CISA published their advisory bulletin addressing risk considerations for organizations thinking about using managed service providers. This is a great advisory, but it has some areas of potential misinterpretation in it, chiefly because CISA has departed from a security group and expanded into territory in which it has little experience. 


  • What if organizations stopped using MSPs? 
  • Yes, all customers ought to be responsible and consider risks of outsourcing. But, risks of not managing IT are far greater than the risks of outsourcing
  • Targeting of managed services supply chain vendors is NOT a symptom of poor MSP security, it’s a symptom of the unchecked business of cybercrime

MSP Zone Reading Material: Risk Considerations for MSP Customers | CISA

Post A Comment

Have questions?

We're here to help! Fill out the form below and we will get back to you as soon as possible.

First Name *
Last Name: *
Contact Email: *
*Required Fields
Note: It is our responsibility to protect your privacy and we guarantee that your data will be completely confidential.

Contact us


510 Meadowmont Village Cir, #289 | Chapel Hill, NC 27517




Subscribe to Our Mailing List