Zendesk Shifts to Outcome-Based Pricing; CISA Faces Resignations Amid Budget Cuts and Cyber Threats

[00:00:02] It's Wednesday, April 23rd, 2025 and I'm Dave Solt. Four things to know today. Zendesk ditches seat licenses in favor of outcome-based pricing. Major resignations and funding cuts hit CISA, threatening the national cyber readiness. Kaseya, Cohesity and others debut AI-driven tools reshaping MSP operations. And OpenAI's content deal with the Washington Post highlights the shifting battle over trusted information. Here's why these matter.

[00:00:31] This is the Business of Tech. In a significant shift for enterprise software pricing, Zendesk has introduced a consumption-based model where companies will pay based on the activity generated by artificial intelligence agents rather than traditional user licenses. Zendesk's Chief Executive Officer Tom Eggemeier stated that customers should only pay when the AI agent effectively resolves a business problem, echoing a trend seen in cloud infrastructure services over the past two decades.

[00:01:01] This move comes as part of a broader shift toward agentic artificial intelligence in the industry, with only about 10% of Zendesk customers currently adopting generative AI, a figure the company hopes to double by year-end. Competitors like Salesforce have also begun similar pricing strategies with its Agent Force product priced at $2 per conversation. As organizations increasingly embrace AI, the pressure to enhance efficiency and reduce costs is shaping the future of software.

[00:01:30] Why do we care? Why do we care? Zendesk's move to consumption-based pricing based on AI agent outcomes marks a fundamental shift away from the license-based SaaS model. Instead of charging per seed, platform charges per business result, directly linking cost to value, specifically whether an AI agent resolves an issue.

[00:01:51] This trend is both a validation and a warning. As validation, outcome-based pricing aligns directly with what providers advocate for, pricing tied to business outcomes, not inputs.

[00:02:03] This move by Zendesk reinforces that this model is viable at scale, with enterprise-grade software adjusting to match the customer's definition of success, resolution, not usage. But as a warning, if vendors are charging based on AI-generated resolutions, providers need to rethink their value-add.

[00:02:30] Traditional ticket handling is at risk of becoming automated fully and commoditized. Where MSPs used to charge for Tier 1 response, AI can do it for pennies. This accelerates the race to strategic value. Now, smart MSPs won't fight this shift. They'll harness it, wrap it in business context, and offer clients the confidence that outcomes are being delivered, not just conversations closed. The future isn't about how many tickets you handle.

[00:03:00] It's about whether you help your clients move forward. Are you and your clients tired of the time-consuming ticket tennis of coordinating meetings and help desk calls? Wouldn't it be better to automate this process with a tool that connects directly to ConnectWise Manage or Autotask?

[00:03:23] TimeZest offers scheduling automation that gives you complete control of your schedule and eliminates the hassle of calendar ping pong. As the only service designed specifically for MSPs, it integrates into your workflow and makes scheduling appointments easy on you and your clients. Plus, you can try TimeZest for free.

[00:03:45] Visit TimeZest.com slash MSBRadio and use the code MSBRadio to get 10% off your first year of TimeZest. Two high-ranking officials from the Cybersecurity and Infrastructure Security Agency, also CISA, have resigned amid concerns of a potential staff exodus due to recent budget cuts.

[00:04:08] Bob Lord and Lauren Zabryak both announced their departures on LinkedIn, emphasizing their contributions to the Secure by Design program, which aims to enhance security and software development. The resignations come as CISA faces the possibility of cutting nearly 40% of its workforce, which equates to around 1,300 employees. This follows a recent reduction in funding that cut $10 million from the multi-state information sharing and analysis center, nearly half of its budget.

[00:04:36] The agency's acting director has indicated that while the Secure by Design initiative may evolve, its commitment to improving cybersecurity remains unchanged. Concerns about these changes reflect broader worries about the impact of the current administration's policies on national cybersecurity efforts. And the Cybersecurity and Infrastructure Security Agency has notified its threat-hunting staff that it will discontinue the use of Google-owned VirusTotal and has already ceased using the Cyber Threat Intelligence Service Census.

