Claim OwnershipThe CyberCall Podcast
Subscribed: 20Played: 313
Subscribe
© 2025 The CyberCall Podcast
Description
The Voice of Cybersecurity for MSPs & MSSPs!
The CyberCall is the weekly podcast where cybersecurity meets business reality. Hosted by Andrew Morgan, Founder of Right of Boom, this is the go-to show for Managed Service Providers (MSPs), virtual CISOs (vCISOs), and IT leaders navigating the complex world of cyber risk, compliance, and AI.
Each episode features raw, practical conversations with the sharpest minds in cybersecurity—from operators in the trenches to CISOs, researchers, policymakers, and toolmakers shaping the future. If you care about protecting your clients, growing your practice, and becoming the security partner businesses trust—this podcast is your playbook.
Co hosts: Phyllis Lee, VP of Content at CIS & Gary Pica, President of TruMethods
32 Episodes
Reverse
With the release of NIST Cybersecurity Framework 2.0, CIS felt strongly that an update to The Controls was necessary to crossmap to CSF 2.0. Specifically the strongest driver, was the release of the Govern function. Co-hosts: Phyllis Lee: https://www.linkedin.com/in/phyllis-lee-21b58a1a4/ Brian Blakely: https://www.linkedin.com/in/bblakley/ Eric Woodard: https://www.linkedin.com/in/eric-woodard/ Sponsored by Right of Boom cybersecurity conference: https://www.rightofboom.com/
In this must-listen episode of The CyberCall, hosts Andrew Morgan, Phyllis Lee & Gary Pica are joined by Aharon Chernin, Founder & CEO of Rewst — to explore how Artificial Intelligence (AI), Robotic Process Automation (RPA), and Cybersecurity are colliding in today’s MSP landscape. Tune in to learn what your MSP needs to know now to stay ahead! Connect with Right of Boom: Website & Conference: https://rightofboom.com/ LinkedIn: https://www.linkedin.com/company/right-of-boom/...
Abstract: Network Infrastructure Management - Establish, implement, and actively manage network devices, in order to prevent attackers from exploiting vulnerable network services and access points. Network infrastructure devices can be physical or virtual and include things such as routers, switches, firewalls, and wireless access points. Unfortunately, many devices are shipped from manufacturers with “default” configuration settings and passwords that, if deployed as-is, can significa...
Abstract: Data loss can be a consequence of a variety of factors from malicious ransomware, threat actors using "Double Extortion" and exfiltration, human error and natural disasters like hurricanes. Regardless of the reason for data loss, we need to have a process established (RPO/RTO) to recover our data. Key Takeaways for Control 11 Prioritize your data and come up with a data recovery plan.Protect your backed up data. (See Control 3: Data Protection.)Practice and Test restorin...
Abstract: Web browsers and email clients are very common points of entry for attackers because of their direct interaction with users inside an organization. Content can be crafted to entice or spoof users into disclosing credentials, providing sensitive data, or providing an open channel to allow attackers to gain access, thus increasing risk to your MSP or client's business. Since email and web are the main means that users interact with external and untrusted users and environm...
Abstract: There are many ways to covertly obtain access to user accounts, including: week passwords, accounts still valid after a user leaves the enterprise, dormant or lingering test accounts, shared accounts that have not been changed in months or years, service accounts embedded in applications for scripts, a user having the same password as one they used for an online account. Learn how CIS Control 5 can mitigate some of the most common ways credentials are comprom...
Abstract: Learn why the number one thing organizations can do to defend their networks against top attacks, is to implement secure configurations! Azure Breach (8/26/2021): According To Wiz who found the CosmosDB Vulnerability, they quote: "Database exposures have become alarmingly common in recent years as more companies move to the cloud, and the culprit is usually a misconfiguration in the customer’s environment." https://www.wiz.io/blog/chaosdb-how-we-hacked-thousands-of-az...
Abstract: CIS Control 3 is Data Protection and data is pretty much what's at stake for a high percentage of cyber attacks. Data is more valuable than oil and it fuels many organizations. Many of the baseline security recommendations from all of the security frameworks out there now recommend, or REQUIRE if you’re in a regulated industry such as healthcare, that certain things like full disk encryption are simply put into place no matter your risk profile. Much of what’s in the Dat...
Google reports that Multifactor Authentication (MFA) prevents more than 96% of bulk phishing attempts and more than 76% of targeted attacks that are credential based. In this episode, learn how MFA maps to the different security frameworks, the impact it has, building a policy around it, how the threat actors exploit it - via MITRE ATT&CK - what you can do to defend against it - MITRE Shield, common mistakes or oversights made when implementing into their tech stack and trends. Note: Sp...
