News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
Business of Tech | The White House sends a message on cybersecurity

Let’s hit some of the security stories from the holidays to check for trends.
There was another Log4J security hole.    It’s only rated moderate and fixed in Log4J 2.17.1.  CISA also released guidance for dealing with the risks related to the software library. 

Microsoft notified a group of Azure customers about a bug that exposed the source code of their Azure web apps since at least September of 2017.    The issue has been fixed, and Microsoft spent the time since the notification in September also finding out how many were impacted.    The expectation is that the vulnerability was likely exploited.

Microsoft also fixed an issue with Exchange that prevented servers from sending emails.  Nothing will be lost related to a date check error, but administrators need to patch their servers.  

LastPass had a scare after users reported they were notified of unauthorized access attempts – but the company says it was bot activity, and no passwords were compromised. 

All this Log4J stuff has resulted in a call from the White House to work with them to improve the security of open-source software.     The effort starts with a one-day discussion this month.     President Biden also signed the National Defense Authorization Act of 2022, which codifies an approach to cybersecurity that depends on the decisions of private-sector entities to protect the bulk of the nation’s critical infrastructure. The requires the Cybersecurity and Infrastructure Security Agency to biennially update an incident response plan and consult with sector-specific agencies and the private sector to establish an exercise program to assess its effectiveness. 

Why do we care?

Besides the tactical catch-up from the holiday, it’s the push from the government to note.  That will be a theme this year as it relates to the security stories.     Expect more proactive action from the executive branch to come.  

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories