CISA's Secure by Design, Delta vs. CrowdStrike, Apple AI Cloud, Kaseya's New Security Solutions

Business of Tech: Daily 10-Minute IT Services Insights - A podcast by MSP Radio

Categories:

CISA has garnered over 230 voluntary commitments from software manufacturers to adopt safer software development practices as part of the secure-by-design initiative. This initiative aims to address critical vulnerabilities, particularly those arising from memory-unsafe programming languages, which account for 60 to 70 percent of security issues. The agency has also released a document titled "Product Security Bad Practices," inviting public comments to guide vendors on best practices for enhancing software security.The episode also covers Delta Airlines' lawsuit against CrowdStrike, seeking $500 million in damages due to a software update that caused a massive outage affecting millions of customers. Delta claims that CrowdStrike's negligence in testing the update led to significant disruptions, while CrowdStrike argues that Delta's outdated IT infrastructure contributed to the slow recovery. Cybersecurity expert Dr. Elia Kolchenko suggests that proving negligence in court may be challenging for Delta, hinting that an out-of-court settlement could be more advantageous for both parties.Apple has launched its Private Cloud Compute Virtual Research Environment, allowing security researchers to verify the company's privacy and security claims regarding its AI-driven cloud intelligence system. This initiative includes the release of a security guide and source code for select components, reinforcing Apple's commitment to data privacy. The episode highlights how this move could influence vendor decisions as organizations increasingly prioritize privacy and security in their cloud strategies.Lastly, the episode discusses Kaseya's new user security solution, which is priced at $2.79 per user, following its acquisition of SaaS Alerts. This offering aims to help small businesses protect against identity threats and reflects a growing trend among managed service providers (MSPs) to focus on SaaS security. Sobel emphasizes the importance of proactive risk management and the need for MSPs to adapt to the evolving landscape, where cloud vulnerabilities have surpassed ransomware as the top security threat. The insights shared in this episode underscore the critical need for organizations to prioritize security in their software development and operational practices. Four things to know today 00:00 CISA’s Secure-by-Design Initiative Gains Momentum as Delta-CrowdStrike Lawsuit Highlights Risks of Software Update Failures04:21 Security Experts Gain New Access as Apple Releases Private Cloud Compute Environment for AI and Privacy Verification05:54 Kaseya Acquires SaaS Alerts, Launches Affordable User Security Solution for MSPs at $2.79 Per User09:23 MSPs Shift Focus as Cloud Vulnerabilities Surpass Ransomware as Top Security Threat, Channel Mastered Survey Shows   Supported by:  https://timezest.com/mspradio/https://www.coreview.com/msp    All our Sponsors:   https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social