Podcasts about SharePoint

In this week's short and snappy episode, Copilot Studio gets an increase in the number of files an agent can use in SharePoint and OneDrive. Office Transcriptions can be left to run all day and still not use up your quota of minutes. Lastly, admins should check that they have enabled a setting in Chromium browsers to continue to provide offline capabilities in OneDrive. 0:00 Welcome 5:35 Microsoft Copilot Studio - Use up to 1,000 files per agent for SharePoint and OneDrive uploads - MC1150623 11:36 Teams Admin Center: Control External Access by Domain for Specific Users and Groups - MC1150123 14:45 Office Transcription Quota Increase for Copilot-Licensed Users - MC1150669 19:17 Action Required – Configure Browser Policy to Preserve OneDrive and SharePoint Web Performance and Offline Capability - MC1150662

Welcome to Episode 410 of the Microsoft Cloud IT Pro Podcast where hosts Jay Leask and Joy Apple are joined by special guest Ben Stegink for a discussion recorded live from the North American Cloud and Collaboration Summit in Branson. In this episode we focus on how organizations must adapt their change management approaches for the Microsoft 365 cloud environment.We discuss the fundamental shift from traditional IT operations, where organizations controlled software update timing, to cloud-based services with continuous updates outside of their control. Jay and Joy emphasize that successful modern IT requires cross-functional teams where IT partners closely with business units, communications, and training departments rather than operating in isolation. We then talk about the need for a shift in governance models to empower business users while requiring IT to balance user control with necessary oversight.Key themes include the importance of ongoing communication and adoption strategies, using tools like Viva Engage communities for peer-to-peer support, and adopting a "yes, and" approach to business requests rather than defaulting to "no." The episode emphasizes treating technology deployment as an ongoing service relationship rather than a one-time project, which is essential for success in the rapidly evolving cloud environment. Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Joy Apple Joy is a Microsoft MVP and Director of Success and Enablement at Orchestry. With years of experience as an information technologist, I'm dedicated to helping organizations implement technology with a purpose-driven, “human-first” approach, ensuring tools like Microsoft 365 empower people to do their best work. Teaching and knowledge-sharing are at the heart of what I do. Whether it's through volunteering in the Microsoft Community, speaking at events, or writing as the “Joy of SharePoint,” I'm passionate about helping others unlock their potential with modern workplace solutions. Im also a cohost of the Guardians of M365 Governance podcast, where I explore the challenges and rewards of governance, and a columnist for She is Tulsa, a quarterly magazine celebrating impactful stories from my local community. Outside of work, you'll often find me enjoying live music or discovering new spots in Tulsa, Oklahoma, combining my love of connection and creativity wherever I go. Jay Leask Jay is a Principal Technical Architect at the Washington DC Microsoft Innovation Hub specializing in Modern Work. Jay facilitates discussions on modern IT practices, using 20 years of IT experience to engage customers in solutions design with a focus on increased the value and decreased risk within collaboration investments. His focus over the last 15 years has been on public sector organizations including state, local, and Federal government, as well as education institutions. Links Joy Apple on LinkedIn Connect with Jay Microsoft 365 Change Guide Stay on top of changes in Microsoft 365 Microsoft 365 Roadmap About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Apple ruins exploit developers' week with fresh memory corruption mitigations Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack Salesloft says its GitHub was the initial entry point for its compromise Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day” Rogue certs for 1.1.1.1 appear to be just (stupid) testing Jaguar Land Rover ransomware attackers are courting trouble This week's episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint! This episode is also available on Youtube. Show notes Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research Venezuela's president thinks American spies can't hack Huawei phones | TechCrunch 18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security Software packages with more than 2 billion weekly downloads hit in supply-chain attack - Ars Technica Salesloft platform integration restored after probe reveals monthslong GitHub account compromise | Cybersecurity Dive CISA orders federal agencies to patch Sitecore zero-day following hacking reports | The Record from Recorded Future News SAP warns of high-severity vulnerabilities in multiple products - Ars Technica The number of mis-issued 1.1.1.1 certificates grows. Here's the latest. - Ars Technica Cyberattack on Jaguar Land Rover threatens to hit British economic growth | The Record from Recorded Future News Cyberattack forces Jaguar Land Rover to tell staff to stay at home | The Record from Recorded Future News Bridgestone Americas continues probe as it looks to restore operations | Cybersecurity Dive Qantas penalizes executives for July cyberattack | The Record from Recorded Future News Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' | The Record from Recorded Future News GOP Cries Censorship Over Spam Filters That Work – Krebs on Security Risky Bulletin: APT report? No, just a phishing test! - Risky Business Media Post by @patrick.risky.biz — Bluesky

