Skip to main content
Right of Boom
May 19, 2025

Fifth Year Reunion

The five-year anniversary of the Cyber Call marked a significant milestone for Managed Service Providers (MSPs), highlighting how far the industry has come and where it is headed. Born during the early days of the COVID-19 pandemic, the Cyber Call created a space for MSPs to connect, collaborate, and grow together. Over the years, cybersecurity has transformed from a technical afterthought into a central business concern, with MSPs evolving in their understanding of frameworks, regulations, and the importance of moving beyond “good enough” security. Today, MSPs face a range of challenges, including a widening skills gap, the need to demonstrate business value, and the growing complexity of securing environments like Microsoft 365. Emerging technologies like AI and large language models also present both opportunities and responsibilities. Looking ahead, MSPs are encouraged to invest in education, become more involved in their clients’ business processes, and position themselves as strategic partners rather than just service providers. To thrive, MSPs must continuously assess their security strategies, refine their communication, and embrace new technologies such as AI. The insights shared during the anniversary serve as a roadmap for MSPs to navigate the evolving cybersecurity landscape with confidence and purpose.

Guests

Andrew Morgan

Video Transcript

All right. Welcome everyone. Hard to believe we are five years here at the cyber call. Um, I just want to make sure you all can hear and see us. Okay. Um, back then we had Crowdcast and, um, one of the bummers, Kyle and Wes, about Restream is, uh, only the moderator can type, but if you guys go out to YouTube, uh, you guys can interact just like that, uh, with everybody. If you guys are watching on cyber, on write a boom slash cyber call live.

As long as you're logged in to YouTube, um, you can type right, right there as well with everybody. Um, so, uh, a lot of folks coming on in right now. Um, I'm gonna just mention a few things. One, um, unfortunately Gary had an unexpected funeral that he had to attend today. Um, so our hearts go out to him. I know he's going through a tough time. Um, and, um, so Phyllis, thank you for, um, filling in for Gary. Uh, much appreciated. Um, yeah.

Um, and then, um, yes, Chris Laer out there, Chris, um, uh, be the, uh, uh, the, uh, dictator, uh, Wes, although has claimed that I want you to be the dictator out there about chat force interaction. Um, but yeah, definitely we'd love to hear from you all. Um, that'll be part of today. It was such a big part of when we kick this off. Um, so I'm gonna just set the stage and get right on into this.

Uh, and I'm sure you all know Kyle and Wes, but I will let them intro for any of you out there that may not know them. Um, but, you know, five years ago, what a difference five years makes. Um, although Wes, um, you brought Covid back, uh, as I understand it right now, uh, you're dealing with it. So thank you for, I'm on some serious drugs right now. Oh Man. Sorry to hear that. Yeah, I lost the whole weekend to it. Um, and I'm like super fuzzy right now.

So if I'm like, wait, what did you just say? Just forgive me. I'm making it through. Yeah. But I wouldn't miss this for the world. Yeah, I, I've got the up last, so I'm gonna definitely get some complicated words thrown out. Shouldn't be hard, What we can do. Um, but yeah, so five years ago, um, you know, life was very different, very uncertain times.

Um, and I remember it like it was yesterday because both Kyle, you guys were great, the Hunters team and Wes with the PERCH team, um, where I got together with both of you and said, you know, hey, for the past two and a half months or so, you know, obviously conferences have been shut down, peer groups have been shut down, no one's traveling. Everybody's been working their asses off trying to get all their customers in remote, uh, type situations.

Well, would you guys, what would you think about bringing both companies together? And we would do a, um, an event and we called it, uh, the Cyber Con. And, um, and remember those days? Yeah, you guys were both great. And I'm like, Hey, I'll, I'll get both teams together. We'll put this five day event on. Um, and, uh, we had a, we had to capture the flag, um, and lo and behold, there were 1700 plus people that attended the event.

And at the end of the event, it was kind of like this, almost like this, well, what do we do now? And I, uh, quickly said, well, what if we kept this going every week? We met once a week and just got everybody together. And, and, uh, I pitched the idea to Wes and, and Kyle and, and Gary, we'll talk about this as one for the first questions. Um, crazily enough they said yes. And, uh, and here we are. Um, so we're gonna be talking about past, present, and future. Over the past five years.

We're gonna be talking a lot about cyber automation, ai. Um, so, so before we kick it off with the first question, Kyle, welcome back. Thanks for joining.

And again, I, I don't think there's a person out there that doesn't know you, but if you would, uh, and, and just share a little bit about your background, maybe even just like what you were doing prior to, I, I love your background and what you were doing for the country, but talk a little about your service to the country and, and how you started Huntress. Yeah. Yeah. Cyber warfare, op operator by trade.

I think I got my hands dirty on early, like, uh, I guess I started IRC then probably a OL 2.0 right in punters and IES joined the service, started hacking for good, gathering intelligence, uh, moved into exploit development, implant development, and then realized I could use those skills, uh, to kind of help raise the bar line for like, those that couldn't, for instance, hire, you know, at the time, fortune 100 product, let alone fortune hundred, 100 talent. So, um, super thankful.

Obviously this community, I know someone made the joke earlier in chat about, Hey, what are MSPs? Or, Hey, who's this Kyle Guy? But to be very frank, when I first got introduced to the MSP community, I didn't know, and it was a lot of you all who were very politely and sometimes, uh, very directly schooled me in private. So obviously thankful. Now, um, hunts I think has something like 7,000 of you all as partners, uh, working hand in hand with you all to kind of keep raising this bar.

So, uh, even five years for me is a little bit of, I won't quite get like emotional, but it's kind of a, a choke me up a little bit. Andrew, when I saw some of your notes that you said you wanted to cover in this thing, I thought, oh my gosh, how far have we come, you know, kind of as an entire community in five years. Yeah, yeah. Yeah. It's pretty cool. Thank, thanks for coming back, Wes, yourself. Hey, um, man, it's really awesome to be here.

Like, it's been a long time and it doesn't feel like five years until you like, to Kyle's point, you go back and look and you're like, wow, wow. A lot has happened in five years. And, um, yeah, so, so I come out of, uh, banking, um, did a number of other things before that, not nearly as cool as Kyle's story. Um, and, uh, we started a company called Perch years ago and built that for a number of years.

And that's really where Andrew, like everything I, I remember in the early days you coming into our office, our little, we called it the single wide at the time in Tampa. I'm like, who's this Andrew Guy? And he's from some company called ConnectWise. I've seen their building when I drive by occasionally, uh, I don't know what they do. And then to think, you know, we didn't even know what an MSP was. I could barely spell it. And then fast forward to today, that was over five years ago.

What was that like, maybe six, seven years ago? Um, but just, just 2016. Wow. So we're coming up on a decade together. I mean, that's hard to believe. Um, yeah. So I'm just glad to be here. So, uh, this day and age, I'm co-founder and CEO of a company called Empath. Um, helping MSPs truly build towards better with a measurable, um, uh, a measurable way to do that with accountability baked in. Um, I know that doesn't mean a lot, but I'm not here to talk about empath.

I'm really just excited to be here. And this really is an amazing time. Um, and I think it's, it's important for us to take periods of time when we take a step back and we celebrate progress made because that really is an Im, IM impactful way for us to say we have done some good, and there, yes, there's more to grow into, but it's important to take some of that time away and celebrate the good that's been accomplished among all of us. Yeah, well said.

And Phyllis, I, I think everybody knows you, but I, Kyle said something that, you know, when I first met John Strand met you and many others, it's like, what are these MSPs like, kind of what Kyle was saying, and it was, it was, I can think kind of similar 'cause you know, where you come from in NSA, it's similar to Kyle and working with large enterprise. So, uh, thanks for spending what part of a good three plus years here on the cyber call.

So, uh, for those that may not know you, welcome Phyllis. Yeah. I mean, it's been awesome. Yeah. So Phyllis Lee, I've worked at the NSA for 25 years, and then, um, came over for, um, to center for internet security. CIS been here, excuse me, allergies and asthma still bothering me for about six, seven years. And, you know, Tony Seger first introduced me to Andrew Morgan and the MSP community. Um, like Wes, I and Kyle, I could barely spell MSP.

We largely, you know, when I was at the NSA, we worked with DOD and the ic, and then at CISA lot of our work was really with, um, large enterprises and SLTs. And then, you know, when I got introduced to Andrew in this community, it made 100% sense that we would get involved with this community. I mean, MSPs are supporting the backbone of this nation, which are the small mediums. And so, um, it was just really a great introduction.

Um, and it's been, um, it's been great being involved with this community. And it's, I mean, amazing five years based on just really an idea out of Covid. That's, that's amazing. That's amazing. Yeah. Yeah. Yeah.

So, so Kyle, um, to you first, and I'm gonna ask Wes, uh, so what inspired you to take me up on that crazy idea of five years ago to go, Hey, Kyle, every Monday I'm gonna come to you and, uh, ask you to be on, uh, this show, so to speak, and, and, uh, keep, keep this torch going from this, uh, virtual event. I think arguably the first one coming out, I Think three, three big things, right? Uh, we were doing that virtual cyber con.

Um, somebody told me I look like, uh, either a homeless or post Malone with some of my crazy long hair and patchy facial hair. And so I realized I probably needed some more friends to pull me out of that weird funk that was to 2020. Um, two, let's be real. Like, there is a time not too long ago where that word like rise or that phrase rising tides, you know, raises all ships was said from a place where there is a lot of ships that were arguably sinking.

