Episode Details
Back to Episodes
Turning Compliance into MSP Revenue (EP 985)
Episode 985
Published 8 hours ago
Description
If you’ve ever stared at NIST, CIS, or SOC 2 requirements and thought, “Where do I even start?”, this episode is for you. Jared Casner from Blacksmith InfoSec joins me to break compliance out of the checkbox trap and show MSPs how to turn security frameworks into real, billable services your clients will actually value. We cover practical steps, real stories, and a simple way to talk about compliance without scaring or confusing your customers.
Chapters
- 00:00 Welcome, conference recap, and setup
- 00:48 Running into Jared at MSP IT Expo
- 03:02 Sessions vs. vendor hall and MSP show strategy
- 06:11 Talking to non‑MSPs and sharpening the value pitch
- 09:59 Who is Blacksmith InfoSec and what they do
- 12:13 Frameworks first: NIST CSF, CIS, and mapping to compliance
- 17:30 Security as a long‑term investment, not a quick fix
- 24:26 What MSPs should prioritize now: third‑party and supply chain risk
- 31:41 Monetizing compliance and packaging MSP services
- 36:26 Turning compliance into projects, shared responsibility with clients
Guests
- Blacksmith InfoSec: https://blacksmithinfosec.com
Companies / Vendors / Products Mentioned
- MSP IT Expo (MSP EXPO / ITEXPO in Fort Lauderdale): https://www.mspexpo.com
- Omni Hotel (Omni Hotels & Resorts): https://www.omnihotels.com
- NIST Cybersecurity Framework (NIST CSF): https://www.nist.gov/cyberframework
- CIS Controls (Center for Internet Security): https://www.cisecurity.org
- CMMC (Cybersecurity Maturity Model Certification): https://dodcio.defense.gov/CMMC
- HIPAA (Health Insurance Portability and Accountability Act): https://www.hhs.gov/hipaa
- FTC Safeguards Rule: https://www.ftc.gov/business-guidance/resources/ftc-safeguards-rule-what-your-business-needs-know
- Florida Bar: https://www.floridabar.org
- Axios Breach: https://www.bloomberg.com/news/articles/2026-03-31/axios-software-tool-used-by-millions-compromised-in-hack
- NPM (Node Package Manager): https://www.npmjs.com
- Get NIST‑y (podcast by Blacksmith InfoSec): https://blacksmithinfosec.com/nisty
- EOS (Entrepreneurial Operating System): https://www.eosworldwide.com
- Pumpkin Plan (business framework): https://pumpkinplan.com
=== SPONSORS:
- Livestream Partner, ThreatLocker: https://www.itbusinesspodcast.com/threatlocker
- Technology Partner, NetAlly: https://www.itbusinesspodcast.com/netally/ <