Right of Boom Recap
In this video, Gary Ryan, Wes, and others discuss the challenges and strategies for API automation in the MSP sector. The conversation highlights the importance of addressing onboarding inefficiencies, which can take excessive time, and the need for effective vulnerability management practices. Throughout the discussion, insights from industry experts are shared, offering valuable advice for MSPs aiming to enhance their security and operational efficiencies.<ul><li>The webinar discussed the challenges MSPs face with API automation, onboarding, and vulnerability management.</li><li>There was a focus on the importance of having legal frameworks and preparedness for cybersecurity incidents.</li><li>The event emphasized the necessity of improving cyber hygiene and security practices among MSPs.</li></ul>
Guests
Video Transcript
Welcome everybody. We are in episode 83. Gary Ryan. Wes, how old? Yo Yoyo? Hey, yo. It always feels good to say that, Gary, you actually did a heo, I think at the write of boom. I did. I opened Up my session with that big hardy eo. Wes, you're ha sounded like you are. I did my best this Time with Feeling I need more practice. Yeah. With feeling. There you go. Alright, so, um, Gary, um, I do have a few quick announcements. If you could just implore me and go ahead. Wait.
First, can the first announcements be that, that Wes had some news that came out in the press? Sure. Why don't you, why don't you take over? Go ahead. No, Go. No, I'm just saying Wes, we wanna congratulate, uh, Wes. Uh, Wes tell us what They're doing. Yeah. Wes, talk to us. Yeah, thanks. If you didn't see the press release that came out, uh, by Joe P and, and others. Uh, I have joined Roost. I think many of you guys know, um, a little bit about roost.
I've joined as their dictator because all companies need a good dictator and roost was the first to take a stab at it. Uh, so, uh, just am freshly in and new with roost. And roost is all about, um, solving for the API automation challenges that MSPs have every single day. Right? Challenges to grow, challenges to scale, uh, challenges, to do a lot of things around security, automation, it orchestration, um, a lot of stuff Right now we're exploring, um, onboarding, which is really exciting.
I talked to MSPs that spend about, uh, four to six hours per user to onboard, and that's ridiculous, uh, that that problem needs to be solved. And, uh, that's one of the out of gate things that we're working on. So I'm still at ConnectWise in a, um, really cool advisory capacity. You'll see me at IT nation, some of those kind of things. But, um, have joined the Roo group full-time and I can't tell you how excited I am to be doing that. That's awesome. Congratulations, man.
Yeah, I would say you probably, your booth had the most buzz. It was wild. Oh my gosh. It was wild. Yeah. Yeah. I'm, I'm sending them an extra bill. Gary, by the way, I see John Hammond out there who did a stellar presentation on supply. Yes, he Did. Great job. John. John, um, give me a thumbs up or down if we can pull you on to make an announcement on some event coming up yet or not. Hopefully He says thumbs up. I hope he says thumbs up. But, um, okay. There's a poll out there.
Um, you know, did you attend write a Boom? Yes or no? We've got a lot of folks on here. I can see them that were on there. Um, is that a thumbs up? John, thank you so much. 'cause I'd love for you to tell everybody if you can. All right. So, um, let's see, Gary, the only other few things I wanted to mention is, um, I put a call to action.
We have a vulnerability management best practices for MSPs, uh, uh, uh, uh, webinar coming up that will, that will, um, be with both, um, Carl Bickmore, who will handle things from the sales side, who's like one of the best at selling security assessments and vulnerability management, as well as a guy who was at the summit. His name is Dennis Hanick, who's the CTO of Wat sec. They are a pure play MSSP. They have the s noted, but they specialize in vulnerability management.
And Dennis has been doing it for, you know, several decades. He's gonna take the technical side of the equation. He's worked with every vulnerability scanner platform out there. And this is an area that we know, uh, that with the additional controls that we're seeing in cyber insurance, uh, and the regulated, uh, frameworks, uh, becoming more of a mandatory thing than less of a nice to have. So I think it's a timely thing.
The only other thing I just wanted to put up, um, is a URL in the, uh, chat that is the up that is the newly released cyber cast. Um, Wes Ryan and Phyllis Lee killed it on this one, and it's a really important one. It's on log audit, log management, easy control. Right, Ryan? Uh, I mean, it can be Just don't, just don't collect logs. Yeah. You would think that like, um, you would think it would be easier than it actually is.
And, uh, we, we got into some really interesting conversation and I think it's, if you, if you listen to it, you're gonna, you're gonna find a lot of actionable nuggets in there. It's, it was actually a really fun session. Very cool. Yeah. I thought it was great. John Ham, an awesome seeing you. Hey, thanks for letting me come, uh, crash the party guys. I hope I'm not cramping your style here, but it's great to see everyone.
No, I was just gonna say, but we were saying in the Green Room before, um, Wes got there that, um, I haven't seen Wes in a few years and he was riely taller than I had. Man, it, uh, imagine that John, you were smaller than I maned. That makes sense. Yeah. John, welcome. A a any other things you wanna welcome John with you, Gary. Oh man. John, you and I, uh, ran into each other towards the end of the event and you said something to me that I thought was very, very cool.
Why don't you share with everybody what you're gonna be doing in May. Cool. Uh, so I don't know if I, if I can let the cat outta the bag on it just yet, but I can hint and I can, I can nudge please. Hint And nudge then. Yeah. Yeah. Perfect. Uh, hey, uh, we had a fantastic time over at Ride a boom. I was super flattered to be there and it was incredible to see all these fantastic people just get together. Uh, and we also had John Strand, who I fanboy over.
I don't know if anyone else does, who isn't Right. I think he's, who Isn't, he's an incredible person. Um, but Black Hills InfoSec had a, had a, had a presence there. Um, and we were chatting with some of those individuals and, you know, they put on their own event the Wild West Hacking Fest, which in my mind is a great, like, incredible pedestal in the information security community for, hey, other folks that are hanging out at Defcon and other folks that are going to Black Hat.
