Data Security Talk

In this episode, Bill Falk welcomes Alex Courson, founder of , for a conversation about how MSPs can unlock new revenue and better manage cybersecurity challenges. Alex shares insights into why monetizing existing tools, improving execution, and embracing delegation are key to MSP growth today. They discuss the evolution of the MSP role—from technical service providers to business risk advisors—and how cybersecurity insurance is creating new opportunities for MSPs to differentiate themselves. Alex also explains how tools like Actifile help MSPs uncover hidden vulnerabilities, protect...

Data Security Talk

In this episode of Data Security Talk, host Bill Falk, President of Go-to-Market at Actifile, sits down with James Oliverio, CEO and Founder of Ideabox, to explore the evolving landscape of data security in healthcare and beyond. With over 30 years of experience, James shares actionable insights on achieving HIPAA compliance, securing ePHI, and managing data risks effectively. Hear real-world case studies, including how Actifile helped a not-for-profit (AHI) navigate NIST 800-53 certification and how a regional hospital system tackled a phishing breach. Learn why knowing where your data...

Data Security Talk

Host Bill Falk and guest James Oliverio explore the economic imperative of cybersecurity and the evolving role of data risk management. Oliverio, drawing on his extensive background from investment banking to founding his own security firm, emphasizes that cyber investments should be seen as strategic initiatives rather than mere expenses. He introduces the concept of Return on Mitigation (ROM) to quantify the benefits of proactive security measures, arguing that properly secured data can provide a competitive advantage. The conversation highlights how modern breaches often stem from internal...

Data Security Talk

A detailed discussion about CMMC (Cybersecurity Maturity Model Certification) 2.0 between Bill Falk from Actifile and Steve Rutkovitz from Choice Cyber Solutions. Steve, with 21 years of MSP experience, explains that approximately 80,000 companies will need starting in 2025. The discussion covers the transition from CMMC 1.0 to 2.0, reducing from five levels to three levels, with Level 2 requiring 110 requirements (320 individual controls) under NIST-171. Steve emphasizes that companies handling CUI (Controlled Unclassified Information) must achieve Level 2 certification. The certification...

Data Security Talk

A discussion about between Guy Bavly, CEO of Actifile, and co-founder Assaf Litai. They explore the evolution of encryption from ancient ciphers to modern standards like AES. Assaf explains different types of encryption (symmetric, asymmetric, and PKI), their applications in e-commerce, and how they ensure data security. The discussion covers the CIA (Confidentiality, Integrity, Availability) model, encryption management approaches (user-managed vs. centrally managed), and practical challenges MSPs face when implementing encryption. They also address compliance requirements, cloud security,...

Data Security Talk

This episode is a detailed discussion between Guy Bavly (CEO) and Assaf Litai (CTO) of Actifile about the CIS (Center for Internet Security) controls framework. Asaaf explains that CIS is a general-purpose security framework designed to help organizations improve their security stance, unlike specific frameworks for healthcare, DOD, or credit cards. The discussion explores how MSPs can benefit from implementing CIS controls, with Assaf emphasizing that it provides a standardized approach to security implementation across customers. He notes that while CIS isn't necessarily 'best-in-class,' it...

Data Security Talk

A discussion between Bill Falk, President of GTM, and Guy Bavly, co-founder and CEO of Actifile. Bill and Guy discuss the limitations of legacy cybersecurity systems and how they were designed for a different computing environment with local networks, desktop computers, and smaller data volumes. Guy explains that the evolution of cloud computing, remote work, privacy regulations, and the proliferation of shadow IT applications have made these legacy systems obsolete. He highlights the need for that is accessible, automated, and user-friendly. They also discuss the challenges of encryption...