[00:05:06] These changes come amid that broader budget cuts within the agency, affecting over 500 cyber threat hunters. CISA's notification highlighted the importance of the tools for their operations and indicated that the agency is actively seeking alternatives to minimize disruption. Recent reports suggest that the agency may be ending all threat-hunting contracts with the private sector, raising concerns about its capability to effectively address cyber threats.

[00:05:32] The Pentagon is sent to implement a secure software assurance program aimed at enhancing the security of applications used within its networks. The initiative, led by Rob Wittmeyer, the Chief Software Officer for the Department of Defense, will establish criteria for vendors to ensure their software meets security standards, akin to the Cybersecurity Maturity Model Certification Program.

[00:05:55] Bittmeyer emphasized the need to accelerate discussions with industry partners to establish trust in software components and their development pipelines. In the coming weeks, the Department of Defense will issue requests for information to gather feedback on security controls necessary for software products as adversaries increasingly target vulnerabilities in the software supply chain.

[00:06:16] The overarching goal is to create a streamlined authority to operate process, significantly reducing the time needed for risk management assessments and ensuring that software installed does not introduce unacceptable risks into the defense environment. Why do we care? If CISA falters, who fills the gap? For MSPs, this isn't just policy watching. It's a business model decision.

[00:06:39] Providers who pivot to embed Secure by Design and vendors who embrace it into their offerings can claim real estate that regulators, customers, and insurance providers will increasingly demand. CASEA has unveiled its Spring 2025 release, introducing AI-driven features aimed at enhancing IT management and cybersecurity for managed service providers and internal IT teams.

[00:07:04] This update includes new features designed to automate workflows, improve user experience, and bolster security measures. Among the key highlights are the automated creation of standard operating procedures, allowing for real-time documentation with less manual effort, and enhanced billing controls that give customers direct management of payment methods. Additionally, the release features a streamlined file respiration process that enables users to quickly restore specific file versions.

[00:07:32] Cork Protection has launched a new tool called the Cork Cyber Insurance Policy Analyzer, designed to assist managed service providers in assessing cyber insurance policies quickly and efficiently. This AI-powered tool can evaluate any client's policy in under two minutes, saving providers between three to 20 hours per policy review.

[00:07:52] The Policy Analyzer scans and interprets dense policy language to identify hidden gaps in coverage while providing a client-ready summary that enhances the strategic advice offered to clients. AvePoint has introduced new capabilities to its Elements platform, enhancing security and management features for MSPs. This update follows the company's acquisition of Udentic and aims to address operational challenges in user and device management.

[00:08:19] AvePoint's new features include user lifecycle management, which automates user provisioning and enforces multi-factor authentication, and unified device management, which allows centralized oversight of devices across multiple clients. Cohesity has announced the launch of its new AI-powered cyber orchestration solution, Cohesity Recovery Agent, which aims to enhance cyber incident response for its net backup and data-protect customers.

[00:08:44] This tool automates critical recovery processes and provides customizable recovery blueprints, allowing organizations to respond to cyber incidents more efficiently. The solution enables teams to design and test recovery plans in non-production settings, ensuring they are prepared for real-world incidents. Gurukul has introduced the launch of its Self-Driving Security Information and Event Management System, or SIM,

[00:09:11] which introduces advanced artificial intelligence to automate security operations. The new platform integrates multiple AI agents throughout the threat management lifecycle, significantly reducing the time analysts spend on manual tasks by up to 58%. According to the company, the upgraded system not only enhances the efficiency of security teams, but also lowers operational costs by at least 40% through its AI-powered data pipeline management. Zoom Communications has launched Zoom Workplace for Frontline,

[00:09:41] a mobile-first solution designed to enhance communication and work management for frontline workers across industries such as retail, manufacturing, and healthcare. This platform aims to empower over 80% of the global workforce by providing tools to help workers stay connected and streamline daily tasks. The new features include real-time activity feeds, automatic chat groups for each shift, and push-to-talk functionality for instant voice communication.

[00:10:07] Additionally, the platform offers work management capabilities such as shift swapping and task management through Zoom tasks. The embedded Zoom AI companion utilizes artificial intelligence to generate automatic shift reports and facilitate smart searches, aiming to foster a more engaged and productive workforce. Why do we care? So most of these features are helpful to the service provider. The Zoom features are useful and users.

