Sign up to save your podcasts
Or
Share The Hard Truths About M365 Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Hard Truths About M365 Security
Last week at Right of Boom, something interesting happened.
In a conference full of great sessions, one stood out — not because of hype, but because of urgency. Kelvin Tegelaar’s CIPP certification session on securing Microsoft 365 was standing room only. MSPs weren’t there for theory. They were there because M365 has quietly become the single largest attack surface in most of their client environments.
And yet, despite years of focus on security… many organizations are still dangerously exposed. So today isn’t a recap. It’s a debrief.
We’re going to unpack what Kelvin saw, what surprised him most, and what the packed room of MSPs revealed about the current state of M365 security in 2026. Where are providers still overconfident? What controls actually move the needle? And where are attackers winning because of operational gaps — not technology gaps?
Most importantly, we’ll look ahead. If M365 is now the primary battleground for identity, data, and business operations… what does “good” really look like for MSPs moving forward?
View all episodes
By Andrew Morgan
4.7
1616 ratings
Last week at Right of Boom, something interesting happened.
In a conference full of great sessions, one stood out — not because of hype, but because of urgency. Kelvin Tegelaar’s CIPP certification session on securing Microsoft 365 was standing room only. MSPs weren’t there for theory. They were there because M365 has quietly become the single largest attack surface in most of their client environments.
And yet, despite years of focus on security… many organizations are still dangerously exposed. So today isn’t a recap. It’s a debrief.
We’re going to unpack what Kelvin saw, what surprised him most, and what the packed room of MSPs revealed about the current state of M365 security in 2026. Where are providers still overconfident? What controls actually move the needle? And where are attackers winning because of operational gaps — not technology gaps?
Most importantly, we’ll look ahead. If M365 is now the primary battleground for identity, data, and business operations… what does “good” really look like for MSPs moving forward?