The CyberCall Podcast

EXPLORE

Society & Culture

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/11/9b/56/119b5668-9517-eec8-03c3-d6b461d27d42/mza_7558889660544782488.jpg/600x600bb.jpg

The CyberCall Podcast

Andrew Morgan

38 episodes

1 week ago

Today’s guest has one of the most unconventional origin stories in the MSP world. Nabil Aitoumeziane started his career not behind a keyboard—but at the door of a nightclub. While working nights as a bouncer, he began doing something few would dare: asking customers for business introductions and meetings. Fast-forward a few years, and he’s now the president of FSI, an 85-person managed service provider and one of Microsoft’s go-to partners for SMBs. From reading crowds to reading client need...

Show more...

All content for The CyberCall Podcast is the property of Andrew Morgan and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Today’s guest has one of the most unconventional origin stories in the MSP world. Nabil Aitoumeziane started his career not behind a keyboard—but at the door of a nightclub. While working nights as a bouncer, he began doing something few would dare: asking customers for business introductions and meetings. Fast-forward a few years, and he’s now the president of FSI, an 85-person managed service provider and one of Microsoft’s go-to partners for SMBs. From reading crowds to reading client need...

Show more...

Episodes (20/38)

The CyberCall Podcast

From Bouncer to MSP Baller – How to Make Microsoft Notice Your MSP

Today’s guest has one of the most unconventional origin stories in the MSP world. Nabil Aitoumeziane started his career not behind a keyboard—but at the door of a nightclub. While working nights as a bouncer, he began doing something few would dare: asking customers for business introductions and meetings. Fast-forward a few years, and he’s now the president of FSI, an 85-person managed service provider and one of Microsoft’s go-to partners for SMBs. From reading crowds to reading client need...

1 week ago

1 hour 2 minutes

The CyberCall Podcast

The State of Pen Testing in 2025 & the Role of AI & Autonomous Solutions (with John Strand)

Today we’re talking about one of the biggest shifts in offensive security that MSPs, CISOs, and defenders cannot ignore. For years, pen testing was about human creativity — sneaking in where we “shouldn’t” be, showing you how you’d really get burned in an incident. But in 2025, that world is colliding with AI and automated attack platforms that claim they can do it faster, cheaper, and nonstop. So the question is: are we entering a golden age of continuous validation — or are we fooling ourse...

2 weeks ago

1 hour 1 minute

The CyberCall Podcast

ZTNA & SASE, the Next Era for MSPs

Today we’re tackling one of the biggest shifts in modern network security. VPNs are breaking under the weight of hybrid work, SaaS sprawl, and constant attack — and MSPs are being forced to rethink how they secure access itself. Enter Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) — not just buzzwords, but the blueprint for the next decade of MSP security architecture. Joining us are two leaders shaping this transformation: Jason Garbis, Founder of Numberline Security ...

3 weeks ago

1 hour 3 minutes

The CyberCall Podcast

The Human Lag: Why AI Outpaces Operational Readiness

Artificial intelligence is evolving faster than most organizations can operationally absorb. We’ve automated analysis, accelerated response, and even delegated decisions to machines — but our people, processes, and governance are still running at human speed. This week on The CyberCall, I’m joined by Sounil Yu, creator of the Cyber Defense Matrix and one of the most forward-thinking minds in cybersecurity, to unpack “The Human Lag: Why AI Outpaces Operational Readiness.” We’ll explore what ha...

1 month ago

1 hour 1 minute

The CyberCall Podcast

Disinformation Security – Deepfakes & Social Deception

This week on The CyberCall, we’re turning up the heat on deepfakes & disinformation—why they’re no longer sci-fi, and how they’re already targeting MSPs and the Defense Industrial Base. I’m joined by Sandy Kronenberg (Netarx) and Scott Edwards (Summit 7) to unpack: • Real attack chains: voice clones, lip-sync, synthetic exec approvals • The “liar’s dividend” & reputational warfare • What actually works: identity verification, playbooks, and awareness training • Fast wins MSPs can ...