Today we’re tackling microsegmentation—a solution that could change the game against ransomware. Ransomware thrives on lateral movement: one compromised device turns into an entire network takedown. Microsegmentation stops that by creating secure ‘neighborhoods’ inside the network, containing the damage before it spreads. The big questions: can MSPs realistically deploy this at scale, without adding complexity? And how do we frame it in business terms—protecting revenue, uptime, and client tr...
Over the past couple of days, I was digging into the latest Anthropic Threat Report and one section really hit me. They wrote: ‘We’ve developed sophisticated safety and security measures to prevent misuse of our AI models. While generally effective, cybercriminals keep finding ways around them.’ And then they shared some eye-opening case studies—threat actors aren’t just asking AI for advice, they’re embedding it across their entire attack lifecycle. We’re talking reconnaissance, credential h...
In this session we talk about Salesloft Drift and the implications of OAuth based attacks. Companies use Drift with Salesloft to automate lead capture + sales workflows into Salesforce.com. Enter Nation State threat actor UNC6395, who was able to steal the tokens and gain a backdoor into Salesforce via these OAuth tokens. We then dive into the Evolution of Cloud Based Attacks, where threat actors like Storm-0501 are moving away from noisy, on-prem encryption and pivoting to the cloud—wh...
Last week, we dug into the surge of SonicWall VPN compromises. At first, there was speculation about a possible new zero day — but as the dust settled, we learned it was far more familiar: unpatched systems, misconfigurations, stale service accounts. One of the biggest takeaways came from breach attorney Spencer Pollack, who cautioned MSPs: don’t speculate. When cyber hits the fan, the truth comes out in the contracts. That’s exactly where we’re going in today's session. We’re joined by two l...
In this session of The CyberCall, we’re cutting straight into one of the most relentless threats MSPs and their clients are facing right now—targeted ransomware attacks exploiting SonicWall SSLVPNs, with signs the attackers are already shifting to Fortinet VPNs. This isn’t theory. It’s happening in the wild, and the fallout is real. Huntress has been on the frontlines analyzing the tactics, SonicWall’s SOC is in the middle of the response, and breach attorneys are already managing a wave of l...
When MSPs are selling IT and security services, the real decision often comes from the person who owns the budget and measures the risk — the CFO. In this session of The CyberCall, we’re getting inside that mindset. Jason Duncan, CFO of InfoSystems, has over two decades of experience working as a Corporate Controller & CFO, making financial, IT & security decisions. This week he's here to share how CFOs view cyber investments, contracts, compliance, and protecting the systems that dri...
This week, we’re diving into three huge shifts happening in the Microsoft ecosystem that every MSP should have on their radar: · Token Protection is now available for Entra ID P1 licenses — and it’s a game changer for securing identity tokens and stopping session hijacking. · GDAP — the move from legacy DAP to Granular Delegated Admin Privileges — is creating both confusion and opportunity for MSPs managing multiple tenants. · And fo...
Big news for the defense and MSP community: The 48 CFR CMMC final rule has officially reached OMB review. This is the second-to-last milestone before publication in the Federal Register — and we’re expecting to see the final rule land by October with no 60-day delay. Translation? The phased rollout begins Q4 2025. If you work with defense contractors, or your clients do, the countdown just got very real. This week on The CyberCall (1pm EDT - URL in comments), we’ve got Jacob Horne, on...
Last week, we tackled a big one: 'Risk, Revenue, Responsibility: The Real Job of the vCISO — and it sparked an incredible conversation around how vCISOs are no longer just about frameworks and firewalls, but about protecting business outcomes, navigating executive risk, and helping clients make strategic decisions. This week, we’re taking it a step further. Because if you're serious about offering vCISO services as part of your MSP, you’re probably asking: What actually makes a great vCISO? A...
In this episode of The CyberCall, we're cutting through the noise and rethinking the true purpose of the vCISO role. It’s not just about frameworks, policies, and tech stacks, it’s about tying risk to business outcomes (risk to revenue). The vCISO’s true value goes way beyond compliance checklists and technical jargon; it’s about being a business partner/enabler, protecting critical revenue streams, and building executive trust. Leading vCISOs start every client conversation by asking: How d...
Supply chain attacks doubled according to the 2025 Verizon DBIR. This week the channel awakens to Ingram Micro being attacked by the SafePay Ransomware group. Incident Response (IR) expert, Chris Loehr, EVP of Solis joins The CyberCall, to share perspective on the GlobalProtect VPN compromise. That’s why today on today's CyberCall, we’re talking about what MSPs can do right now to get serious about third-party risk—and why ISO 27001 may be the most important next step for your business. We're...
Comments
Download from Google Play
Download from App Store
United States