Cybersecurity, Regulation, Liability, & Best Practices in Managed IT Services w/ Steven Cook
Business of Tech: Daily 10-Minute IT Services Insights
Audio is streamed directly from the publisher (pdcn.co) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Host Dave Sobel engages in a thought-provoking conversation with Steven Cook, the owner of Strategic IT Services, a managed service provider (MSP) specializing in cybersecurity. Steven shares insights into the diverse range of services his organization offers, from general technical support to cybersecurity and disaster recovery. With a focus on co-managed IT, Steven explains how his company assists businesses of varying sizes, from solopreneurs to larger organizations in regulated sectors like finance and energy.
The discussion delves into the impact of regulations on customer needs, particularly in the energy sector, where recent political changes have significantly affected income streams. Steven highlights the challenges faced by small businesses in maintaining IT services, often opting for minimal or no support, which raises concerns about cybersecurity risks. He emphasizes the importance of having a baseline level of security measures in place, such as endpoint detection and response, to protect sensitive information and maintain operational continuity.
As the conversation progresses, the topic shifts to the evolving landscape of cybersecurity regulations, including the rollout of CMMC 2.0 and the implications of FedRAMP certification for software vendors. Steven expresses his expectation that demand for compliance with these standards will increase, particularly as more MSPs and MSSPs serve defense-related industries. He notes that while some vendors have yet to prioritize FedRAMP certification, there is a growing need for businesses to adopt security measures that meet regulatory requirements.
Finally, Steven shares his perspective on the liability of software providers in the context of cybersecurity incidents. He argues that while vendors like CrowdStrike bear some responsibility for their products, the onus also falls on businesses and IT implementers to follow best practices in deploying technology. This includes implementing phased rollouts and testing updates in controlled environments. The episode concludes with a call for clearer regulations and standards to protect businesses and their customers from the increasing threat of cyberattacks.
πΌ All Our Sponsors
Support the vendors who support the show:
π https://businessof.tech/sponsors/
π Join Business of Tech Plus
Get exclusive access to investigative reports, vendor analysis, leadership briefings, and more.
π https://businessof.tech/plus
π§ Subscribe to the Business of Tech
Want the show on your favorite podcast app or prefer the written versions of each story?
π² https://www.businessof.tech/subscribe
π° Story Links & Sources
Looking for the links from todayβs stories?
Every episode script β with full source links β is posted at:
π https://www.businessof.tech
π Want to Be a Guest?
Pitch your story or appear on Business of Tech: Daily 10-Minute IT Services Insights:
π¬ https://www.podmatch.com/hostdetailpreview/businessoftech
π Follow Business of Tech
LinkedIn: https://www.linkedin.com/company/28908079
YouTube: https://youtube.com/mspradio
Bluesky: https://bsky.app/profile/businessof.tech
Instagram: https://www.instagram.com/mspradio
TikTok: https://www.tiktok.com/@businessoftech
Facebook: https://www.facebook.com/mspradionews
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.