My Thoughts on the CISA MSP Advisory

CISA published their advisory bulletin addressing risk considerations for organizations thinking about using managed service providers. This is a great advisory, but it has some areas of potential misinterpretation in it, chiefly because CISA has departed from a security group and expanded into territory in which it has little experience.   Highlights:   What if organizations stopped using MSPs?   Yes, all customers ought to be responsible and consider risks of outsourcing. But, risks of not managing IT are far greater than the risks of outsourcing  Targeting of managed services supply chain vendors is NOT a symptom of poor MSP security, it's a symptom of the unchecked business of cybercrime  MSP Zone Reading Material: Risk Considerations for MSP Customers | CISA

Om Podcasten

Weekly discussion of news, events, and topics of interest to the global managed services professional community. The series will have the latest and most relevant discussions in managed services and cloud computing, featuring special guests and notable figures in the profession.