So there was a little bit of that guilt of like, what am I looking to do to be able to help make, uh, maybe a better difference? And then last but not least, one, it was just kind of fun. Like, I wanted something that I could interact, like the fact that we're able to live here, and while we're also talking, I can live chat on like, you know, YouTube at the same time.

I just, I was so tired of the death by PowerPoint and the fact that you could actually have interaction was the perfect recipe for me. So that's a, a long way of saying self, you know, you know, healing slash soothing, good community involvement, and one, just like it was the right place and right time. Cool. How about for you, Wes? I'd love to know in chat, did anyone attend V Cyber Con? If you did say, I was there.

Uh, 'cause that was a long time ago, and I remember this, um, Kyle, do you remember, I think it was RSA was the very first conference that shut down for Covid, and they made that huge announcement and they said, this is just too risky for us. We're gonna literally shut the thing down. And I remember thinking, oh no, that's the first domino that's gonna fall. And in my perch days, um, everything we did was, it was conference. It was what we call inbound coming from conferences.

Uh, we didn't have any other way to grow our company. And so I remember when that happened, I thought, if everyone else shuts down, I don't know how we survive. Um, so I remember that being a scary time. I remember that being like, we don't know the ramifications of this, the stay at home order. We're not used to this. No one's ever done this before. I'm at a company that's by no means too big to fail. Um, and it was a scary time. It was a hard time.

Um, all of a sudden my kids now are at home, you know, and like everything shifted, like literally everything shifted for MSPs. You remember this, all your clients are like, can we please just get things to work from home and we don't know how to do it, and we're buying computers from Walmart and, you know, all that kind of stuff. And that was crazy. Um, and so I just, I, I, it's, and Kyle, you made a really cool point too.

The thing I thought was so cool about V Cyber Con is it taught me you really can do this in a virtual world. I don't know if you remember, you're the first one to do a snap camera and you're changing your face. And I mean, it was just fun. And that was the beginning of when like, people would be mortified if your kid walked in in 2019 in onto like a Zoom call or whatever. And now like, I can bring my kid in right now and everyone be like, oh, hey, it's nice to see you. It's normal.

And so it really did. There's, there were so many changes that brought back or brought into our world a new normalcy. And I think both sides of that fence are now starting to normalize. We're getting used to being back in person again. We're good at that, but there's still a lot of carryover from that, good and bad that came from it. So, I'm gonna hit mute while I try to cough here. Wes.

It's so funny though, you mentioned about RSA shutting down because, and someone mentioned in there about Peric Con. Do you remember? We, we were, we just got Peric Con off literally. 'cause it was the right at the end of January, and then things just started shutting down. Um, and I was like, you know, we were just like, whew. 'cause you know, we had a lot of commitment to the Marriott there in Tampa, and I was like, yeah, Aaron's like, you know, should we do this? And like, yeah, let's do it.

And so, um, anyway, too funny. Um, Kyle, um, you said, yes, we launched this. And I'm curious, you know, when you look at the MSP cybersecurity landscape, what do you feel has changed most, you know, over this period of time? I, I, I think we always gave a s**t, to be very frank.

I don't think that ever, like, even when it was a lot less technical, I think one the biggest places that has changed is like, folks realized very quick, um, that if you look at the business of cyber crime, it was probably growing faster than the business of like managed services.

And I think for maybe, even though no one said it out loud, it seemed like for once, especially in that 2020, you know, time period that maybe we just took it a little bit more serious on how we were going to force in some places security down people's throats. But to be very frank, it was never a forced conversation.

It was a, we were gonna have a real business conversation that I'm your trusted advisor, I'm gonna recommend you do this, and if you don't, I'm willing to have a conversation where you need to sign transfer of liability, or I'm willing to give up your revenue. That didn't happen before 2020, or when it did, it was small pockets. And to be very frank, to me, that was the time where cybersecurity and business acumen started to be merged. I really think we were way overdue by 2020.

I think it could have even happened in 2018. And I don't know, I don't know if it was going remote, if it was just the right place, right time, but it seemed like that inflection point happened. So I think that's probably the biggest change that's happened in five years, is business and tech are often discussed hand in hand, instead of tech being something cool that just comes along with business. Yeah, yeah.

You don't wanna say digital transformation to get the, uh, you know, the, the checkbox there, You playing Bingo. Is that what's happening?

So what, like, on an, on an, I guess looking at it differently, what almost seems like unrecognizable to you, Kyle, today when you look back, you know, at, at the landscape and, you know, fi you know, like, wow, I just, I, even though I'm a diehard techie, if you can't convince people with dollars to follow you, you're not really something that people take serious.

And if you get back to that, look at the amount of investment that's been made into this community, whether it's private equity, consolidating MSPs, whether it's new tech vendors, right? Which that's always good for competition. Creating more tech vendors to be able to hold each other accountable. The fact that there's been real checks, hundreds of millions of dollars poured into securing this segment of the industry, to me that is, that is night and day different.

That is fundamentally no longer the same world anymore. And I think we as a community really help make that change. Yeah. Yeah. Yeah. I, I, I think, you know, Wes, as I come over to you, you know, I, I see like just the maturity of the MSPs on the margin so drastically different in, in terms of, you know, where we were five years ago. Um, you know, I remember when, even in like the early days of 20 16, 20 17 West, when we were doing these CSO peer groups together mm-hmm.

Um, like people didn't even understand what frameworks were. Um, you know, so the, the evolution of, you know, we were 25 years behind enterprise and I think we've probably taken five to seven years and compressed like vigorously. Um, and I'm really proud of this community. It's really, and, and by the way, folks out there like Matt Lee who's typing up a storm, Matt, you've done a hell of a job, um, uh, you know, in this community as well. So thank you for that.

But, so Wes, on the business side, like what are some of the biggest misconceptions in cybersecurity, um, that you've probably seen for MSPs over the, over the past five years, and, and how are they, how are those evolved? You know, I think five years ago, and really I, I think we can say circa 2018, 'cause that's kind of when things really began to change.

You know, that's when you had GaN Crab and some of those threat actors that really changed the model that really discovered who an MSP was that really understood. I can make a ton of money off this. And of course, you saw the big, uh, Kaseya breach that had happened in 2021. And not to just pick them out, but multiple other iterations that all kind of happened in that three to five year time.

And I think prior to this, like security, one thing we have to accept with security is at the end of the day, it's always gonna have to be, we've done what we believe from a risk perspective is the right amount, right? Because we don't have Bank of America budgets. And so at some point we, we have to draw a line in the sand and say, this is where we're at today. It may not be everything we can do, but it's what our budget allows for good enough security.

And I think prior to that 2018 time period, it was the world where we thought, you know, you know, Symantec and a male protector or whatever, the MA mx, whatever it was, MX tool, whatever, good enough, there you go, was good enough. And that'll be fine. And I think for MSPs, like, I don't know if anyone's been swimming in the ocean and you have an undertow. I've never been directly pulled into one, but I've been in the ocean a few times. And you feel it and you're like, oh, wow.

And you, you, you read those stories of people being pulled way out into the ocean. You can't stop the undertow. You, you, you're not gonna be able to swim against it. You just have to deal with it. You have to stay afloat. You have to let it carry yourself out. And then you deal with ramifications. And that's really kind of a good analogy for what happened to us, is that we had to understand there was an undertow pulling us in the direction. We were not ready for that.

We were not comfortable with that. We honestly, probably didn't want to have happen. Now we look back with all of that swimmer's mentality, and we're like, wow, actually that was really good for us. It was, to Kyle's point, it was going to happen at some point. It just happened in a time. I don't think we were ready for not a time of our choosing and mixed up in a world that was tough for us because of all the other things happening with the pandemic. But we made it through.

And if there's one thing I tell people all the time, you gotta understand about an MSP, if there's one word to describe them. I use the word resilient. They really, really are resilient folk. They understand what it takes to, to, to continue to fight, to survive and become stronger through it.

And I really think that's really what encapsulates those misperceptions we had in the past of, I think we're good enough, and I think we're doing the right things, and then we fast forward to today and we see a world of difference from where we're at then to where we're at today. Um, and so yeah, that's just what I would point to as a, as a huge, um, what I have seen come out of the results of these past five to seven years. Yeah. Very cool.

And you know, I I, as you're talking, I, I was, I was literally going back to sitting with you in, in perch in that small office in Tampa around this time. And, um, we would have those huddles here and there at once, once lockdown kind of ended.

And I remember working with you, or listening to you about the, the threat report that you guys first, and then, you know, you brought the term Buffalo jump out, and it was like when we started, you know, I shouldn't say we, you came up with that term for, for the industry, um, and started educating on, you know, what Buffalo jumps were. And I, I just, it, it's, it's so nostalgic, but I agree with you on the, um, resilience. Wes' a really good way to put it.

So how about OP from one more for you, Wes, before I go to Phyllis. How about operational maturity? What are the biggest gaps you saw back then? Because you did a really good job. Yeah, I remember, I remember you just pacing in the perch halls, um, and, you know, just helping MSPs, like literally educating them, um, you know, you'd stop even helping about, like, it would, the, the conversations would shift about, we're talking about perch to helping them with their business. Yeah.

So when you look back to, to, to now, what do you, what do you see? You know, so I'm glad you teed me up with that way because I probably wouldn't have directly taken it. Matt Collier, good to see you on here as well, Eric Sun, man, so many good people on Mark Wilkinson. Wow. Um, you know, I think this, I think, uh, one of the things I did learn post pandemic as we were coming out of the stay at home order was we're not gonna go travel anymore, at least for the next year to two years.

