The CyberCall Podcast
The Voice of Cybersecurity for MSPs & MSSPs!
The CyberCall is the weekly podcast where cybersecurity meets business reality. Hosted by Andrew Morgan, Founder of Right of Boom, this is the go-to show for Managed Service Providers (MSPs), virtual CISOs (vCISOs), and IT leaders navigating the complex world of cyber risk, compliance, and AI.
Each episode features raw, practical conversations with the sharpest minds in cybersecurity—from operators in the trenches to CISOs, researchers, policymakers, and toolmakers shaping the future. If you care about protecting your clients, growing your practice, and becoming the security partner businesses trust—this podcast is your playbook.
Co hosts: Phyllis Lee, VP of Content at CIS & Gary Pica, President of TruMethods
Episodes
57 episodes
Mythos Ready Security Program Debrief
Two weeks ago, Anthropic announced Claude Mythos. A model that autonomously found thousands of zero-days, generated working exploits, and broke out of its own containment sandbox.The moment the industry has been warning about for years j...
The Calm Before the Premium
The cyber insurance market right now is the softest it's been since 2021. Premiums are flat. Capacity is abundant. Carriers are competing aggressively for MSP business, and your SMB clients are getting pricing their predecessors would have drea...
The Impact of Mythos – The Model to Dangerous to Release
This week we need to talk about something every MSP, every security pro, and every business owner needs to understand because it changes the threat equation for everyone, not just the enterprise players it was built for. It was only fitting to ...
Unpacking Axios – 400 million downloads. One Compromised Password
On March 31st, Axios was compromised. Four hundred million monthly downloads. The HTTP library sitting inside almost every web application your clients use, depend on, or have had custom-built for them. The attacker did not to...
Is AI “Poisoning” Your MSPs Marketing?
Last week, a supply chain attack hit LiteLLM the open-source AI gateway that sits inside 36% of cloud environment and for about six hours, anyone who ran a routine install command handed over their SSH keys, cloud credentials, and API tokens to...
AI Installed the Backdoor. Now What?
Imagine this. A developer opens their laptop. Gets a routine VS Code update notification. Clicks install. Goes back to work.What they don't know is that an AI triage bot the kind built to make their team more efficient just read a manipu...
Code Wars: How Nation-States Really Launch Cyberattacks
For years, many of us have thought about cyberattacks as criminals chasing money. But when you zoom out, you realize something much bigger is happening.Cyber has become one of the most powerful geopolitical weapons of the 21st century. N...
Iran Knocked Out AWS. Your Clients' Business Continuity Plan Wasn't Built for This
On February 28th, the United States and Israel launched coordinated strikes on Iran. Most people know that part.What most people don't know is that Iran responded by sending drones directly into Amazon Web Services data centers in the UA...
From Tech Talk to Table Talk
There’s a conversation happening in boardrooms right now that most security professionals aren’t equipped to lead. Not because they don’t understand the technology. They do.But translating risk into business decisions… defending budgets…...
Incident Response Simplified
There's a concept in military and emergency response called the fog of war — that moment when everything is happening at once, information is incomplete, and the people who trained for this have to decide right now, with what they have...
The Hard Truths About M365 Security
Last week at Right of Boom, something interesting happened.In a conference full of great sessions, one stood out — not because of hype, but because of urgency. Kelvin Tegelaar’s C...
Beyond Zero-Days: What Real Threat Hunting Is Actually Finding
Every week there’s a new zero-day, a new CVE, a new headline. But what rarely gets talked about is what real threat hunting is uncovering when you actually go looking.Today’s conversation is about what’s happening beyond ...
AI & Third Party Risk
Welcome back to The CyberCall. Today we’re tackling one of the fastest-growing risks MSPs face: third-party exposure in the age of AI.Our guest is Greg Rasner — author of Cybe...
John Strand & the BHIS Team at RoB26
Today’s conversation is all about how MSPs actually win in the modern threat landscape — before, during, and after an attack.We’re joined by three practitioners who will each be leading hands-on workshops at Right of Boom 2026.
The Year of Identity Based Attacks
In 2025, attackers aren’t breaking in through zero-days — they’re logging in. Identity has become the primary attack surface, and once access is gained, everything else happens fast.Today, we’re joined by
ISO & CMMC – Lessons Learned During Audits
Welcome back to The CyberCall. Our guest, Joy Beland from Summit7, helps lead security and compliance at the largest MSP serving the Defense Industrial Base.Joy joins us to sh...
Your 2026 Business Plan – Impacts of AI, Cyber & Automation on MSPs.
Most MSPs don’t fail because of ransomware. They fail because they drift. They chase revenue without direction. They stack tools without a strategy. And they wake up one year later asking the same dangerous question: “Wh...
Faster, Smarter, Scalable: The Future of M365 Management
Today’s conversation is all about what comes next for Microsoft 365 — because after Ignite, it’s clear that we’re entering a brand-new era. AI agents, identity-first security, native Sysmon, tenant baselines — Microsoft is rebuilding the entire...
The Ulimate Partner – Building an MSP Growth Engine with Microsoft
Today we’re talking about what it really takes to partner with a giant.Every MSP wants to grow alongside hyperscalers like Microsoft — but few truly know how to align, scale, and turn partnership into profit.Our guest tod...
From Bouncer to MSP Baller – How to Make Microsoft Notice Your MSP
Today’s guest has one of the most unconventional origin stories in the MSP world. Nabil Aitoumeziane started his career not behind a keyboard—but at the door of a nightclub. While wor...
The State of Pen Testing in 2025 & the Role of AI & Autonomous Solutions (with John Strand)
Today we’re talking about one of the biggest shifts in offensive security that MSPs, CISOs, and defenders cannot ignore.For years, pen testing was about human creativity — sneaking in where we “shouldn’t” be, showing you how you’d really...
ZTNA & SASE, the Next Era for MSPs
Today we’re tackling one of the biggest shifts in modern network security. VPNs are breaking under the weight of hybrid work, SaaS sprawl, and constant attack — and MSPs are being forced to rethink how they secure access itself.Enter Zer...
The Human Lag: Why AI Outpaces Operational Readiness
Artificial intelligence is evolving faster than most organizations can operationally absorb. We’ve automated analysis, accelerated response, and even delegated decisions to machines — but our people, processes, and governance are still running ...