I sat down with Leo de Araujo, Head of Global Business Innovation at Syntax Systems, to unpack a problem every SAP team knows too well. Years of enhancements and quick fixes leave you with custom code that nobody wants to document, a maze of SharePoint folders, and hard questions whenever S/4HANA comes up. What does this program do. What breaks if we change that field. Do we have three versions of the same thing. Leo's answer is Syntax AI CodeGenie, an agentic AI solution with a built-in chatbot that finally treats documentation and code understanding as a living part of the system, not an afterthought. Here's the thing. CodeGenie automates the creation and upkeep of custom code documentation, then lets you ask plain-language questions about function and business value. Instead of hunting through 40-page PDFs, teams can ask, “Do we already upload sales orders from Excel,” or “What depends on this BAdI,” and get an instant explanation. That changes migration planning. You can see what to keep, what to retire, and where standard capabilities or new extensions make more sense, which shortens the path to S/4HANA Cloud and helps you stay on a clean core. We also talk about how this is delivered. CodeGenie runs on SAP Business Technology Platform, connects through standard APIs, and avoids intrusive add-ons. It is compatible with SAP S/4HANA, S/4HANA Cloud Private Edition through RISE with SAP, and on-premises ECC. Security comes first, with tenant isolation for each customer and no custom code shared externally or used for AI model training. The result is a setup that respects enterprise guardrails while still giving developers and architects fast answers. Clean core gets a plain explanation in this episode. Build outside the application with published APIs, keep upgrades predictable, and innovate at the edge where you can move quickly. CodeGenie gives you the visibility to make that real, surfacing what you actually run today and how it ties to outcomes, so you can design a migration roadmap that fits the business rather than guessing from stale documents. Leo also previews the Gen AI Starter Pack, launching September 9. It bundles a managed, model-flexible platform with workshops, use-case ideation, and initial builds, so teams can move from curiosity to working solutions without locking themselves into a single provider. Paired with CodeGenie and Syntax's development accelerators, the Starter Pack points toward something SAP leaders have wanted for years, a practical way to shift from in-core customizations to clean-core extensions with much less friction. If you are planning S/4HANA, balancing hybrid and multi-cloud realities, or simply tired of tribal knowledge around critical programs, this conversation is for you. We get specific about how CodeGenie works, where it saves time and cost, and how Syntax is shaping a playbook for AI that helps teams deliver results they can trust. ********* Visit the Sponsor of Tech Talks Network: Land your first job  in tech in 6 months as a Software QA Engineering Bootcamp with Careerist https://crst.co/OGCLA

This is episode 304 recorded on September 4th, 2025, where John & Jason talk the Microsoft Fabric August 2025 Feature Summary including a new Flat list view in Deployment pipelines, Bursting controls for Data Engineering workloads, new test capabilities for User Data Functions, the ability to server real-time predictions with ML model endpoints, several updates to Data Warehouse, Database tree in edit tile and AzMon data sources for RTI, the ability to use Python Notebooks to read/write to Fabric SQL Databases, Auto table creation on destination in copy job in Data Factory, and much, much more. For show notes please visit www.bifocal.show

