Cyber Essentials is supposed to make your business safer but for many organizations, it ends up feeling expensive, overwhelming, and confusing. You start Googling Cyber Essentials tools and Cyber Essentials…
If you’re an MSP, you’ve probably seen it: the business wants frictionless collaboration with vendors, contractors, and partner companies. They’re sharing files in SharePoint, chatting in Teams, moving fast… and…
Privileged accounts are the #1 target for attackers. One compromised Global Administrator can mean full control of mail, SharePoint, Teams, Defender…everything. The fallout is real: downtime, legal exposure, regulatory headaches,…
If there’s one lever MSPs should be pulling right now, it’s this: AI is your fast track to relevance in the C-suite and specialization in your services. For years, MSPs…
In March 2023, Microsoft announced the deprecation of managing authentication methods in the legacy multifactor authentication and self-service password reset (SSPR) policies. Beginning September 30, 2025, authentication methods can’t be…
Earlier this year, Microsoft made the E5-Security add-on available for Business Premium subscribers. It’s packed with a ton of amazing security features. Additionally, it is a significantly reduced price than…
Risky user detections are one of the leading indicators of account compromise in Microsoft 365. By default, you will not get alerted as an MSP for a new risky user.…
I recently did a webinar on Token theft where I broke down one of the fastest growing attacks: Token theft via AiTM phishing. In this article, I will summarize that…
In this post, we’ll explore how the Australian Cyber Security Centre’s Essential Eight framework maps directly to Microsoft 365 security controls—and how you can automate evidence collection and policy checks…
In a previous post, I walked you through an incident response playbook for Token Theft via AiTM. This playbook can be leveraged for BEC incidents as well. Today’s deep dive…
