Cybersecurity Breach in Trump Admin, AI Tools for MSPs, and New Integrations for Efficiency

[00:00:02] It's Tuesday, March 25th, 2025, and I'm Dave Solt. Four things to know today. Shadow IT at the top. War plans on Signal show why cyber rules without consequences don't work. Smarter security, faster replies. Microsoft and Verizon put AI on the job for everyone. Fewer tools, more power. MSP upgrades from Synchro, Cohesity, and MSP terms, aiming to do it all.

[00:00:28] And, one-stop MSP, new integrations aimed to save time, boost profits, and lock you in. This is the Business of Tech. In a significant security breach, senior members of the Trump administration, including Vice President J.D. Vance and Defense Secretary Pete Hedset, shared top-secret military plans regarding U.S. attacks on the Houthi group in Yemen through the encrypted commercial messaging app Signal.

[00:00:54] The breach was revealed when journalist Jeffrey Goldberg discovered he was part of a group chat that included key cabinet members discussing sensitive information. The National Security Council has confirmed the authenticity of the message chain, prompting calls for an immediate investigation. The Washington Post highlights the growing popularity of Signal among federal government workers and military planners during the Trump administration.

[00:01:19] The app, favored by high-profile figures like Elon Musk and foreign dissidents, has gained traction for its strong privacy features. As of March 2025, a significant number of federal employees have adopted Signal. In his reporting, Goldberg wrote, quote, End quote,

[00:01:48] Why do we care? This isn't a politics podcast. This story has a cybersecurity angle. Quote, It has made us look weak to our adversaries. End quote. The California Congressman Ro Khanna told The Guardian. Quote, We need to take cybersecurity far more seriously and I look forward to leading on that. End quote.

[00:02:11] Policy breachers are common in cybersecurity, but this crosses into federal law, not just corporate rules. If top U.S. officials violate actual federal laws governing classified communications without swift and visible accountability, what message does that send to employees, contractors, and even corporate leaders trying to uphold internal policy frameworks? This isn't a case of someone ignoring a security awareness training.

[00:02:41] There are federal statutes, including the Espionage Act and Presidential Records Act, that govern how classified information must be handled. This is a classic case of shadow IT at the executive level, a perennial challenge in enterprise environments. If federal cabinet officials ignore protocol because the tools are more convenient, what message does that send to lower level staff, contractors, and international partners?

[00:03:10] IT leaders need to ask themselves, are our most powerful users undermining the very controls we've built? You can't reasonably expect employees to treat an internal, quote, no personal devices for work communication, quote, rule seriously if cabinet officials can discuss war plans on a consumer app without consequences. The Post notes a growing use of signal among government workers. That's not inherently the problem.

[00:03:40] Signal can be used for unclassified communication and it's far better than SMS or email for those purposes. But this event draws a false equivalency between secure tools and secure behavior. The U.S. government maintains secure communication protocols, including classified networks, specifically designed to protect sensitive data. Signal is not part of this approved infrastructure. The story here isn't that signal is insecure.

[00:04:06] It's that the process around its use is insecure. If federal leaders face no legal or professional consequences for mishandling classified information, the idea of accountability for internal security policies becomes performative. The worst case scenario is that all of this becomes a footnote, an oops that's politically shrugged off. If that happens, policy fatigue deepens.

[00:04:33] Employees see policies as compliance theater. Shadow IT expands. People follow convenience over protocol. Insider threat models fail because the threat is leadership. And leadership doesn't spend money on security they don't value. For security leaders, this is a reminder. Policy without accountability is noise.

[00:04:58] Review your executive communication protocols, reinforce escalation procedures, and ensure leadership understands they're not exempt from security controls. They set the tone. This episode is supported by Comet Backup. Whether you get hit with ransomware, hardware failure, or human error, there's nothing more heart-stopping than losing business critical data. Backups are your final stand when a threat penetrates your layers of defense. That's where Comet Backup comes in.

[00:05:27] Comet is an all-in-one backup solution. Whether you need to protect computers, servers, virtual environments, emails, or databases, Comet Backup empowers you to manage backups on your terms. Visit CometBackup.com to start your free 30-day trial today. Get $100 free credit when you sign up with the promo code MSPRADIO. Start running backups in 15 minutes or less. Comet Backup. The backup solution that MSPs trust.

