Are Nation-States a threat to customers through their relationships with their Manage Service Providers (MSP’s)? You can bet on it. The migration to the cloud and lack of standards and certification for MSP’s addressing cybersecurity needs has created an opportunity for Nation-state affiliated Advanced Persistent Threat (APT) actors to target MSP’s by actively exploiting trusted relationships and networks access granted to the MSP’s. Not all MSP’s are equipped to face these challenges on their own. The solution is a close partnership between the MSP’s and cybersecurity defense-focused entities to close the gap and reduce this risk. The customers should ask who is responsible for security and operation when outsourcing IT services to an MSP. MSP’s should ask the question how they can improve and demonstrate their ability to protect customers’ critical assets. CompTIA recently published a paper for the executive to ask the right questions from their team. It is now the time to ask MSP’s how they are protecting their own environment from cybersecurity threats and Nation-states attacks.