SEC Adopts Cyber Disclosure Rule - Ep 261

SEC Adopts Cyber Disclosure Rule The securities and exchange commission recently made news with an announcement of their cybersecurity disclosure rule. While this isn't the first governmental agency to announce such a rule, it should confirm to every MSP on the planet the direction in which we are headed and offer plenty of guidance for handling privacy and security incidents. SEC rule explained Purpose behind the rule Impact of the rule on MSPs and clients Failure to comply (i.e., lack of compliance)   MSPs Confused About Who They Are I received a great email from one of our members asking me for an opinion. Now, I've discussed this topic a lot in recent years but its good to see MSPs still caring about this enough to email into the program.   My advice for MSPs wondering if managed services still has value left in it.    Master MSPs Play Crucial Role in Certification The role of the master MSP has definitely evolved over the past decade. The needs of partners evaluating a relationship with a master MSP has certainly changed. But, in one crticial aspect, the relationship between master MSP and partner MSP has not changed; that is regarding compliance.   As MSPs develop relationships with external service providers (i.e., master MSPs), these relationships must be examined from a risk/reward basis. Here are some questions you may want to consider asking with regards to your ESP relationships.   Managed service supply chain - how does the ESP impact this risk? Do they increase or decrease my risk? Does any part of the ESP help me with my own MSP practice controls? Does the ESP have its own compliance and certification house in order?