Beyond the Horizon: Future-Focused MSP Insights

In this episode, N-able Head Nerd Eric Harless talks to Sales Engineer Will Linthicum about why native Microsoft 365 tools aren’t sufficient for business‑grade protection and why a dedicated backup strategy matters for MSPs and IT teams. The conversation covers the shared responsibility model, the common misconception that “Microsoft backs it all up,” and practical risks ranging from accidental deletion to insider threats and ransomware. They explore core workloads – Exchange, OneDrive, SharePoint and Teams – and unpack where advanced licencing and features (e.g., conditional access, litigation hold) start and stop. They walk through a real‑world scenario of a compromised mailbox, the importance of MFA and geolocation rules, and the subtle ways attackers use mail rules and PowerShell to quietly purge data beyond recycle bins.
Aligning data life‑cycles to compliance needs
The episode also addresses retention policies and offboarding: converting users to shared mailboxes, handling OneDrive content, and aligning data life‑cycles to compliance needs. Listeners hear candid guidance on what backup can and can’t do (it’s not DR or BC in itself), backup cadence and on‑demand snapshots, and known limitations like Information Rights Management and OneNote API access. Finally, the discussion touches on roadmap items such as online archive backup and PST restore, plus performance improvements to accelerate scans and handle throttling—placing emphasis on tabletop exercises and clear customer communication so MSPs sell continuity and peace of mind, not just “backup.”
Who Should Listen to This Podcast…
This podcast is essential listening for MSPs, IT solution providers, and corporate IT professionals responsible for safeguarding Microsoft 365 environments. Whether you’re an IT manager, systems administrator, or technical lead, you’ll gain practical insights into the realities of data protection, backup, and recovery in today’s threat landscape. The episode is particularly valuable for those navigating compliance requirements, managing user offboarding, or seeking to strengthen their organisation’s resilience against accidental deletion, insider threats, and ransomware. 
Topics covered
The shared responsibility model for Microsoft 365 and why native tools aren’t enough
Accidental deletion, insider threats and ransomware as everyday risks
Practical mailbox compromise triage: MFA, geolocation and Defender visibility
How attackers abuse mail rules, nested folders and PowerShell to purge data
Retention “sweet spots” (1, 3, 5, 7 years) and long‑tail requirements
Offboarding workflows: converting to shared mailboxes and managing OneDrive
Backup cadence, on‑demand backups and limits of recycle bins/versioning
What M365 backup is (point‑in‑time restore) vs. what DR/BC are
Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements. https://www.n-able.com

Intro: Discover why vulnerability management is critical for cyber and business resilience — and how N-able is reinventing the process.
In this episode of Head Nerd Table, Jason Murphy sits down with Jeff Green, Distinguished Product Leader for Vulnerability Management at N-able, to unpack why vulnerability management is no longer optional — it’s essential. Jeff shares insights from his experience as a CTO and MSP leader, explaining how vulnerability management underpins both cyber resilience and business continuity.
The conversation explores why this discipline matters for organisations of all sizes, from SMBs to large enterprises, and how regulatory pressures, cyber insurance requirements, and supply chain risks are driving adoption. Jeff also dives into practical challenges: millions of CVEs, prioritisation, and what to do when patching isn’t an option.
Finally, we look at N-able’s roadmap for vulnerability management, including integration with patching, risk acceptance workflows, and future plans for network and OS scanning. Whether you’re an MSP, IT leader, or security practitioner, this episode offers actionable advice on building resilience and turning vulnerability management into a strategic advantage.
Topics Covered
Why vulnerability management matters for cyber resilience
Risk management vs. vulnerability detection
Regulatory and insurance pressures
Prioritising millions of CVEs
Enable’s approach and roadmap
Risk acceptance and mitigation strategies
MSP opportunities and co-managed IT
Practical advice for IT leaders
Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements. https://www.n-able.com

