EPISODE · Apr 2, 2026 · 43 MIN
Turning Compliance into MSP Revenue (EP 985)
from Uncle Marv's IT Business Podcast (Real Talk for IT Pros & MSPs) · host Jared Casner
If you’ve ever stared at NIST, CIS, or SOC 2 requirements and thought, “Where do I even start?”, this episode is for you. Jared Casner from Blacksmith InfoSec joins me to break compliance out of the checkbox trap and show MSPs how to turn security frameworks into real, billable services your clients will actually value. We cover practical steps, real stories, and a simple way to talk about compliance without scaring or confusing your customers. Chapters 00:00 Welcome, conference recap, and setup 00:48 Running into Jared at MSP IT Expo 03:02 Sessions vs. vendor hall and MSP show strategy 06:11 Talking to non‑MSPs and sharpening the value pitch 09:59 Who is Blacksmith InfoSec and what they do 12:13 Frameworks first: NIST CSF, CIS, and mapping to compliance 17:30 Security as a long‑term investment, not a quick fix 24:26 What MSPs should prioritize now: third‑party and supply chain risk 31:41 Monetizing compliance and packaging MSP services 36:26 Turning compliance into projects, shared responsibility with clients Guests Blacksmith InfoSec: https://blacksmithinfosec.com Companies / Vendors / Products Mentioned MSP IT Expo (MSP EXPO / ITEXPO in Fort Lauderdale): https://www.mspexpo.com Omni Hotel (Omni Hotels & Resorts): https://www.omnihotels.com NIST Cybersecurity Framework (NIST CSF): https://www.nist.gov/cyberframework CIS Controls (Center for Internet Security): https://www.cisecurity.org CMMC (Cybersecurity Maturity Model Certification): https://dodcio.defense.gov/CMMC HIPAA (Health Insurance Portability and Accountability Act): https://www.hhs.gov/hipaa FTC Safeguards Rule: https://www.ftc.gov/business-guidance/resources/ftc-safeguards-rule-what-your-business-needs-know Florida Bar: https://www.floridabar.org Axios Breach: https://www.bloomberg.com/news/articles/2026-03-31/axios-software-tool-used-by-millions-compromised-in-hack NPM (Node Package Manager): https://www.npmjs.com Get NIST‑y (podcast by Blacksmith InfoSec): https://blacksmithinfosec.com/nisty EOS (Entrepreneurial Operating System): https://www.eosworldwide.com Pumpkin Plan (business framework): https://pumpkinplan.com === SPONSORS: Livestream Partner, ThreatLocker: https://www.itbusinesspodcast.com/threatlocker Technology Partner, NetAlly: https://www.itbusinesspodcast.com/netally/ Technology Partner: Bvoip: https://www.itbusinesspodcast.com/bvoip Travel Partner: TruGrid: https://www.itbusinesspodcast.com/trugrid Digital Partner, Designer Ready: http://itbusinesspodcast.com/designerready === SHOW MUSIC: Item Title: Upbeat & Fun Sports Rock Logo Item URL: https://elements.envato.com/upbeat-fun-sports-rock-logo-CSR3UET Author Username: AlexanderRufire Item License Code: 7X9F52DNML === Connect with Uncle Marv🌐 Website: https://www.itbusinesspodcast.com/🎙 Host: Marvin Bee🛒 Uncle Marv’s Amazon Store (gear & tools I recommend): https://amzn.to/3EiyKoZ☕ Support the show: https://ko-fi.com/itbusinesspodcastIf you found value in this episode, share it with another MSP, IT provider, or tech entrepreneur. Your support helps keep practical, no-nonsense IT business conversations coming every week.
What this episode covers
I caught up with Jared Casner of Blacksmith InfoSec after MSP IT Expo to unpack what’s really working for MSPs around security, compliance, and client education. We talk about starting small with CIS IG1, mapping your existing stack to NIST CSF, and using QBRs to show progress instead of just ticket counts. If you’re wrestling with pricing, packaging, and monetizing cybersecurity and compliance services, this conversation gives you concrete strategies you can put to work fast.
NOW PLAYING
Turning Compliance into MSP Revenue (EP 985)
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Jan 2, 2026 ·47m
Dec 21, 2025 ·46m