Brian Guenther | Crucial Conversations: CMMC, Compliance, and Your Cybersecurity Strategy
Release Date: 12/03/2024
MSP Business School
In this illuminating episode of "MSP Business School," host Brian Doyle is joined by industry expert Todd Kane for a deep dive into the innovative world of Managed Service Providers (MSPs). Todd Kane discusses his early foray into the MSP domain and the wealth of experience he's gathered over the years. Listeners are taken on a journey through Todd's impressive career, from his beginnings as a young consultant in the tech field to his impactful roles at leading MSP companies like Longview Systems and Fully Managed. Through a data-driven and operationally focused lens, Todd sheds light on the...
info_outlineMSP Business School
In this engaging episode of "MSP Business School," host Brian Doyle chats with David Shultis, who shares unique insights from his dual role as an MSP leader and a university professor. Shultis delves into his journey from working in customer service to founding Red Panda Systems, an MSP recognized for its exceptional client-centric approach and comprehensive cybersecurity solutions. This episode brings out David’s dedication to teaching and his proactive efforts in shaping cybersecurity education at UNLV. Throughout the conversation, Shultis emphasizes the importance of integrating top-notch...
info_outlineMSP Business School
In this engaging episode of the MSP Business School podcast, host Brian Doyle reconnects with Jake Carroll, a recognized voice in the MSP sphere, currently spearheading innovative initiatives at Inforcer. Jake shares his extensive insights on AI enablement and how AI is transforming the MSP landscape, particularly through security applications and policy management within Microsoft 365. In a world where technology is continuously evolving, this episode poses essential discussions on leveraging AI tools to optimize efficiency and improve market reach. The conversation dives deep into how...
info_outlineMSP Business School
289 subscribers 0 Share In this episode of MSP Business School, host Brian Doyle dives into what it means to be a modern-day Managed Service Provider (MSP). With a strong emphasis on adapting to the rapidly changing landscape of IT, Brian identifies the key areas where MSPs can evolve to meet contemporary challenges. The discussion covers critical topics such as involvement in line-of-business applications, embracing artificial intelligence, maintaining robust security...
info_outlineMSP Business School
In this episode of MSP Business School, host Brian Doyle engages in a compelling conversation with Chris Johnson from GTIA about the upcoming Channel Con event and the importance of the GTIA Cybersecurity Trust Mark. Doyle shares his excitement about Channel Con being an excellent opportunity to network with vendors, customers, and partners in an educational and social environment. The discussion shifts focus to the GTIA Cybersecurity Trust Mark, where Chris elaborates on its significance in helping MSPs evidence their cybersecurity posture. The episode dives into the nuanced aspects of...
info_outlineMSP Business School
In this enlightening episode, Brian Doyle delves into the often-misunderstood world of strategic planning in customer success. While many in the industry are just starting to embrace strategy as a novel concept, Brian brings clarity and depth to the conversation by distinguishing between tactical and strategic initiatives. A frequent fixture on LinkedIn, Brian uses his platform to express his views on thriving as a service provider and how to leap from mere problem-solvers to proactive business partners. Focusing on building joint strategic plans with customers, Brian underlines the importance...
info_outlineMSP Business School
In this engaging session, Brian Doyle delves into the art of conducting effective Technology Business Reviews (TBRs) for MSPs. With insights drawn from his years of experience, Brian highlights the top five mistakes to avoid in TBR delivery, ensuring that these interactions build stronger client relationships and drive business value. Through this coaching session, Brian equips IT professionals with actionable strategies to improve their client communication and presentation techniques. Brian outlines the critical importance of assembling the right stakeholder mix in TBR meetings, emphasizing...
info_outlineMSP Business School
In this episode of MSP Business School, Brian Doyle dishes out a raw and insightful exploration of business reviews within the MSP industry. Addressing a trending topic on LinkedIn, Brian questions why strategic business reviews are suddenly being regarded as novel. By revisiting the foundational purpose of Business Reviews, he seeks to realign them with their intended strategic nature. Through this episode, Brian emphasizes how MSPs can harness effective roles such as VCIOs, account managers, and customer success reps to better execute these reviews. Brian discusses the importance of...