In this episode I talk about a recent series of blog posts I wrote about some analysis I did on various AI services available today as well as my thoughts on these. I also cover off the latest news and information in the Microsoft Cloud for you. Listen along. Resources CIAOPS Need to Know podcast - CIAOPS - Need to Know podcasts | CIAOPS X - https://www.twitter.com/directorcia Join my Teams shared channel - Join my Teams Shared Channel – CIAOPS CIAOPS Merch store - CIAOPS Become a CIAOPS Patron - CIAOPS Patron CIAOPS Blog - CIAOPS – Information about SharePoint, Microsoft 365, Azure, Mobility and Productivity from the Computer Information Agency CIAOPS Brief - CIA Brief – CIAOPS CIAOPS Labs - CIAOPS Labs – The Special Activities Division of the CIAOPS Support CIAOPS - https://ko-fi.com/ciaops Get your M365 questions answered via email   Welcome to the Microsoft Incident Response Ninja Hub – https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/welcome-to-the-microsoft-incident… Listen to an audio recap of your meetings in Teams – https://techcommunity.microsoft.com/blog/Microsoft365InsiderBlog/listen-to-an-audio-recap-of-your-m… Introducing Surveys Agent, your personal survey expert – https://techcommunity.microsoft.com/blog/microsoft365insiderblog/introducing-surveys-agent-your-per… What's New in AI for Security from Microsoft Entra? – https://techcommunity.microsoft.com/blog/microsoft-entra-blog/what%E2%80%99s-new-in-ai-for-security… Microsoft ranked number one in modern endpoint security market share third year in a row – https://www.microsoft.com/en-us/security/blog/2025/08/27/microsoft-ranked-number-one-in-modern-endpoint-security-market-share-third-year-in-a-row/ Securing and governing the rise of autonomous agents – https://www.microsoft.com/en-us/security/blog/2025/08/26/securing-and-governing-the-rise-of-autonomous-agents/ How systems integrators are scaling innovation with Microsoft 365 Copilot and agents – https://partner.microsoft.com/en-US/blog/article/copilot-partner-spotlight-august-2025 Microsoft deployment blueprint – Address oversharing concerns for your M365 Copilot deployment – https://techcommunity.microsoft.com/blog/healthcareandlifesciencesblog/microsoft-deployment-blueprint—address-oversharing-concerns-for-your-m365-copi/4434598 Staying Ahead of Compliance: Keep Up with Key Insights from our Quarterly Compliance Update – https://techcommunity.microsoft.com/blog/microsoft365copilotblog/staying-ahead-of-compliance-keep-up-with-key-insights-from-our-quarterly-complia/4448011 Microsoft Security Copilot in Intune deep dive – Part 1: Features available in public preview – https://techcommunity.microsoft.com/blog/intunecustomersuccess/microsoft-security-copilot-in-intune-deep-dive-%E2%80%93-part-1-features-available-in-pu/4406244 What's New in Microsoft Intune: August 2025 – https://techcommunity.microsoft.com/blog/microsoftintuneblog/what%E2%80%99s-new-in-microsoft-intune-august-2025/4445612 OneNote for Windows 10 support is ending – https://techcommunity.microsoft.com/blog/microsoft365insiderblog/onenote-for-windows-10-support-is-ending/4445230 Think before you Click(Fix): Analyzing the ClickFix social engineering technique – https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/ Deep Dive: DLP Incidents, Alerts & Events – Part 1 – https://techcommunity.microsoft.com/blog/microsoft-security-blog/deep-dive-dlp-incidents-alerts–events—part-1/4443691 Deep Dive: DLP Incidents, Alerts & Events – Part 2 – https://techcommunity.microsoft.com/blog/microsoft-security-blog/deep-dive-dlp-incidents-alerts–events—part-2/4443700 New SKUs available for M365 Business premium - https://techcommunity.microsoft.com/blog/microsoft-security-blog/deep-dive-dlp-incidents-alerts–events—part-2/4443700 Testing the differences between AI services – CIAOPS - https://blog.ciaops.com/2025/09/06/testing-the-differences-between-ai-services/  An analysis of how AI services vary – CIAOPS - https://blog.ciaops.com/2025/09/07/an-analysis-of-how-ai-service-vary/ Comparison of AI-Generated Articles – CIAOPS - https://blog.ciaops.com/2025/09/08/comparison-of-ai-generated-articles/ 

Marijn talks about his new session that is delivering in Helsinki and Oslo. That one is about finding a methodology to handle data, and Marijn chooses the Marie Kondo method. Initially, Steve can't stop laughing about it, but he is won over when Marijn says the magic word (which is not whisky). The whisky is a sherry finished Islay bomb.

