Key Channel Headlines: ConnectWise Takes CISA Pledge, New Threat Data from Sophos, and More

October is here! We’re bringing you the critical channel news, industry insights, and tech announcements to help sharpen your strategy and boost your business. Staying ahead of the curve leads to smarter decisions, better client service, and stronger leadership.

ConnectWise Signs Secure by Design Pledge, Reinforcing Commitment to Cybersecurity

Industry leader champions security-first approach, collaborates with CISA’s Joint Cyber Defense Collaborative.

Summary in the press release:

“By working closely with [CISA and the JCDC], we’ve been able to contribute meaningful insights and help shape guidance that benefits the entire MSP ecosystem. By prioritizing security at every level, we can collectively build a more resilient future for MSPs and their clients.” — Patrick Beggs, chief information security officer, ConnectWise

Sophos Releases Annual ‘State of Ransomware in Healthcare’ and ‘State of Ransomware in Education’ Reports

Research finds two thirds of healthcare organizations were hit by ransomware – a four-year high. Survey also finds most educational organizations paid more than the original ransom demand.

State of Ransomware in Healthcare press release/blog/full report

• Ransomware Attacks: 67% of healthcare organizations were hit in 2024, up from 60% in 2023.
• Backup Compromises: 95% of organizations had backups targeted, with 66% of those attacks succeeding.
• Ransom Recovery Costs: Recovery costs surged to $2.57 million in 2024, compared to $2.2 million in 2023.

State of Ransomware in Education press release/full report

• Ransomware Attack Rates: 63% of lower ed and 66% of higher ed organizations were hit by ransomware, a drop from last year’s 80%.
• Paying Beyond Initial Demands: 55% of lower ed and 67% of higher ed paid more than the initial ransom demand to recover.
• Median Ransom Payments: Lower ed organizations paid a median of $6.6 million, while higher ed organizations paid around $4.4 million.
• Recovery Times: Only 30% of schools fully recovered within a week, reflecting the slow recovery process for both lower and higher ed.

Smarsh Introduces the Industry’s First AI-powered Intelligent Agent for Communications Surveillance

The company is partnering with global financial institutions to supercharge risk detection and communications compliance using generative AI.

Key quote from the press release:

“We believe there’s an enormous opportunity to drive efficiency gains while also reducing organizational risk creating a more satisfying work experience.” — Goutam Nadella, chief product officer, Smarsh

Rubrik Powers Okta with Critical User Context to Safeguard Against Identity Attacks

The partnership accelerates threat detection and response in Okta AI. Rubrik becomes the first and only data security platform vendor to integrate with Okta Identity Threat Protection.

Key features/benefits from the announcement:

• Continuous visibility into user access to sensitive data
• Faster threat response and remediation with automated response actions
• Enhanced visibility across the security ecosystem

Ivanti Research Finds 86% of IT Professionals Agree Poor Digital Experiences Lead to Unsafe Workarounds in the Workplace

Just 13% of security professionals say user experience is a mission-critical priority when adopting cybersecurity tech interventions.

Key stats from the research:

• Only 13% of security professionals rate security UX as “mission critical.”
• 86% of IT professionals agree that poor digital experiences lead employees to use unsafe workarounds.
• 81% of office workers report they have not been trained to use generative AI, and 32% of security and IT professionals have no documented strategy in place to address generative AI risks.
• 93% of security professionals say that prioritizing digital employee experience has a positive impact on an organization’s cybersecurity efforts.

Vectra AI Clarity Program for MSSPs Meets Demand for Top-tier Comprehensive Cybersecurity Services

Focused on business innovation and its dedication to channel strategy, Vectra AI enhances its program offerings for the MSSP community to help partners deliver best-in-class XDR solutions.

Key features/benefits from the press release:

• Customizable XDR Solutions: The program offers MSSPs the flexibility to tailor XDR platforms, including network detection and response (NDR) and identity threat detection and response (ITDR), to suit the unique needs of each customer.
• Predictable Profit Margins: By allowing MSSPs to customize solutions based on individual environments, the program enables partners to streamline resource allocation and maintain predictable margins at scale.
• Comprehensive Support Services: Vectra AI Clarity Program includes extended SLAs, premium support services, expedited warranties, and operational and analyst support to enhance customer retention and value.
• Cutting-Edge Threat Detection: Vectra AI utilizes advanced technologies and its patented Attack Signal Intelligence to provide partners with top-tier detection and response capabilities, addressing complex hybrid attacks.

The 20 MSP Makes Strategic Play with Acquisition of iCoreIT

The 20 MSP continues national expansion with acquisition of iCoreConnect’s healthcare-focused managed IT services division.

Key quote from the press release:

“The 20 MSP’s goal was never just to be big. We want to be big, but also, really, really good. Our M&A plans will evolve to accommodate both of these objectives.” — Tim Conkle, founder and CEO, The 20 MSP

ConnectSecure Launches Microsoft 365 Assessment Module, Strengthening Leadership in Vulnerability Management

New solution helps MSPs proactively identify and address security weaknesses; reducing the risk of cyberattacks.

Key features/benefits from the press release:

• M365 Scan: Provides a prioritized list of configuration findings, helping clients enhance their security posture by addressing vulnerabilities.
• Key Findings Report: Offers detailed insights into identified issues, including severity levels, remediation steps, supporting resources, and a list of impacted tenant objects.
• Scheduled Scans: Enables regular scans to monitor configuration changes over time, highlighting any new, modified, or resolved issues in updated reports.

Meter Brings Premium, Cost-effective Cell Coverage to AnySpace

Channel-focused Meter delivers premium, seamless cell coverage to any space with 20x faster installations and 5x lower costs than traditional systems.

New features and integrations from the announcement:

• Hybrid Solution: Combines the strengths of active and passive DAS systems to provide comprehensive, high-quality cell signal coverage.
• Cost and Time Efficiency: Installs 20x faster and 5x cheaper than leading active DAS solutions, using a single ethernet cable for easy deployment.
• Scalable and Simple: Scales effortlessly to fit any space and requires no customer coordination, making it as easy to install as Wi-Fi.

MSPs on High Alert: Todyl Reports 558% Spike in BEC Attacks

A new report from Todyl reveals a massive rise in business email compromise attacks in 2024, with the Soze Syndicate targeting MSP networks.

Key insights from the research:

• Soze Syndicate’s Targeted MSP Attacks: The report details a sophisticated phishing campaign by the “Soze Syndicate,” which directly targets MSP networks. Todyl’s defenses are actively countering these attacks to safeguard MSPs and their clients.
• Advanced Anomaly Detection: Todyl’s machine learning engine is designed for MSP environments, distinguishing complex email threats with over 90% effectiveness to ensure proactive defense.
• Proactive Threat Hunting for MSP Security: Todyl’s threat hunting measures have reduced intrusion attempts by 70%, stopping potential attacks before they impact MSP operations.

Axio Unveils Quantification Wizard for Quick Time to Value with CRQ

Transforms cyber risk quantification to enable business-aligned decision making and accelerate risk mitigation.

How does this affect small and midsized MSPs that support SMBs in the U.S.? Key quote about the announcement:

“Quant Wizard enables MSPs to provide their smaller customers with capabilities that were previously only available to the enterprise. To benefit from quantification in the past, organizations would typically need to conduct large data analyses and engage a professional services team to build a program around cyber risk quantification.

“The combination of pre-built impact classes, industry event data through Cyentia, and flexible template scenarios dramatically reduces the upfront effort, data, and expertise needed to start conducting data-driven, risk-based cybersecurity management.” — Brendan Fitzpatrick, vice president of cyber risk quantification, Axio

Introducing Black Duck Software: The Leader in Application Security Has a New Name

Synopsys Software Integrity Group rebrands as Black Duck Software.

