The CyberCall Podcast
The Voice of Cybersecurity for MSPs & MSSPs!
The CyberCall is the weekly podcast where cybersecurity meets business reality. Hosted by Andrew Morgan, Founder of Right of Boom, this is the go-to show for Managed Service Providers (MSPs), virtual CISOs (vCISOs), and IT leaders navigating the complex world of cyber risk, compliance, and AI.
Each episode features raw, practical conversations with the sharpest minds in cybersecurity—from operators in the trenches to CISOs, researchers, policymakers, and toolmakers shaping the future. If you care about protecting your clients, growing your practice, and becoming the security partner businesses trust—this podcast is your playbook.
Co hosts: Phyllis Lee, VP of Content at CIS & Gary Pica, President of TruMethods
The CyberCall Podcast
The Vulnerability Crisis No One is Funding
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Last week, I asked Philippe Langlois, principal author of the 2026 Verizon DBIR, a simple question: if an MSP could only focus on one thing this year, what should it be? His answer, without hesitation: "Vulnerability management."
That tracks, as this is the first year in DBIR history that vulnerability exploitation has overtaken stolen credentials as the top breach entry point, jumping from 20% to 31%. Meanwhile, median time-to-patch climbed from 32 to 43 days, and only 26% of known exploited vulnerabilities got fully remediated.
As most know, NIST just overhauled how the National Vulnerability Database operates, moving to a risk-based triage model after CVE submissions jumped 263% since 2020. Joining us to unpack it is Steve Carter, CEO and co-founder of Nucleus Security, who's spent over two decades in vulnerability management