IT and Business Insights for SMB Solution Providers

Mike Semel

Compliance for Profit
January 16th, 2023 | Mike Semel | Compliance for Profit
The United Kingdom National Cyber Security Centre (NCSC-UK) has published a warning to businesses about engaging with MSPs to manage their cloud services. They describe MSPs as a “third attack surface” to worry about.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) subsequently sent - Read More
January 4th, 2023 | Mike Semel | Compliance for Profit
My consulting company recently received network scans done for a HIPAA security risk analysis of a healthcare client that is working with an MSP. That MSP has these promises on its website:We provide best-practice cybersecurity and HIPAA compliance to healthcare organizations that you can rely on. - Read More
June 20th, 2022 | Mike Semel | Compliance for Profit
NOTE TO MSPs – Business owners and executives often resist making the cybersecurity investments they should, and channel pros often struggle to explain why they need to spend the money on the right amount of cybersecurity to protect their reputations and finances. Here’s a proven way to make the - Read More
December 6th, 2021 | Mike Semel | Compliance for Profit
On December 3, 2021, the Department of Defense (DoD) released the long-awaited scoping guidance for CMMC 2.0, the newly announced revision to the original CMMC model. If you have even one defense contractor client that must comply with CMMC at any level, your managed service provider business will - Read More
November 5th, 2021 | Mike Semel | Compliance for Profit
As predicted, on November 4, the United States Department of Defense (DoD) announced major changes to the Cybersecurity Maturity Model Certification (CMMC) program for defense contractors.CMMC Model 2.0 is a more streamlined cybersecurity requirement and is designed to lower costs for smaller - Read More
August 5th, 2021 | Mike Semel | Compliance for Profit
The planned Cybersecurity Maturity Model Certification (CMMC) requirements for defense contractors are encountering significant delays, higher costs, and resistance. While these may just be growing pains, there are also alleged improprieties involving Department of Defense (DoD) and CMMC - Read More
March 31st, 2021 | Mike Semel | Compliance for Profit
The Cybersecurity Maturity Model Certification (CMMC) is the new cybersecurity framework for defense contractors that is being rolled out over five years. In the meantime, the Department of Defense (DoD) announced an interim rule requiring defense contractors to self-assess their implementation of - Read More
February 22nd, 2021 | Mike Semel | Compliance for Profit
The federal government is handing MSPs big opportunities to make money with regulated clients. A new HIPAA law rewards healthcare providers, and the business associates they work with, if they implement the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF). A new - Read More
December 22nd, 2020 | Mike Semel | Compliance for Profit
You may have heard me speak or write about the risk of businesses using phony HIPAA compliance seals in their marketing. My warnings were based on a conversation I had with a Federal Trade Commission (FTC) attorney when we were both speaking at the National HIPAA Summit. She told me if a company - Read More
November 12th, 2020 | Mike Semel | Compliance for Profit
During an executive client briefing, I showed the CEO his organization’s written cybersecurity policy, which stated that all data must be stored on servers and was prohibited from being stored on local computers. Then I showed him their written policy that all data protected by regulations must be - Read More