Managed service providers (MSPs) are increasingly allocating budgets for ransomware payments, with a recent report indicating that 45% have set aside funds specifically for this purpose. This trend raises concerns about normalizing the act of paying criminals, as many experts argue that such practices inadvertently support criminal activities. While some MSPs are turning to cyber insurance for protection, a significant portion remains vulnerable due to a lack of allocated budgets for ransomware payments or insurance. Additionally, MSP leaders are increasingly worried about artificial intelligence threats, which have surpassed traditional concerns like ransomware and malware.

A study by AppOmni reveals a troubling disconnect in the security posture of organizations using software-as-a-service (SaaS) applications. Despite 75% of organizations reporting breaches in the past year, 89% believe they have adequate visibility into their security environments. The study highlights that many incidents stem from permission issues and misconfigurations, emphasizing the need for improved security hygiene. Providers are urged to focus on addressing these basic issues rather than preparing for ransom payments, as this is where they can truly add value and protect their clients.

In a concerning development, a startup has been found selling hacked data from over 50 million computers to various industries, including debt collectors and divorce attorneys. This practice raises ethical and legal questions, as the sale of such information may not be illegal in many jurisdictions. Additionally, researchers have discovered nearly 2,000 AI protocol servers exposed online without any authentication, posing significant risks to sensitive data. Experts warn that individuals whose data is sold may remain unaware of the exploitation of their personal information, highlighting the urgent need for stronger data protections.

The UK government is reconsidering its demand for Apple to provide access to encrypted user data, influenced by pressure from the U.S. government. This shift comes after Apple withdrew its Advanced Data Protection Service from the UK, emphasizing its commitment to user privacy. Meanwhile, Meta has rejected the EU's Code of Practice for Artificial Intelligence, citing concerns over regulatory overreach. In contrast, OpenAI has formed a strategic partnership with the UK government to enhance the country's AI infrastructure, indicating a growing trend of governments aligning with major tech players in the AI sector. For MSPs, these developments underscore the importance of engaging in conversations about encryption resilience and understanding the evolving regulatory landscape.

Four things to know today

00:00 45% of MSPs Planning to Pay Hackers? SaaS Breach Rates Show Why That’s the Wrong Bet

03:55 Startup Sells Data From 50M Hacked PCs as AI Servers Leak Sensitive Info Without Authentication

06:18 UK May Drop Apple Encryption Backdoor Demand Amid US Pressure; OpenAI and Meta Make Diverging EU Moves

09:15 Microsoft Patches Critical SharePoint Flaws as China-Linked Actor Linked to Incident

Supported by:  https://getnerdio.com/nerdio-manager-for-msp/

Tell us about a newsletter! https://bit.ly/biztechnewsletter

All our Sponsors:   https://businessof.tech/sponsors/

Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/

Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/

Support the show on Patreon: https://patreon.com/mspradio/

Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech

Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit