• Your Phone is the Weakest Link
    2026/07/06

    Everyone talks about email phishing, ransomware, and endpoint security, but one of the most dangerous attack vectors is sitting in your pocket. In this episode of MSP1337, Chris Johnson sits down with Mark Kreitzman of Efani to expose the growing threat of SIM swapping, mobile account takeovers, and the hidden security gaps traditional carriers have failed to solve. They explore why mobile numbers remain a critical trust anchor for banking, MFA, and identity verification, how carrier business models contribute to risk, and what individuals and organizations can do to better protect themselves. The conversation also examines secure phones, privacy realities, and why true mobile security requires protecting the account behind the device, not just the device itself.

    続きを読む 一部表示
    36 分
  • Measuring What Matters in Cybersecurity Maturity
    2026/06/30

    The cybersecurity industry loves to sell tools. What it rarely talks about is the hard work required to make those tools effective. In this episode, Jim Harryman joins Chris to challenge the idea that technology alone creates security. They discuss why mature organizations focus on governance, accountability, documentation, policies, review cycles, and operational discipline long before they look for the next shiny solution. If you've ever mistaken a technology purchase for progress, this conversation may be the reality check your organization needs.

    続きを読む 一部表示
    43 分
  • Your Passport Isn’t the Problem, Your Security Habits Are
    2026/06/23

    Planes, hotels, and conference stages aren’t what put you at risk, it’s what you bring with you. In this episode, Dawn Sizer of 3rd Element dives into the real reasons traveling professionals become easy targets: weak policies, poor communication, unsecured devices, and total blind spots around personal data exposure. From conditional access headaches to rideshare risks and AI policy chaos, this is a practical, no-excuses look at how security breaks down in the real world, and what you need to fix before your next trip.

    続きを読む 一部表示
    31 分
  • From Reactive Security to Continuous Intelligence
    2026/06/16

    This episode explores how cybersecurity is evolving from point-in-time assessments to continuous, intelligence-driven operations. Galena Koh of Cyber Bay shares how predictive analytics, crowdsourced ethical hackers, and AI are reshaping how organizations understand and manage risk. We discuss how to scale security without adding headcount, why human expertise remains essential, and how governance and trust underpin effective security ecosystems. The result is a clearer model for modern cybersecurity, proactive, collaborative, and built for constant change.

    続きを読む 一部表示
    33 分
  • Taking Advantage of GTIA Resources for Lasting Business Impact
    2026/06/09

    In this special episode of MSP 1337, CJ is joined by Brooke Lee (Rev.io) and Stacey Whitley (GTIA) to unpack how ITSPs can translate industry engagement into measurable outcomes. Attending events is easy, but most organizations struggle to turn what they learn into real operational outcomes.

    Brooke and Stacey share how their collaborative event recap initiative is helping bridge that gap by distilling key takeaways from major channel events into practical, accessible insights. More importantly, they highlight how GTIA serves as the connective tissue that sustains momentum beyond the event, enabling peer accountability, ongoing education, and real community engagement.

    The discussion reinforces the business value of GTIA membership beyond networking. From structured onboarding and mentorship to role-based education and vendor-neutral collaboration, GTIA provides a scalable approach to developing teams, reducing isolation, and accelerating organizational maturity. Brooke’s perspective on embedding GTIA into Rev.io’s onboarding model illustrates how intentional engagement can drive adoption and long-term ROI.

    Cybersecurity is a central theme, with a focus on GTIA’s Cybersecurity Resource Hub, ISAO, and the GTIA Cybersecurity Trustmark Best Practices. Stacey emphasizes the importance of community-driven intelligence and real-time peer support, particularly during incidents, capabilities that many ITSPs struggle to access independently.

    The episode closes with a candid look at how authentic, experience-driven content, rather than polished production, builds trust, strengthens relationships, and lowers barriers to participation across the channel.

    Bottom line: GTIA is more than membership, it is more than a community, and as an association, it is greater than the sum of its parts. GTIA is a force multiplier for learning, accountability, and cybersecurity maturity when actively leveraged.

    続きを読む 一部表示
    33 分
  • Simplifying Risk Assessments for Real Cybersecurity Impact
    2026/06/02

    In this episode, Josh Hohbein of CentrexIT breaks down a practical, MSP-centric approach to risk assessments that moves beyond complex, consultant-driven reports and toward clear, actionable business outcomes. He shares how combining vulnerability scans, client interviews, and system configuration reviews, anchored in a cyber maturity model, helps MSPs translate technical findings into meaningful risk conversations, especially during onboarding. The discussion highlights the importance of ownership, communication, and collaboration in managing inherited client risk, while previewing a live demonstration session at Pack State Beyond, designed to equip MSPs with repeatable frameworks they can own. Ultimately, the episode reinforces that effective risk assessments aren’t about identifying more issues; they’re about enabling better decisions, strengthening governance, and driving measurable security maturity.

    続きを読む 一部表示
    25 分
  • Vulnpocalypse Isn’t Coming, It’s Already Breaking Your Patch Cycle
    2026/05/26

    In this MSP1337 fireside chat, you and Matt Lee unpack the idea of a “vulnpocalypse”, a rapidly emerging reality in which AI-driven tools are accelerating vulnerability discovery at a pace organizations can't keep up with. While much of the industry is focused on the fear and hype, the conversation shifts to what actually matters: operational response. You highlight that the shrinking gap between proof of concept and active exploitation is forcing a fundamental change in how MSPs and organizations manage risk, especially in patching velocity, exposure management, and accountability for internet-facing systems. The takeaway is clear: this isn’t just a future threat, it’s a present inflection point requiring faster, more automated, and governance-aligned security practices.

    続きを読む 一部表示
    27 分
  • Governance, Risk, Compliance (GRC), and the MSP Wake-up Call
    2026/05/19

    In this episode, Chris Johnson sits down with Eric Shoemaker of Genius GRC to unpack one of the most misunderstood shifts in the MSP space: the move from tool-driven cybersecurity to standards-aligned governance, risk, and compliance programs.

    Eric explains why Genius GRC isn’t a software platform and why that distinction matters. Together, they explore how early automation wins (like continuous access reconciliations) impressed auditors but didn’t replace the need for real governance, documented reviews, and independent judgment. As the market matures, the conversation turns to a growing risk: MSPs and SMBs stacking new security tools while core systems remain misconfigured and under-governed.

    Chris and Eric tackle the myth of “do-it-yourself” GRC, the dangers of vibe-based compliance, and why tools only amplify expertise; they don’t replace it. They also dig into the critical separation between IT operations and security leadership, making the case for advisory or independent CISO models that reduce conflicts of interest and improve risk outcomes.

    The discussion closes with practical, budget-conscious fundamentals, such as DNS filtering, CIS IG1, and free or low-cost controls that actually move the needle, plus hard truths about negligence versus resourcing failures and why resilience must be budgeted from day one.

    If you’re an MSP, consultant, or business leader navigating cybersecurity maturity, this episode is a grounded, no-hype look at what actually reduces risk.

    続きを読む 一部表示
    34 分