Explore how ransomware became big business, why SMBs are most at risk, and practical steps to boost cyber resilience in this expert-led deep dive.
In this episode of Beyond the Horizon, host Pete Roythorne sits down with Kevin O’Connor, Director of Threat Research at N-able, to explore the shifting landscape of ransomware. What began as opportunistic attacks has evolved into a sophisticated business model, and SMBs are now the most attractive targets. Kevin shares insights from years in cybersecurity – including stints at the NSA and CrowdStrike – on why attackers are scaling down to smaller businesses, how ransomware-as-a-service has lowered the barrier to entry, and why misconceptions about risk still persist.
The conversation covers the economics driving ransomware, the rise of AI-powered social engineering, and the tactics attackers use to stay under the radar. Kevin also offers practical advice for SMBs: from employee training and policy enforcement to planning for worst-case scenarios. Finally, we look ahead at what could disrupt the ransomware economy and restore the balance in favour of defenders.
Topics Covered
Evolution of ransomware from random attacks to organised crime
Why SMBs are prime targets
Ransomware-as-a-service and the crime supply chain
Declining ransom payments—what’s behind the trend?
AI-driven social engineering and phishing
Common SMB security mistakes
Effective defences and resilience strategies
The role of law enforcement and global policy
Future outlook: quantum cryptography and beyond
Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements. https://www.n-able.com

In this episode, we dive deep into the intersection of artificial intelligence and cybersecurity with two industry veterans: Nicole Reineke, Senior Distinguished Product Leader and AI strategist, and Will Ledesma Director of N-able’s MDR team. Together, they explore how generative AI is transforming phishing attacks, why trust remains the ultimate defence, and what organisations can do to stay ahead of increasingly sophisticated threats. 
From nostalgic tales of Nigerian Prince scams to today’s AI-generated phishing emails, this conversation uncovers the alarming ease with which attackers exploit automation and social engineering. We discuss the rise of deepfake audio and video, the vulnerabilities of multi-factor authentication, and why defence-in-depth strategies are critical for SMBs and enterprises alike. 
Packed with real-world anecdotes, practical tips, and eye-opening statistics – including the staggering $16.6 billion lost to cybercrime last year – this episode is a must-listen for anyone concerned about digital security in an AI-driven world.
Click here to download the N-able 2025 Annual Threat Report – SMBs in the Cross Hairs
Topics Covered:
How generative AI is reshaping phishing tactics
The psychology of trust and social engineering
Deepfake audio/video and national security risks
MFA bypass techniques and adversary-in-the-middle attacks
Why SMBs are prime targets for AI-powered scams
Defence-in-depth and practical security layers
The future of AI in cybersecurity—opportunities and threats
Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements. https://www.n-able.com

In this episode of Beyond the Horizon, N-able Head Nerd Joe Ferla sits down with Lewis Pope, Head Security and Compliance Nerd, to unpack the evolving landscape of cloud security for MSPs. As MSPs shift from physical environments to cloud-first operations, Lewis shares hard-earned insights on what it takes to secure cloud workloads, manage identity, and navigate the growing complexity of cloud infrastructure.
From practical best practices to the business realities of outsourcing, this episode is a must-listen for MSPs looking to stay competitive, secure, and scalable in a post-COVID world. Lewis doesn’t just talk theory—he dives into the gritty details of what MSPs need to know, do, and avoid when managing cloud environments.
Whether you're a one-person shop or scaling toward enterprise-level service delivery, this episode will challenge your assumptions and offer actionable advice to strengthen your cloud security posture.
Key Takeaways
Cloud Security Is Not Optional: Identity management, breach detection, and posture management are now baseline requirements for MSPs.
Outsourcing Is Strategic, Not Shameful: Mature MSPs are outsourcing MDR, cloud infrastructure, and automation to scale efficiently and profitably.
Know Your Limits: MSPs must recognise when internal capabilities fall short and seek partnerships or MSSPs to fill the gaps.
Best Practices for Cloud Security:
 Start fresh if needed—don’t be afraid to rebuild cloud environments securely. 
Apply least privilege principles across users, services, and APIs.
Implement layered security: endpoint protection, segmentation, encryption, and WAFs.
Practice business continuity and disaster recovery plans regularly.
24/7 Monitoring Is Table Stakes: Threats move fast—MSPs must adopt continuous monitoring and automated response tools.
Peer Learning Is Power: Engage with peer groups and events like N-able Empower to learn from others who’ve already solved these challenges.
AI Is Widening the Gap: The rise of AI-driven security tools means MSPs must evolve quickly or risk falling behind.
Regulatory Pressure Is Coming: Data sovereignty and compliance will soon force cloud security conversations—MSPs must lead, not lag.

Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements. https://www.n-able.com