CrowdStrike Consquences, SaaS Pricing Evolution, AI Security Tools, and IT Outsourcing Strategies

[00:00:02] [SPEAKER_00]: It's Thursday, August 1, 2024, and I'm Dave Sobel. Three things to know today. The CrowdStrike

[00:00:08] [SPEAKER_00]: outages impact Delta's $500 million loss, a shareholder lawsuit, CSRB consideration,

[00:00:16] [SPEAKER_00]: and CIS' pledge growth. New tools and enhancements, Gradient MSP's benchmark tool, Cohesities

[00:00:22] [SPEAKER_00]: AI Powered Data Cloud, and NIS' Dutoptera for AI Security. And Navigating the Future of

[00:00:30] [SPEAKER_00]: SaaS Pricing and IT Outsourcing, Strategies for Success in the AI Era. This is the Business

[00:00:37] [SPEAKER_00]: of Tech.

[00:00:39] [SPEAKER_00]: So there's more news around the CrowdStrike incident. Delta Airlines estimates that the

[00:00:45] [SPEAKER_00]: recent CrowdStrike outage will cost the airline $500 million, primarily due to lost revenue

[00:00:52] [SPEAKER_00]: and compensation for canceled flights. The disruption led to over 5,000 flight cancellation

[00:00:57] [SPEAKER_00]: and significant financial repercussions, prompting Delta to seek damages. Delta Airlines is considering

[00:01:04] [SPEAKER_00]: legal action against CrowdStrike and Microsoft. The airline has hired attorney David Boyce

[00:01:10] [SPEAKER_00]: to explore recovery options, although no lawsuit has been filed yet. And CrowdStrike

[00:01:17] [SPEAKER_00]: is also facing a shareholder lawsuit. Shareholders allege the company misled them about its software

[00:01:23] [SPEAKER_00]: testing procedures leading to significant reputational and financial damage, including

[00:01:28] [SPEAKER_00]: a $25 million drop in market value. CrowdStrike denies the allegations and plans to defend

[00:01:35] [SPEAKER_00]: itself vigorously.

[00:01:38] [SPEAKER_00]: The Cyber Safety Review Board is considering whether to investigate CrowdStrike. While

[00:01:43] [SPEAKER_00]: the Department of Homeland Security has not confirmed a formal review, many experts advocate

[00:01:48] [SPEAKER_00]: for it, citing software liability and resilience lessons. And CrowdStrike has reported that

[00:01:54] [SPEAKER_00]: 99% of its Windows sensors are now online. The CrowdStrike outage on July 19th had a varied

[00:02:01] [SPEAKER_00]: impact on managed services providers and their clients, with 41% of MSPs reporting

[00:02:06] [SPEAKER_00]: no customer impact according to a Canalis survey. Larger enterprises were more affected

[00:02:12] [SPEAKER_00]: than small and mid-sized businesses. Regional differences were noted with Latin America and

[00:02:18] [SPEAKER_00]: Asia Pacific reporting higher impacts than North America and Europe.

[00:02:23] [SPEAKER_00]: In addition, over 180 software companies have now committed to CISA's Secure by Design

[00:02:29] [SPEAKER_00]: pledge, emphasizing the importance of integrating security principles into product design. The

[00:02:34] [SPEAKER_00]: initiative aims to shift the cybersecurity burden from consumers to producers, encouraging

[00:02:40] [SPEAKER_00]: firms to take ownership of security outcomes at the executive level. Key goals include enhancing

[00:02:46] [SPEAKER_00]: multi-factor authentication, timely vulnerability disclosure and reducing default passwords.

[00:02:53] [SPEAKER_00]: Why do we care? So the story has advanced into consequences as we can note that the

[00:02:59] [SPEAKER_00]: recovery numbers tell us the incident is decidedly over. A note about why on the impact the

[00:03:05] [SPEAKER_00]: incident hit Asia Pacific harder due to time zones. It started in prime time there.

[00:03:10] [SPEAKER_00]: So what will happen? I expect the CSRB to take the case up and I expect the lawsuits to fizzle.

[00:03:17] [SPEAKER_00]: However, I'm also noting the growth of CISA's pledge numbers, 180 companies now. Are your

[00:03:23] [SPEAKER_00]: vendors on it? Are you and your clients tired of the time-consuming ticket tennis

[00:03:31] [SPEAKER_00]: of coordinating meetings and help desk calls? Wouldn't it be better to automate this process

[00:03:37] [SPEAKER_00]: with a tool that connects directly to ConnectWiseManage or Autotask?