[00:05:56] Microsoft has announced the expansion of its AI-powered security co-pilot with six new AI agents designed to assist overwhelmed security teams. Set to be available in preview next month, these agents will automate tasks such as triaging phishing alerts, prioritizing critical incidents, and monitoring for vulnerabilities.

[00:06:14] In addition, Microsoft is collaborating with various partners, including OneTrust and Aviatrix, to develop third-party security agents that enhance data breach analysis and network outage investigations. Microsoft has introduced a new feature called Inline Data Protection for its Edge for Business web browser aimed at preventing sensitive company data from being shared with consumer generative artificial intelligence applications such as OpenAI's ChatGPT and Google Gemini.

[00:06:42] This new security measure allows organizations to control how employees interact with sensitive information online, including text input into web applications. Alongside this, Microsoft announced enhancements to its collaboration security from Microsoft Teams, addressing concerns about phishing attacks that have exploited the platform. The updates include improved real-time protection against malicious links and attachments with suspicious files executed in a secure environment to identify threats.

[00:07:11] And Verizon Business has launched the Verizon Business Assistant, a generative AI-powered text messaging solution aimed at helping small businesses automate customer interactions. This tool offers instant response to common questions, learns from previous interactions, and can connect customers with live representatives when necessary.

[00:07:31] The launch coincides with findings from the company's fifth annual State of Small Business report, which indicates that small business owners are increasingly seeking digital tools to improve efficiency and customer engagement. Key features of the Assistant include automated responses, live team member handoff for complex inquiries, and an insights dashboard for tracking customer interactions. The new service is now available. Why do we care?

[00:07:57] Well, this collection of AI-driven security and productivity announcements from Microsoft and Verizon highlights three important trends in the tech services landscape. First, the operationalization of AI and cybersecurity workflows. First, the increasing enterprise emphasis on securing AI interactions. And third, the democratization of AI-driven automation for SMBs. These developments aren't just new tools, they're signals of where vendor strategy and customer expectations are going.

[00:08:24] The agents go beyond chatbots, their actionable process automation layers embedded in SecOps workflows. Microsoft needs explicitly targeting the problem of overwhelmed security teams, not just through alerting, but with actual workload offload. Verizon's business assistant is a sign that the generative AI wave is reaching small businesses, with enterprise vendors looking to offer domain-specific, simplified tools that remove the need for in-house expertise.

[00:08:52] Syncro has announced the launch of its new network discovery solution designed to streamline operations for managed service providers and IT departments. The fully integrated tool automatically identifies and manages network-connected devices, eliminating the need for third-party scanning tools. Notably, the feature is included at no additional cost for users on Syncro's team plan. With customizable scans and seamless agent deployment, Syncro's network discovery facilitates quick onboarding and strengthens compliance efforts.

[00:09:23] Cohesity unveiled new data security features for its NetBackup 11.0 software aimed at protecting organizations from cyber threats. The latest release incorporates quantum-proof encryption with safeguards against future quantum computing attacks and enhances user behavior monitoring to detect unusual actions that could indicate a breach. The software also improves risk scoring by suggesting security settings and intercepting suspicious changes.

[00:09:49] Additionally, NetBackup 11.0 software's network, including Amazon DocumentDB and Azure Cosmos DB, enhancing efficiency and backup capabilities. MSP Terms, a leading document management and business strategy platform for managed service providers, has announced enhanced document tracking and management features. The advancements aim to help MSPs navigate complex legal requirements while improving their operational efficiency.

[00:10:17] The new capabilities include comprehensive document sharing and tracking, a license-free document library, and a secure client document portal that guarantees document integrity. MSP Teams also offers 24 by 7 educational resources and proactive legal alerts from top MSP law firms. Why do we care? Well, these announcements from Syncro Cohesity and MSP Teams reflect the theme. 2.0

[00:10:46] Tooling is rapidly evolving to reduce friction, bolster security, and address regulatory complexity, all while vendors try to differentiate through value-added integration and native features. They highlight real shifts at market expectations, tooling strategies, and the competitive landscape. So some notes. Tool consolidation is real. If Syncro can offer this functionality natively, MSPs may drop other lightweight scanning tools.