It's not gonna happen. And so, yes, the mechanics changed, and I had a light bulb moment that came on at one point. I remember talking to an MSP and they just said, Wes, we're struggling. Like, we, we want to grow and all this, but my people, my clients don't care. They don't understand. I'm like, got it, okay. I said, what if we did something? What if, what if you got about 20 of 'em your favorite clients on a call with me on Zoom? I won't sell 'em anything.

I just wanna talk about what security really is from a risk perspective. Well, how we should be approaching it, tying it back to business outcomes. And they're not selling anything, but actually doing a risk assessment for many of them that's new territory for them. And then we'll let the risk assessment guide what happens next in life. And they, I remember an MSP saying, that sounds amazing. Can we do that? I'm like, yeah, let's pick a time. Let's make it happen.

And there was a point, Andrew, where the vast majority of my time at Perch was going from webinar to webinar, MSPs doing that. And it taught me a great lesson, which was that if we can just educate ourselves and our clients on where we're at, where we need to be, and why the world has changed, everything falls into place because business owners are not stupid. They care about their business. They care about what keeps their business from potentially falling apart.

They want to know those things. They just don't have the dots connected. And I think that was a time that we really taught ourselves how do we connect those dots between where we're at, where we need to be and where we're going. And I think so many MSPs have done such a good job with that from an operational perspective. You asked that question. I think back then it was very much, put your finger in the wind, and what do you feel like, and we still, we still see way too much of that on Reddit.

You know, what's, what do you, what's in your stack for this? What's in your stack for that? It's newsflash, no one cares about your stack, bro. Like, it doesn't matter. But what we've seen is growth in maturity that points to good outcomes. And what drives those outcomes are security frameworks. And Phyllis, to you, this is why when you first agreed to come onto Cyber Call, I was so, so, so happy because you and I didn't even know each other that well.

But what I was so glad was to see CIS actually spend, I mean, I don't know how many hours you put into cyber call now, Phyllis, I Remember that. That was a big moment. It was validation, right? Yes, yes. And so Phyllis, I just wanna say on behalf of the community to you, you personally, but then CIS is the mission, have spent, let's call it now, thousands of hours for us, and it's made a difference. Mm-hmm. And so I just wanna say thank you for that.

I wanna say thank, because if it were not for CIS and even you being part of it, we would not be where we're at today. So thank you. Oh, well, you're welcome. It's been, it's been a lot of fun working with everyone, really. I've enjoyed it a lot. Yeah. Yeah. It's, it's been absolutely awesome. So, um, Phyllis, for you, you know, when you look back, what are the biggest mistakes you saw msp? Um, yeah.

You know, around cybersecurity, uh, you know, because you, you know, when you probably looked at it very, I don't know, I'm just, I I, you know, thinking about it from a very pragmatic but control perspective. What, what did you see? Yeah, I mean, when I first, um, engaged with this community, um, I remember when, how many of you have heard of controls? How many of you, um, implement a cybersecurity framework? How many of you know what regulatory frameworks or clients are subject to?

Like, you know, a lot of si a lot of people weren't mature enough to uneven, you know, they're like, no, no, no, no, no. And I would go to a lot of MSB conferences, and the questions I would get in the beginning were, well, Phyllis, what should I tell people? Because no one wants to pay for cybersecurity. Do you have, you know, what is it that you think I can tell people? How can you educate my clients to pay for cybersecurity? Because I have to be $5 cheaper than the MSP down the road?

I heard that time and time again, um, on the cyber call as, you know, what, like, oh, how can I get my clients to pay for this? And when I went to conferences, and I'll tell you now, um, when I go to conferences, people ask, the, the questions are way, way different. They're like, you know, this control's really hard to implement. What do you think about this? I feel the same. Phyllis, my, the questions people ask me are definitely different than they were even three years ago.

Maybe it took a little while to get the momentum, but I feel the same. Yeah. And then when I look at the tool vendors at the different conferences, they're now assessing against, um, you know, controls and then other regulatory frameworks. They're asking me about mappings. You know, the conversation is totally different, which I think is amazing. Like, you know, back in the day, no one was like, oh, I'm gonna offer a vcso service, right?

And now it's like, oh, we have to think about, um, cybersecurity insurance. We've gotta think about vcso service. We're talking about, like Wes says, like cyber to the business. Like all those things, the conversations have really, really matured and really in a short period of time, maybe that was forced because of, um, COVID, quite honestly. Um, but, you know, enterprises of course are a little bit further along, but it took them a long time, you know, to to, to get to where they are.

It took MSPs, um, like I, I mean, maybe three years, three, five years. That's pretty quick. That's Pretty, yeah. Mm-hmm. Yeah. I, I think you called something out, Wes, I'll just say this and let you chat, but I think you called something that's really important, the influence bringing you into the channel. And CIS Curt support your support. When you look at whether it's PAX eight or look at most products these days in the MSP channel, they are mapping to the controls. Mm-hmm.

And, and if you aren't, you'll get the MSPs asking, okay, can you tell me how you map to the controls? Like, almost like, why aren't you mapping to the controls? It's, you know what, you know what I mean, Wes, and it's a very different world. Um, yep. What were you gonna Say? It, it's the neutralizer to all of the fluffy security things that everyone tells you, right?

Like the slagel of the world jumping on vendors for 100% security, you know, for stopping the unknown threats, you know, all this kind of stuff. It's like, it's the great neutralizer, it's like, point to me over here where this control where you effectively apply into this good framework. And I just, it, it, it really brings clarity. And yeah. The only thing I wanted to mention is I'm gonna eat some humble pie, if I may.

Um, there are some MSPs and many of them are on today that let me tell I learned from you. Mm-hmm. And I am so thankful for that. Like, I literally, it's secure here in a couple weeks at PAX eight and beyond here, in a few more weeks, I'm gonna be sit down learning from y'all. I really do. Will you tell me what's working and what's not? You tell me what you're in the middle of and what some of your challenges are.

You, you know much more about some of these industry frameworks than I'll ever know. And you've done that in four to five years. I just, I love it. Right? I, I'd love the position now where I get to be the learner, not just the teacher. And that really is to the credit of everyone on this call of like, seriously moving their business together for good. I agree. And, you know, I'll have to say it's thanks to this community.

Like it's thanks to Cyber Call, it's thanks to Cyber Cast, um, that has really, um, helped with controls adoption Yes. In the community. Yeah. Yeah. So Phyllis, one more to you and then I'll let you ask Kyle in lot some questions. But what do you think, you know, this was gonna be for Gary, but I'd still like your thoughts on it, about peers working together.

How do you think the collaboration of peers, you know, you've seen it, whether you, you know, you've been to a lot of conferences now mm-hmm. And, and you see MSPs, you know, collaborating, working together, and many of them here. Um, how do you think that's impacted the overall industry? Oh, I think it's huge. I mean, one of the things that I noticed as an outsider about MSPs is the fact that, um, even though they're competitors, they really wanna help each other. Mm-hmm.

So I'm like, that is amazing. You know, Wes, it's funny, I was working closely with FSI SAC before the pandemic, um, on doing measurements against controls. And then that group quickly disbanded. 'cause they're like, oh, well, 'cause I was working with all the IT folks and they're like, we've gotta support work at home. But you know what it's like in FSI sac? Mm-hmm. It's very, Oh Yeah. Work with each other. They could care less about my local bank.

And my local bank is the one that really needs services. The big banks, they're very self-sufficient, right? And, um, and so they're willing to help each other. What I like about this community is, um, everyone's like pitching in trying to help each other, you know, in these peer groups. Um, you've got some of the larger MSPs trying to help the smaller ones. And, um, I think it's really helped further cybersecurity in the community.

This idea that you have conferences, you're learning from your peers and people like, um, Eric, I've given several talks with him. He's out there saying, Hey, this is how I pulled my MSP, um, out of, um, you know, an attack. This is how I helped my friend who recently got attacked, who worked for that big scrapbooking company, right? And so it really is that community of, Hey, you know, Wes, can you help me? And Wes is happy to help. Hey, co. You know what I mean?

And really has furthered the community along people sharing. Nothing is more impactful, quite honestly, than someone who you do feel like is walking in your shoes, willing to share their story, willing to help people versus large enterprises who don't want anything to get out. 'cause they don't want shareholders, the SEC, they don't want anyone to know their dirty laundry. Mm-hmm. But here in this community, it's like, okay, let's help each other out. And I, I think it's amazing.

Kyle, do you, I'm gonna, do you think is Huntress is getting closer and closer, I would imagine to IPO? Do you think that's part of it? Is maintaining the shareholder value causes the big companies to be so sterile in their approach to, and their lack of empathy towards, um, their, their, their fellow compatriots and even their clients and prospects? I think cyber's just so freaking different. If you have to build new products.

And if you look at a lot of where, like look at even our industry in MSP land, when somebody stopped being able to innovate, build new products, and had to start moving to acquiring new products, I don't think every anybody actually intended to get there. You just get big enough where you forget what makes you different. And this is the one world, like it already pushed you to move, but cybersecurity is ruthless if you cannot innovate with r and d.

And I think that's where some folks have got too wrapped around the axle, the companies who are really making a difference. The reason CrowdStrike is a hundred billion dollar public company is they build all their own technology. And I actually think in many places for companies like us, or even companies who've already gone, IPO, those who lost their way are having to find their way back to becoming true research and development shops.