[00:10:36] OpenAI has announced a new content partnership with the Washington Post that will enable ChatGPT to summarize and link to the newspaper's original reporting in a series. The collaboration is part of OpenAI's broader strategy, having already formed partnerships with over 20 news publications, including the Guardian and Axios. The Washington Post aims to leverage ChatGPT's extensive user base to surpass 500 million users to enhance its reach.

[00:11:02] In return, OpenAI anticipates that the partnership will improve the quality of information provided to users, drawing the Post's timely and well-sourced journalism. Financial details of the agreement remain undisclosed, and while some newsrooms have embraced OpenAI's technology, others, such as the New York Times, raise concerns about copyright issues.

[00:11:22] OpenAI's deep research technology has shown to outperform traditional methods in web-based research tasks, yet it still fails to provide accurate answers nearly half the time. Recent testing revealed that while deep research can analyze or retrieve information more efficiently than human researchers, it achieved only a 51.5% accuracy rate in a benchmark known as BrowseCom, which assessed its ability to answer complex questions requiring extensive web searches.

[00:11:49] The study, led by OpenAI research Jason Way and his team, highlighted that human respondents struggled significantly, answering only about 3% of challenging questions after two hours of effort. The test involved 1266 questions designed to be difficult for both humans and earlier versions of deep research, demonstrating the ongoing challenges in the development of AI technologies aimed at improving research efficiency. Why do we care?

[00:12:16] OpenAI's partnership with the Post underscores a key moment in the evolution of AI's role as a content mediator. It also brings to light a fundamental tension between information quality and AI-generated synthesis. News organizations are splitting into two camps, licensing like the Guardian and Axios, or litigating like the New York Times. OpenAI's deals set a precedent. Expect similar arrangements to cascade down into B2B content providers.

[00:12:44] Think documentation platforms, analyst firms, and vendor-supported content. I'll comment, I'm not sure this is a good thing, yet also we'll be preparing for it. OpenAI's deep research outperforming humans on complex tasks sounds impressive, until you look at the benchmark, only 51.5% accuracy. It underscores a critical point. AI isn't reliable enough to be left unchecked, even in research roles.

[00:13:09] Don't just use AI, curate with it, audit it, and own the last mile of interpretation. That's where the value comes from. With every new breach and threat that I cover, it's clear that cybersecurity isn't a luxury anymore. It's a necessity. That's where Huntress comes in. Their fully-managed cybersecurity platform is built for every kind of business, not just the 1%. Huntress seamlessly integrates their products and threat-hunting team.

[00:13:39] Their EDR, ITDR, SIM, and security awareness training solutions are purposely built for their elite 24x7 Security Operations Center to stop threats before anyone else even spots them. This potent combination of purpose-built cybersecurity and threat-hunting expertise is one of the many reasons why G2 users have voted Huntress the number one rated EDR for growing businesses.

[00:14:05] To see what people-powered cybersecurity looks like, visit Huntress.com slash MSB Radio. Thanks for listening. Today is Administrative Professionals Day, so recognize those who support the organization. Also, National Email Day and National Cherry Cheesecake Day. The Business of Tech is written and produced by me, Dave Sobel, under ethics guidelines posted at businessof.tech.

[00:14:32] If you've enjoyed the show, make sure you've subscribed or followed on your favorite platform. It's free and helps directly. Give us a review, too. If you want to support the show, visit patreon.com slash MSB Radio, and you'll get access to content early. Or buy our Why Do We Care merch at businessof.tech. Have a question you want answered?

[00:14:55] We take listener questions, send them in, ideally as a voice memo or video to question at MSB Radio.com. I answer listener questions live on our Wednesday live show on YouTube and LinkedIn. If you've got a comment or a thought on a story, put it in the comments if you're on YouTube, or reach out on LinkedIn if you're listening to the podcast. And if you want to advertise on the show, visit MSB Radio.com slash engage.

[00:15:20] Once again, thanks for listening, and I will talk to you again on our next episode. Part of the MSB Radio Network. The MSB Radio Network. Check out our links.