Resources / Podcasts
Podcast · Talk Tech with Rob Scott

Why Microsoft 365 Is the Biggest Cybersecurity Target for MSPs

Jeremy Young of Huntress joins Rob Scott at IT Nation to break down why Microsoft 365 has become one of the most targeted environments for cyber attackers, and what that means for MSPs. Jeremy shares ...

Episode summary

Jeremy Young of Huntress joins Rob Scott at IT Nation to break down why Microsoft 365 has become one of the most targeted environments for cyber attackers, and what that means for MSPs. Jeremy shares threat intelligence from Huntress' front lines and explains how the company's rapid growth is fueled by a community-first approach to protecting MSPs and their clients. The conversation goes deep on the specific attack vectors targeting M365 and the practical steps MSPs should take to defend against them.

Beyond the technical details, Jeremy discusses how culture, community, and transparency shape Huntress' approach to cybersecurity. He makes the case that MSPs need security partners who share intelligence openly rather than hiding behind black-box solutions. For MSPs whose clients rely heavily on Microsoft 365, this episode is a direct briefing on the threat landscape and how to respond.

Key takeaways

  1. Microsoft 365 is one of the most targeted environments for attackers due to its ubiquity and rich data.
  2. MSPs need security partners who share threat intelligence openly, not vendors who operate as black boxes.
  3. Community-driven security creates a network effect where all MSPs benefit from shared intelligence.
  4. Practical M365 defense starts with identity protection, conditional access, and audit logging.
  5. Huntress' rapid growth is driven by a culture of transparency and a commitment to the MSP community.

"Microsoft 365 is where the data lives, and that's exactly where attackers are going. MSPs need to treat M365 security as a top priority, not an afterthought."

- Jeremy Young

Show notes

Guest Introduction

Jeremy Young is a leader at Huntress, one of the fastest-growing cybersecurity companies in the MSP channel. Huntress has built its reputation on community-driven threat intelligence and radical transparency, sharing what they see on the front lines so every MSP benefits. Jeremy brings real-world threat data and a practical security perspective that cuts through vendor marketing noise, making him exactly the kind of voice MSPs need to hear right now.

What We Cover

Why is Microsoft 365 the top target for cyber attackers going after MSPs?

Microsoft 365 is where the data lives for most MSP clients: email, files, identity, and collaboration all in one environment. That concentration of valuable data makes M365 an irresistible target. Jeremy shares specific threat intelligence from Huntress showing how attackers exploit M365 misconfigurations, weak identity controls, and gaps in audit logging to gain access and move laterally.

What does community-driven cybersecurity look like in practice?

Huntress operates on a principle that most security vendors ignore: share intelligence openly so every MSP benefits, not just paying customers. Jeremy explains how this community-first approach creates a network effect where threat data from one MSP's environment strengthens defenses across the entire channel. Black-box security solutions cannot deliver this kind of collective protection.

What practical steps should MSPs take to defend Microsoft 365 environments?

Jeremy walks through the foundational defenses every MSP should have in place: strong identity protection, conditional access policies, comprehensive audit logging, and continuous monitoring. These are not advanced capabilities reserved for large organizations. They are baseline requirements that most MSPs can implement today with the right tools and processes.

How does transparency and culture shape a security company's effectiveness?

Beyond technical capabilities, Jeremy discusses how Huntress' culture of transparency drives both their product development and their relationship with the MSP community. When a security vendor hides behind proprietary detection and opaque processes, MSPs cannot learn or improve. Transparency creates trust, and trust creates adoption.

Why This Matters for MSPs

Nearly every MSP client relies on Microsoft 365, and attackers know it. The liability exposure for MSPs managing these environments is significant, especially when contracts do not clearly define security responsibilities and scope. MSPs need both strong technical defenses and current, enforceable agreements that protect their business when incidents occur. This episode provides the threat intelligence and practical steps MSPs need to take M365 security seriously before an incident forces the issue.

About the Show

Talk Tech with Rob Scott is a podcast series from Monjur where CEO Rob Scott sits down with MSP industry leaders to explore the strategies, tools, and trends shaping managed services. New episodes are published regularly on YouTube. Subscribe to stay ahead of what is next in the MSP channel.

Keep listening

Related episodes

All episodes →
How to Build and Exit an MSP SaaS Company

How to Build and Exit an MSP SaaS Company

Mar 26, 2026 Brian Byrne
Why MSPs Need Community-Led Growth Now

Why MSPs Need Community-Led Growth Now

Mar 24, 2026 Ken Patterson
Why MSPs Must Go Passwordless Now

Why MSPs Must Go Passwordless Now

Mar 19, 2026 Danny Obaseki