Because just playing the acquisition game du jour kind of loosely tying them together with I, you know, APIs and hoping that the end result is uniform. Like it's not working very well in the public world. We've seen some pretty big failures of companies do these acquisitions. And look, I mean, look at Blackberry, right? That's a company who was innovative as heck and a private equity company and is largely not the same company anymore because they lost their footing.

So you can't tell on my end, the one biggest fear I have is like starting out, becoming a product led company. And you get big and you start focusing on these new financial KPIs. I will tell you, the moment you lose, that's probably the moment that you can prepare for. Like, I would, I would say becoming a second rate company doesn't mean you're gonna fail, but probably means you've lost focus on delivering value to your end customer.

So sorry for the wa you know, hog wallish, uh, you know, answer there. But I just, that's my way of saying I, I've seen this happening. And even for ourselves, we're kind of asking ourselves the question of when we do go public, are we, are we actually ready? 'cause I'm no, no offense not racing to report to the SEC to become terrible. It's well said. Yeah, absolutely.

Blackberry is a great analogy and, and obviously peeled in there, or I shouldn't say or fitted in there as we know, is Silence, which got spun out, but, oh s**t.

And, and, and isn't it an interesting one there, Kyle, that I'd love you to riff on just for a second as we look back at 2016, 'cause I'll never forget, um, when I was, you know, heading up cybersecurity strategy at ConnectWise, I, I spoke to them and they were very much interested in our space and, you know, I talked to them about, you know, where they would need to have their product, how it would need to, you know, about multi-tenancy and about working with the channel.

And they had such a lead, Kyle, I mean, CrowdStrike and Soel one weren't even in the radar they had. So it's just about like, when you look at that, like what lessons, you know, do you see as you lead a company like yours? What, where they go Along, if, if there's any motivation fuel, Andrew, I could give would be the first trade show we ever did, was it Nation and Cylance's Booth was directly next to us and they had just raised a hundred million dollars. Yeah.

They are now an, I mean, did they get acquired? Arctic Wolf maybe acquired the corpse of that technology, something like that. It just share with What's a hundred million probably today, Kyle, if you had to guess in 2016. Oh, I, I I would guess at least 160, 180. It's definitely inflated. Like meaning if people put a hundred million today, the equivalent that someone would give you today is probably just north of one 50. Yeah.

And then think about this, their valuation, I think when Article Wolf bought them is like, it was 160 million. Just think about that. Just think about that. You're getting a Little ruthless, but I mean, that actually goes to show you if you lose focus on why you're in business. And I actually think that there was some of that, you know, Stuart McClure, the CEO there had Mac McAfee skills. He had been around, you know, the team that later became CrowdStrike.

Yet, I just think that many people forget even some of the channel behaviors. Look at the, some of the recent changes in some of the Microsoft CSP program. And I think this is stuff that, like, if we forget where we came from, same thing for everybody in this audience. Just pivot instead of vendors talk about yourself. Let your other competitors around you forget where they came from. If you don't lose this, like there is always opportunity.

And for us, like I'll tell you, I was scared out of my mind at that IT nation show. November of 2016 really gave me fear. Now it's crazy 10 years later. And I, I kind of laugh at that technology. Um, but I, I think that just shows you how much can actually change in five to 10 years while one year at a time it felt like very little was possible to change. Mm-hmm. And then clo maybe just, uh, uh, just put a hard cap on this, Phyllis.

So I, I, I got the chance to talk to a gentleman named Rod Ani, who used to work for Cylance as their head of product. And then he actually became the EVP or whatever of, um, Sentinel One. And, and he told me that the biggest lesson he learned from that being there was multi-tenancy Wes. And he vowed that if he ever went somewhere else, he would make that a core tenant and look at what Sentinel One has done, you know, as a result of really understanding, you know, the channel.

Um, and, and it's, it's amazing what they did. And that whole team, I think now is at CrowdStrike that, you know, built them. So anyway, just interesting kind of riff on where the industry is when Phyllis over to you for a few questions. Yeah, sure. So Wes, um, we're seeing a tidal wave of private equity in the MSP space. What do you think, how do you think this is changing what maturity means for security operations and accountability? Yeah, so there is a lot of PE that's come in.

Um, and what I've noticed, and not all PE that's buying up MSPs are a lot different than PE that's buying SaaS there. There's a difference between the two for sure. Um, and one of the things I've noticed is they, they all have a different pitch, right? The different motive.

But it, it doesn't surprise me, you've hit this age where you have a lot of MSP owners that are aging out and have been building their MSP for 10 to 20 years and, you know, they've taken it to an upper bound of what they feel like they can grow to, and they just kind of hit this inflection point where they're like, huh, I don't know what it takes to get my MSP to the next level some.

It's usually somewhere in that 10 million range is usually where it tends to be, where the owner takes a big step back and they say, you know, we're losing matriculating clients out the back door as fast as I'm able to grow 'em, and it's founder led growth, and I don't know how to build an engine to go beyond me.

And so PE comes in and they say, Hey, we're gonna take care of your MSP, we're gonna take care of all your people and we're gonna give you an exit package that lets you stay loosely involved. And, you know, every MSP or every PE has different flavor of how they do that, a fully integrated model, uh, do your own thing model. And so, you know, the MSP picks what's right for them. I don't think there's anything wrong with that, like that, that is a thing that happens in every industry.

And to steal from, uh, the guy that started Netflix, I mean, uh, Netscape navigator, I don't remember his name. Um, but we talk about this often. He said years ago, there's only two ways to make money, we bundle and then we unbundle. And so there's very much right now going on a ton of money coming into this market that's gobbling up MSPs in that somewhere between five to 10 million in revenue, somewhere in that, you know, I don't know, two to 3 million ebitda, whatever the numbers are.

And that's fine. We're not gonna stop it. I don't think it's bad for the industry. I think what we see is large MSP, we're seeing the, we're starting to see 10 years from now, I think even we'll say what we saw was large day was, you know, not large. Um, I think we're gonna see that, but none of that precludes anybody from starting an MSP tomorrow. I know a guy, I won't say his name, that started an MSP just about six months ago, and he's already at, uh, 500 K in revenue.

I mean, just, just overnight. Why? Because he knew he, he knows what he's doing and he knows how to, he knows he's really sticking tightly to an ICP. He, he knows exactly how to measure and meet what that ICP needs. And he has no problems getting this going. He knows how to build a, a managed model that doesn't require only him running it. He's got a lot of great vendor partners that are carrying the torch with him.

So I just say all that to say like, I'm not, I'm so, I'm so bullish for where we're going. And to me, pe coming in doesn't mean anything bad. It just means it's the normal market maturity of what happens in any industry. And so, uh, I I think it's good. I, I am shocked to see how much of it's come in in the past, you know, three years. I think it's more than I thought would be, but I don't think there's anything wrong with it.

Wes, I, I just real quick, I remember a few years back when you're still on and Gary Pika said, yeah, I think we're just in the first inning. Do you remember that? Of I do remember that, yeah. We're just in the first inning and he's been right on so far. Like, I see this, I, I think we're still early. I really do.

Um, because I think private equity sees that well run MSTs, uh, first of all, if you're doing, you know, running your business, you know, from a risk perspective and governance perspective, they throw a lot of money to the bottom line. Um, and, uh, yeah, I just think, I think more and more is coming, which again, is good for everybody because I, I think you're just gonna keep continue to help, you know, rise everybody's, uh, standards. So, yeah. Um, yeah.

And by the way, Phyllis, one more thing. Kelvin is out there, you know, just sh shout outs to a few people. I sh I did a shout out to Matt Lee, who's been an incredible Go-Giver. Yeah. Uh, Elvin Gellar also, um, what you've done with Cyber Drain and what is it, Kelvin north of seven, just chime in north of 7,000. So crazy running sip and that, and that's just been a all Go-Giver project you've done, uh, with countless lost hours of sleep.

And, uh, you know, I hear so many good things about that. So, um, okay. Phyllis, over to you. Awesome. Let me go over to you, Kyle. So Huntress was scaling fast, um, five years ago, and of course continues to do so. So what were the pivotal moments in your journey that helped MSPs take cyber more seriously?

For example, you've been first in, um, many of Vulnera vulnerability proof of concepts and blogs, which, you know, honestly, I think is, is, um, transformative for the community as well was really around like, educating people on vulnerabilities and, and all of that. So Yeah, I, I just wanna say that Kyle, like, see you guys get cover. Like, I, I don't know about you guys, but like, it's kind of in so cool when you see, oh, breaking news, John Hammond or one of the threat guys at Huntress.

Like, it's not like CrowdStrike broke this or something. The one broke. It's really fricking awesome, Kyle. I, I will say that the more of those incidents we started to publish, the less amount of people answer my call happy these days. Like, they're like, what are you breaking? But, uh, this came from like the community.

I remember my very first, it wasn't the first cyber call, but it might've been the first time somebody asked me on a cyber call of like, what do I think that differentiates us?

And I, oddly enough, five years later, it still maintains the same, is someone once told me that you can go and try to operate in stealth, or you could just be absolutely ruthlessly transparent about what you're doing, and if it benefits the community, you'll see more greater good and feedback come from that than if you kept it quiet to yourself and tried to use it as some like stealthy differentiator. And that has actually really happened.

Well, like I remember, um, seeing a lot of, some of the early MSPs that really, um, impressed me. And this was some of the folks, I mean, we've got some of 'em on this call, but other folks like Tom, right? I'm thinking who was doing YouTube videos about the technology issues he was seeing on firewalls by leading with that education and telling people essentially his whole solution, he got enough demand gen that was able to form, you know, a really successful business out of it.