It's one of those in my mind top tier conferences for information security. Uh, and myself and his team got to sit down for a little bit and I can say, Hey, I, I can, I'll be involved, uh, with some of the wild hacking fest and it's something that I'm super excited about, but I hope everyone else is if, if they're tuning into that conference just as well. Alright, well you let us know, John, when we can let the cat out of the bag. Okay, Awesome. Thanks everyone.
All right, I'll let you back into the, uh, audience. Thanks for Coming. Great seeing everyone, and thanks for lemme be here. Thanks, John. Okay. So, Gary, before we get into some specific questions, I would love your thoughts and perspective on the, uh, on the right of boom, maybe some takeaways you had and, um, yeah. 'cause you did a heck of a job on your session, man. I I I can't wait to talk to you about that here, because I think it's important for people to, to know about it. Yeah. Yeah.
I, I told Ed it was scary. He said he heard it was scary. I said, but it was also inspiring. Yeah. So we'll dive more into that. So I think I came away with three, kind of three. First off, Andrew, amazing job. Oh. Uh, the feedback that I got from everyone, like it really felt old school, organic community based. Um, one couple of my members said it felt like earlyness fests. So that will be a compliment. Now they said it in a, in a complimentary, uh, complimentary way. Mm-Hmm.
Um, so my three main takeaways are one perspective. Um, we all spend a lot of time in this, and at the end of those two days, I feel like I expand it, my pers you know, uh, perspective about how to better overall look at security, right? In a, in a, in a clear, less complex way. Two terminology, we all have to start, you know, we, we bandy about a lot of things, but you heard a lot of common terminology.
And I think as an industry with our teams and with our customers, we gotta start getting our terminology straight.
And three, the real meaning of right of boom, because I think we say that we use that term, but just understanding both, we're gonna dive a little bit into the interview I did, but also, uh, you know, seeing, you know, an hour on the defense matrix and all the other things, how it ties in about really where we are and, and the way we need to talk to our customers about what security is and stop living in protection, man. Yeah. Sunil was phenomenal. Just, wow.
I mean, there's a lot of keynotes you sit through. There wasn't a pin you, you could hear a pin drop, like literally a pin drop in that room when he spoke. Can, Can I tell a little Sunil story for just a second? Of course. Uh, you guys gotta understand. I'm so glad Sunil got to speak and, and he was able to come, like he mentioned Andrew, like, literally, I'm gonna always tell the story of you moving RSA for us, right?
I, I love how he said that, but Sunil is this futurist and he's the, there's a, he's a rare breed. There are not a lot of people like Sunil that can cause you to think way outside the bounds and boxes that we put security into. And I remember, I mean, he's world famous, right? Like, I have seen him, I remember going to these FSI sat conferences in 20, like 13, 14, 15, and he's roaming the hallways and people are like, Hey, hey, hey, there's SIL over there. There he is. You wanna go talk to him?
I'll go if you go like just that star power. And, um, I, I texted a few friends of like, Hey, Sunil is here, some pictures of him and like, no way you guys got him at ride a broom. How'd you guys do that? I'm like, he wanted to come, he like agreed to it. He was all about it. Um, I just, it's so exciting to see this collision of people like that coming onto, uh, into our sphere. Um, really, really awesome. Andrew.
Yeah, Wes, what was really cool, and, and Ryan, I wanna get to your question I thought was really cool. Again, I wish everybody could have experienced this. We had a, um, so after the, you know, technology kickoff, showcase kickoff, cocktail hour, people went out for a little bit and then we had a, uh, back doors and breaches card tournament with John Strand. Now it's one thing to hear John, uh, on, on, you know, video and YouTube and, and, and everything.
But seeing him live and having him go into one of his Robin Williams tirades, I mean, it was literally, I was hurting, laughing so hard at the end. But what was really cool mentioning Sunil is all of a sudden towards the end of the tournament, Sunil comes in, Phyllis Lee comes in, and Curtis Dukes come in. Now you gotta understand here, John Strand was one of the originals in the top 20 Sands controls.
He, he helped write them and was very involved with this gentleman Alan, who passed, who started CIS. And seeing all of those guys kind of together was really kind of a special moment, uh, of them all just like being together at this event that you wouldn't normally see three people like At an Ms. P. Here's the thing at an MSP event. Yeah. Right. So to me that's kind of a turning point, uh, uh, of, uh, of where we are. And that's something that only a community can do.
That's not something normally a vendor would do. Yeah, yeah. Yeah. Well, and again, one of the comments from Joe Pan Terry was we are the critical infrastructure, and we'll talk about that more. Okay. Ryan, man, your sessions were phenomenal. Um, the only thing is, I wish you could have been there, but even remotely, they, and I know you do too, remotely, they were fantastic. We had threat modeling first and then followed by BCDR at scale, you did workshops.
Um, I hope we can do some of that same kind of stuff maybe as a, especially the BCDR. Like we, Gary, we've done, you know, all the three of us, our special kind of projects. I think that would be a really good next one. It's so important. Yep. But Ryan, were there some questions or comments that stood out to you out of those sessions that you're like, Hmm, they kind of made you scratch your head or, wow, I was glad to hear that or horrified to hear that.
I think where, uh, I had a, uh, it was a very, it was one, it was hard being remote. Um, I did have a view of the audience so I could like poll, ask people to raise their hands and kind of get a sense of like half of the room. Um, I was expecting more questions, but what I realized is as I was going through asking people like, Hey, have you ever done a threat model? Have you ever actually tested your BCD at scale? One, two hands would go up.
And to me that was like, wow, there's like such a huge opportunity here to, and so I think the workshop, we, what we probably need to do is if we're gonna do it again, or when we do it again at the next rate of boom, we're gonna spend, um, we're gonna be there live. We're gonna spend more time in breakout sessions floating around and helping people. Because I think the lack of questions was also concerning. Like, yeah.
Um, Or, or maybe, you know, either that's a sign of a great presentation or the, the content didn't fly at the right height. But I got a lot of questions on the BCR at scale. Um, which was funny because I think, yeah, I was, I was the, the anchor slot at the end of Friday, so like half of everybody was gone by then.