[00:03:43] [SPEAKER_00]: TimeZest offers scheduling automation that gives you complete control of your schedule

[00:03:48] [SPEAKER_00]: and eliminates the hassle of calendar ping-pong. As the only service designed specifically for

[00:03:55] [SPEAKER_00]: MSPs, it integrates into your workflow and makes scheduling appointments easy on you

[00:04:00] [SPEAKER_00]: and your clients. Plus, you can try TimeZest for free. Visit timesest.com

[00:04:08] [SPEAKER_00]: slash MSP radio and use the code MSP radio to get 10% off your first year of TimeZest.

[00:04:18] [SPEAKER_00]: And some product releases to cover. Gradient MSP has launched a free MSP pricing benchmark

[00:04:25] [SPEAKER_00]: assessment tool allowing managed services providers to compare their pricing against data from over

[00:04:30] [SPEAKER_00]: 1,000 MSPs. Supported by vendors such as Auvik, Huntress, Enable and Ninja 1, this tool aims to

[00:04:37] [SPEAKER_00]: enhance pricing strategies and profitability by providing actionable insights in the industry

[00:04:42] [SPEAKER_00]: standards and product adoption trends. Cohesity has announced enhancements to its data cloud.

[00:04:49] [SPEAKER_00]: The updates integrate AI capabilities for improved threat detection and recovery,

[00:04:53] [SPEAKER_00]: enabling organizations to respond more effectively to cyber threats like ransomware.

[00:04:58] [SPEAKER_00]: They also included a guided incident response tool to facilitate quick incident recovery.

[00:05:04] [SPEAKER_00]: Anist has launched Dioptera, an open source tool for assessing security risks in AI models,

[00:05:11] [SPEAKER_00]: addressing issues like evasion and poisoning attacks. This initiative aims to enhance

[00:05:16] [SPEAKER_00]: understanding of unique risks associated with generative AI. It's accompanied by a draft

[00:05:22] [SPEAKER_00]: for dual use foundation model risk management open for public comment until September 9.

[00:05:29] [SPEAKER_00]: Why do we care? Everyone is dying to know how to price their services and a free tool will

[00:05:35] [SPEAKER_00]: undoubtedly gain attention. Missed Dioptera is another resource to consider. If you answer

[00:05:41] [SPEAKER_00]: customer questions about AI risks, this is another tool for your tool belt.

[00:05:48] [SPEAKER_00]: And two big ideas for your weekend. First, I want to highlight the evolution of

[00:05:53] [SPEAKER_00]: SaaS pricing in the AI era. Integrating AI into SaaS platforms challenges the traditional

[00:05:59] [SPEAKER_00]: seat based pricing model as AI automates tasks requiring multiple user licenses.

[00:06:06] [SPEAKER_00]: Emerging pricing models such as work or usage based and outcome based pricing

[00:06:11] [SPEAKER_00]: are gaining traction, focusing on the actual work performed by AI rather than the number of users.

[00:06:17] [SPEAKER_00]: While established companies may continue using seat based pricing with added components,

[00:06:23] [SPEAKER_00]: startups can leverage innovative pricing strategies to differentiate themselves and

[00:06:27] [SPEAKER_00]: capitalize on AI's capabilities. Second, I want to remind listeners of what

[00:06:32] [SPEAKER_00]: the discussion around outsourcing sounds like to customers. So information

[00:06:36] [SPEAKER_00]: weeks key steps for launching your IT outsourcing partnership got my attention.

[00:06:41] [SPEAKER_00]: To successfully launch an IT outsourcing partnership, CIOs should define mutual goals,

[00:06:48] [SPEAKER_00]: determine the scope of services and establish service level expectations.

[00:06:52] [SPEAKER_00]: A well structured transition plan is essential, including a robust management process and

[00:06:57] [SPEAKER_00]: clear communication. Securing the right talent involves competitive acquisition,

[00:07:01] [SPEAKER_00]: defining roles and monitoring performance. Sustaining success requires fostering a collaborative

[00:07:07] [SPEAKER_00]: culture, setting KPIs and recognizing the value delivered by the outsourced provider.

