# Oscar Six Security Blog > Cybersecurity insights, compliance guidance, and security best practices from Oscar Six Security. ## Announcements - [Radar Is Live: Get Your First Vulnerability Scan for $49](https://blog.oscarsixsecurityllc.com/blog/radar-launch-introductory-pricing): Radar Is Live: Get Your First Vulnerability Scan for $49 We've been quiet for the past few weeks, running Radar through a closed beta with real businesses. Today we're opening the doors. Radar is live... ## Compliance - [Shadow IT Crisis: When Department Heads Bypass Security](https://blog.oscarsixsecurityllc.com/blog/shadow-it-crisis-department-heads-bypass-security): Shadow IT Crisis: When Department Heads Bypass Security MSPs are sounding the alarm: professional services clients are increasingly adopting unauthorized tools without IT approval, creating a shadow I... - [FTC Safeguards Rule: What Small Businesses Need to Know](https://blog.oscarsixsecurityllc.com/blog/ftc-safeguards-rule-continuous-monitoring-small-business-guide): Understanding the FTC Safeguards Rule If you handle customer financial information, the FTC Safeguards Rule likely applies to your business. Originally designed for traditional financial institutions,... - [CMMC Level 1 Compliance: A Small Business Survival Guide](https://blog.oscarsixsecurityllc.com/blog/cmmc-level-1-compliance-small-business-guide): What Is CMMC Level 1 and Why Should You Care? If you're a small business working with the Department of Defense—or hoping to—you've probably heard whispers about CMMC. The Cybersecurity Maturity Model... - [Pre-Check Your Site Before the Auditors Do](https://blog.oscarsixsecurityllc.com/blog/radar-pre-audit): The Audit Nightmare It’s 9 AM. The auditor just walked in. They want to see your vulnerability scans from the last quarter. You scramble to find the PDF from that expensive consultant you hired three... ## Insurance - [Why Cyber Insurance Carriers Love RADAR](https://blog.oscarsixsecurityllc.com/blog/radar-cyber-insurance): The Premium Problem Cyber insurance premiums are skyrocketing. Carriers are tired of paying out ransomware claims for companies that had open RDP ports or unpatched VPN concentrators. To get coverage... ## Mission - [AI Agents Gone Rogue: When Your Digital Assistant Becomes Your Biggest Security Risk](https://blog.oscarsixsecurityllc.com/blog/ai-agents-security-risks-production-environments): AI Agents Gone Rogue: When Your Digital Assistant Becomes Your Biggest Security Risk The Amazon Kiro incident that caused a 13-hour AWS outage wasn't just a one-off mistake—it's part of a disturbing p... - [Free Vulnerability Scans During Our Beta](https://blog.oscarsixsecurityllc.com/blog/free-radar-vulnerability-scans-msp-beta): We Built a Scanner. Now We Need Real-World Feedback. Radar is our vulnerability scanning tool, and it's in beta. We're looking for MSPs and small business owners to put it through its paces — free of... - [Securing IT Infrastructure During Acquisitions: A Survival Guide](https://blog.oscarsixsecurityllc.com/blog/securing-it-infrastructure-during-acquisitions): Securing IT Infrastructure During Acquisitions: A Survival Guide You've spent years building relationships with your clients, understanding their IT environments inside and out. Then comes the dreaded... - [Stop That New Hire From Becoming Your Next Security Breach](https://blog.oscarsixsecurityllc.com/blog/new-employee-access-control-privilege-escalation): Stop That New Hire From Becoming Your Next Security Breach We've all been there. Day three on the job, and the new marketing coordinator is already demanding "full server access" because they "need to... - [Stop New Employee Access Demands That Create Security Holes](https://blog.oscarsixsecurityllc.com/blog/prevent-employee-privilege-escalation-access-control): Stop New Employee Access Demands That Create Security Holes Picture this: A new employee walks into your office on day three and demands "full server access" because