And I think that that's the right answer of like, if you're gonna create content for the sake of creating demand generation, you're doing it wrong. But if you create education for keeping everybody in the loop that they can solve themselves, I think that will then naturally create more opportunity for you.

And sometimes it hasn't turned into like sales business, but it's actually turned into like recruiting and it's turned into just like good morale, like internally working cybersecurity 24 7, 10 years straight. Like, we don't shut down. Like we don't have an off day ever.

And oddly enough, those same things that you're like really excited about, Andrew, when I'm having rough days, I now go read our huntress blogs for my own morale improvement because I'm not as close to like every op like I used to be. Now I'm in like two ops a month instead of like 20, you know, a month. So anyways, it's my long way of saying we just leading with transparency is going really far. We're not gonna stop that. We always try to be like the ambulance, never the ambulance chaser.

And I actually think the more partners and customers I've seen do that in their own local area, have seen the same like halo effect. So I would just highly encourage whether you're a vendor, you know, M-S-P-M-S-S-P var, like you should be leveraging the same I'll, I'll tell you, you had a, your company had a personal, uh, impact on my family.

Uh, my daughter at the early write a boom, she, you know, she would go get your swag and, um, she, and, and worked with Phyllis as an intern at CIS and morphed her during her days at FSU Kyle, um, changed her career, uh, or changed her major and split dual major. She's now a security analyst at ReliaQuest, uh, just out of, just out of, um, being hired.

But she's always wearing her hacker, you know, her shirts, her huntress shirts, and yeah, it's pretty amazing what you, you know, that stuff does to the community. It's not just, it, it, it has a ripple effect on many things. Yeah. I, is it like mission or purpose, like something about it right, gives you a, a sense that it's like we as greater than me and even me sometimes needs to be like greater than your own company.

I, I think there is actually, that's what keeps us weirdos still five years going into this. Like, for all the normies out there, like, we're probably not that, and I think it's probably our mission commitment or obsession, whatever you wanna call. Mm-hmm. Yeah. Yeah. Yeah. Um, I think you kind of answered my next question.

So I'm gonna, in the interest of time, I will ask, um, Wes, you know, obviously you're a trusted educator in our space, so what do you wish more MSPs had known and done in those early years? Um, to a large degree, it, how can we nitpick, right? Like sure. Um, we had a lot of things that never should have happened, right?

Like enabling RDP out, you know, inbound, a lot of those kind of things that just, you, you, you, you just like, why people, why, um, and those, there were some things that happened that were inexcusable. Um, but, but I think largely we did what we had to do. Most MSPs were not prepared for. We talked about this and weren't prepared for what was gonna happen. So I'll shorten this one so we get to other questions to say, I, who, who am I to nitpick, right?

Who am I to say I wish we would've done more? I think the biggest thing though is just it's forced us into doing so many more of the right things earlier, and we needed to start doing those. Um, you know, and unfortunately we still see MSPs today that still do some, they, they don't have some of the basic things in place still running with local admins everywhere. They're still running with, you know, very poor to absent patch regimens, you know, all the things.

It's like, how are you even doing MSP today? Like, how is this working? Um, but, but so many MSPs have surpassed that. And then not only are they surpassed it, they, they even have the ability to distinguish why they're better than those jokes down the street when it used to be, as you mentioned before, price margins only that mattered. How do I stay $5 cheaper in my competition now? Like, I know I'm 30% higher and here's why, and take it or leave it buddy.

But like, we're not gonna, we're not taking the risk of working with you when you're not gonna be doing the right things. Like it's just a thin red line we don't cross. And so, you know, that's kind of what I think. I, I, I, beyond that, I don't know what else to nitpick. Yeah. But I, but I think that's a really good point. Wes and Gary said this many times is an advantage. Like, you know, he, he talks many times about I can, I can speak to an MSP and ask 'em about their all in seed price.

I don't have to know much more whether I know they're securing their clients or not. You know, you have really awesome MSPs here, a bunch of them today, but like, you know, Eric Sun out there, like, you talk to a guy like him, the, the conversations he has are wildly different, right? About risk and governance and business impact, right? So when you look at companies that are doing those things and are charging three and more a hundred a seat, um, there's a reason for that.

It's a competitive advantage. It's not about being cheaper anymore. In fact, being cheaper is a disadvantage as I see it. Yeah. Yeah. So, so Wes, um, what are you seeing right now when it comes to the skills gap in, in cyber? And are we doing enough to Close? Here's a, here's A Question. What I'm happy gonna do to help us? No, no, but here's, here's a, this is what a great question. Okay. So let's recognize this.

While many of us that are on this call today have gotten like, I see the names, I know who you are, I know what you've done, I know what you've built. Does that mean that everyone in your MSP is doing the same? Think about how many new people have come into the MSP universe in the past five years that have no idea the differences that are coming in from scratch that have maybe no knowledge of any of this. We see this happen on the wreck, right?

Because MSPs largely you're not hiring from Huntress, you're not hiring from Microsoft or the NSA. So if you're hiring someone that yesterday had the Green Apron on at Starbucks, or you're hiring someone that came from the Ford dealership, these are MSPs I've talked to recently. That's where my recent hire came from, which is where those they come from.

We have to recognize that while our MSB may have upped the game, not everybody in our MSP is moving in the same direction, in the same velocity is up to speed and is at the same level of productive. Right? And so, and that's gonna be a pervasive problem. That's not something we fix as long as your price model is. We're hiring people with zero to new. That's always going to be a challenge.

So you operate more like a fast food restaurant in the sense that when I'm bringing people in, every time I have a new cohort of people that are coming in, they're not coming with in-built skills. And in fact, I don't want them to, I want to teach 'em our way. And so, lemme give you a simple example. I was talking to an MSP the other day and they, they used one of those, I won't say which one, but a SaaS monitoring tool.

And it alerted the MSP that there was an outbound email filtering, uh, rule set up. It wasn't huntress Kyle. Um, and the technician picked it up and they're like, well, I can be productive. He's like, few weeks into the job, he's like, I got this. And so he goes, not knowing what it is, he looks at the ticket and he's like, okay, I guess I should go and make sure it's set up correctly.

So he goes to the Microsoft tenant and he can confirm email successfully going out to, you know, Putin at Russia au goes back to eating his hogie at lunch and life is good. Um, and then two days later they get chewed out. Um, and why do they get chewed out? They get chewed out because the, everything happened normally the technicians didn't know. So that skills gap is essential, and we have to have ways that we can accomplish and solve for that.

And yes, MSPs understand this and they recognize the onus is on them and only on them to go solve that problem. Because as we continue to have more and more regulation come in, and more and more things that we have to be able to answer to, our bench needs to be able to get from zero to productive quickly, right? And so this is a huge thing that I think MSPs are spending a ton of time working towards. Awesome. I read to you, Andrew. Yeah, absolutely. Good, really good point, Wes.

Um, and, and somebody I'll do, you know, we're doing shout outs John Strand, right? With Antis siphon training. I'm just gonna Yes. Throw in the URL. So you talk about skills gaps and things like, you know, this is a guy that was arguably one of Sam's greatest instructors who at the pandemic decided to, he had had it on the fact that people can't spend $10,000 on training and spend five days out of their office. Um, and he did something about it, and he built the pay what you can training.

And he is, I, I think he, he estimates now probably north of three to 4,000 MSPs have taken one or more of their courses, Wes. So in terms of, you know, true hands-on changing how MSPs, uh, adopt, I, I think it's, it's, it's been a really cool thing. So, um, yeah. Wes, how about MSPs, you know, struggling to translate security, meaning, you know, into real business value. What are you, what are you seeing here? How, how, how should they approach this?

Again, we're, we certainly are seeing some MSPs just far, you know, literally just pulling away that really have delved into understanding business impact assessment, risk assessment, really truly, like looking at things like CCO from EC council, like they're really, some of these guys are pulling away hard and fast. What are your, what are your thoughts on this area? Um, you know, Megan Killian had a really great post on this a few months ago on LinkedIn.

And I, I wanna share something that she said. She said, you know, your, your clients don't buy security. They never have. They never will. Yeah. They, they don't come to you and say, Hey, how do I buy the best security from you? All they want to do is they want to come into a relationship with their MSP and say, Hey, look, I just wanna make sure that I'm operating really great and at the end of the day, this, it stuff gets on my nerves. I just need somebody that can fix it and keep it away.

Okay? So that's where they're coming from, entering into the conversation. We have to learn how to say, okay, great, but there's some offshoots that come with this, right? And so while they're not buying security, they don't want to buy security, they don't think that they need it. What they do buy is two things. They buy business outcomes and they buy reduction of risk. That's what they have always. That they will buy into those things.

And so, to me, really what security is, how do we tie that in to doing the right things? Could you imagine a bank that doesn't have an alarm system? Of course not, right? Why would you ever do that? And so the same thing goes when you talk to clients is recognize they're not here to buy my stack. They're not here to buy security that I offer them.

What they're here to buy is my ability to convince them that when we start coming into a business transaction with them, we're gonna understand their business. We're gonna understand how they make money to steal from Brian Blakely, since we're just throwing all the awesome names out. We're gonna then be able to tie that into great business outcomes. To say, Hey, these crown jewels that you have in your network, these things that are mission critical for you, we understand them.

We know how to build towards them. We know how to support them, and we know how to squash the risks that are gonna come against them. And then when something bad happens, 'cause I can't stop it, I also have the ability to help us respond and recover quickly to, we have a reduction in the bad things that could happen that that matters, right?

And then we overlay things and even bring more assurance into the game, like cyber insurance to say, now we have a common good, we can find someone else that's gonna actually help us in that risk. And they're going to actually come in and, and, and, and we can transfer some of that risk to them. And so that's what clients want to buy.

They want to buy that peace of mind and that assurance that comes with we're doing the right things and security is one of the things we bring into the conversation because we gotta do it the right way. And so that's how we sell these things. Now, yes, there are some industries that are forced into this. You know, for example, DOD and, and manufacturers. They just have to have it to have their prime contract. But most clients are not that way.

So what, how we introduce security is not, I don't lead with this saying, I got the best security. They're like, I don't know what that means. What we do is we say, I understand you and I understand what you need to accomplish, and I can bring to you a technology strategy that's gonna match it and has all the other stuff on the back end that's gonna make this thing work. That's something a client cares about and we'll buy into.

And so I think we've done a great job in the past five years, most of us understanding that that's how the conversation needs to happen. Wes, I was trying hard not to interrupt you there, but if the audience missed it, he threw down one of the words that I think is actually probably one of the biggest operational mistakes that MSPs make when scaling, which he threw out the word outcomes.

And if I could give it to you in like, one thing you could write down to it, uh, you know, on, on a napkin would be do not confuse output with outcomes. And it is one of the biggest things that I see a lot of folks, you mentioned, you know, your your sub sandwich hoagie example earlier, right? I don't care of all the ingredients that go into it when the outcome is I need to address that. Uh, Andrew Morgan is hangry, right? He doesn't necessarily care. We know that phrase over and over.

It doesn't, you know, we don't wanna know what goes into the sausage, but the amount of times I see partners miss, and when they're presenting against their competition, when they're going into pricing, they completely mistake that. Often they're selling all the different outputs that they do, or even high fiving each other, congrats, we got copilot working. Congrats, we got this new technology in the stack. And I shake my head and ask what part of that is the actual outcome?

So kudos to you for like, just nailing that thing because I, I personally think this is one of the biggest mistakes I still think that separates the operationally immature from those that will become the operationally mature, let alone the ones that already are. So, uh, kudos to that.

Yeah, Wes, and I think, uh, not only that, Wes are the ones that are also taking it further about, you know, what's the, what's the supply chain look like, in other words, yeah, no, it's not about security, but what are your largest customers? What the MSP right? Talking to their customers. What are the customer's customers largest, you know, what are they gonna be requiring from you to keep doing business with them, right? So, yeah. Yeah. Good.

Um, so Kyle, um, let's talk about this thing that we call M 365, uh, a great, great business enabler. Um, but you know, the attack du jour vector. Um, I would say, you know, obviously, you know, untrust has certainly saw this as an area to, to, you know, go into from a product perspective.

But I'm just gonna read here, you know, from, you know, aside from being a massive attack vector, you know, Verizon pointed out this year that a staggering 46% of compromised systems that had corporate logins were unmanaged. And the hypothesis of this is, you know, their BYOD accessing M 365. And, um, so what's your, you know, current best guidance for MSPs in this area would, well, First off, my hypothesis is cyber call made the pivot from endpoint to M 365.

It wasn't covid or any of those other digital transformation things. It was all of us saying, Hey, you need to move off-prem during all those early episodes. And it literally had hackers, uh, having to swing from chandeliers from the endpoints all the way into the actual M 365 environments. And I will agree, 110% threat actor tradecraft has ramped up so hot and heavy on whatever you use Google Workspace. Uh, it could obviously be majority folks in here are gonna be M 365.

But the point that I want to get at is it's not going away. Um, whether it's inbox rules, whether they're getting in and kind of maintaining access with forwarding, or more often than not, we're seeing a lot of malicious apps. The part that I would give for MSP's guidance is, is you are responsible at the end of the day for that environment. And there's a lot of people that would say, well, Microsoft didn't secure it well enough. I don't think folks quite realize that.

They don't care what device you logged in. So you mentioned BYOD for anybody who's missing a lot of the incidents that are starting to come out, a lot of information is starting coming out about like the, even the LastPass incidents that people were actually getting targeted in the enterprise, like the engineers and not on their personal work devices, but their actual home devices.

And because they're authenticating and they can run an info stealer on those, whether it's to get the two-factor authentication, right? Think of that token, or for instance, maybe, uh, even in some cases, writing over top of the VPN that they were using in their home device to get into that work environment. I, I think the part that I would just double down is like, you have to understand saying, oh, I don't have an endpoint agent or an RMM on that device, so it's outta my scope.

It's not gonna hold water when your end client asks you, but I'm here for my outcome and my outcome is to be productive. I don't care about all the different things. You weren't there. So I think Andrew, like you're bringing up a very timely, uh, topic, which is unfortunately we're only seeing tradecraft mature.

So while we can declare victory a little bit and say, Hey, this environment, ride a boom environment helped harden endpoint substantially, I think we do have to realize that we have encouraged threat actors to move to new, you know, landscapes.

And that will be, again, APIs, it'll be ai, it'll be M 365, but if we don't take it more serious and understand, like that is your environment regardless of where they authenticate from, that just will start your whole thought process differently of, okay, now that I understand, I'm accountable for this, how would I protect it differently?

Yeah, it's, we've, we've so moved, I guess Kyle, would you say the last five years it's really, uh, become much more about identity than it was about endpoint. Um, right. You know, that's, I've seen some good enterprise vendors. One of my favorite is push security and they've replayed that whole message of endpoint or identity is the new endpoint. It used to be endpoint is the new firewall. Uh, and then there's probably been nine other versions of that, but I think they have it right.

At the end of the day, you don't even know where your id, uh, identities are logging in from. And I don't mean geographically like days are gone. Like some people still asking like, can I put conditional access to lockdown for us only? Like, that usually buys you about 30 extra seconds and we see it fully automated these days.

They will try and sometimes it's by accident, they will go after another victim and they leave the profile from somewhere in Europe and then immediately they're bouncing through the US to figure out which conditional access site is actually authenticated. Not AI powered, but definitely, uh, augmented, meaning they're doing research about your company, your points of presence, and then automatically bouncing between different colos. Like we see this, I dunno, it's 2 million paid for identities.

I think it's 6 million total identities. So like, trust me on this, the, the, the days of geolocation geo-fencing are gone. Yeah. So let's go to another fun topic in the threat landscape. And that's, you know, the, uh, edge device scenario. You know, what, what's going on with edge devices. Kyle, obviously, you know, COVID forced us, right? To use VPNs, much more prolifically.

So, um, one question I just, you know, aside from what's on here, before I even get into the question I want to ask you about, is it, you know, because you guys really look at trade craft, is it threat actors are just, when they start to see certain vendors, and we could, I'm not gonna name them, we all know who they are constantly having vulnerabilities. Um, okay, Phyllis No, no problem. Wonderful seeing you.

Um, Phyllis has to leave, but um, Kyle, is it that threat actors when they, you know, when there's smoke, it's like there's fire. Like they'll start just picking apart that code and, and you know, like every few months we hear from one vendor or another in their VPNs and all. I have a feeling you're talking about edge devices. Yeah. You already said vpn. Yeah. Is that part of it that they're just, they're ripping apart the code?

Look, as soon as there's a patch, they're they're looking for another way in. Yeah. And it's, so, it's it, right? It's, it's risk based. Everybody's based on like, I only have finite time even as a threat actor. And they are now, like there's actual dashboards. If anybody hasn't seen some of these that have leaked on the dark web, that people talk about productivity, like how fast are they getting initial access? I haven't seen one for zero day research.

I don't think that that is as organized, but my point behind it is, yeah, that's what scares me so much. When somebody has a reputation behind just weaknesses in code or bad code, it often means there was an underinvestment in r and d or an underinvestment in looking backwards at truly auditing code, meaning bringing in a quality team to do research.

And so for me, Andrew, like it's wild, but even I, like, we're a company right now that uses, uh, we, like Google Docs don't beat me up, but we are actually internally having to reassess. We are using Google on the identity side and we're moving over to the interest side of the house because we actually don't believe in many ways there's enough logging on the Google workspace side for us to feel comfortable.

And we as a business, just talking purely as a customer, make very similar decisions on vendors. I would highly encourage this audience if you're not making similar risk-based decisions. If there's smoke, there is fire. And when we saw how much, for instance, like auditing gaps of using Google as our identity system, we are literally moving on over now after years of doing it, building a product around Google workspace and having to move over to intra because of this.

So, um, yeah, I think you're nailing a topic which, um, if you're not making risk-based decisions with your dollar, you're doing it wrong. Yeah. Well, and, and this is just the last part on this that I was gonna ask you about. And you know, this, this goes to the Verizon DBIR. This was the first year for initial access and they point to edge devices that vols overtook phishing for initial access. Um, and, you know, are, do you think MSPs are not getting their clients off VPNs fast enough?

Uh, knowing that majority of this has been those, you know, VPN type, uh, whether it was, you know, the ones, well, I'm not gonna say 'em, but that's really what it's been. That's overtaken phishing. Do, do people gotta get is is do people gotta get onto it like A-Z-T-N-A and off VPNs? Yeah, I'm gonna get salty like Play-Doh and just say it, man. We take way too long to even still talk about patching, let alone the idea of us getting, uh, realistic about even these edge devices.

The fact that we're fooling ourselves that these VPNs provide the secure remote access or are not, you know, vulnerable code themselves. Just a little bit unrealistic. CISA has talked about it for years. Uh, Soho routers agencies have come out about that. This is a real problem. I just generally speaking, I don't think we're quite prepared though, to pivot.