[00:07:14] [SPEAKER_00]: And why do we care? Thinking like your customer is solid advice. So this is a reminder that

[00:07:19] [SPEAKER_00]: this is the structure a customer looks for. I want to linger more on SaaS pricing evolution.

[00:07:26] [SPEAKER_00]: While I'm not advocating for a change to IT service providers, it's too early for that.

[00:07:31] [SPEAKER_00]: I am highlighting that pricing models around usage may become more of a prominent trend.

[00:07:37] [SPEAKER_00]: It exists certainly in cloud computing and makes even more sense when the usage costs are

[00:07:43] [SPEAKER_00]: as high as they are for AI. All you can eat AI is incredibly challenging. So expect more usage

[00:07:50] [SPEAKER_00]: costs. Now that may be incompatible with your per user or per device pricing. And if your

[00:07:57] [SPEAKER_00]: vendors increasingly use this model, you'll be forced to adjust. So heads up.

[00:08:06] [SPEAKER_00]: Today's episode is supported by Huntress. You want to focus on your clients and are always looking

[00:08:11] [SPEAKER_00]: for ways to get more time. Use Huntress' fully managed cyber security platform to fight off

[00:08:18] [SPEAKER_00]: cyber threats. Huntress is more than cybersecurity software for endpoints and identities. It's a

[00:08:24] [SPEAKER_00]: 24 by 7 security operations center. It's security awareness training, community engagement,

[00:08:30] [SPEAKER_00]: and dedicated partner support with an average CSAT score of 99.3%. Technology can only get you so

[00:08:38] [SPEAKER_00]: far. Human expertise is what's needed to truly elevate and protect small businesses. And you

[00:08:44] [SPEAKER_00]: get that with Huntress. Secure your clients and help them thrive with the number one rated EDR

[00:08:50] [SPEAKER_00]: for SMBs on G2. Visit huntress.com slash MSP radio to find out more.

[00:08:58] [SPEAKER_00]: Thanks for listening. Today's quite a list. National Girlfriend Day, National Wellness

[00:09:03] [SPEAKER_00]: Month, and International Child Free Day. It's also National Raspberry Cream Pie Day.

[00:09:10] [SPEAKER_00]: Lots of days. And speaking of days, I'm on vacation next week so you get lots of great

[00:09:16] [SPEAKER_00]: bonus content. Saturday in the podcast feed, you'll get the Wednesday live show, which is a

[00:09:22] [SPEAKER_00]: discussion of his research with anorag agarwal of tech aisle. We talk AI and security, and it's

[00:09:28] [SPEAKER_00]: a very future and predictions focused episode. Sunday, an interview with Colin Britton of

[00:09:34] [SPEAKER_00]: Devicey as we talk about the AI promise. He thinks it'll be about making your top

[00:09:39] [SPEAKER_00]: performers better when we talk about how that works. On Tuesday, you'll get an

[00:09:44] [SPEAKER_00]: interview with Doug Milburn of 45 Drives, who talks about open source. He has some strong views.

[00:09:51] [SPEAKER_00]: I look forward to your reactions on Thursday, a bonus episode providing insight into what's

[00:09:56] [SPEAKER_00]: in the GOP and DNC's technology positions. And then next Saturday, Cody Schneider joins me for

[00:10:03] [SPEAKER_00]: insights on automating workflows using artificial intelligence. I'll be back with a new show

[00:10:09] [SPEAKER_00]: on Monday, August 12th. And if you enjoy the show, share it, tell some friends, and make sure you

[00:10:15] [SPEAKER_00]: subscribe or follow on your favorite platform. Have a great time and I will talk to you again on August 12th.

[00:10:39] [SPEAKER_00]: Best of all, I hope you enjoyed this episode. If you want to see more of our

[00:10:40] [SPEAKER_00]: And if you're interested in the best way to support the show and help us grow,

[00:10:42] [SPEAKER_00]: you can also check out our Patreon where you can join the business of tech community at

[00:10:47] [SPEAKER_00]: patreon.com slash mspradio or buy our Why Do We Care merch at businessof.tech.

[00:10:55] [SPEAKER_00]: Finally, if you're interested in advertising on the show, visit mspradio.com slash engage.

[00:11:02] [SPEAKER_00]: Once again, thanks for listening to me. I'll talk to you again on our next episode

[00:11:07] [SPEAKER_00]: of the business of tech. Part of the MSP radio network.