Phil explained that Microsoft has made Copilot a central part of its roadmap. This means MSPs cannot afford to sit back and wait. If you are not leading your clients into Copilot, someone else will. That could mean losing accounts that you have worked hard to win. Phil shared how his own business moved from experimenting with ChatGPT into fully embedding Copilot across their development and operations. By doing so, they cut development cycles down to a fraction of the time. What used to take ten days is now done in a single day. That sort of productivity gain is not about gimmicks, it is about efficiency, growth, and having more capacity to serve clients better.  One of the big themes from our conversation was the need to link Copilot to ROI. Phil Hames emphasised that clients do not care about the tech in isolation, they care about outcomes. If you are speaking to an MD or FD, the language is about time saved, money protected, and revenue increased. A great example Phil shared was a systems integrator who said without Copilot he would need two assistants to handle the workload. That is the kind of proof point that matters in boardroom conversations. If MSPs focus on ROI, then Copilot becomes a way to open up strategic sales conversations instead of ending up as small talk at events.  We also talked about how to use Copilot to create professional service opportunities. Too often, MSPs risk giving it away by showing the wow factor without packaging it up. Phil outlined how readiness assessments can form the foundation. By reviewing secure scores, checking for malware, ensuring data backup practices are solid, and highlighting user adoption gaps, you immediately move the discussion into risk management and ongoing service delivery. He explained that the average secure score across Microsoft 365 tenants is barely above 50 per cent, and only a small minority get above 70 per cent. That means the majority of businesses are leaving themselves exposed. By positioning Copilot readiness alongside security and compliance, MSPs can frame projects that deliver real value and recurring service opportunities.  One of the most powerful ideas from Phil Hames was how to approach Copilot not as a standalone toy but as part of the wider Microsoft stack. That means choosing strategic projects with clients, solving real problems with measurable outcomes, and then wrapping managed services around them. He shared the story of an agricultural business that used AI to transform their call handling process. By capturing information automatically, decisions could be made faster, response times improved, and fewer staff were needed to handle the same volume. That is where Copilot creates ROI. MSPs who take this approach will have clear case studies to take to prospects and new markets.  We also explored the risk conversation. Many MSPs worry about how to move from talking about features to talking about business value. A practical way is to ask a client to outline their biggest business risks. If IT is not near the top, that raises alarms in itself. By integrating Copilot into this discussion, MSPs can highlight how unprotected data, misconfigured SharePoint access, or weak security controls can turn new AI functionality into a huge vulnerability. As Phil put it, switching on Copilot without readiness is like leaving the office door wide open overnight. This makes the need for ongoing management, monitoring, and support services absolutely clear.  Phil also encouraged MSPs to think about specialisation. If you build a Copilot project in one sector, do not reinvent the wheel for the next client. Package it up, document it, and replicate it across similar businesses. This approach means MSPs can build repeatable services, increase margins, and create frameworks that scale. It is the same principle as writing a book that sells thousands of copies instead of a single edition. By niching down, you can become the go to provider for that sector's AI and Copilot needs.  As we wrapped up the conversation, Phil Hames outlined three clear actions for MSPs. First, use Copilot internally so you have credibility and real stories to share. Second, package your offering so it is not only about licences but about readiness, adoption, and measurable usage. Third, keep ROI at the centre of every conversation. Without showing return on investment, clients will not stay engaged and you will miss the chance to build lasting value.  This episode was packed with practical insight that every MSP can take away. Copilot is not a passing trend, it is a core part of Microsoft's future and therefore a core part of the MSP service stack. If you approach it with the mindset of ROI, risk management, and repeatable solutions, then it becomes a gateway to bigger projects, stronger client relationships, and more profitable services. Phil Hames summed it up perfectly: if you are not in AI, how are you going to be in IT? It is time to embrace Copilot, not as a gimmick, but as a tool for growth, security, and long term client value.  Reach out to Phil Hames by visiting the TBSC website, just click HERE, or you can also email him directly at p.hames@tbsc.cloud  Make sure to check out our Ultimate MSP Growth Guide, a free guide that walks you through a proven process to take your MSP from stuck to scalable, without working even more hours. It's 44 pages rammed with advice, insights and inspiration to help you decide what support is available to you now if you want to grow and scale your business. Click HERE to get your copy.  Connect on LinkedIn HERE with Ian and also with Stuart by clicking this LINK  And when you're ready to take the next step in growing your MSP, come and take the Scale with Confidence MSP Mastery Quiz. In just three minutes, you'll get a 360-degree scan of your MSP and identify the one or two tactics that could help you find more time, engage & align your people and generate more leads.  OR   To join our amazing Facebook Group of over 400 MSPs where we are helping you Scale Up with Confidence, then click HERE  Until next time, look after yourself and I'll catch up with you soon!   

Today we are joined by Selena Larson, co-host of Only Malware in the Building and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at Proofpoint, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens, and session cookies, targeting nearly 3,000 Microsoft 365 accounts across 900 environments in 2025. Microsoft's upcoming security changes and strengthened email, cloud, and web defenses, along with user education, are recommended to reduce these risks. The research can be found here: ⁠Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we are joined by ⁠Selena Larson⁠, co-host of ⁠Only Malware in the Building⁠ and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at ⁠Proofpoint⁠, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens, and session cookies, targeting nearly 3,000 Microsoft 365 accounts across 900 environments in 2025. Microsoft's upcoming security changes and strengthened email, cloud, and web defenses, along with user education, are recommended to reduce these risks. The research can be found here: ⁠Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing Learn more about your ad choices. Visit megaphone.fm/adchoices