1 month ago

57 minutes

The CyberCall Podcast

NIST Small Business Primer and Quick Start Guides

Today we’re talking about something that may sound government-heavy but is actually critical for MSPs and the SMBs they serve: the new NIST Small Business Primer for SP 800-171 Rev. 3. At its core, this guide is about protecting Controlled Unclassified Information, or CUI. And while that might sound like it only applies to defense contractors, the reality is that CUI requirements increasingly touch SMBs through contracts, regulations, and supply chains. What’s powerful here is that NIST desig...

1 month ago

1 hour 1 minute

The CyberCall Podcast

Microsegmentation Demystified: What Every MSP & Client Should Know

Today we’re tackling microsegmentation—a solution that could change the game against ransomware. Ransomware thrives on lateral movement: one compromised device turns into an entire network takedown. Microsegmentation stops that by creating secure ‘neighborhoods’ inside the network, containing the damage before it spreads. The big questions: can MSPs realistically deploy this at scale, without adding complexity? And how do we frame it in business terms—protecting revenue, uptime, and client tr...

1 month ago

1 hour 3 minutes

The CyberCall Podcast

AI’s Evolving Role in Attacks & Incident Reponse

Over the past couple of days, I was digging into the latest Anthropic Threat Report and one section really hit me. They wrote: ‘We’ve developed sophisticated safety and security measures to prevent misuse of our AI models. While generally effective, cybercriminals keep finding ways around them.’ And then they shared some eye-opening case studies—threat actors aren’t just asking AI for advice, they’re embedding it across their entire attack lifecycle. We’re talking reconnaissance, credential h...

2 months ago

1 hour 1 minute

The CyberCall Podcast

Encryption to Extortion, the Evolution of Cloud Based Attacks

In this session we talk about Salesloft Drift and the implications of OAuth based attacks. Companies use Drift with Salesloft to automate lead capture + sales workflows into Salesforce.com. Enter Nation State threat actor UNC6395, who was able to steal the tokens and gain a backdoor into Salesforce via these OAuth tokens. We then dive into the Evolution of Cloud Based Attacks, where threat actors like Storm-0501 are moving away from noisy, on-prem encryption and pivoting to the cloud—wh...

2 months ago

1 hour 2 minutes

The CyberCall Podcast

When Cyber Hits the Fan: How Your Contracts Protect or Expose You

Last week, we dug into the surge of SonicWall VPN compromises. At first, there was speculation about a possible new zero day — but as the dust settled, we learned it was far more familiar: unpatched systems, misconfigurations, stale service accounts. One of the biggest takeaways came from breach attorney Spencer Pollack, who cautioned MSPs: don’t speculate. When cyber hits the fan, the truth comes out in the contracts. That’s exactly where we’re going in today's session. We’re joined by two l...

2 months ago

59 minutes

The CyberCall Podcast

Akira Ransomware’s Relentless Attack on SonicWall SSLVPNs

In this session of The CyberCall, we’re cutting straight into one of the most relentless threats MSPs and their clients are facing right now—targeted ransomware attacks exploiting SonicWall SSLVPNs, with signs the attackers are already shifting to Fortinet VPNs. This isn’t theory. It’s happening in the wild, and the fallout is real. Huntress has been on the frontlines analyzing the tactics, SonicWall’s SOC is in the middle of the response, and breach attorneys are already managing a wave of l...

3 months ago

1 hour 2 minutes

The CyberCall Podcast

Selling IT & Cybersecurity Services to the CFO (the one who writes the checks)

When MSPs are selling IT and security services, the real decision often comes from the person who owns the budget and measures the risk — the CFO. In this session of The CyberCall, we’re getting inside that mindset. Jason Duncan, CFO of InfoSystems, has over two decades of experience working as a Corporate Controller & CFO, making financial, IT & security decisions. This week he's here to share how CFOs view cyber investments, contracts, compliance, and protecting the systems that dri...

3 months ago

1 hour

The CyberCall Podcast

From Tokens to Trust: Microsoft’s Biggest Security Shift Yet

This week, we’re diving into three huge shifts happening in the Microsoft ecosystem that every MSP should have on their radar: · Token Protection is now available for Entra ID P1 licenses — and it’s a game changer for securing identity tokens and stopping session hijacking. · GDAP — the move from legacy DAP to Granular Delegated Admin Privileges — is creating both confusion and opportunity for MSPs managing multiple tenants. · And fo...

