The 151st Kentucky Derby is Saturday, and a 3-year-old colt named Journalism is a 3-1 favorite to win, according to odds makers. Of course, betting on horses with worse odds will get you a better payout, but when it comes to protecting your customers’ businesses, you’re always looking for solutions with the best odds. So get your mint julep (or mint tea) and first check out our coverage of:
- The cybersecurity tools and solutions announced at this year’s RSA Conference
- The new SIEM Kaseya introduced at Kaseya Connect, along with Kaseya 365 Ops, the latest edition of the 365 platform
- Blackpoint Cyber’s new unified security posture and response platform
- And Syncro’s XMM with integrated Microsoft 365 security management
Then continue reading below for other channel news you may have missed, including new solutions for credential risk and data leak prevention, where some industry movers and shakers just landed, and new research on the odds of email html attachments being malicious. (Hint: No winners there, but the findings may help you convince your customers to shore up their security awareness training.)
Happy reading!
Products & Solutions
Bitwarden Battles Credential Risk and AI-Driven Phishing with Access Intelligence
Bitwarden, a password, passkey, and secrets management vendor, launched Access Intelligence, which has two core functionalities: Risk Insights and Advanced Phishing Blocker.
Risk Insights allows you to identify, prioritize, and remediate at-risk credentials via a dashboard. With that visibility, you can also automatically alert end users of compromised credentials, initiate guided remediation workflows, and monitor password health improvements across the organization.
When a vulnerable credential is identified, Risk Insights immediately directs users to the appropriate password update page and recommends a strong, unique password that aligns with organizational policies. These prompts, delivered via the Bitwarden browser extension and email, accelerate response times and actively engage users in remediating credential risks through simple, in-context guidance.
The Advanced Phishing Blocker alerts and redirects users away from known phishing sites in real-time, using a continuously updated open source blocklist of malicious domains. When a user visits a suspicious site, the Bitwarden browser extension will automatically intervene, alerting the user and exiting the page to prevent credential compromise.
The extension relies on a continuously updated list of phishing domains to preemptively block access to malicious websites and prevent widespread and targeted campaigns. Future updates will extend visibility into phishing activity across the organization, enabling IT teams to monitor threats and respond quickly to suspicious patterns.
Bitwarden Access Intelligence is currently available in limited preview.
CrowdStrike Unveils Unified Data Protection Against Identity-based Hackers and Insider Threats
Among CrowdStrike’s several announcements at RSAC are new Falcon Data Protection innovations, enabling the protection of sensitive data across endpoints, cloud environments and GenAI, and SaaS applications to prevent exfiltration by insiders and identity-based attackers. The innovations are intended to replace legacy DLP solutions that require separate tools for endpoint and cloud with real-time, unified protection from a single platform.
Key innovations include:
Runtime protection for cloud data at rest and in motion, with a single view of data flows across on-premises and multi-cloud environments.
Encryption detection capability that inspects sensitive data within encrypted archives like 7zip files as they’re created—identifying and automatically blocking data theft attempts before files are locked and exfiltrated.
GenAI data leak prevention, which uses proprietary Similarity Detection DNA technology to recognize sensitive content even when modified or repackaged for GenAI tool upload. It enforces policies by content type, source or sensitivity label—preventing inadvertent exposure of sensitive information while blocking data leakage across both managed and unmanaged GenAI applications.
Other new features include expanded protection for macOS; SaaS threat services; dynamic elimination of standing privileges to sensitive data, granting Just-in-Time elevated access only when needed and under secure conditions; identity-based threat protection; and CrowdStrike Pulse Services (ongoing, customized security guidance to strengthen data protection across on-premises and cloud environments).
Events
Roundtable: MSP Industry Leaders Weigh in on the Impact of Rapidly Shifting Tariffs
ScalePad’s Chief Evangelist Luis Giraldo hosted a roundtable with three MSP leaders—Lyle Kirshenbaum, owner of Wired for the Future, Lauchlin Johnston, CEO and founder of LMJ Consulting, and Kathleen Martin, senior VP of community at JSG—to dig into the top challenges facing MSPs because of tariff uncertainty. Here’s a few of the key issues they say to expect.
Margin compression. In the short term, MSPs can expect pressure on their contract margins as prices rise. “Remember the trash compactor scene in Star Wars episode 4?” Martin says. “That’s what margins are going to feel like for a little while.” The panelists encouraged MSPs to adjust their rates when possible to compensate, and not to fall into the trap of “helping” clients by keeping rates low—to your own detriment.
