There’s a conversation happening in boardrooms right now that most security professionals aren’t equipped to lead. Not because they don’t understand the technology. They do.

But translating risk into business decisions… defending budgets… guiding executives through uncertainty… that’s a different discipline entirely.

And that gap? That’s where security programs stall. That’s where funding gets delayed. That’s where the vCISO role becomes reactive instead of strategic.

For MSPs, this matters more than ever.

The future of growth isn’t just in deploying tools — it’s in leading clients through risk, resilience, and investment decisions. That’s exactly why Brian Blakely created the Certified Cybersecurity Leadership Strategist (CCLS) program in conjunction with Right of Boom. Save $1000 on the inaugural workshop with Boom1000

This isn’t theory. It’s three days of immersive leadership development — executive simulations, live breach exercises, budget justification drills, and real-world boardroom communication.

It’s designed to answer one question:

Can you just manage security… Or can you lead it?

Today, we’re going deep on what the industry keeps getting wrong about security leadership — and what it really takes for MSPs to build stable, profitable, executive-level vCISO practices.

There's a concept in military and emergency response called the fog of war — that moment when everything is happening at once, information is incomplete, and the people who trained for this have to decide right now, with what they have.

Cybersecurity incident response is that moment. Every time.

And the dirty secret is that most organizations don't have a plan that actually holds up when the fog rolls in. They have a playbook nobody has read and a response team about to find out whether their preparation was real or theoretical.

Today's guest has spent his career in that fog — and figuring out how to cut through it.

Patterson Cake is the Director of Incident Response at Black Hills Information Security. At Right of Boom 2026, he delivered a 3.5-hour workshop called IR Simplified — and that title alone is almost a radical act in a field with a complicated relationship with simplicity. The premise: complexity is the enemy of security, and nowhere is that more true than in a crisis.

We're going from 10,000 feet all the way down to hands-on-keyboard today — and I'd have a notepad nearby.

Last week at Right of Boom, something interesting happened.

In a conference full of great sessions, one stood out — not because of hype, but because of urgency. Kelvin Tegelaar’s CIPP certification session on securing Microsoft 365 was standing room only. MSPs weren’t there for theory. They were there because M365 has quietly become the single largest attack surface in most of their client environments.

And yet, despite years of focus on security… many organizations are still dangerously exposed. So today isn’t a recap. It’s a debrief.

We’re going to unpack what Kelvin saw, what surprised him most, and what the packed room of MSPs revealed about the current state of M365 security in 2026. Where are providers still overconfident? What controls actually move the needle? And where are attackers winning because of operational gaps — not technology gaps?

Most importantly, we’ll look ahead. If M365 is now the primary battleground for identity, data, and business operations… what does “good” really look like for MSPs moving forward?