Wes Spencer’s Post

We **NEED** accountability for MSPs/MSSPs/IT Providers- I cannot stress to people enough that your stack is not going to save you. When your client gets hacked, not if- and you're standing in court defending your actions because you did EVERYTHING you could do as the professional YOU (the MSP) warranted yourselves to be could have possibly done to proactively protect the client- and the attorney asks you why you never finished IG1 of CIS and you need to google what CIS is.... You're cooked friend. No amount of, "We used <insert leading vendor here> as our EDR" is going to save you. I have so many MSPs asking me the same question: "what X should I buy", but none of them are asking "How do I create a defense in depth strategy that fits my client's risk profile and tolerance, and why does it matter". I agree entirely with Bob Miller. I think we genuinely need a regulatory body to govern MSPs/MSSPs- you're telling me an attorney has to go through 7ish years of school, pass the BAR, and then has to answer to a regulatory committee and abide by specific standards, but Joe Shmo MSSP owner with 37 minutes of YouTube, a free Canva account, and a laptop can nuke an entire business overnight putting dozens out of work and costing the owner millions?

We **NEED** accountability for MSPs/MSSPs/IT Providers- I cannot stress to people enough that your stack is not going to save you. When your client gets hacked, not if- and you're standing in court defending your actions because you did EVERYTHING you could do as the professional YOU (the MSP) warranted yourselves to be could have possibly done to proactively protect the client- and the attorney asks you why you never finished IG1 of CIS and you need to google what CIS is.... You're cooked friend. No amount of, "We used <insert leading vendor here> as our EDR" is going to save you. I have so many MSPs asking me the same question: "what X should I buy", but none of them are asking "How do I create a defense in depth strategy that fits my client's risk profile and tolerance, and why does it matter". I agree entirely with Bob Miller. I think we genuinely need a regulatory body to govern MSPs/MSSPs- you're telling me an attorney has to go through 7ish years of school, pass the BAR, and then has to answer to a regulatory committee and abide by specific standards, but Joe Shmo MSSP owner with 37 minutes of YouTube, a free Canva account, and a laptop can nuke an entire business overnight putting dozens out of work and costing the owner millions?

So many scammers out there! If you’re bank isn’t having this conversation with you, they are doing you a disservice!!! Follow these simple steps, and ask a #FirstHorizon banker for more tips and tricks to avoid the scams and bank with ✨CONFIDENCE!✨

🚨 Excited to share our newly published CISO Fact Book! 🚨 The rise of remote work and connected devices is expanding the attack surface, making security management tougher. It's time to shift from reactive to proactive strategies, focusing on hardening configurations and improving cyber hygiene. GYTPOL's platform ensures businesses stay ahead of threats with dynamic remediation that secures devices without disrupting operations. Some key highlights: 73% of organizations are estimated to have at least one critical security Misconfiguration representing an open door to attackers. Malicious actors are quick to take advantage, with 80% of ransomware attacks caused by misconfigurations” 4000+ ransomware attacks every year exploiting misconfigs” GYTPOL observes that “90%+ of lateral device-to-device communications are unnecessary and should be blocked.” 💡 Discover how quick wins in misconfigurations can secure your devices. Download to learn more! 📥 Get your copy here: https://lnkd.in/eE7_aaTk #CISOFactbook #Misconfigurations #GYTPOL Tal Kollender Ilan Mintz Paul Goldweitz Mor Bikovsky Dean Roberts Snir Cohen Frank Tiano Chris O'Connor Chris Leggett David Rummage Limor Bakal Will Matthews Yury Kissin 🇮🇱 Mark Zuk Bar Bikovsky

My first few months evaluating cyber security were challenging. I would spend hours deciphering complex data. If I was starting over, the first thing I would do is immediately implement a comprehensive assessment framework. This solves everything by providing a clear picture of security strengths and weaknesses. Share your thoughts below or visit https://lnkd.in/eSYdFrft for more insights. Drop me a follow or feel free to connect!

🚨 Recent FTC ruling! Non-compete agreements are now largely unenforceable, changing the game for business leaders. This means we need to be direct and honest about our protective measures. In the past, tracking and monitoring the copying of physical documents like customer lists and data was nearly impossible, but today, technology offers real solutions. We have tools that make it tough for employees to leave with valuable data, whether it's customer lists, intellectual property, or sensitive formulas. Every business, no matter the size, can implement effective digital safeguards. From restricting USB access to setting up stringent policies, it's easier and more affordable than ever to protect your assets. 🔍 Ready to ensure your business is secure? Evaluate your insider threat risk with our self-performed cyber risk checklist today. Get started here: https://lnkd.in/dei_v593 #CyberSecurity #BusinessLeadership #DataProtection #FTCRuling

🚨 Recent FTC ruling! Non-compete agreements are now largely unenforceable, changing the game for business leaders. This means we need to be direct and honest about our protective measures. In the past, tracking and monitoring the copying of physical documents like customer lists and data was nearly impossible, but today, technology offers real solutions. We have tools that make it tough for employees to leave with valuable data, whether it's customer lists, intellectual property, or sensitive formulas. Every business, no matter the size, can implement effective digital safeguards. From restricting USB access to setting up stringent policies, it's easier and more affordable than ever to protect your assets. 🔍 Ready to ensure your business is secure? Evaluate your insider threat risk with our self-performed cyber risk checklist today. Get started here: https://lnkd.in/gBuhq5WM #CyberSecurity #BusinessLeadership #DataProtection #FTCRuling

The human scale era of cyber is over. If you are reliant on people doing things properly you will never be mature, even if they do those things really well. We have too long relied on people in the loop to get accuracy of action, favoring availability over other security outcomes. Maybe that still works for some organizations, but not for long. The cyber challenge of tomorrow (and probably today tbh) is about speed. Do you know what / where your crown jewels are, and do you have automated response systems in place to protect them? Or is your automation focused on lower value targets where availability is less of a concern? If the former, how did you get your business leaders comfortable with the increase A risk in favor of C and I? #cyber #automation #incidentresponse

Breaches Anticipated in FINANCE Sector as CyberSecurity Posture at each firm is so low. To view full screen & download on PC, hover cursor at bottom right of image.   Please SHARE, to raise awareness on how to prevent breaches at Suppliers & Subsidiaries. Then ask Cyber Rescue Alliance for a complementary assessment of your Competitors & Peers, and see how Security Scorecard ratings can reduce risk across your supply chain.   And follow this page for daily insights about cyber risk = https://lnkd.in/eHTGwDC

#Cybersecurity isn’t just about tech and tooling — it’s about knowledge and understanding. For example, knowing where and why most businesses fall short. This Factbook contains more than 50 key insights to help CISOs answer those questions. Get your copy now → https://lnkd.in/d8Cxa9-G