info_outlineMSP Business School
In this insightful episode, Brian Doyle leads a detailed examination of VCIO and fractional VCIO services, much to the benefit of Managed Service Providers (MSPs) looking to expand their leadership roles. By delving into strategies that elevate MSPs beyond standard practices, Brian showcases how these roles fulfill a crucial need for innovation and cybersecurity adherence in businesses lacking internal CIOs. Throughout the discussion, he shares how fractional VCIO services present new opportunities for MSPs to charge for deeper strategic services. Through the lens of his extensive 17-year...
info_outlineMSP Business School
Delve into the intricacies of Technology Business Reviews with host Brian Doyle on MSP Business School. Explore how these reviews have evolved and learn innovative strategies for engaging clients amid data overload. Brian outlines a quarterly approach to QBRs, focusing on core reviews, security, health, and a year-end summary. Discover how to create joint strategic plans, assess risks, and gather valuable feedback from stakeholders. This episode is essential for MSPs looking to refine their client engagement strategies and optimize their review processes. Show Website: Host Brian...
info_outlineShow Website: https://mspbusinessschool.com/
Guest
Name: Brian Guenther
LinkedIn page: https://www.linkedin.com/in/brianwguenther/
Company: Exceed Cybersecurity & I.T. Services
Website: https://www.exceeditmd.com/
Host
Brian Doyle: https://www.linkedin.com/in/briandoylevciotoolbox/
Brian Guenther is a seasoned cybersecurity expert and the founder of Exceed Cyber. With over 26 years of experience in the IT and cybersecurity industry, Brian started his career by building PCs and gradually transitioned into IT franchise ownership. He founded Exceed Cyber in 2017, focusing on helping businesses navigate the complex landscape of cybersecurity compliance, specifically for those with federal contracts mandated by regulations such as CMMC, SoC2, and ISO 27001.
His deep understanding of governance, risk, and compliance processes makes him a valuable asset for companies needing to secure their operations against current cyber threats.
Episode Summary:
In this enlightening episode of MSB Business School, host Brian Doyle sits down with cybersecurity expert Brian Guenther to discuss the nuances of the Cybersecurity Maturity Model Certification (CMMC). As regulations around cybersecurity become more stringent, especially for defense contractors, understanding CMMC's requirements and implications is crucial. Brian Guenther, with his wealth of experience, dives into the evolution of CMMC, highlighting its origins, the essential controls necessary for compliance, and the critical role MSPs play in this landscape.
The discussion delves into how CMMC has become a focal point for organizations dealing with controlled unclassified information (CUI) and why being prepared for compliance is vital. Brian Guenther emphasizes the importance of proactive engagement in compliance processes, illustrating how MSPs can leverage their positioning by becoming CMMC-certified to differentiate themselves in the marketplace. He also sheds light on the geopolitical nuances affecting these regulations and how changes in political leadership might influence—but not diminish—the momentum towards stricter cybersecurity standards for federal contractors.
Key Takeaways:
- CMMC is paramount for defense contractors: Understanding and implementing CMMC is crucial as it enforces standards that contractors should have been following since 2017.
- Compliance does not equal security: While security frameworks like NIST 800-171 underpin CMMC, compliance serves as an initial checkpoint rather than the full spectrum of cybersecurity.
- MSPs must prepare adequately: Even though MSPs are not directly required to certify under CMMC, being prepared and knowledgeable is crucial for assisting clients.
- Cyber liability is a key driver: Insurance and regulatory requirements are pushing businesses to adopt more sophisticated cybersecurity measures.
- Proactive steps are essential: Waiting for enforcement isn't viable; MSPs and their clients should start their compliance journey immediately.