On Feb. 27, 2025, Kaseya hosted its first Compliance Summit at the historic Mayflower Hotel in Washington, D.C. This one-of-a-kind event is the only compliance-focused event designed to focus on small business compliance. The Kaseya Compliance Summit brought together industry experts, managed service providers (MSPs) and other IT professionals to discuss the evolving landscape of cybersecurity and compliance for small businesses.
The summit began with a networking lunch that offered attendees the opportunity to connect before diving into a packed schedule of discussions and presentations. Excitement filled the air as the main stage sessions commenced, drawing a standing-room-only crowd eager to gain insights from top compliance and security leaders.
Kaseya Vice Chairman Fred Voccola’s opening keynote framed the current state of security and compliance for small businesses. He highlighted how the rapid evolution of technology has unlocked new opportunities for small businesses to grow and prosper.
“Technology has enabled small and midsize businesses to enjoy the same productivity gains that have previously benefitted only enterprises,” said Voccola.
He went on to outline the security, economic and regulatory shifts he anticipates will shape the compliance landscape and offered observations about what small businesses and the MSPs that serve them can expect in the future.
Must-see speakers and panels
Throughout the day, leading experts shared actionable insights about small business compliance, including establishing smart processes and navigating complex compliance requirements. The agenda featured a series of impactful presentations and a lively panel discussion.
FedRAMP Decoded: essential insights for modern businesses
David Fairburn, known as “The Father of FedRAMP,” provided an exclusive look into the inner workings of the Federal Risk and Authorization Management Program (FedRAMP) from its initial development to today. He emphasized its role in leveling the playing field for small businesses looking to work with U.S. federal agencies.
“Why is FedRAMP the framework that all other frameworks are measured against?” Fairburn asked. “It’s unbiased regardless of your platform. The process, the way into the market, is the same for everybody.”
Fairburn’s offered a unique ground-up perspective to help attendees understand the purpose of FedRAMP and developing a Plan of Action and Milestones (POA&M) to achieve compliance as well as how the program assists small businesses in landing big opportunities.
Preparing for StateRAMP: What SMBs supporting local government can do now
State Risk and Authorization Management Program (StateRAMP) Steering Committee member Tony Bai outlined how StateRAMP aligns with FedRAMP, and how small businesses can use StateRAMP compliance as a springboard for FedRAMP compliance.
“What StateRAMP does is help you get your foot in the door,” said Bai. “If you’re StateRAMP authorized, you’re probably 90% of the way to having a fully FedRAMP-compliant package.”
Bai’s side-by-side comparison of FedRAMP and StateRAMP offered attendees a look at the process of becoming StateRAMP-compliant and how small businesses can make the most of their investments in pursuing the designation.
Mastering SOC 2 for SMBs: Efficient compliance without the debt
Jake Nix, Director of the Ohio Society of Certified Public Accountants, shared cost-effective strategies for achieving SOC 2 compliance, and how taking that step opens doors for small businesses. Nix highlighted how MSPs can use compliance as a competitive advantage.
Nix went on to outline the path a small business may go through to progress to alignment with the SOC 2 standard, offering advice on the importance of establishing good processes and investing in good people from the start to minimize complications.
Contracting with confidence: Navigating cybersecurity clauses for SMBs and MSPs
Attorney Jeff Chiow from the law firm Greenberg Traurig provided guidance on how small businesses can efficiently manage cybersecurity clauses in contracts. He emphasized the need for proactive compliance planning to prevent costly setbacks and mitigate the severe consequences of non-compliance, especially for businesses that depend on federal contracts or support federal contractors.
“You’re not going to be able to get a government contract or be a subcontractor to a government contract,” Chiow warned, underscoring the need for compliance readiness.
Chiow emphasized the importance of clearly defining cybersecurity and compliance obligations in contracts. He advised businesses to be strategic and thorough when drafting agreements, ensuring they can meet compliance requirements and protect their interests.
Marquee panel: Compliance and the IT value revolution
A highlight of the day was an expert panel featuring Rusty Goodwin, cyber insurance expert and broker; Will Nobles, Founder & CEO of Vector Choice; and Eric Levitas, Vice President of Business Development at ControlCase.
Moderated by Jon DePerro, Kaseya Vice President of FedRAMP & Compliance Solutions, the lively discussion explored compliance challenges and opportunities for small businesses
Achieving compliance with automation
Max Pruger, Kaseya General Manager of Compliance, wrapped up the main stage program with an informative session about the benefits of harnessing automation to achieve and maintain compliance. He walked attendees through a day in the life of an IT professional using Kaseya Compliance Manager GRC, illustrating how its automated features enable users to deliver comprehensive compliance monitoring and management for small businesses in under 10 minutes.
Pruger provided an overview of the SaaS-based portal, demonstrating how easily IT professionals can set it up, install an agent and initiate a scan to assess around 1,800 security benchmarks. He also highlighted Compliance Manager’s versatility, noting the customizable features it offers to make it simple for IT professionals to deliver precise evaluations and actionable recommendations across a variety of standards. This functionality is particularly valuable for small businesses monitoring compliance with multiple standards and MSPs supporting clients in diverse industries.
The summit concluded with a networking happy hour, where attendees exchanged insights and built new industry connections in the elegant setting of one of D.C.’s most storied hotels.
Truly a must-attend compliance event
The summit emphasized the benefits of small businesses working toward compliance with programs like FedRAMP and StateRAMP, offering insights into potential pitfalls and opportunities. It also showcased how automation can simplify complex processes, equipping small businesses with the tools needed to navigate today’s challenging regulatory landscape.
Kaseya’s Compliance Summit went beyond a typical tech conference. This powerful event focused specifically on the compliance needs of small businesses. The summit educated, connected and empowered small business IT professionals, helping them build confidence in navigating the often-intimidating world of compliance.
For information on upcoming events from Kaseya, including Kaseya Connect Global, visit https://events.kaseya.com/.
