Sign up to save your podcasts
Or
Share Security Frameworks, Non-Negotiables, and Risky Clients
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Security Frameworks, Non-Negotiables, and Risky Clients
Some MSP clients want to move fast on security. Others only reply when something is on fire.
In this episode of Get NIST-y, the podcast from Blacksmith InfoSec where we turn compliance into practical security for MSPs, we get blunt about what actually moves clients forward and what just creates more noise. The big theme is simple: stop piecing security together from random advice and start operating from a framework. Join us today for part 2 with Josh Hohbein from CentrexIT.
Takeaways:
- Your non-negotiable security controls should be baked into your base offering, not treated like optional add-ons
- If you are still arguing with clients about MFA, you are not ready to sell them a real compliance program
- A framework gives you more than boxes to check. It gives you a roadmap, a way to show progress, and a way to talk about risk like an adult
- One sign your MSP is maturing: you can say no to risky clients instead of taking every headache that shows up
We answer:
- How do you unstick clients who ignore security until something breaks?
- How do you get clients to stop treating security and compliance like optional extras?
- Where should the MSP drive the process, and where does client leadership have to own it?
- How do frameworks help prove progress instead of just creating more paperwork?
Submit your question at:
https://blacksmithinfosec.com/nisty/
View all episodes
By Blacksmith InfoSecSome MSP clients want to move fast on security. Others only reply when something is on fire.
In this episode of Get NIST-y, the podcast from Blacksmith InfoSec where we turn compliance into practical security for MSPs, we get blunt about what actually moves clients forward and what just creates more noise. The big theme is simple: stop piecing security together from random advice and start operating from a framework. Join us today for part 2 with Josh Hohbein from CentrexIT.
Takeaways:
- Your non-negotiable security controls should be baked into your base offering, not treated like optional add-ons
- If you are still arguing with clients about MFA, you are not ready to sell them a real compliance program
- A framework gives you more than boxes to check. It gives you a roadmap, a way to show progress, and a way to talk about risk like an adult
- One sign your MSP is maturing: you can say no to risky clients instead of taking every headache that shows up
We answer:
- How do you unstick clients who ignore security until something breaks?
- How do you get clients to stop treating security and compliance like optional extras?
- Where should the MSP drive the process, and where does client leadership have to own it?
- How do frameworks help prove progress instead of just creating more paperwork?
Submit your question at:
https://blacksmithinfosec.com/nisty/