CISA's Secure by Design, Delta vs. CrowdStrike, Apple AI Cloud, Kaseya's New Security Solutions
CISA has garnered over 230 voluntary commitments from software manufacturers to adopt safer software development practices as part of the secure-by-design initiative. This initiative aims to address critical vulnerabilities, particularly those arising from memory-unsafe programming languages, which account for 60 to 70 percent of security issues. The agency has also released a document titled "Product Security Bad Practices," inviting public comments to guide vendors on best practices for enhancing software security.
The episode also covers Delta Airlines' lawsuit against CrowdStrike, seeking $500 million in damages due to a software update that caused a massive outage affecting millions of customers. Delta claims that CrowdStrike's negligence in testing the update led to significant disruptions, while CrowdStrike argues that Delta's outdated IT infrastructure contributed to the slow recovery. Cybersecurity expert Dr. Elia Kolchenko suggests that proving negligence in court may be challenging for Delta, hinting that an out-of-court settlement could be more advantageous for both parties.
Apple has launched its Private Cloud Compute Virtual Research Environment, allowing security researchers to verify the company's privacy and security claims regarding its AI-driven cloud intelligence system. This initiative includes the release of a security guide and source code for select components, reinforcing Apple's commitment to data privacy. The episode highlights how this move could influence vendor decisions as organizations increasingly prioritize privacy and security in their cloud strategies.
Lastly, the episode discusses Kaseya's new user security solution, which is priced at $2.79 per user, following its acquisition of SaaS Alerts. This offering aims to help small businesses protect against identity threats and reflects a growing trend among managed service providers (MSPs) to focus on SaaS security. Sobel emphasizes the importance of proactive risk management and the need for MSPs to adapt to the evolving landscape, where cloud vulnerabilities have surpassed ransomware as the top security threat. The insights shared in this episode underscore the critical need for organizations to prioritize security in their software development and operational practices.
Four things to know today
05:54 Kaseya Acquires SaaS Alerts, Launches Affordable User Security Solution for MSPs at $2.79 Per User
Supported by: https://timezest.com/mspradio/
All our Sponsors: https://businessof.tech/sponsors/
Do you want the show on your podcast app or the written versions of the stories? Subscribe to the