they "need to understand how every... - [ChatGPT Data Leaks: Why Small Businesses Can't Ignore AI Risk](https://blog.oscarsixsecurityllc.com/blog/chatgpt-data-leaks-small-business-ai-security-risks): The ChatGPT Data Leak Reality Check That MSP's question about whether clients are actually leaking customer data into ChatGPT? The answer just got a lot clearer – and more concerning. Recent research... - [SSL Certificate Management: Why 45-Day Certs Demand Automation](https://blog.oscarsixsecurityllc.com/blog/ssl-certificate-management-45-day-automation): SSL Certificate Management: Why 45-Day Certificates Demand Automation Now If you're still manually renewing SSL certificates, you're about to face a major problem. Let's Encrypt is moving to 45-day ce... - [How a Simple M365 Breach Cost One Company Six Figures](https://blog.oscarsixsecurityllc.com/blog/microsoft-365-breach-prevention-small-business): The Breach That Came From Inside the Tenant A recent story making rounds in IT circles should make every small business owner pause: an organization discovered that attackers had infiltrated their Mic... - [When Should Small Businesses Start Taking Security Seriously?](https://blog.oscarsixsecurityllc.com/blog/small-business-security-basics-when-to-start): The Moment Everything Changes It usually happens quietly. Your small business lands a bigger client. You sign a contract with a healthcare provider, a government agency, or a larger enterprise. Sudden... - [Self-Hosted RMM Tools: Hidden Security Risks MSPs Must Address](https://blog.oscarsixsecurityllc.com/blog/self-hosted-rmm-security-risks-msp-guide): The Growing Problem with Self-Hosted RMM Tools If you manage IT infrastructure for multiple clients, you've likely heard the horror stories—or worse, lived them. Self-hosted Remote Monitoring and Mana... - [NIST & MITRE Cutbacks: What SMBs Must Do Now](https://blog.oscarsixsecurityllc.com/blog/nist-mitre-cutbacks-small-business-security): The Federal Safety Net Is Shrinking If you've been following cybersecurity news, you've likely heard rumblings about significant changes at NIST (National Institute of Standards and Technology) and th... - [Vulnerability Scanning vs Penetration Testing: What's Right for Your Business?](https://blog.oscarsixsecurityllc.com/blog/vulnerability-scanning-vs-penetration-testing-what-small-businesses-need): The Pricing Confusion Is Real If you've ever requested quotes for penetration testing, you've probably experienced sticker shock—and confusion. One vendor quotes $3,000, another quotes $25,000, and a... - [MSP Internal Security: Protecting Your Own Infrastructure First](https://blog.oscarsixsecurityllc.com/blog/msp-internal-security-checklist-protect-your-own-infrastructure): The MSP Security Paradox There's an uncomfortable truth in the managed services world: the companies responsible for securing dozens of client networks often neglect their own infrastructure. It's the... - [Zero-Day Vulnerabilities: What Small Businesses Must Know](https://blog.oscarsixsecurityllc.com/blog/zero-day-vulnerabilities-small-business-protection): What Just Happened with the Cisco Zero-Day? On January 21st, Cisco confirmed that CVE-2026-20045—a critical vulnerability in their HTTP web services—is being actively exploited in the wild. CISA immed... - [Zero-Day Alerts: What Small Businesses Should Actually Do](https://blog.oscarsixsecurityllc.com/blog/zero-day-vulnerabilities-small-business-response-guide): Another Day, Another Critical Vulnerability If you follow cybersecurity news, you've probably seen the headlines: Cisco just confirmed that CVE-2026-20045 is being actively exploited in the wild. CISA... - [Security Shouldn't Bankrupt You](https://blog.oscarsixsecurityllc.com/blog/security-shouldnt-bankrupt-you): We're here to change the game. For too long, cybersecurity has been a luxury good. If you weren't a Fortune 500 company with a million-dollar budget, you were left behind—or worse, sold "lite" version...