3 months ago

1 hour 1 minute

The CyberCall Podcast

From Milestone to Mandate: What the Latest CMMC Update Means for Your MSP & Your Clients

Big news for the defense and MSP community: The 48 CFR CMMC final rule has officially reached OMB review. This is the second-to-last milestone before publication in the Federal Register — and we’re expecting to see the final rule land by October with no 60-day delay. Translation? The phased rollout begins Q4 2025. If you work with defense contractors, or your clients do, the countdown just got very real. This week on The CyberCall (1pm EDT - URL in comments), we’ve got Jacob Horne, on...

3 months ago

1 hour

The CyberCall Podcast

What Makes a Good vCISO & Delivering at Scale

Last week, we tackled a big one: 'Risk, Revenue, Responsibility: The Real Job of the vCISO — and it sparked an incredible conversation around how vCISOs are no longer just about frameworks and firewalls, but about protecting business outcomes, navigating executive risk, and helping clients make strategic decisions. This week, we’re taking it a step further. Because if you're serious about offering vCISO services as part of your MSP, you’re probably asking: What actually makes a great vCISO? A...

4 months ago

1 hour 1 minute

The CyberCall Podcast

Risk, Revenue, and Responsibility: The vCISO’s Real Job

In this episode of The CyberCall, we're cutting through the noise and rethinking the true purpose of the vCISO role. It’s not just about frameworks, policies, and tech stacks, it’s about tying risk to business outcomes (risk to revenue). The vCISO’s true value goes way beyond compliance checklists and technical jargon; it’s about being a business partner/enabler, protecting critical revenue streams, and building executive trust. Leading vCISOs start every client conversation by asking: How d...

4 months ago

1 hour 1 minute

The CyberCall Podcast

The Ingram Micro Cyber Incident & Building Security Maturity - F12’s ISO 27001Journey

Supply chain attacks doubled according to the 2025 Verizon DBIR. This week the channel awakens to Ingram Micro being attacked by the SafePay Ransomware group. Incident Response (IR) expert, Chris Loehr, EVP of Solis joins The CyberCall, to share perspective on the GlobalProtect VPN compromise. That’s why today on today's CyberCall, we’re talking about what MSPs can do right now to get serious about third-party risk—and why ISO 27001 may be the most important next step for your business. We're...

4 months ago

1 hour 3 minutes

The CyberCall Podcast

The Intersection of AI, RPA & Cyber - What Your MSP Needs to Know

In this must-listen episode of The CyberCall, hosts Andrew Morgan, Phyllis Lee & Gary Pica are joined by Aharon Chernin, Founder & CEO of Rewst — to explore how Artificial Intelligence (AI), Robotic Process Automation (RPA), and Cybersecurity are colliding in today’s MSP landscape. Tune in to learn what your MSP needs to know now to stay ahead! Connect with Right of Boom: Website & Conference: https://rightofboom.com/ LinkedIn: https://www.linkedin.com/company/right-of-boom/...

4 months ago

59 minutes

The CyberCall Podcast

CIS Controls - Version 8.1 Update Overview

With the release of NIST Cybersecurity Framework 2.0, CIS felt strongly that an update to The Controls was necessary to crossmap to CSF 2.0. Specifically the strongest driver, was the release of the Govern function.Co-hosts:Phyllis Lee: https://www.linkedin.com/in/phyllis-lee-21b58a1a4/Brian Blakely: https://www.linkedin.com/in/bblakley/Eric Woodard: https://www.linkedin.com/in/eric-woodard/Sponsored by Right of Boom cybersecurity conference: https://www.rightofboom.com/

1 year ago

52 minutes

The CyberCall Podcast

CIS Control 18 - Penetration Testing - Sponsored by Hacket Cyber

Penetration testing is something that more companies and organizations should be considering a necessary expense. Pen Testing is an important aspect of discovery and identifying potential critical vulnerabilities within your organizations external network, internal network, applications, or systems. They provide a valuable insight on how your digital and human assets perform.In this episode we review the criticality of scoping a Pen Test, along with differences between Pen Testing, Red ...

2 years ago

1 hour 6 minutes