But a lot of really fantastic questions around, so like if I have a DIY solution, like how do I set up an environment to be able to do some of these types of tests you're recommending? And like, you could tell that the content and the prompts for the workshop portion really got people thinking about their need to really test their recovery at scale, not at a microcosm. And so, uh, good questions, but also a lack of questions, which makes me think there's still a lot of work to do. Yeah. Yeah.
That's fair. That's, that's a really fair perspective, Ryan and the comments, you can see 'em here in chat, Ryan, people that were there were just, you know, it was awesome. That was what it was. I'm at Todd's comment, many of us were overwhelmed. Um, Yeah. Yeah.
I, I thought I had simplified it, you know, as, as much as I could, not, not that I needed to overly simplify it, but I, I think I realized like, there's, there's another, like, we need, this is probably a session we need to do four or five times to get people, like, keep bringing them along on a journey. So, you know, it was, it was, it was, it was great to do it. I had fun building the decks, but, um, yeah, there's more work to do there.
You know, I don't know if it's the overwhelm just in general, Ryan, but if you could pose that one question we, we did, you, we had that question again on, you know, the hundred servers physical to cloud, but could you pose for, for those that may either a, not have been on last week's cyber call Yeah, yeah. In the audience. This is what I think one of the most profound questions that brings it all home. Yeah. So I walked through an exam.
I, I did some math, which I told you I was gonna go on the last call, but I'll tell you what the math is. Now. I take a, a tech that takes a single server and runs it through multiple recovery tests and determines that 98% of the time they can recover the server within the maximum tolerable downtime of the business. And then the MSP says, great, so I'm gonna provide a 90% recovery SLA in my contracts. And then, uh, based off of that, they, they walk away feeling really good about that.
But then let's say that SMB has 50 servers and they all go down and let's say all 50 are the same, they have the same, um, you know, mean time to recover and they have the same maximum tolerable downtime. There's a 0% chance that you will fail to recover any part of the environment, but there's only a 37% chance that you'll actually recover the full environment. And then if you took that and you said, well, it's maybe I have 10 SMBs and let's take a buffalo jump.
Let's say they all have 50 servers, they're all the same. They all get impacted. Now I have 500 servers. Um, that math actually works out to still 0% chance you'll completely fail, but only a 1% chance of success using that 98% number. And in order to actually meet your 90% SLA, you need that recovery of that single server to work 99.98% of the time Just make your SLA 1%. Right? But I mean, I think in that, that example, you don't have to Raise their price.
I can do that for the same Price even remotely. I could kind of feel people starting to get uncomfortable. And then the question was, could you PAVA hundred servers in eight hours with no prior preparation and expect fully to have an operational environment and you're done, ask for a show of hands, no one raise their hand. And so I'm like, so why would you expect to be able to do it in the middle of a crisis? You have to. You have to.
If you're not preparing to succeed, you're preparing to fail. And that's kind of where we are in BCVR testing at scale, is we do these micro tests that make us feel good, 98% success in the single server. But when you do the math out, you're not actually setting yourself up to succeed at scale. And that re I really saw people's gears turning and like a lot of good questions coming off of that session. So yeah, I would love to do that one again for sure. And then Sure.
Maybe figure out how to do the threat modeling one in a little bit more of an interactive way. But it was fun, uh, even remote. It was great. So, moving along here, 'cause we have two awesome MSPs coming up here midway through this, Wes, um, man, if all I can say is like, you were fan, phenomenal, masterful, your job as the mc was second to none. I couldn't have, yeah. Couldn't, couldn't have picked anybody better. Everybody was engaged.
You wove every session, you know, just perfectly together. Um, gimme, you know, your thoughts, Wes, few takeaways you had out of the, um, out of the event. Well, it was, it was terrible. And I wish I hadn't gone. Hey, no, I appreciate it. And, and I did have a chance Toce, the Emmys, unfortunately, just like you moved to RSA, you moved the Emmys, so, okay. I'll never forgive you for that, Andrew. Yeah. I had my one one shining opportunity at fame. Uh, no, but for real, what a great time. Yeah.
And, and I was glad you gave me the 30 minutes at the beginning just to level set, because I think what was cool about write a boom was we had so many people from different walks of life. We had CEOs of like, PE backed MSPs, we had brand new MSPs starting into the ecosystem. We had super technical people all the way into, um, you know, COOs and operators. And so it's hard when you're in an environment like that, like, how do we bring us all together that, that makes the content tricky.
Um, that even makes the whole, you know, how do we kick this thing off in the correct direction? So it was a lot of fun just to make sure we all started on the same page of like where we've gone in the journey. And, um, so I, I thought that was great. And, um, I don't know. I think the collaboration is awesome. Like, you know, I saw this in my banking days and I'm so glad to see this as well. In fact, I think MSPs are better at this than stuffy bankers of like what community truly is.
And I believe, I really believe when you get the right people into the doors, they're all gonna commit to go down this journey together. The output is right, a boom, right? Like that's the ideal output of a conference. And it's great to see that happen. And, um, I don't know, Andrew, it was, it was very encouraging to me to see, um, where the future holds for all of us. We won't be perfect. We will hit bumps, we will hit bruises, we will hit scrapes along the way.
Um, but man, I just came away very, very encouraged in where we're going. And, um, I also think, Andrew, that that that kind of content that we brought together, while many times it was overwhelming, it was really varied, right? It was like really across the board hitting in so many different areas, even the soft areas. You know, like one of my favorites was Gary, your session, just listening to Eric and Robert on the soft side of things of like how you deal with it.
That, that, you know, that gut punch and how you get through it. Um, I just loved all those different angles, Andrew. That's what I thought made it just such a special event. And by the way, the vendors, like so many of 'em are right here in chat. I saw Bryson, I see Alex, um, obviously, uh, uh, uh, John from Huntress, so many of, like the vendor makeup was, was so good too, participating and bringing in. So, um, just, I love it. I'd say my big takeaway, I'm gonna just reduce it to one.
Um, I think my big takeaway is we are really seeing what it takes to mature to the next level for MSPs in cybersecurity, in, in our maturity journey. Um, and I think we really understand, um, you know, we've gone down framework alignment. We've gone down, you know, the sales and messaging process. We're not perfect on any of those things, right? But I think there's a huge focus now in what response and recovery really looks like, ties into Andrew or to, to Ryan.
