{"id":25922,"date":"2026-05-26T08:30:16","date_gmt":"2026-05-26T12:30:16","guid":{"rendered":"https:\/\/www.sherweb.com\/blog\/?p=25922"},"modified":"2026-05-26T08:40:10","modified_gmt":"2026-05-26T12:40:10","slug":"left-of-boom-nist-identify-protect-msps","status":"publish","type":"post","link":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/security\/left-of-boom-nist-identify-protect-msps\/","title":{"rendered":"Moving left of boom: A guide to the NIST Identify and Protect pillars"},"content":{"rendered":"<p><span data-contrast=\"auto\">In the\u00a0world of\u00a0cybersecurity\u00a0risk reduction,\u00a0there\u2019s\u00a0a concept that\u00a0we\u00a0call\u00a0\u201cthe boom\u201d.\u00a0It\u2019s\u00a0the moment a ransomware note appears on a\u00a0screen,\u00a0or\u00a0your company name\u00a0shows up\u00a0on a breach list after your entire CRM database gets dumped.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">It\u2019s\u00a0the\u00a0explosion. And by the time it happens, your options are limited. Everything before that moment\u00a0is <strong>\u201cleft of boom\u201d<\/strong>.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">When reviewing how\u00a0strong\u00a0our security programs are, we tend to focus a lot of attention on\u00a0preventative measures.\u00a0This is the proactive territory where you stop the explosion before the fuse is even lit.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">For MSP owners and SMB leaders, staying left of boom\u00a0is about building\u00a0disciplined, proactive security habits before an attacker ever gets a foothold. That work starts with\u00a0the first two pillars of the NIST Cybersecurity Framework:\u00a0<strong>Identify\u00a0and Protect.\u00a0<\/strong><\/span><strong>\u00a0<\/strong><\/p>\n<p><span data-contrast=\"auto\">This post breaks down what each pillar actually requires in practice and why getting them right is the foundation of a\u00a0resilient,\u00a0defensible\u00a0security program.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Pillar\u00a01: The\u00a0discipline of\u00a0identification<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">You cannot secure what you do not know exists. This sounds like a simple truism, yet it is the primary\u00a0reason why\u00a0many security programs fail. Identification is the technical foundation of your entire defense strategy. It involves more than just a list of laptops.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">A complete identification process covers:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"-\" data-font=\"Aptos\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Aptos&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;-&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Hardware<\/span><\/b><span data-contrast=\"auto\">.\u00a0Every device on your network, including ones that\u00a0weren&#8217;t\u00a0formally onboarded<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"-\" data-font=\"Aptos\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Aptos&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;-&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Software<\/span><\/b><span data-contrast=\"auto\">.\u00a0Licensed applications, SaaS tools, shadow\u00a0IT\u00a0and temporary solutions that became permanent.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"-\" data-font=\"Aptos\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Aptos&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;-&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Vendors\u00a0and third parties<\/span><\/b><span data-contrast=\"auto\">.\u00a0Anyone with access to your environment or your clients&#8217; environments<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"-\" data-font=\"Aptos\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Aptos&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;-&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">People<\/span><\/b><span data-contrast=\"auto\">.\u00a0People are\u00a0assets, and access privileges need to be mapped accordingly<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"-\" data-font=\"Aptos\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Aptos&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;-&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Data flows<\/span><\/b><span data-contrast=\"auto\">.\u00a0Where sensitive data lives, where it moves and what would happen if it were compromised<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">In an MSP environment,\u00a0a thorough identification process\u00a0often reveals\u00a0surprises:\u00a0<a href=\"https:\/\/www.sherweb.com\/blog\/security\/dangers-of-shadow-it\/\">cloud applications nobody officially approved<\/a>,\u00a0personal devices that have bypassed standard onboarding\u00a0or undocumented critical services.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<h3 aria-level=\"3\"><span data-contrast=\"none\">Automate your asset discovery<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">To master the Identify pillar, you must implement automated asset discovery tools that run continuously rather than quarterly. These tools should\u00a0provide\u00a0a live view of every IP address on the network, alert you\u00a0to\u00a0changes or\u00a0deviations\u00a0and\u00a0capture\u00a0SaaS application in use.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h3 aria-level=\"3\"><span data-contrast=\"none\">Classify risk appropriately<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">Beyond hardware,\u00a0you must\u00a0also\u00a0identify\u00a0your\u00a0\u201ccrown\u00a0jewels\u201d.