I would even ask the question of in 2025, is ZTNA the answer or do we actually like, just be realistic that we're all traveling remotely from somewhere sometimes. And think about, for instance, our security posture differently. I'm not saying ditch your ZTNA, not at all. But you have to keep this in mind that this attack service has changed so radical and very similar to like my credit card getting stolen.

I still haven't figured out how to not get that thing stolen after 20 years using a credit card. Some places I'm just starting to accept like maybe the attack service there has to have some weaknesses. So I need to have a little bit better layered defenses in different places and maybe give up trying to seek perfection in certain places. 'cause I personally don't believe the remote VPN access into your secure protected enclave is it's not working very well. Hmm. Yeah. Yeah. Yeah.

That's, uh, LA one last question for you, Kyle on this, about what, um, what operational mistakes do you feel MSPs are making in scaling their security operations? Because, you know, I, I think you can give good prospectus on this because you've had a scale security operation personally, right? Mm-hmm. You know, um, so any thoughts on that in terms of MSPs? I don't think, I, I gave earlier the business example of don't confuse outputs with outcomes.

Operationally, I think very similar to folks that change a technology manufacturer every 1, 2, 3 years, I meet the same folks usually every 18 months reconsidering parts of their security stack, but maybe not willing to make some of the bigger decisions on like, what does this actually help? Like, what problem am I trying to solve? And it turns out I think MSPs really have to be a little bit better focused on the productivity of their end clients, not just seeking perfect security.

Don't get me wrong. As soon as you let up, you know, off the throttle, you find out you get kicked in the mouth a little bit. I'm not suggesting that, but for instance, some of these very basic things like awareness training, like how often have we been telling that end users are by default, if you think about it, while we can, can block 50 plus percent of things by locking down the endpoints, the identities, the data people have to be productive.

So by default, all those other technologies usually carry the same weight of good old fashioned just education and training of people because you can't lock 'em down if you want 'em to be productive. I think there needs to be just like the word antivirus and that market died and we gave birth to like endpoint protection at EDR.

I think it's about time that end, you know, that same endpoint transportation, uh, transformation happens that we gotta get real serious about how do we encourage through positive behavior, gamification, and having like real conversations on like, Hey, that little ounce of fun of teaching somebody on hacker tradecraft might be able to actually deliver more outcome than any of the hardening. Because I do believe they're not equal.

It's not one corner of a four product strategy of endpoint data identity in humans. I actually think humans are directly equal to the weight of all those other, you know, uh, markets. So that's a lot thrown at you on operational mistakes. But if you can't tell, I think people are making the operational mistakes by being way too in the weeds and not pulling themselves out and saying, how do I actually go back to productivity?

And how do I make a really opinionated decision, even if it wins me some customers and lose me some customers? I think that's what we need in 2025 is getting spicy a little bit. Hmm, interesting. So over to over to us, 'cause you mentioned people. Let's talk about, you know, in the education space, you're focused obviously in this area on people. What are you seeing as far as trends on MSP's training and leadership? Are you seeing this as a trend?

Are you seeing people like trying to do better in this area? I mean, look, look at the conversation we've had in the chat. I'm curious, Wes, how, how are you feeling about this? You live education, but like, look how good the quality of convo has been today. You did awesome. It's so awesome. Yeah. And, and again, I'm reading and learning. I'm like, I reading what Andy's saying right here. I'm like, tell me more.

Like I, I understand what he's saying about vulnerability management being his biggest, um, uh, a challenge to margin, right? But I wanna hear more like if Andy, if we're sitting here, maybe if you'll be obscure, I wanna hear more, what's the challenge there? 'cause I don't run vulnerability management anymore. I haven't in years. I would love to learn from him on that. So yes, uh, very much agree.

Um, yeah, I think to answer that question, like one of the things that I think is important, go look at your p and l. Go compare your, uh, your people, your salaries and all the burden that comes with that to your tool cost. Um, tools, augment problems, tools don't solve problems, right? People in process are, are just as important if not more so. Right? And so, um, this is something I think MSPs are waking up to. I think for years we've all been notoriously guilty of working.

We we always say in the business, not on the business, and we wonder why we continue to have a drag on growth, right? Small MSPs say things like, man, if I just had more leads, if I just had more at bats, everything would be great. Large MSPs say, I've solved that problem. It's not the at bats that matter. I have an outbound team. I have a way to grow. I've got measurable growth. The challenge that I have is I, I don't know how to support the growth that we're currently in the middle of.

And I go talk to my people and I say, Hey, I, I think it's important that we all get better, right? And they all say yes. Who is not in the MSP world today? And not knowing that life is constantly changing around us, right? You don't have to be the brightest bulb in the chandelier to, to have that mentality. But I think what we have to understand is if we're not making it a priority to grow and to continue to get better, we are going to become a boat anchor that drags the MSP down.

So how do we fix that? Well, I think the ways we fix that, and I look at some MSPs like, um, I'll steal from Jennifer Roy from Nucleus over in Vancouver. She runs an incredible MSP over there and they're doing amazing things in what they're doing and how they're growing. And she's the first person that will say, we invest in growth. And I'm not gonna accept the answer anymore. When I say to my people, Hey, what does our plan for growing?

When we think about the outcomes that we want to have as an MSP ourselves, what skills do we need to have to achieve to drive towards that? She'll say, I don't accept anymore the status quo of we're just gonna find a way to do it. And you talk to so many young people that say, yeah, I wanna get better, but you shoved me 16 tickets before lunch. What do you want me to do buddy? Like, what, what am I, how am I supposed to get out of this endless sea of of work that I have in front of me?

So that's the challenge I think so many MSPs are in today, is that we know that we have to stay up. We know the world is changing underfoot like crazy, but in order to stay up, we have to have a process of, um, of, of what that looks like of, of growth. We have to have accountability baked into it. Um, Kyle talks about it as my co-founder is, he calls it like the leadership flywheel. This idea of saying, I know I'm gonna get better, but I have to have a process to make sure that it gets better.

And then measurables to come back to that and say, how are we showing that that's actually occurring for everyone in our msb? And if we don't have that in place, then let's admit we're churning. We're, we're just treading water. And treading water will work for so long until your people start to drown. And the signs that they're starting to drown, they say, I'm tired of this. I'm going somewhere else. I'm doing something new. And the MSP world is just a dumpster fire.

And you see it on Reddit, how many times do you see MSPs they're struggling with this because it's just a dumpster fire from, they never figured out how to get out of treading water. So yeah, this is a hot button topic for me, Andrew. Um, but there, my point is you see symptoms of the problem that're not being fixed when people cry out and complain. But you also see a lot of MSPs are doing a great job of this and have really, really structured their MSP for, I would say unlimited growth.

Yeah, it a good riff. Thank you, Wes, Kyle, um, one for you and then we will wrap. We're gonna get into the last few questions on the future. But Kyle, as you guys, you know, prioritize, uh, or shouldn't say that. As you look at your platform, how do you guys start to prioritize what features you add and where you go as you look at, you know, the MSP landscape? So I'll tell you right now, um, that that dumpster fire conversation is something that like, uh, I can relate to.

And we've been asking ourselves how do we like contribute? I I actually think vendors have had an absence of taking firm opinionated decisions that might alienate people, Andrew, and one of of these examples I talked about learners earlier, why aren't vendors playing a bigger role in ranking learners against other similar companies? And I don't mean individuals that you can call 'em out and burn 'em, but what better motivates you to learn that?

Like, hey, my team at this, I don't know, um, printing company, there's only 12 of us, but we actually rank in the top 10% of other printing companies of our size. That's a pretty cool way to motivate somebody. It also is a pretty good way that, again, you don't have to go shame, but when you're in the, uh, you know, the absence of that, hey, you don't have to say 90% of companies are better than you, but there are ways to say this.

And so for instance, I actually think part of all this investment in all these different cybersecurity companies, how neat would it be if we came up with some sort of closer to standard of like, Hey, I'm only gonna offer so many metals to somebody that says, because you fell within these standards of responding to an incident that I gave to you. Or for instance, you turned off automated response. So now you're going to have to do that.

And if you don't respond fast enough, should I automatically take response on your behalf? Or should I rank you maybe as bronze this quarter? I think there is some real opinion here that vendors don't need to choose favorites. Not about the only three can be gold, but if a vendor chose a standard and said, we want to see this type of response, this type of security, et cetera. And although if you fall below that, you're probably not gonna put on your website, I'm a bronze customer.

But those that are platinum and those that are gold would be able to show off, well, I'm gold. Maybe you go ask that competitor how they're performing. I just think there is some opportunity here for trial and error that vendors could help more both positive encourage behaviors and reward the people who meet top decile or top quartile examples.

So that's again, my long way of saying, I don't think that everything has to be spicy, but I think that we have to do, you know, something to say, Hey, certain boats are gonna float or rise, but we also have to be realistic. Some boats might need to sink and that's not popular. Yeah. Wow. Um, so, so we, we, we couldn't, I don't think, have a conversation without talking about AI West.

Um, so as, uh, this impacts the threat landscape, I'd like to ask you first and then Kyle, um, what do MSPs need to do to defend, uh, uh, against, you know, AI borne attacks? Or do they just business as usual? So I, I will, I'm much more eager to hear what Kyle says about this. Um, the thing that I think I would, I would say is we just have to recognize it's the speed. It, it's a faster speed than before.