Your session ties into all of like the legal stuff and the IR stuff we did on the last day. I really think there's a big focus going into that, that that future of what it looks like to be a response recovery, mature MSP. And we're seeing the mechanics of that in place, which Andrew, I think is, is really exciting. That's perfect. So, yeah, Andrew, I was thinking about it.
I felt there the way I had felt in the early days of true methods, you know, we had all these members and I was just, you know, talking into a mic was all I was doing and putting it out like into the ether until we started having our first events. And I got to see and feel like the impact, and that's how it felt. I don't know about you, Wes, but how many people just took a minute to pull you aside to tell you how much the themselves and their team, how important the cyber call's been.
And, you know, we're just here talking into Mike's, you know, uh, every Monday. So it really felt energizing to, to hear the response on that. And I'm, I'm guessing you had the same experience A hundred percent that that's, it's so fun to see people that I, I know a name, I didn't know a face, and yeah, you get to give 'em a high five a fist bump. Uh, yeah. Yeah. Yeah. Awesome. So really, really perfect segue, Gary, to you. Um, a few things. One, I see Eric ordered out there.
Eric's gonna, who's in your session, is gonna come on next week to talk about his top 10 lessons learned, which is phenomenal. And then, you know, Gary, setting the stage here, you know, we talk so much about frameworks, we talk so much about controls, policy, sales.
And, and again, Wes has said, you know, we, we have moved dramatically forward, you know, probably compacted, you know, we were, if we, in 2016, if we were 20 years behind, which is probably arguably where we were in security as a industry, we probably in the last three have shrunk, you know, closed the gap on 10 of them. 'cause, you know, Sunil did a masterful job. I'll be quick here in talking about the decades.
'cause we are pretty much as an industry in the prevention and detection, which is the 2000, 2000, you know, 1990 2000. So Gary, you brought the emotional side of the whole thing to the stage that people cannot and underestimate the gut punch of what a true buffalo jump is. So this is something you can't find in a textbook, you can't find in a framework, you can't find in an audit. Talk to us about, and you Can't even experience it on the web. Mm-Hmm.
You had to be in that room in order, uh, to be able to listen to Eric and Robert. You know, Sonny asked a question, well, how many MSPs have experienced this? You'll never know, Sonny. Uh, I know many that you'll never know. Like, uh, on there and having a couple people that are willing to share, um, you know, the way Robert and, and Eric did, I mean, I spent the time looking at everyone's faces.
And I made everybody at one point when they talked about those first few moments when the realization came, you know, I made everybody close their eyes and, you know, think for a second how, how they would feel. And, and then they went on, you know, to what happened. And, um, with Eric, that one of the takeaways I came away with, he started going through three or four different examples of a math problem. You know, things that you don't think about.
Ryan talked about, you know, one of them both just at one customer, let alone, you know, 30 customers, um, you know, what happens with many of the processes that you plan for one customer or one server. And, um, you know, and you can't solve the math then, like, it's already, you know, the toothpaste is already out the tube, right? G Gary, the one, and again, Eric will be on, but the one thing that like stat, I just, my eyes just jumped open where 50 phone calls a minute at one point 50, right?
At one point, 50 phone calls a minute. And then that kind of leads to my second point, which is, you know, two guys that had some process in place. But, um, you know, what Eric said was, um, you know, they had, um, and Robert, like, they lost access to their PSA at the same time That One of the servers That's right. That they had shut. So think about that.
Like where is this built and what, like, you, you don't think of like, we're so dependent our planning not thinking through all the things that could happen. And I think that was really the biggest realization, and I'm hoping what came out of it, we use the term assume breach, but man, we have to start with our teams and most of all with our customers, we have to be having this conversation. We have to be setting expectations ahead of time of what could potentially happen.
No matter how good we are, we have to be in a shared risk relationship because once it happens, it's too late to have those, those conversations. And some of you, I know, and I, 'cause I work with, you know, hundreds of MSPs, many of you don't even have a real strong business relationship with the decision makers at every one of your accounts. And if that's the case, it's a tough way to go, man. It's a really tough way to go, Gary. It would've been really cool.
And, and again, I wanna segue, uh, 'cause quickly here, but would've been really cool. We had this, um, the legal side of Boom, left and right, Eric Till did a masterful job on like, he's great, what legal things do you need in place in the event? And then Spencer P*****k on what happens from the breach attorney side. But, uh, the reason I wanted Spencer's helping me with a peer special project for that Week. Oh, very cool.
The only reason I wanted to your point, you can't put the toothpaste back in the, um, in the, in the, in the tube once it's out. Like, you know, the, the legal things that come up, you know, on coverage and liability like that, you need to think through prior to. So Wes, I'm gonna jump to just in, in intro. Wait, can I just say one last thing? Yeah. I, I, I wanna make sure I highlight this.
As much as there was a lot of eye-opening in that session, a lot of emotion both on stage and, and in and in the audience. I came away feeling inspired by Oh yeah. How each of their teams and they figured out who those customers were, and even in their community, like other MSPs, you know, helping out. So there was also, uh, some, you know, inspiration and it's a story that makes us all want to be a community together. Yeah, yeah.
Like I said, I'll, I'll ask Eric, but I'd love that, you know, even have Robert on with him, um, you know, next week. Oh, Just to tell the story about his wife. It's the best story ever. Oh my gosh. So, so, um, one more thing and then we'll bring up the MSPs and have some more questions. But let me just share, I probably one of the most important slides, Ryan, and, and I wish you could have been here, um, to, to just bear with me, folks. I, I just have to, uh, find an important slide.
Um, bear with me, bear with me, bear with me. Okay. Crowdcast isn't the easiest to, uh, to, to share screen. So knowing that, let me try again and ah, this is Ryan, I would love for you. Um, you know, when Sunil did the Cyber Defense Matrix, probably the most impactful slide of the entire show. Can you guys see this? Can everybody see that? Yes. Left of drinks, Left and right of drinks. The more you watch this, the better it gets too. So, so Ryan, can you can, no, no pun intended.
