steven Rinella brings an in-depth and relevant look at all outdoor topics including hunting, fishing, nature, conservation, and wild foods. Filled with humor, irreverence, and things that will surprise the hell out of you, each episode welcomes a diverse group of guests who add their own expertise to the vast world of the outdoors. Part of The MeatEater Podcast Network.
Where the world and America meet, with episodes each weekday. The world is changing. Decisions made in the US and by the second Trump administration are accelerating that change. But they are also a symptom of it. With Asma Khalid in DC, Tristan Redman in London, and the backing of the BBC’s international newsroom, The Global Story brings clarity to politics, business and foreign policy in a time of connection and disruption. Come and join us our live event. You can register for Castfest tickets here: https://www.bbc.co.uk/showsandtours/shows/castfest-2026