CISOs Gain Boardroom Influence, Apple Encrypts RCS, Nerdio Hits $1B, and Cyber Risks Surge

[00:00:02] It's Tuesday, March 18th, 2025, and I'm Dave Solt. Four things to know today. CISO jobs just got riskier, but more strategic. Here's why it matters. No more green bubble risk. Apple finally bringing encryption to RCS. A cloud boom. Nerdio soars to 1 billion. Cisco bets on AI and pass keys get a makeover. And think remote workers are slacking? McKinsey's latest study says, think again. This is the business of tech.

[00:00:32] A recent study conducted by Fastly reveals that 93% of organizations have modified their policies to address the growing personal liability faced by Chief Information Security Officers, or CISOs. The shift comes in response to new regulations, including recent rules from the Security and Exchange Commission regarding cybersecurity risk management and incident disclosure. Notably, 41% of organizations are now involving CISOs more in board-level strategic decisions.

[00:01:01] To mitigate potential risks, 38% of respondents have increased scrutiny of security documentation, while a similar number have improved legal support for cybersecurity staff, including introducing liability insurance. However, Marshall Irwin, CISO at Fastly warns that merely investing in legal protection is not enough. True accountability requires clearer standards from regulators and a culture that incentivizes better cybersecurity practices.

[00:01:29] The report further highlights a concerning lack of clarity in responsibility during cybersecurity incidents, with nearly half of the surveyed organizations unsure who holds ultimate accountability. Cyber attacks targeting third-party vendors are causing unprecedented financial damage, according to a recent report from the risk management firm Resilience.

[00:01:51] The report revealed that nearly one-quarter of cyber insurance claims filed last year involved material losses due to third-party breaches, marking a first for the company. Resilience noted that many incidents in 2024 disrupted businesses significantly, leading to larger financial impacts.

[00:02:08] The average cost of data breach in 2024 was nearly $4.9 million, with some incidents costing billions, such as the ransomware attack on UnitedHealth, which incurred $3.1 billion in response costs. Resilience's analysis also indicated that third-party risk now accounts for 31% of all claims filed, with ransomware targeting vendors contributing to 18% of incurred claims.

[00:02:36] The firm suggests that threat actors are shifting focus toward larger organizations, aiming for higher payouts. ZeroBounce has unveiled its 2025 email statistics report, offering valuable insights into email user behavior based on a survey of nearly 1,000 participants across four continents. The findings reveal that a significant 93% of respondents check their email daily, with 42% doing so three to five times a day.

[00:03:05] While 35% of users spend less than one hour managing their inboxes, an equal percentage dedicates between two and five hours each day. The report emphasizes that relevance is key to engagement, as 46% of participants consistently open emails from brands that send relevant content. Additionally, 80% of individuals mark emails as spam if they appear spam-like, highlighting the importance of permission-based marketing.

[00:03:33] With 60% preferring email for work communication, the report underscores the ongoing dominance of email despite the rise of other platforms. Why do we care? CISOs are becoming strategic, not just operational. With 41% now involved in board-level decisions, providers must position themselves as trusted advisors, aligning their security offerings with broader business objectives.

[00:03:57] Security leaders may hesitate to take on CISO roles, especially in organizations with clear accountability structure problems. If clients struggle to retain security leadership, MSPs may see increased demand for virtual CISO services, and thus the need to also manage those third-party risks as well as email security. Cyber insurance might become less viable.

[00:04:22] With high-cost payouts like that UnitedHealth breach, insurers could raise premiums, impose stricter requirements, or even exit the market for certain businesses. Providers must prepare for a future where cyber insurance is harder to obtain or more expensive. Are you and your clients tired of the time-consuming ticket tennis of coordinating meetings and help desk calls?

[00:04:48] Wouldn't it be better to automate this process with a tool that connects directly to ConnectWise Manage or Autotask? TimeZest offers scheduling automation that gives you complete control of your schedule and eliminates the hassle of Calendar Ping Pong. As the only service designed specifically for MSPs, it integrates into your workflow and makes scheduling appointments easy on you and your clients.

[00:05:15] Plus, you can try TimeZest for free. Visit TimeZest.com slash MSP Radio and use the code MSP Radio to get 10% off your first year of TimeZest. Apple is set to introduce support for encrypted, rich communication services, or RCS messaging, between iPhone and Android users, thanks to new updates in RCS specifications.

[00:05:41] The change, announced by the GSM Association, will enable end-to-end encryption based on the Message Layering Security Protocol, marking a significant advancement in secure messaging across platforms. Apple spokesperson Shane Bauer highlighted the company's role in this cross-industry effort, stating that support for encrypted RCS messages will be included in future updates for iOS and other operating systems.

[00:06:05] Previously, while Apple's iMessage system offered encryption, RCS messaging lacked the necessary cross-platform support. Google has also provided end-to-end encryption for RCS messages among its users for several years and is eager to expand the security feature to cross-platform messaging. Why do we care? Many businesses still rely on SMS or unencrypted RCS for communication with employees, vendors, and customers.

[00:06:30] The adoption of end-to-end encryption in RCS will significantly enhance security for cross-platform business messaging, reducing exposure to man-in-the-middle attacks and SMS interception. This is an area where providers can distinctly help by making sure your customers migrate.