Can you distill this down for us? Um, yeah, I mean, I think it would indicate that, um, that Wes has a baseline, uh, tolerance from wine uhhuh and that he prefers to start his evenings with liquors and then moves more and more towards beers. Um, and that the more beers he has, the more likely he is gonna need to have a strong recovery plan. You hear, you heard it there from the world craft ciso. Um, I can Validate that. I'm not gonna lie, that was one of the best parts of the whole event.
Oh my gosh, that was awesome. So yeah, so Sunil showed that. All right, I'm gonna go find, um, real quick, I'm gonna find Chris Brown and Vince and bear with me guys. Chris coming up here. And so I'm bringing on some of your peers. Vince, I think I've known almost 20 years. It was so good to see him there. Um, Okay. And one of the earliest guys in the industry, um, when it comes to cyber, like you, you know, who is there? Ke uh, Gary, do you remember? Obviously Oli and Al Vaca. Yeah.
And then, um, uh, Kevin, uh, joint that blank on his last name right now, but these guys were some of the earliest in cyber, and people would be like, well, what, why are you focusing on that? And they're like, it's like, it's really interesting seeing them today. Um, I didn't see, I, I wish I would've seen Oli. I know I've known them for over 20 years. Yeah, yeah, yeah. Do we have everybody? Let's see. Alright, there's Vince. Hey, cool, there's Chris.
Okay, so Chris, I'm gonna start off just with a quick intro from you because you weren't at an MSP for most of your career. And in fact, uh, I can't wait for you to share your background because you have such an incredible perspective, almost like Ryan and Wes. So Chris Brown, welcome and thanks for coming to write a boom. Yeah, Thanks for having me. I thought it was a great conference.
And, uh, just about me, I spent my entire career at the Chicago Stock Exchange, so started my way up doing hardware support, went into programming, quality assurance, operations, technical services, and, uh, finally became the ciso. And I'll just say trying to do security for the stock exchange for, you know, managing one entity. It was brutal. Um, you all the auditors, the government, um, it was just, you know, it was, it was crazy.
50, 60, 70 hour weeks and, you know, go, coming to write a boom and hearing all the MSPs and, you know, knowing our customer base and, you know, it was so hard. I know what it's like to manage one company well, and the effort it takes then, let alone for like us to manage all our customers and all the different nuances. It's a lot of work and it is tough. And, you know, trying to find an edge to help you do things better, um, you know, it's just, it's, it's hard.
And, you know, being that right of boom hearing, I think from what I heard, um, you know, a lot of MSPs struggle with this journey right now, and some are doing it better than others. And, you know, it just takes time and effort. And, uh, you know, I, I know when I got there, there's a lot I know and a lot I heard that turned a light bulb on in my head and a lot of things raised question like, what the hell? You know, I gotta look at this more. So it was, it was a great experience.
So I, you know, I've been on the, I've been the customer of MSSP, and so I know what's like to be a customer now on the other side for delivering service, you know, it's kind almost a whole different ballgame. Yeah. So thanks for coming on, Chris. Eric, um, sorry. Uh, Gary. So Chris is the CISO of Eric Rieger's, MSP. Ah, all right. Yeah. Eric and I, I feel like I say this a lot, but we go back a, we go back a really long way. Mm-Hmm. Probably like 2008, 2009. Yeah, I think you're the first.
Gary, I think you're the first person I heard when I started like the second day, know Gary Pika. Like, what, what are you talking about? Awesome. Yeah, You Make sure you send, make sure you send my love. Alright. Eric May be on this call. I don't even know. So Eric, shout out if you are Vince, um, you know, as an MSP, you, first of all, I think, what are you probably ConnectWise number, top 30, top 40, uh, initial installs, uh, if I had to remember.
Um, and one of the earliest that started looking at cybersecurity and, you know, um, like I said, you know, there's a, there was a few MSPs out there and you'd almost get these like, you know, weird looks right Vince, early on. Like, why are you focusing on that? Why are you get, why are you getting those certifications? Why, what's, and, and you know, you, you've been at it a long time. So I, one, you know, kind of my hat's off to you, Vince, for kind of seeing it ahead of the time.
I think you really got into it probably, what, 15 years ago at least, if not earlier. And so, so introduce yourself a little bit. Tell us about Res Tech and maybe just, you know, touch out of the conference and then we'll get some questions. Certainly, uh, you know, uh, have to credit, uh, going back, you know, obviously I told you that, uh, Arne had installed our ConnectWise instance OnPrem, so that was, uh, that was quite an honor.
And then, uh, being probably one of the earlier adopters of Enable and come around and heard their sales pitch and, uh, jumped in with both feet. And, uh, so Dave Stelzer was the next iteration and we weren't ready for him at that time. And, uh, there wasn't anything really established what that was, oh, about 15 years ago, uh, to create a security program. But it's always in the back of my head.
And over time, uh, the CIA model, you know, uh, con uh, confidentiality, integrity, availability, it dawned on me the availability, backup recovery was a major part of security. So we created something called nine point Plan. We started hosting events in our office, bringing in clients, and escalating up the value chain.
And that was really the, uh, what really boosted our, our efforts going through the MMSP model, and then iteratively just continue to add on better products and get better over time. Got my C-I-S-S-P, went to the Sands event, spent $10,000 on the, on the course, met John Strand through the video series, and, uh, the rest is history. So, uh, it's a slow slog. It's continuously changing. The last two years have been incredibly, where the market is catching up, uh, for the MSP to deliver services.
I'm looking forward to seeing what Roots can do for us. We bought into Perch, we went to that first perch con and, uh, so, uh, it's, it feels like I'm on just hair on fire, 2000 mock 2000. It's constantly moving. Um, but I feel like I've, we put some serious roots down and the organization has bought in it that just about operations. It's about execution. Uh, right now. How can we get better doing the basics?