Hardware concerns. With Windows 10 being end-of-life, there were some concerns about the many Windows 10 computers that need to be swapped out before October. With such uncertainty over what the next 6 months will look like, it is hard to tell what the end financial impact will be. “In the short term, I [don’t think] we’ll see that impact on the supply chain side,” says Johnston. He anticipates this becoming more relevant in a year or two, and only then a small 5–10% increase.
Uncertainty. Several tariff bills have been announced, then rolled back, says Martin, making it difficult to tell what will stick. Because tariffs are changing almost daily, MSPs will need to remain flexible and informed to stay ahead of the curve.
M&A – Vendors
Palo Alto Networks has entered into a definitive agreement to acquire Protect AI, provider of a platform for securing the use of AI and machine learning applications and models.
People
KnowBe4, a human risk management platform provider, appointed Bryan Palma president and CEO, effective May 5. KnowBe4’s founder and current CEO Stu Sjouwerman has transitioned to the role of executive chairman. Most recently, Palma was CEO of Trellix … Upshop, a provider of store operations technology for grocery retailers, appointed Mike Sanders CEO, replacing Shamus Hines, who will transition to a strategic board role. Previously, Sanders was CRO at Kaseya … Mimecast, a cybersecurity provider, appointed Ranjan Singh as chief product and technology officer. Prior to joining Mimecast, Singh spent more than three years as CPO at Kaseya.
By the Numbers
Don’t Click on That! 23% of HTML Email Attachments Are Malicious
Phishing, credential stuffing, exploiting weak or reused passwords—the attacks coming in via email are relentless. Attackers are continuing to shift malicious links and content to attachments in the hope of evading detection by security tools, according to Barracuda Networks’ just released 2025 Email Threats Report.
The research finds that 23% of HTML attachments are malicious—making them the most weaponized text file type—and as many as 20% of organizations experienced at least one attempted or successful account takeover (ATO) incident per month.
Other highlights from the research:
- 68% of malicious PDF attachments and 83% of malicious Microsoft documents contain QR codes designed to take users to phishing websites.
- Bitcoin sextortion scams account for 12% of malicious PDF attachments.
- 47% of email domains do not have Domain-based Message Authentication, Reporting and Conformance (DMARC) configured to protect against unauthorized use, including spoofing and impersonation attacks.
- 24% of email messages overall are now malicious or unwanted spam.
Barracuda gathered its data during February 2025, analyzing nearly 670 million malicious spam or unwanted email.
Most of the C-Suite Is Not Prepared for AI-Powered Threats
Organizations are excited about the transformative potential of AI, but 29% of executives are not prepared for AI-powered threats, despite nearly half (42%) believing they will happen. That’s according to new research from LevelBlue.
LevelBlue’s 2025 Futures Report: Cyber Resilience and Business Impact also finds that only about one-third (32%) of respondents believe their organization is prepared for deepfake attacks, even though 44% are expecting them. As AI-powered technologies make attacks more sophisticated, 59% of executives say that it is becoming more difficult for employees to identify real threats.
“In 2025, AI is forcing organizations to pivot once again,” said Theresa Lanowitz, chief evangelist of LevelBlue. “Our research shows that leaders are becoming more aware of the threats they face, and elevating cyber resilience measures accordingly. However, they still underestimate the potential risk of AI-powered cyberattacks and have extensive work ahead to properly prepare and protect themselves.”
There is some good news, though. According to the research, 45% of executives say that cyber resilience is recognized as a whole company priority rather than simply a cybersecurity issue—up from 27% last year.
Additional key findings include:
- 48% report needing to get better at defending against AI-powered cyber adversaries.
- 41% of organizations say they are experiencing a significantly higher volume of attacks.
- 61% of cyber resilient leaders have allocated a cybersecurity budget to new initiatives from the beginning, compared to 46% overall.
- 53% of cyber resilient organizations are committing significant investment to advanced threat detection.
- 68% say media reports of high-profile breaches have elevated cybersecurity on the C-suite agenda.
The report recommends four steps to best achieve cyber resilience: Push cyber resilience up the organization, embed cybersecurity responsibilities throughout the organization, be proactive (not reactive), and prioritize resilience in the software supply chain.
