Channel Brief: Five9 Layoffs; TD SYNNEX Acquires VAD Prolink

Cyber insurance provider Resilience released its Midyear 2024 Cyber Risk Report last week, and it had some interesting findings. The report found that global merger and acquisition (M&A) deal volume increased 36% in the first quarter of 2024, and that increased M&A activity and reliance on ubiquitous software vendors created new opportunities for threat actors to launch ransomware campaigns by exploiting a single point of failure.

While this growth can be seen as a sign of positive economic development, it can also create a staggering number of potential new points of failure. Similarly, technology consolidation—in which industries rely on single suppliers for critical platform services—have proven to lead to catastrophic effects downstream if a single supplier is breached. In addition to potential ransom payments, impacted organizations typically face significant business interruption and lost revenue. Some of the most disruptive cyberattacks over the past year involved heavily interconnected systems or recently acquired companies, to devastating effect, the report found.

Ransomware remained the leading cause of loss since January 2023, with 64% of ransomware-related claims resulting in a loss. The financial severity of claims related to ransomware attacks increased 411% from 2022 to 2023, the report found. In 2024, so far, the ransomware attacks on Change Healthcare and CDK Global, as well as the PanOS zero-day vulnerability, represented 2024’s top cyber insurance claim-driving events.

Of all claims received since January 2023, 35% were the result of a vendor data breach or ransomware attack exploiting a third-party vendor—including notable vulnerabilities associated with Ivanti software—and in 2024, that number is already 40% and expected to grow.

According to the Resilience report, two sectors saw the largest increases in claims in 2024: Manufacturing and construction. Manufacturing rose from 15.2% of all claims in 2023 to 41.7% of all claims in 2024, while construction rose from 6.1% of 2023 claims to 25.0% of 2024 claims.

You can check out the full report here. In the meantime, drop me a line at [email protected] if you have news to share or want to say hi! Here's what else you need to know today.

Today’s Tech, Channel and MSP News

1. TD SYNNEX buys Turkish VAD: TD SYNNEX has acquired Turkish value-added distributor (VAD) Prolink to bolster both its cybersecurity offering and footprint in Turkey. Prolink, founded in 1997, is an independent distributor specializing in networking and security solutions for the Turkish market. The company currently has 60 employees across offices in Istanbul and Ankara and supports a network of more than 300 reseller partners.

2. Five9 layoffs: Contact center products vendor Five9 said it plans to lay off 7% of its workforce, according to a regulatory filing. That comes out to under 200 people, based on the vendor’s 2,684 full-time employee count as of Dec. 31, 2023, CRN reported. The workforce reduction plan is “part of the Company’s broader efforts to drive balanced, profitable growth, further supporting our positive, long-term outlook and focus on increasing shareholder value,” according to the filing.

3. C3 Complete acquires TRACI.net: TRACI.net has been acquired by C3 Complete to strengthen and expand their existing voice and connectivity solutions, including their current Hosted PBX service. Hosted PBX offers a range of advanced features, such as voicemail to email, call forwarding, auto-attendant, hunt groups and more. TRACI.net was originally founded in 1987 as Mainframe Voice Messaging Service and became an ISP in 1997. The company launched its first hosted VoIP solution in 2004 and has become a communications consulting and services partner to hundreds of small and medium-sized businesses.

4. Grafana Labs raise: Open source operations monitoring and management firm Grafana Labs, announced it completed of a primary and secondary transaction worth about $270 million, with the proceeds going to the company and some of its stockholders. The company describes this as an extension to its $240 Series D round in 2022. The extension was led by existing investor Lightspeed Venture Partners, with participation from its existing institutional investors. The company is now valued at over $6 billion, up from $3 billion in 2021, according to TechCrunch.

5. Microsoft update goes 'seriously wrong': The Verge reported that Microsoft’s latest monthly security update has wreaked havoc on dual-boot Windows and Linux systems. The software giant issued a security patch last week to fix a two-year-old vulnerability in the GRUB open-source boot loader used by lots of Linux devices, The Verge said. Microsoft’s patch wasn’t supposed to hit dual-boot devices, but multiple Linux dual-boot users are seeing “security policy violation” messages, along with “something has gone seriously wrong” errors. Ars Technica reported issues across Reddit, Ubuntu forums, and elsewhere. Distributions including Ubuntu, Debian, Linux Mint, Zorin OS, and Puppy Linux have all been affected by Microsoft’s patch.