Honestly, I love what, what, uh, I don't recall who said it, but someone said the be you know, the good it is gonna have the outcomes, right? If you design your it correctly, you're gonna have good outcomes when it comes to security. And we've always bought into that, uh, that, uh, we sell uptime. That's our basic core idea. We sell the client uptime. That's what we were trying to provide for the client, and that involves the, you know, obviously security and defense right now. Yeah. Cool.
So, yeah. Awesome, Ben. Awesome. Well, I, I don't want to steal all the, all the, all the thunder here, Gary Ryan West, I, I, I certainly can keep going. Any, any, Gary, anything come, come to mind? Well, One thing I was gonna say, it was nice to see Arne there. Yeah. So like, like Vince Arne, we were probably a 17th customer and he, you know, came to Philadelphia and do our install.
So we've been, you know, no, what I said to Arne was back then it felt like, um, you know, the industry was trying to make this turn from break and fix to managed services, and it just felt like it took a community in order to be able to move it. And, you know, we worked hard like to play our little, you know, role in it. And, uh, I told them, man, it feels much the same way now that it did then, except that the stakes are higher now, uh, for SMBs.
And before it was just a matter of, okay, you might lose some customers or you might not make as much money. You might never achieve your financial, you know, dreams. But today it's much more dire, right? Yeah. Businesses right. Are, are and are at stake. Yeah. Well, you, I know Gary, you're gonna share some of the financial, probably the details that Eric and, um, Robert shared, but it, it's per, it's, it's eyeopening to say the least of a, of the impact that it has.
Chris, any, coming from the CISO of a, you know, corporate side, were there any of the sessions stand out for you that you were like, wow, that that was impactful and MSPs should really take note of that? Or one or two concepts that, Uh, I think when, uh, I can't remember the gentleman's name or they, when the, for incident response and, you know, bringing the lawyers into play. Um, I, from where I come from, I did nothing without a lawyer.
I contract anytime I had a audit with the SECI had a lawyer sitting by my side. That's how crazy it got. And, um, yeah, I'm in the camp of know your lawyer well and get their support. 'cause you don't wanna make a mistake Yeah. And be hung out to dry. It's a, it would be a horrible position to be in. Yeah. Was that, was that the session with Chris Lahr when, uh, on, on going through Chris Lehrer's, uh, incident response tabletop? It Was on, it was Friday afternoon.
Oh, Eric Tilt, that was our, those were the two lawyers. Yeah, Yeah, Yeah. That was Eric Tilts and, Uh, yeah, yeah, the two lawyers that were up there, that, that was, uh, I just, I, I enjoyed that session very much and That the, your comment makes me think of a, of a very, uh, again, dear friend, you know, Gary, we always think about these, you know, people that we've quote unquote known forever. It's, uh, Deepak to Donny. Do you know, remember Deepak outta New York?
And, and his card, his business card said, you know, if you think hiring a professional is expensive, wait till you hire an amateur. And, and it makes me think about people like, well, the lawyer's gonna be expensive and this and that.
Well, we see here the numbers that Robert and Erick start throwing out there, if you think those two, uh, are, you know, if if investing and doing the right things is expensive, Ryan, since we're talking about law, like what's your perspective, I mean, is is do you, do you not that, hey, let me tell you about our lawyers and this and that, but how important is that for you in risk management and making decisions on policy and contracts and things of that nature? SLAs?
Yeah, I mean, my team is constantly working with our legal team on agreements. You know, we, we revisiting our contracts continuously. We have external counsels for specific types of issues. We have those predetermined contacts. We've actually, you know, we, we just went through a tabletop exercise for a large scale crisis where we included our external counsel.
So like a legal component of this, I think probably based off of Robert's session, um, with the Buffalo jump, probably realized the importance of needing to have a legal presence through that whole response. Yeah. Really. I mean, it's not fun, but like, it's, it's blocking and tackling, like you have to do it. Yeah, absolutely. Absolutely. Vince, how about you? Uh, were, was there one or two sessions or things that stood out to you guys for, to, to you?
Well, the cyber cybersecurity matrix that Sunil, uh, developed was mirroring something I painfully developed myself. And I feel like, goodness sake, the thing was here, there the whole time. So it's a really con uh, confirmed the things that we were looking at and how we stratified the offering. Our perspective's a little bit different. I broke it down to simply, uh, we wanna protect the user, uh, then we wanna protect the net network.
Uh, and then, uh, then it becomes a, uh, more compliance oriented. So if we break it down our, our MSP offering, it's protecting the user. Anti phishing products, endpoint products, things like that. I'm not say the user, we're, we're the user is the gateway to the data. So we're assuming the data and the, the crown jewels is the data. So we protect by, by, you know, educating the user, uh, informing the user, hardening the system.
Networking comes to, you know, secure design segmentation, uh, you know, air gapping, the, the backups, those type of things. Offsite, so good IT design, just when it comes down to good security starts with good IT design. So it really confirmed those things as well as the, you know, get your processes in order, really exercise the processes, uh, every, so everybody knows what to do when somebody calls with email compromise, you know, we know exactly what steps are.
So those type of exercises are, would be difficult to do if you don't have 'em written down. So writing them down, writing them out, and then exercising them over time, uh, I think is gonna be the, the thing that we really have to incorporate that there's, 'cause you know, when the incident happens, you're gonna have the time. So we're gonna need to treat the training and we need to treat the practice as if it's a real incident. Don't schedule it after hours. Go ahead.
No, I was gonna say, uh, when you talked about segmentation made me think about what John Strand was saying. Some of the examples he gave that people hadn't thought of where, you know, on the same system is their air conditioning. So now they have no heater, air conditioning, uh, and also is all their key fobs.
So now the next day, in addition to dealing with the cyber breach, they're out cutting keys so that they can get into their campus and get around like things, you know, before you never gave much talk to. Right. Absolutely. Right. That's a really good point. Hey, so, um, I'm gonna do a shameless plug, uh, for Sunil. Um, 'cause he was awesome. Uh, this is the book, it's out. We've talked about the cyber defense matrix many, many times. Um, this is what Vince was just speaking about.