\u00a0Which\u00a0datasets\u00a0would end your business if they were compromised?\u00a0This classification allows you to\u00a0allocate\u00a0your limited resources toward the highest-risk areas. If you treat every piece of data as equally important, you effectively treat nothing as important.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Pillar 2: Hardening the environment through protection<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Once\u00a0you\u2019ve\u00a0identified\u00a0your assets, the Protect pillar is where you build the walls. In a modern threat landscape, the perimeter is no longer\u00a0just\u00a0a physical office or an endpoint device.\u00a0It\u2019s\u00a0the identity of your users.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h3 aria-level=\"3\"><span data-contrast=\"none\">Start with zero trust and strong MFA<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">Protection starts with zero trust principles,\u00a0and\u00a0specifically\u00a0with\u00a0enforcing\u00a0multi-factor\u00a0authentication on every\u00a0single entry\u00a0point.\u00a0<a href=\"https:\/\/www.sherweb.com\/blog\/microsoft-ecosystem\/office-365\/ai-identity-security\/\">Not all MFA is equal<\/a>, so you should\u00a0ensure\u00a0that\u00a0the type\u00a0you\u00a0use\u00a0matches\u00a0the risk\u00a0level of the account\u00a0it\u2019s\u00a0protecting. Using\u00a0challenge-response\u00a0authentication\u00a0or FIDO for highly permissive accounts makes\u00a0more\u00a0sense than relying just on SMS-based MFA\u00a0(which I highly recommend you never use).<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<h3 aria-level=\"3\"><span data-contrast=\"none\">Patch aggressively and verify it<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">Technical protection also means aggressive patch management. Most breaches exploit vulnerabilities that have had patches available for months\u00a0before the attack. For an MSP, this means having an automated, verified pipeline for updates that covers not just the operating systems, but\u00a0also the\u00a0third-party\u00a0applications that often fly under the radar.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h3 aria-level=\"3\"><span data-contrast=\"none\">Train humans, not just systems<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">Finally, protection includes\u00a0the human element. Security awareness training should move away from annual &#8220;box-checking&#8221; exercises and toward frequent, simulated phishing tests that provide immediate feedback to users. A\u00a0well-trained\u00a0employee is often the last line of defense when\u00a0a technical\u00a0control is bypassed.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">The\u00a0bridge between the two pillars:\u00a0SOC\u00a0visibility<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Identify\u00a0and Protect\u00a0don&#8217;t\u00a0operate\u00a0in isolation.\u00a0The bridge between\u00a0them\u00a0is visibility,\u00a0And\u00a0this is where a <strong>Security Operations Center\u00a0(SOC)<\/strong>\u00a0or\u00a0dedicated security team becomes indispensable.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Visibility is the telemetry that tells you if your Identify and Protect pillars are actually working.\u00a0Without a centralized view of logs from endpoints, firewalls, and cloud environments, you are\u00a0essentially flying\u00a0blind.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">A SOC provides the continuous monitoring necessary to spot the &#8220;smoke&#8221; before the\u00a0boom\u00a0occurs. For example, if your Identify phase noted a critical server and your Protect phase implemented strict access controls, the SOC is the entity that notices a successful login from an unusual geographic location at 3 AM. That\u00a0real-time visibility transforms your security from a static set of rules into a dynamic\u00a0defense.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">For MSPs, this often means moving beyond simple alert monitoring and toward Managed Detection and Response (MDR),\u00a0where experts actively hunt for threats within\u00a0your\u00a0visibility data.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"3\"><span data-contrast=\"none\">Three steps to start moving left of boom<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">To move your organization or your clients left of boom, consider these three immediate steps:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ol>\n<li aria-setsize=\"-1\" data-leveltext=\"%1.\" data-font=\"\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,0],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Conduct a comprehensive asset and data audit<\/span><\/b><span data-contrast=\"auto\">.\u00a0Use\u00a0automated discovery tools to\u00a0eliminate\u00a0blind spots in your network.\u00a0Map hardware, software, SaaS tools,\u00a0vendors\u00a0and data flows, then classify what you find\u00a0by\u00a0risk level.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li aria-setsize=\"-1\" data-leveltext=\"%1.\" data-font=\"\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,0],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Mandate hardware-based or app-based\u00a0MFA\u00a0for all administrative and user accounts without exception<\/span><\/b><span data-contrast=\"auto\">.\u00a0Retire SMS-based MFA wherever possible and match authentication strength to account risk.