Josh sits down with Bill Haber to demystify cyber risk for small and midsize businesses—what it really is, why insurers care, and how MSPs can guide clients without the fear-mongering. You’ll learn a practical path: assess, remediate, insure—minus the jargon and overpriced “gold/silver/bronze” bundles.

✅ Enjoyed this episode?
Like, subscribe, and share your biggest takeaway below.
https://beringmckinley.com/bering-mckinley-podcast-blog

In this From the Trenches conversation, Josh Peterson interviews Bill Haber of TEKRISQ about the real-world intersection of cybersecurity and insurance for SMBs—and how MSPs can lead with value instead of scare tactics. Bill traces his path from telecom and medical data platforms to cyber risk advising and brokering, then unpacks why many agents and underwriters “miss the mark” when they don’t align coverage to actual risk. He breaks down the simple language leaders need: events vs. incidents vs. breaches, when to involve insurance and counsel, and why a few fundamentals (MFA, EDR, tested backups) deter most opportunistic attacks. Bill also shares TEKRISQ’s avatar-driven assessments that make risk profiling fast, affordable, and candid—so SMBs get actionable next steps and MSPs get cleaner, higher-trust conversations.

👉 Why “assess → remediate → insure” is the sane order of operations
👉 How to talk events, incidents, and breaches without triggering a legal fire drill
👉 What underwriters really look for—and the problem with oversimplified applications
👉 Practical deterrents that move you off the “easy target” list (MFA, EDR, restore tests)
👉 A value-first “free sample” model MSPs can use to start better security conversations

Visit https://beringmckinley.com for more MSP resources.

🔗 Resources & Links
• Bill Haber at TEKRiSQ: https://tekrisq.com
• Bering McKinley MSP Consulting: https://beringmckinley.com

⏱️ Chapters
00:00 – Why cyber risk still confuses SMBs
02:00 – Bill’s journey: telecom → sensitive data → cyber & insurance
05:30 – Why many brokers miss on tech risk
08:40 – Claims reality vs. application fiction
11:20 – SMB supply-chain risk and buyer due diligence
14:45 – Complacency, dwell time, and the $250K transfer story
16:50 – Stats, stakes, and why defense beats denial
19:30 – Insurance leverage vs. security standards
22:10 – Underwriting shortcuts and their consequences
26:30 – Event vs. incident vs. breach (and why words matter)
30:10 – Ransomware playbooks, backups, and decision paths
33:45 – “Have a buddy”: who to call and when
37:20 – Careers in cyber: creativity beats pure tech
41:00 – “Never pay?”—why the answer is “it depends”
43:20 – TEKRISQ’s model: assess, remediate, insure—made simple
47:00 – Avatar assessments and why clients are more candid
50:40 – From bundles to bespoke: right-sizing for real risk
53:10 – Where to find Bill/TEKRISQ

🔍 Primary Keywords
cyber insurance for smbs, msp cybersecurity, cyber risk assessment, ransomware response

🔍 Secondary Keywords
mfa and edr best practices, incident vs breach, underwriter requirements, supply chain cyber risk

🏷️ Tags
Josh Peterson, Bill Haber, TEKRISQ, cyber insurance, MSP security, ransomware, event vs incident vs breach, underwriting, SMB cybersecurity, risk assessment, backups, MFA, EDR, dwell time, claims process

#️⃣ Hashtags
#bmkvisionpodcast #beringmckinley #msp #cybersecurity #cyberinsurance #smbo #ransomware #incidentresponse #mfa #edr #backup #underwriting #riskassessment #smbsecurity #itservices #managedservices #supplychainrisk #dwelltime #tekrisq