It is available, um, out on Amazon, um, black Point Cyber sponsored everyone, uh, at the event to get a free book. If you do a demo with them, they will send you a free copy. So really Easy read. I, I read half of it sitting on the beach on Saturday. Nice. Nice. The beach in Philly. Mm-Hmm. So I'll put Cody Staley's email in, uh, the chat momentarily. But it's a phenomenal, phenomenal book. And as Wes was saying, uh, Sunil uh, is a real futurist.
Um, the only other thing I just wanted to, that made me think about, 'cause you also mentioned John Strand, Gary, is we're in the process and I'm gonna put my email in. John is in the process of building a specific training program for MSPs. If you haven't taken any of John Strand's, antis Siphon training, first off, he was a one of the Top Sands instructors, as Vince said for 15 years. He did their offensive and incident response training for many, many years. He has an entire catalog.
But now we're gonna get very prescriptive and specific. We are looking for probably, I don't know, we're gonna do maybe 10, 15 MSPs or we're gonna kind of put forth the initial kind of, I don't know what you'd even call it, but the agenda or transcript of the training if you're interested in kind of helping, you know, evaluate it and give us feedback. I'm gonna put my email in, uh, if you're interested in helping with that, the cyber nation.com. Alright. So that's in there.
Alright, um, Wes, I'm gonna come to you, um, call any questions, thoughts for Chris and or Vince? Um, yeah, maybe I'll just throw it out there for the both of you and whichever view or both wants to take a swing at it, um, certainly can. Um, what would, so, so, um, we've talked a little bit about like the one big takeaway, but I guess for you personally, where do you see the next year for you guys focusing?
Like is there like a big takeaway that came from write a boom that you're like, Hey, this year we're gonna make x, y, ZA priority where it wasn't? I'd love to hear. Sure, I'll go real quick. I think for me, um, the cyber hygiene identify and protect, I think you gotta get those two topics rock solid for all your clients. 'cause you know, you miss something and that's something you miss is going to bite you in the ass.
So, um, I think we need to really focus on getting those two topics really, really tight and as bulletproof as possible. C Wes, can I just say something there? Mm-Hmm. I mean John Sen's, Chris John Sen from Black Point, his, he, his event, his session was left of boom. And you hear it from him. You hear it from John Strand, probably from Ryan too. Yeah. Most of the, and Wes you probably saw it in the soccer purch, typically it's not some crazy, I think you've said it before, Wes, right?
They're hackers are la threat threat actors are lazy. It's not some crazy thing that they compromise a network typically. Is that, is that fair? Um, not only is that fair, if you find yourself listening to vendors that are primarily pitching to you that they'll secure you by stopping the unknown unknowns and you know, using the AI to stop the things that have never been seen before, you're missing the boat.
I'm not saying stopping the unknown unknowns is not important, um, but if that's what you find yourself being drawn to versus the typical hygiene things and the typical TTPs that they use every single day, you're really missing this. And again, remember, we, you got a dollar to, we only have so many dollars to spend, right? If whatever you're gonna determine you have as your average seat cost, every dollar that you put into that has to be packed with value.
And if you spend it all left to boom, there won't be any for right of boom. Yeah. And, and I will say going back to, um, John's talk, that's what I thought was the best, to me, the best part of John's talk was the stories. How have we seen these happen before? How does this, how does this attack typically occur? Battle stories from the front lines, those are the things we need to listen to for sure. And I thought John did a great job with that on the left of boom pieces to that.
Yeah, absolutely. Absolutely. Really good stuff. I'll Just, uh, add that. Yeah, VINs, I found, Uh, this, I found this week in a, a small business no budget implementation of the SANS 20 security controls. So if you wanna look at that, uh, it's, it's, it goes to John Strand's, uh, ethos. You know, if it could be done free, why aren't we doing it? So, right.
I think that's gonna be the thing is if it's, if it's in our hands to do things to eliminate 90% of the exposures and we're not as MSP professionals and we're not doing it, we're derelict in what we're doing, it's uh, it becomes an ethical issue. We really need to do those things and they are disruptive. The client does have to pay for some of that, that, but it's cost nothing other than time. Maybe you can drop the link. Yeah, I can Do that.
Yeah, if you have it handy, Vince, that would be awesome. Yeah, I'm just dropping this link. Gimme one second here. Lemme get, are you want to give us maybe some, some insight into some questions you might ask next week as we kind of probably the, the most time we've had left in a cyber call yet, but, um, you know, when we bring on Eric, um, what, what might you dig into a little bit? Yeah, listen, we spend about an hour on stage, right with Robert and Eric.
It could have been two and a half hours. Like I feel like we only scratched the surface. Um, I tried to make sure that the emotion got through, we're trying to move people towards action. Uh, but so much so when we got to the end, some of the really good stuff like, uh, on the lessons learned, um, and Eric, he said he, he had from his notes through it had 60 things and then from there he distilled it down to the 10 most important.
So we're gonna get a chance to review those all of us, uh, next week. And, and um, boy, who wouldn't want that 10 coming from someone who really knows right? And, and has been through it. That's the person I would want to ask. You know what I always say, my dad always told me, someone can't give you something that they don't have. Yeah. Right. Very true. Vince, um, did you sit through that session that with Robert and, um, and Eric? Uh, yeah, the lawyers? Yeah. No, no, no, no. The two MSPs.
Oh Yeah. Oh yeah, absolutely. That, that was uh, riveting. Yeah. You Know, we, we brush up up the edge, those the edge of those things with, with the client. We had one issue where during the onboarding process going through our checklist, uh, they got an email compromise in the midst of the onboarding and they were like, well, that's what we hired you to stop. I'm like, that's like step 30 in our 30 step process because it's so disruptive.
And I, I had to tell the team, I said, you gotta push that as soon as we get a client on board, first thing we gotta do is change passwords 'cause they're so weak. Implement m FFA change passwords right away. So did, so so was that something that you implemented that when that happens and, and interesting. Vince, can you talk just not to dig and dig and dig it here. Was that something, 'cause we talk, Wes, Wes and I have talked about this and we brought it up on the cyber call.