[00:11:12] The quantum-proof encryption isn't for today's threats, but for future proofing. This is positioning. Cohesity is trying to lead on long-term data security readiness. Document tracking and legal alerting reduce both risk and time to compliance, particularly in industries with data retention, audit, or licensing obligations. The underlying trend here is MSP stack maturation. Whether it's synchro building operational tools, Cohesity pushing smarter security,

[00:11:40] or MSP teams offering structured compliance workflows, the message is clear. MSPs are expected to deliver more security, documentation, automation, and compliance with fewer tools and leaner teams. And a bit on partnerships. AT&T has partnered with DataGate and Halo PSA to simplify the sales process for managed services providers by allowing them to procure and build telecom services directly through the Halo PSA platform.

[00:12:08] The integration aims to help MSPs diversify their offerings and enhance their profitability in a competitive market. The partnership, which has been in development for two years, enables a fully automated telecom delivery system within a professional services automation platform. Enable has enhanced its Technology Alliance program by integrating RUIST, an automation platform with Cove Data Protection. The collaboration aims to improve operational efficiency for IT service providers

[00:12:36] by reducing manual tasks and optimizing data protection processes. The integration facilitates user onboarding, backup monitoring, and billing reconciliation, allowing providers to focus more on strategic projects. Ingram Micro enhanced its X-Vantage platform with the launch of the Integrations Hub, which aims to simplify the integration process for business applications like Salesforce. The Integrations Hub uses a patented artificial intelligence framework

[00:13:04] trained on over a year of integration data, allowing partners to connect their systems in mere seconds. LevelBlue launched a new partner program at the Channel Partners 2025 conference. The program aims to simplify the deployment of security solutions and address the growing complexity in the cybersecurity market. With the new approach, partners can adopt a flexible consumption-based model, allowing them to scale services based on evolving customer needs. The program features a suite of security services and integrated technology,

[00:13:33] significantly reducing deployment time and initial investment. The initiative is also expanding globally, with partnerships in Europe and the Middle East, further enhancing LevelBlue's reach across North America, Europe, Latin America, and the Asian Pacific region. Why do we care? If you're an MSP, you're not just buying tools, you're buying into ecosystems. Vendors are not just selling tools, they're building interconnected ecosystems where services, automation, billing, and security converge.

[00:14:01] For MSPs, this means you'll be able to deliver more services faster, telecom, backup, security, without building everything from scratch. But the cost of that convenience is less flexibility and more dependency. That was the time to evaluate your platform allegiances, not just on price or features, but on strategic fit. Where do you want to control? What can you afford to outsource? This is a partner ecosystem power shift.

[00:14:27] Ignore it, and you may find your margins and your autonomy slowly eroded. Today's episode is supported by Huntress. Most cybersecurity solutions are built for massive enterprises with big budgets. Not Huntress. They're the fully managed cybersecurity platform built for all businesses, not just the 1%. Huntress purposely builds security solutions like EDR, ITDR, SIM, and security awareness training

[00:14:54] to equip their team of elite threat hunters to handle the heavy lifting of security for you. When threat actors strike, Huntress' 24x7 Global Sock shuts them down before they're even on anyone else's radar. But they do more than just chase alerts. They lead the charge in industry research and knowledge, bringing expert protection and peace of mind. That's why users on G2 rate their EDR number one for growing businesses.

[00:15:21] To see how their expert threat hunting team gets the job done, visit Huntress.com slash MSB Radio. Thanks for listening. Today is International Waffle Day, and also American Diabetes Alert Day. Nerdy Ocon will be held in Palm Springs, California from April 7th through 9th. Visit NerdyOcon.com to learn all about it.

[00:15:45] The Business of Tech is written and produced by me, Dave Sobel, under ethics guidelines posted at businessof.tech. If you've enjoyed the show, make sure you've subscribed or followed on your favorite platform. It's free and helps directly. Give us a review, too. If you want to support the show, visit Patreon.com slash MSB Radio, and you'll get access to content early. Or buy our Why Do We Care merch at businessof.tech.

[00:16:14] Have a question you want answered? We take listener questions, send them in, ideally as a voice memo or video to question at MSP Radio.com. I answer listener questions live on our Wednesday live show on YouTube and LinkedIn. If you've got a comment or a thought on a story, put it in the comments if you're on YouTube, or reach out on LinkedIn if you're listening to the podcast. And if you want to advertise on the show, visit MSP Radio.com slash engage.

[00:16:42] Once again, thanks for listening, and I will talk to you again on our next episode.