And I just ran across, I follow a ton of subreddits that are just like, one of 'em is our recipes 'cause they love to cook. And I saw one that came across and everyone's like, this is an AI post and went to look like, yep, sure enough, it was like it's, we, we are starting to see the blurred reality of what's real and what's not become truly difficult for the human mind to grasp. We, we know that.

Um, but, but also like AI is not all that it's, um, cracked up to be when it comes to like how some security vendors like to talk about it. So like, there's, I I I think that there's, there's definitely not, it's not a cry for, oh no, the world is in, uh, ending as we know it, but no doubt things are speeding up so much quicker. Um, no doubt call pretexting is so much easier. No doubt. Um, you know, what we're seeing the re the blurred reality between what's real and not real is more difficult.

So Kyle, I'm curious to hear what you say beyond that Instead of getting like, I think most people have seen, but if you haven't, I I take a very AI realistic, uh, point of view. Sometimes people call it AI kind of pessimist, but it's, it's truly not. I I am a very avid user of prompting. There's just some words that, for instance, US geeks will appreciate and end users don't. It's the words deterministic, which usually means it's a very explicit answer.

And then there's the word probabilistic or non-deterministic, meaning it's a suggestion, it's probably right, it's close to accurate. And the things that I'm finding that instead of me getting really geeky in talking about what I like and what I don't like in AI products, I actually just see AI as such a phenomenal opportunity. Just like covid, like we transformed people's technology into much more scalable, uh, what better maintained.

And we used a crisis to be able to help lure, you know, bring them to water. We couldn't force them to drink, but we got 'em a lot closer and then they chose to drink. I personally think for the MSP audiences, if AI is not part of your narrative of how you're enabling productivity, I guarantee you somebody who is not as technically adept as you is selling a better pitch that also says, don't become a charlatan. You can't be that.

But I personally believe we're at the crux right now that if you don't have some part of your virtual CIO or virtual ci o that isn't pivoting into some sort of productivity training, and again, I'm not saying everybody needs to do it, and I'm not saying you can just eat the cost, but if you're not teaching people how to prompt and how to ask ai, not only the base question, but to ask ai, please prompt me for any additional fields that you need to be able to help me self solve and help set realistic, like this is the type of problems you should use AI on for a good, again, non-deterministic, probabilistic answer that will really help even junior people produce substantially better results.

But I I, I just am not seeing many things in cybersecurity right now that are doing much more than helping augment. So, and I would just hesitate to help make them just as aware on how they solve their own problems, that there will be other vendors that come to them and say, you don't need an MSP anymore. We've got the AI powered SP. Mm-hmm. I haven't seen it yet, but I guarantee it's gonna come.

My biggest part is if you don't start these conversations right now and telling them in much better ways than I just did, they'll never understand probabilistic and deterministic. That's not the way to talk. Mm-hmm. But if you don't start that right this moment, like part of your monthly and quarterly business reviews, I assure you they will fall for somebody else's deceptive messaging.

And that could be an AI powered MSP or it could just be the MSP up the road that knows how to sell better than you. So that's my long way of saying embrace the s**t out of this stuff. Test post frequently, but don't fall for and don't let your clients fall for kind of perfect because we're, we're nowhere close. Kyle, I wanna just riff on what you just said because it was really well done. Um, so you introduced, well you brought up Sunil in 2020. Mm-hmm. Sunil.

And because you had been at an event and saw the cyber defense Matrix, another person that we brought into the MSP world who has been just such a Go-Giver as well to us, he's at, you know, he co-founded a company now called Gnostic. He's gonna come to write a boom this year to do a speech on a session on data governance and LLMs.

So maybe just, could you just riff and then over to us on this, 'cause this is, you know, if you're, if we're educating people on prompting and using LLMs, you know, the area that most people don't take into account, and, and again, the data in Verizon and other reports suggest that even if you do have governance in place with AI on how to use your own, you know, your system and work, people are 60 plus percent of the time using their Gmail account, Kyle, to, to do their prompting.

And the biggest offenders by the way, right now, the two leading offenders get this are legal and HR in terms of the, the, um, most used along with those. So what are your thoughts on that whole piece of, you know, managing governance and data and privacy? Like it's, uh, on one hand we wanna educate and get them productive. On another hand, they're, they seem to be going well, great, you're doing a good job on governance, but we're gonna go around that 'cause we wanna be productive.

Yeah, I, I mean Andrew, I'm, I'm gonna get really specific on this one and folks will have to understand this is my opinion and my opinion only, um, I'll be quick to say like I deployed a couple times and I'm the furthest thing from a barrel chest freedom fighter, but I got the benefit of attaching to a special forces team.

And I remember with one of our interpreters, we talked to a village elder and some of the people around, and I was showing them on a, it wasn't even a, a tablet at that time. It was kind of a crappier like, uh, arcos is what it was called. And I could show them Google Earth and they were able to see their province and they recognized that and they could see, they kind of understood where Iran was, Pakistan was, et cetera. They could understand that.

But when I showed them on this device, um, where the US was and how much water was in between it completely and utterly shut down the conversation. They, they, they couldn't believe there was that much water, let alone we were from that far away. And I can't help but feeling this governance AI problem is very similar to that. How are you gonna bring democracy to a country that can't understand geographic truths? And I can't help but understand if people don't even understand what AI is.

I think governance is a second order problem. So my point behind this is I think there's gonna have to be taking some risk. And as much as I love, I think what Gnostic is doing is gonna be so well adopted in the enterprise. Most end users still don't know that AI isn't just some like simple search engine, but it can actually have very complex, you know, back and forth with LLMs.

And until you get people to understand that the US is on the other side of the Atlantic, how in the world are you gonna get them to appreciate democracy? The same thing goes for how are you gonna get them to appreciate your data goes to this thing and will be used and could be used to train other stuff. Like, I just don't think one is possible without the other. Mm-hmm. So I know that's not a great answer.

I wanna say that technology, like that's gonna be super successful, but I'm just trying to think of like, how would you teach your hundred person CPA firm when they just aren't even aware that a lot of what they're doing when it comes to filling out USW twos, et cetera, are actually doable with AI these days. And they, I I don't even think they understand the basics, let alone what's there to govern. So it's just my long way of saying man, um, I think we're a long way from that conversation.

Interesting. Russ, I mean, any thoughts on, we can kind of maybe close off with that, 'cause I know we're at right up here at the bottom of the hour, but, uh, Yeah, I I think again, lemme tie this back to your people care about business outcomes and we all remember the day when chat GPT first came out and all the amazing things it could do just by asking, right?

And I, I, one of the things I think we have to, we really have to make sure we're careful about as MSPs is that we're not stepping on the toes of what our clients care about most, which is becoming productive and more effective at what they do.

So if we are able to have a conversation with them to say, Hey, look, we love it, we embrace it, it's gonna, it could do some amazing things you probably never dreamt of, but let's make sure we understand how you're operating and how your actual, how your day to what your day-to-day looks like. We're, we're gonna struggle with getting them to even care. And the last thing we wanna become as an MSP is the naysayer that gets in the way of something cool that they want to have done.

That's where shadow it comes from, is they, they find a better way to get something done quicker, faster, or cheaper than the way we can deliver it as an MSP. And so they sidestep us and they will every single time. And so if we're not involved in our customers, we're not involved in their business processes, we're not involved in the day-to-day, then how do we have the right to come in and say, Hey, I think we can help you find a better way to do things.

So if we're doing that, then we unlock the right to be able to come in and say, Hey, let's introduce AI in some awesome ways. I think you guys are gonna be thrilled with, but let's make sure we do it in the right way because we start shoving all this private information into some AI that you have no idea where it's going to, what's coming out of it, or you just let copilot read all of your data. Really bad things could happen.

You don't want all your employees seeing all the salary data, do you? Of course not. So let's do this in the right way. And I think that that's the way we have the conversation against the client to say, cool, you're actually here to help me. You're not standing in the way of cool stuff. You're actually gonna help me get better because we've said this over and over and over. The future of MSP is not just, you know, selling licenses, it's truly transforming our business for the better, right?

It's truly walking into our clients and helping them operate better, faster, more efficiently they ever have before. Yeah. And that's part of life. Absolutely. Yeah. Well, well, well done Wes. And the way to cap it off that we're gonna play a very different role I think in the next few years, right? Certainly, um, it and security will always be part of the role, but, you know, driving their business outcomes is really what we're, what we're gonna be doing.

So with that, wow, that hour and a half flu. Um, and, uh, want to thank Wes, thanks so much for coming back, coming on. Loved it Kyle. Thanks a million. It was a, it was a blast hanging out with you guys for, for an hour and a half and thank you everybody out there who's been with us for either the five years or some part of it, it's been a pleasure and, uh, looking forward to five more with all of you. Yes.

That, um, everybody have an awesome week ahead and we'll look forward to seeing you next Monday. Andrew, Andrew, You for putting this together for five years, dude, that's ruthless. So Yeah. Can, can we this with a little bit of love for you, man? Yes. Can we spend just 15 seconds to hear from you, Andrew, on like what your big takeaways have been over the five years? Man. Um, you know, I, I think for me, Wes, the big takeaways are just honestly seeing how much the MSPs have grown.

It's such, it's been, that's what it was all about, right? Seeing how much these have all, all the MSPs have grown and, and we've seen it firsthand, the mature like again. Um, so that's what I'm, I'm I've, I I'm most grateful for. So thank you for the work you've done. It's been measurable and, and immense. Yeah. Oh, thank you. Um, everybody have a fantastic one. Love you guys. Take care. See You everyone. All right. Bye.

Related Videos