[00:07:15] virtual desktop and related services efficiently. With the recent investment, Nerdio plans to expand its product lineup and grow its workforce from 300 employees to support its increasing global presence. Cisco unveiled new artificial intelligence solutions aimed at enhancing collaboration and customer experiences at the Enterprise Connect event in Orlando. The company introduced the WebEx AI Agent, a self-service solution designed to provide 24x7 support set to be generally

[00:07:43] available at the end of the month. This innovation allows for human-like interactions, assisting with routine customer queries and reducing wait times. Additionally, the Cisco AI Assistant for WebEx Contact Center will receive new features, including real-time transcription aimed at improving service experiences. Cisco's approach marks a significant shift from traditional contact centers to experience centers, capitalizing on automation to fulfill customer needs efficiently.

[00:08:10] SUSE launched the Cloud Elevate program for managed service providers aimed at facilitating the sale of its new software-as-a-service suite for enterprise container management through the AWS Marketplace. Christine Puccio, SUSE's Global Vice President for AWS Cloud, emphasized the program's goal of providing MSPs with tailored solutions to meet diverse customer needs. The initiative offers access to

[00:08:35] various SUSE Cloud and Rancher solutions, including observability and application collection, along with a three-free 30-day trial to help MSPs demonstrate quick results and enhance client acquisition. The move further solidifies SUSE's collaboration with AWS, which has been a partner since the program's inception in 2024.

[00:08:56] And a cybersecurity startup called Waxx, H-A-W-C-X, is aiming to improve the usability of Passkeys, a solution designed to replace traditional passwords. Founded in 2023 by Raya Shunmagam, who has nearly two decades of experience in companies like Adobe and Google, Waxx has raised $3 million in a pre-seed funding round. The company highlights that nearly one-third of data breaches in the past decade

[00:09:23] occurred due to stolen credentials, according to Verizon. While over 15 billion online accounts can utilize Passkeys, many users find them cumbersome, limiting adoption. The technology generates private keys each time a user signs in, avoiding the storage of these keys on devices, which enhance portability and ease of use. The startup is in discussion with large banks and gaming companies for pilot programs, with plans to validate its technology with cryptography experts at Stanford.

[00:09:52] Why do we care? Nerdio's quadrupled valuation and billion-dollar status reinforce the ongoing shift toward cloud cost optimization and automation. With Azure Virtual Desktop and Microsoft's cloud services growing, providers must take note of the increasing demand for cost-efficient cloud management tools. Nerdio continues to need to stay ahead of Microsoft to maintain their viability and lead.

[00:10:17] Authentication remains a pain point, and Passkey usability improvements could disrupt traditional password management solutions, offering a new security opportunity for providers. I remain pretty bullish on Passkeys. A recent study by consulting firm McKinsey reveals that returning to the office does not necessarily enhance productivity among employees.

[00:10:40] As major companies like Amazon and JPMorgan Chase push for full-time office attendance, McKinsey's findings challenge the belief that remote work leads to laziness. The report indicates that productivity levels are similar across in-person, remote, and hybrid workers, with no significant differences in intent to quit, burnout, effort, or satisfaction.

[00:11:01] Despite these insights, the number of companies requiring in-person work has doubled from 2023 to 2024, with over one in three employees considering leaving their jobs. McKinsey urges executives to prioritize collaboration, connectivity, innovation, mentorship, and skill development to improve workplace performance rather than focusing solely on office attendance. A recent study conducted by Harris Poll and commissioned by Grammarly reveals that office workers are struggling with communication overload,

[00:11:30] dedicating an average of 28 hours per week to communications, marking a 13.2% increase from the previous year. A survey of 1,286 professionals found that 60% reported difficulty focusing on their work due to constant connectivity through messaging apps like Microsoft Teams and Slack. In contrast, 40% of respondents, classified as proficient in using artificial intelligence tools,

[00:11:56] reported being more satisfied and saving an average of 25.2 hours weekly by leveraging AI for tasks such as editing and research. While 77% use AI as a collaborative tool, there are concerns about the technology sometimes producing inaccurate results. Why do we care? Work location is becoming a less useful productivity metric. Companies should focus on work structure, not geography.

[00:12:22] Providers should help clients design digital workplaces that enhance flexibility without compromising security or collaboration. AI is reducing workplace inefficiencies, but adoption is uneven. Businesses need strategic guidance on AI implementation to ensure accuracy, effectiveness, and measurable productivity gains. Ultimately, MSPs and IT leaders who enable smarter collaboration, not just enforce office mandates, will be the ones driving business success.

[00:12:53] This episode is supported by Flexpoint. Flexpoint offers a purpose-built payment solution from managed service providers, automating billing operations to enhance efficiency and cash flow. With features like accounts receivable automation, branded client portals, and secure same-day payments, Flexpoint streamlines financial management. Integrations with accounting software such as QuickBooks and Xero, as well as professional services automation tools like ConnectWise and Autotask, ensure seamless data synchronization.

[00:13:23] Experience improved cash flow and client satisfaction with Flexpoint's comprehensive platform. Learn more at getflexpoint.com slash MSP dash radio.

[00:14:03] Thanks for listening. Your favorite platform. It's free and helps directly. Give us a review, too. If you want to support the show, visit patreon.com slash MSP radio, and you'll get access to content early. Or buy our Why Do We Care merch at businessof.tech. Have a question you want answered? We take listener questions, send them in, ideally as a voice memo or video to question at MSP radio.com.

[00:14:30] I answer listener questions live on our Wednesday live show on YouTube and LinkedIn. If you've got a comment or a thought on a story, put it in the comments if you're on YouTube or reach out on LinkedIn if you're listening to the podcast. And if you want to advertise on the show, visit MSP radio.com slash engage. Once again, thanks for listening, and I will talk to you again on our next episode. Part of the MSP radio network.