I spotted a press release from the Managed Services Provider Collective announcing the launch of a validated directory of service providers who have achieved the Level 2 Assessment Certification from the Cybersecurity Maturity Model Certification. This directory aims to assist organizations seeking certified services to comply with their security requirements. Scott Edwards, the Executive Director of the MSP Collective, emphasized the organization’s mission to support critical infrastructure sectors. Companies that have received the certification can request inclusion in the directory at no cost, with the validation process carried out in partnership with the assessing authority. The directory will expand as more providers achieve certification, enhancing the resources available for organizations needing reliable service providers.
If you’re asking who the MSP Collective is, I’m with you. From their website’s about us. “To inform the US Government and Critical Infrastructure industries on topics related to Managed Service Providers and Managed Security Service Providers dedicated to the National Security mission of maintaining a secure, functioning, and resilient critical infrastructure.”
There is a membership application form, with membership starting at $2500 annually, and LinkedIn lists the organization as founded in 2023.
Why do we care?
Scott Edwards is also CEO of Summit 7, an MSP, and board members Jacob Horne, Joy Beland and Amy Edwards are all Summit 7 staff.
You know the XKCD comic about standards? Sometimes, I feel like this is the situation with MSP groups, where there are so many, clearly the solution is to create another. Is a directory of those with certifications useful? Absolutely. Would I have preferred this be done by a trade association that existed rather than a new one? Also absolutely.
This collective feels like it should have been part of an existing organization.

