Jason Slagle really does run an MSP business. But if you forgot, or didn’t even realize, no worries because it certainly sometimes feels that he works for all of us. After all, his dedication and commitment to strengthening the cybersecurity resilience of everyone, everywhere, are resolute—and much appreciated.
Slagle, selected as the 2025 GTIA North America Cybersecurity Leadership Award winner, is a constant presence at cybersecurity and IT industry events, online webinars and any number of groups, organizations and teams focused on helping MSPs and other businesses stay safe. As his award nominator wrote, “As emerging threats arise, Jason is one of the first to share actionable insights and guidance across social and formal channels, ensuring the community remains informed and prepared.”
We asked Slagle why he’s so passionate about cyber resilience and what’s the biggest challenge MSPs face in the market. Here’s what he had to say.
What does the GTIA NA Cybersecurity Leadership Award mean to you?
This is a tough one for me. I do not generally do the things I do for recognition, although I appreciate it very much. Winning the award is validation that the work I am doing and the time I spend doing it—which is time away from the MSP in many cases—is worth it. I believe there are others who deserve the award more, but I will accept it graciously.
What has made you such a tireless advocate for cybersecurity for MSPs?
Small businesses are very much underrepresented in the security realm. They do not have the budget or the knowledge to be in a position to properly protect themselves in almost every case. As such they RELY on managed services providers in some fashion to fill that role. I believe it's on all of us to make that a better, more secure experience for the small businesses we represent.
Is there a difference between cybersecurity and technology, and what is it?
Technology is a tool used to solve issues. Although Wayne Selk, GTIA vice president of cybersecurity programs, and I sometimes argue about the order of the first two: The concept of people, process and technology very much applies here. We can use technology to solve cybersecurity challenges, but if we don't understand those challenges, we are in a poor position to select the technology needed to solve the problems. Too often I see MSPs and even enterprises attempt to solve their issues by buying their way out of them, but without the right people and process that will fail.
What is the biggest security challenge/risk MSPs face today?
Honestly, the pace of play. Both businesses and many MSPs naively think that what worked yesterday will continue to work tomorrow, and that simply isn't true. Much like tooling and knowledge have allowed this entire industry to exist and make it economically viable for us to serve smaller and smaller customers, threat actors continue to make the same strides. The line of revenue required to be a target—and by target I mean some manual effort goes into hitting you and not a drive-by crime of opportunity—keeps getting lower and lower. If we do not adapt and continue to offer the right level of security based on the revenue of our clients, eventually the line will fall below those clients, and they will get compromised.
Why should MSPs consider the GTIA Cybersecurity Trustmark for their business?
Let's be real here. Regulation in some form is likely coming. As we continue to fail our small businesses, and we continue not offering the right solutions, someone is going to step in and define rules that must be followed—be it reporting requirements on breaches, or required offerings. Insurance is already driving some of these. I view the GTIA Cybersecurity Trustmark as the solution to this. If we can show successfully that those that have the Trustmark have a lower incidence of breach of their customers, we can make a case that we can self-regulate. This allows us to set the rules, and not those in government who do not understand the unique challenges small businesses face.