Onboarding's gotten risky. I mean, it used to be we onboard people and you know, it's a project and you know, Gary, we talked about how to do, you know, the proper onboardings and big piece operations and true methods. But Wes, your thoughts and then to Vince, we could be onboarding somebody, you know, very, you know, highly compromised and we're inheriting that. What, What percentage, like it came up on stage from, um, John, uh, Oh yeah, Sharon, He, he gave some percentage.
They, I stole their tool where they already find initially right away they find that, that there's somebody in there. It was pretty big percentage. I don't remember what he said. Well, in his world, you know, he lives in enterprise world with thousands of endpoints. But you know, when we bring on somebody, it's small.
But that's one of the reasons we push out huntress is one of the first things we do is is that kind of that check the lay of the land situation and, and get some hygiene flowing, uh, into that, into that segment. Uh, that was when we perch con was if I pulled away anything from Perch Con was, was hunts. And uh, so we are, we're in big with those guys and it's part of the stack. It's part of the absolutely. Part of the stack that and rumble those two things right up front. Yeah.
So did you change your process Vince, as a, as a result of those, of that experience? Oh yeah. Oh, oh yeah. We had, we had to push the, uh, if we're engaged somebody, first thing we gotta do is start fingers happening. We have to, I think that's the number one risk implement our Andy fishing product, put interest out there and you know, we feel like at that point you set your perimeter and then you can start working from things from there. Mm-Hmm Mm-Hmm. Speaking of, um, what was Phyllis lead?
So Phyllis, Wes, do you got, do you remember her quote, something about the fingertip, the, the, something about your f I'll have to find this for everybody, but the, the network is at your user's fingertip or, you know, the, the end of the network is at your user's fingertip. So it's so eloquently said, she was fantastic.
Um, it was so cool to have, you know, CIS present the EDP of CIS, but Gary, you know, to have, you know, you said it earlier, to have, you know, CIS you know, at an MSP event like it's would ever thought. Yeah, man, we got ourselves a security community. Yeah. Very cool. Chris, how about for you? Any closing thoughts?
Anything that, um, you might hope to get out of the next rite of boom or, or something that you, you know, you walked away with that, you know, you'd like us to dig in deeper next time?
Uh, I probably just wish there was, you know, due to timing constraints, I just wish there was more time for questions and answers and give people, you know, who are a either afraid or, you know, a little shy, but, you know, encourage people to get up there and really talk and no matter how stupid they think the question is or how weird their issue is, let it off. Because you know what? Everybody probably has come across it or deals with it.
Um, I just wish there would've been more time to try, you know, hold people down and talk with 'em more. That's all. But everybody, there was, you know, John, I had dinner with John on Thursday night and he was fascinated to talk to and, uh, yeah, just keep getting the good quality people to come in if you can. And, uh, all good stuff. Great. Alright. So yeah, no, one, one thing I was gonna uh, say is, uh, next year make a note. Uh, a few more panels. Yeah. Okay.
I think people like asking their, um, you know, on different topics, I think people like asking their peers and I think that's when the conversation really gets cranked up. Okay. I, I would add workshops, some hands-on, um, like the, I know the, uh, I was so exhausted that night, I couldn't stay up for the John Strands thing.
But, uh, you know, maybe strategically put that maybe in the middle of the sessions or an hour or two hour hands-on process where you can actually walk through hardening active directory or, or hardening workstation, make group policy templates that are out there, how to use audit scripts, how to use even the open source tools that are out there. Uh, and and what does it mean, uh, to how do you collect a better system and assess your network better? Uh, using open source free tools. Oh, Vince.
Vince, how about the pre-day? Like Yeah. Securing the cloud. Oh yeah, maybe something like that, you know, so that was, But that's just wetting your appetite. That's four hours when that's a four day course. Yeah. And really, and I'm, I'm telling you some experience, if you don't, you, you come to these things and you touch it and it gets exciting. But if you don't go back and create a lab for yourself, you've got to create labs.
Get an old server pc, throw some virtualization stuff on it and just go at it. And I'm telling you, you're gonna make mistakes. You're gonna get frustrated. Nothing's gonna install correctly, but you're gonna learn your lineage command line. You're gonna learn, you're gonna learn by, by bashing your face in the ground.
Well, and by the way, thanks for getting, thanks for getting up and speaking up or the people that were, this is too hard and this Yeah, you really did a nice job saying don't go make mistakes. It's okay. Exactly. I'm 60. It's not easy to learn when you're 60. So yeah. In closing, there were questions by the way on if you attended write a boom. Are the presentations gonna be made available? The slides? Yes. Are the recordings gonna be made available if you attended? Yes.
I'm working on both of those things as we speak. Anything to wrap up guys here at the top of the hour? Gary Ryan. Can't wait till the Next one. You on the spot, Andrew. There's been a lot of questions about when is the next rite of boom? Is this a one big annual conference or are we gonna do these smaller venue geo more frequently? Like what are you thinking? I'm holding out until Ryan Weeks can be present. I I won't do a write of boom without Oh, a holdout. Don't wait on me, man.
You clearly got a winning thing here. So, yeah, so I, I think the big an the big the, I was asked that several times. The answer to the question is once I feel I have the right content and the right speakers and the feedback, by the way, Vince and, and Chris has, I've written, wrote it, written it down and from Gary on panels. But, um, I'd like to do it sooner than later. I, I'd love to do another one in 2022. That would be my goal. I agree with that. Yeah. So, alright, on behalf. I'm sorry.
You'd probably add another day. That's fair. That's fair. Yeah. Yeah. Lot, a lot of content. Yeah. Um, alright, well on behalf of Gary, Brian West, Vince, Chris, thanks for joining us. We'll see you next week with Eric Woodard and Robert Chaffey. Take care everybody. Thank you. Thanks guys. See you guys again. Thanks.
Related Videos

The Vulnerability Crisis No One is Funding
The Vulnerability Crisis No One is Funding

The Vulnpocalypse Is Here & Your MSP Can Survive It
The Vulnpocalypse Is Here & Your MSP Can Survive It

The CyberCall: The 2026 Verizon DBIR Unpacked with Author Philippe Langlois
The CyberCall: The 2026 Verizon DBIR Unpacked with Author Philippe Langlois