Insight from the press release:

“I am proud of what we have accomplished to get here, and I am incredibly optimistic about our future as an independent company. With our broad portfolio of application security solutions underpinned by differentiated technology and a talented team of experts, we enter the next phase of our journey with momentum and a renewed focus to help our customers build trust in their software.” — Jason Schmitt, CEO, Black Duck

Foxit Announces PDF Editor and Editor Pro with AI Assistant, Now Natively Supported on PCs powered by Snapdragon

Provides commercial and consumer PC customers with access to cutting-edge technology and productivity tools.

Key features/benefits from the press release:

• Native Support: Foxit’s PDF Editor now runs natively on Snapdragon PCs, improving performance and battery life.
• AI Integration: The AI Assistant, powered by ChatGPT, automates tasks like redaction and form filling.
• Improved Efficiency: Faster processing and enhanced workflows boost productivity for users on Snapdragon-powered devices.

Wildix Introduces X-Bees, an AI-powered Communication Hub Transforming Modern Business Operations

Salesforce integration in UCaaS, empowering sales teams to close deals faster and more efficiently.

Key features/benefits from the press release:

• AI-powered Insights: Real-time data and predictive analytics, transcription, translation and sentiment analysis for smarter decision-making.
• Advanced Communication Tools: Voice, video, messaging and conferencing in one interface, supporting collaboration with both colleagues and customers.
• Comprehensive Salesforce Integration: Manage CRM data directly within x-bees, enhancing the sales process.
• Real-time Collaboration: Instant communication across devices and locations, enabling efficient collaboration with both internal teams and customers.
• Automated Follow-ups and Task Management: AI-assisted scheduling and task reminders to reduce manual workload.

SolarWinds Closes the Market’s Hybrid IT Observability Gap, Accelerating Transformations for Customers

The next generation of SolarWinds Observability delivers innovative and comprehensive full-stack visibility across all IT environments.

Key features/benefits from the press release:

• Comprehensive Full-stack Visibility: Monitoring for on-premises, cloud, and hybrid environments, ensuring deep visibility across all IT infrastructures.
• Flexible Deployment Options: Customers can choose between self-hosted or SaaS models, adapting the deployment to fit their specific infrastructure needs.
• Enhanced AI/ML Capabilities: Built-in intelligence, anomaly-based alerts, and AI-assisted IT service management (ITSM) improve incident detection and resolution times.
• Broader Infrastructure Monitoring: Expanded support for on-premises and cloud infrastructures (AWS, Azure, Kubernetes), alongside enhanced network performance and traffic flow analysis.

Darktrace/CLOUD Brings Real-time Detection and Response to Microsoft Azure

The AI-driven cloud detection and response (CDR) system leverages Microsoft’s virtual network flow logs for agentless deployment, slashing deployment times by 95%.

Key features/benefits from the press release:

• AI-based CDR System: Provides real-time detection, investigation, and prioritization of cloud threats.
• Integration with Microsoft Azure’s Virtual Network: Flow logs lowers deployment times by 95% and help administrators understand the unique network patterns of Azure environments.
• New Research Suggests: Almost two thirds of cybersecurity professionals expect that by 2027, cloud security will be where defensive AI has the greatest impact.

How does this affect small and midsized MSPs that support SMBs in the U.S.?

“As organizations accelerate their cloud adoption journeys, they are relying on their trusted partners to help them navigate the challenges of managing and securing complex multi-cloud environments with limited resources.

“With Darktrace / CLOUD, we’re taking an agentless approach to AI-driven cloud detection and response to help customers gain complete real-time visibility across these environments while lowering cloud security operating costs by up to 80%. Together with our partners, we’re simplifying cloud security, enabling customers to harness the power of the cloud while proactively addressing risks.” — Dan Monahan, SVP, global partner organization, Darktrace. 

Image: iStock