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:720,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278,&quot;335559991&quot;:360}\">\u00a0<\/span><\/li>\n<li aria-setsize=\"-1\" data-leveltext=\"%1.\" data-font=\"\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,0],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Centralize your security logs.<\/span><\/b><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">Implement\u00a0<\/span><span data-contrast=\"auto\">a SIEM or partner with an MDR provider to ensure that your identification and protection efforts are backed by 24\/7 visibility, not periodic check-ins.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:720,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278,&quot;335559991&quot;:360}\">\u00a0<\/span><\/li>\n<\/ol>\n<p><span data-contrast=\"auto\">By shifting your focus to these proactive measures, you reduce the likelihood of a catastrophic event and build a business that is resilient by design rather than by luck.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Go deeper with these\u00a0resources<\/span><\/h2>\n<p aria-level=\"2\"><span data-contrast=\"none\">NIST\u00a0Cybersecurity Framework:\u00a0<\/span><a href=\"https:\/\/www.nist.gov\/cyberframework\"><span data-contrast=\"none\">https:\/\/www.nist.gov\/cyberframework<\/span><\/a><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">CISA Cyber Essentials for Small Business:\u00a0<\/span><a href=\"https:\/\/www.cisa.gov\/resources-tools\/resources\/cyber-essentials\"><span data-contrast=\"none\">https:\/\/www.cisa.gov\/resources-tools\/resources\/cyber-essentials<\/span><\/a><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">CIS Critical Security Controls:\u00a0<\/span><a href=\"https:\/\/www.cisecurity.org\/controls\/v8\"><span data-contrast=\"none\">https:\/\/www.cisecurity.org\/controls\/v8<\/span><\/a><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Security frameworks are better with a community behind them<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Want to connect with MSPs who are already putting these principles to work?\u00a0The\u00a0CyberMSP\u00a0Community is a space for security-minded MSPs to share real-world experience, access practical resources and learn from peers who are building the same kind of practice you are.\u00a0<\/span><a href=\"https:\/\/info.sherweb.com\/cybermsp-community\/\"><span data-contrast=\"none\">Join\u00a0now<\/span><\/a><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the\u00a0world of\u00a0cybersecurity\u00a0risk reduction,\u00a0there\u2019s\u00a0a concept that\u00a0we\u00a0call\u00a0\u201cthe boo","protected":false},"author":188,"featured_media":25923,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[753],"tags":[919,1202],"class_list":["post-25922","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-cybersecurity","tag-security-frameworks"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Left of boom: The NIST Identify and Protect pillars for MSPs | Sherweb<\/title>\n<meta name=\"description\" content=\"Learn how MSPs can stay left of boom by mastering the NIST Identify and Protect pillars, from asset discovery to MFA and SOC visibility.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Left of boom: The NIST Identify and Protect pillars for MSPs | Sherweb\" \/>\n<meta property=\"og:description\" content=\"Learn how MSPs can stay left of boom by mastering the NIST Identify and Protect pillars, from asset discovery to MFA and SOC visibility.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/\" \/>\n<meta property=\"og:site_name\" content=\"Sherweb\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Sherweb\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-26T12:30:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-26T12:40:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1800\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Roddy Bergeron\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:site\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roddy Bergeron\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/\"},\"author\":{\"name\":\"Roddy Bergeron\",\"@id\":\"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"headline\":\"Moving left of boom: A guide to the NIST Identify and Protect pillars\",\"datePublished\":\"2026-05-26T12:30:16+00:00\",\"dateModified\":\"2026-05-26T12:40:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/\"},\"wordCount\":1046,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#primaryimage\"},\"thumbnailUrl\":\"\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg\",\"keywords\":[\"Cybersecurity\",\"Security frameworks\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/\",\"url\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/\",\"name\":\"Left of boom: The NIST Identify and Protect pillars for MSPs | Sherweb\",\"isPartOf\":{\"@id\":\"https:\/\/www.sherweb.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#primaryimage\"},\"thumbnailUrl\":\"\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg\",\"datePublished\":\"2026-05-26T12:30:16+00:00\",\"dateModified\":\"2026-05-26T12:40:10+00:00\",\"author\":{\"@id\":\"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"description\":\"Learn how MSPs can stay left of boom by mastering the NIST Identify and Protect pillars, from asset discovery to MFA and SOC visibility.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#primaryimage\",\"url\":\"\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg\",\"contentUrl\":\"\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg\",\"width\":1800,\"height\":720,\"caption\":\"Left of boom: The NIST Identify and Protect pillars for MSPs\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.sherweb.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\/\/www.sherweb.com\/blog\/category\/security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Moving left of boom: A guide to the NIST Identify and Protect pillars\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.sherweb.com\/blog\/#website\",\"url\":\"https:\/\/www.sherweb.com\/blog\/\",\"name\":\"Sherweb\",\"description\":\"More than a cloud marketplace\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795\",\"name\":\"Roddy Bergeron\",\"description\":\"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/roddy-bergeron-cissp-ccsp-csap-33432573\/\"],\"url\":\"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/author\/roddy-bergeron\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Left of boom: The NIST Identify and Protect pillars for MSPs | Sherweb","description":"Learn how MSPs can stay left of boom by mastering the NIST Identify and Protect pillars, from asset discovery to MFA and SOC visibility.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/","og_locale":"en_US","og_type":"article","og_title":"Left of boom: The NIST Identify and Protect pillars for MSPs | Sherweb","og_description":"Learn how MSPs can stay left of boom by mastering the NIST Identify and Protect pillars, from asset discovery to MFA and SOC visibility.","og_url":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/","og_site_name":"Sherweb","article_publisher":"https:\/\/www.facebook.com\/Sherweb","article_published_time":"2026-05-26T12:30:16+00:00","article_modified_time":"2026-05-26T12:40:10+00:00","og_image":[{"width":1800,"height":720,"url":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg","type":"image\/jpeg"}],"author":"Roddy Bergeron","twitter_card":"summary_large_image","twitter_creator":"@SherWeb","twitter_site":"@SherWeb","twitter_misc":{"Written by":"Roddy Bergeron","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#article","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/"},"author":{"name":"Roddy Bergeron","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"headline":"Moving left of boom: A guide to the NIST Identify and Protect pillars","datePublished":"2026-05-26T12:30:16+00:00","dateModified":"2026-05-26T12:40:10+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/"},"wordCount":1046,"commentCount":0,"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg","keywords":["Cybersecurity","Security frameworks"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/","url":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/","name":"Left of boom: The NIST Identify and Protect pillars for MSPs | Sherweb","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#primaryimage"},"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg","datePublished":"2026-05-26T12:30:16+00:00","dateModified":"2026-05-26T12:40:10+00:00","author":{"@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"description":"Learn how MSPs can stay left of boom by mastering the NIST Identify and Protect pillars, from asset discovery to MFA and SOC visibility.","breadcrumb":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#primaryimage","url":"\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg","contentUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-1-2.jpg","width":1800,"height":720,"caption":"Left of boom: The NIST Identify and Protect pillars for MSPs"},{"@type":"BreadcrumbList","@id":"https:\/\/www.sherweb.com\/blog\/security\/left-of-boom-nist-identify-protect-msps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sherweb.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.sherweb.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Moving left of boom: A guide to the NIST Identify and Protect pillars"}]},{"@type":"WebSite","@id":"https:\/\/www.sherweb.com\/blog\/#website","url":"https:\/\/www.sherweb.com\/blog\/","name":"Sherweb","description":"More than a cloud marketplace","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795","name":"Roddy Bergeron","description":"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.","sameAs":["https:\/\/www.linkedin.com\/in\/roddy-bergeron-cissp-ccsp-csap-33432573\/"],"url":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/author\/roddy-bergeron\/"}]}},"tag_names":["Cybersecurity","Security frameworks"],"_links":{"self":[{"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/posts\/25922","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/users\/188"}],"replies":[{"embeddable":true,"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/comments?post=25922"}],"version-history":[{"count":6,"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/posts\/25922\/revisions"}],"predecessor-version":[{"id":25929,"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/posts\/25922\/revisions\/25929"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/media\/25923"}],"wp:attachment":[{"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/media?parent=25922"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/categories?post=25922"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/r-swca2-app15-sherwebbl-change-font-czgcf8cmcjh3asb3.canadacentral-01.azurewebsites.net\/blog\/wp-json\/wp\/v2\/tags?post=25922"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}