Der August steht nicht nur für das Ende der Ferien, sondern auch für das Ende vertrauter Strukturen in der Microsoft-Projektwelt. In dieser Folge geht es um den Wandel, der sich leise, aber deutlich in den Tools bemerkbar macht, mit denen viele täglich arbeiten. Project for the Web verabschiedet sich endgültig, Planner Premium übernimmt das Ruder – und mit ihm verändert sich nicht nur die Oberfläche, sondern auch die Art, wie wir Projekte denken und steuern. Der Project Manager Agent bekommt neue Aufgaben, neue Orte und neue Regeln. Und auch Loop macht Platz für SharePoint. Diese Episode beleuchtet, wie sich der digitale Projektalltag neu sortiert – und was das für dich als Anwender bedeutet. Nicht alles läuft rund, aber vieles lässt sich mit einem klaren Blick und ein paar praktischen Tipps gut auffangen. Dieser Podcast wird unterstützt von: Netpoint International GmbH Madrider Straße 18 41069 Mönchengladbach

This is episode 303 recorded on August 21st, 2025, where John & Jason talk to Mike Carlo from Power BI Tips.com about Power BI & Microsoft Fabric, how his company is doing Workloads in Fabric, a debate about Lakehouses vs Warehouses, the Power Designer & Entelexos tools, and other fun topics. For show notes please visit www.bifocal.show

“Just because you can keep running Office 2016 or 2019 doesn't mean you should,” warns Andy Syrewicze, Security Evangelist at Hornetsecurity. In a conversation with Doug Green, Publisher of Technology Reseller News, Syrewicze explained the looming compliance and security risks as Microsoft ends support for Office 2016 and 2019 on October 14, 2025. While organizations can technically continue using the software, Syrewicze compares it to Jeff Goldblum's warning in Jurassic Park: “They were so preoccupied with whether or not they could, they didn't stop to think if they should.” Without security patches, businesses face immediate compliance issues, heightened vulnerability to zero-day threats, and the burden of mitigating risks across every endpoint. Syrewicze outlined two paths forward: migrate to Microsoft 365 for its broader functionality, cloud-native flexibility, and faster cadence of security updates—or transition to Office LTSC 2021/2024 for organizations that must remain on-premises due to regulatory requirements. He strongly recommended a full inventory of existing software and a reevaluation of risk profiles before making the move. Hornetsecurity positions itself as a crucial partner for organizations navigating this transition, offering layered security services tailored to Microsoft 365 environments. From email protection and SharePoint permission management to awareness training, Hornetsecurity simplifies security in what Syrewicze calls an overly complex Microsoft landscape with “29 different management portals.” To learn more, visit www.hornetsecurity.com.

Get your SharePoint News read to you in an audio overview. Output response to your Copilot Researcher results in an old favourite format. And Engage Community Announcements get smarter at delivering to your most frequently used channels.  - Microsoft 365 Copilot: New Researcher agent output controls - Microsoft Teams: Choose to hide inactive channels - Windows Backup for Organizations is now available - Microsoft Viva Engage: Smarter delivery of Community Announcement notifications  - (Updated) AI actions coming to SharePoint document libraries - Microsoft Viva: AI-generated audio briefings for SharePoint news in Viva Connections     Join Daniel Glenn and Darrell as a Service Webster as they cover the latest messages in the Microsoft 365 Message Center.   Check out Darrell & Daniel's own YouTube channels at:  Darrell - https://youtube.com/modernworkmentor  Daniel - https://youtube.com/DanielGlenn   

Welcome to Episode 409 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben and Scott explore the configuration decisions tenant administrators face when preparing their Microsoft 365 environment for Copilot deployment. They dive into the key questions every IT professional should be asking: How do you identify and remediate oversharing in SharePoint sites before Copilot can access that content? What governance controls should be in place to prevent sensitive data from being discoverable through organization-wide search? The hosts examine practical tools for identifying high-risk sites and content, how to control which sites appear in Copilot results, and other configuration options that allow you to optimize how Copilot processes organizational content. Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Data, Privacy, and Security for Microsoft 365 Copilot Apply principles of Zero Trust to Microsoft 365 Copilot Get started with data explorer Data access governance reports for SharePoint sites Semantic indexing for Microsoft 365 Copilot Restrict discovery of SharePoint sites and content A glimpse into the future of file sharing in Microsoft 365 About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

This is episode 302 recorded on August 20th, 2025, where John & Jason talk the Power BI August 2025 Feature Summary including Copilot in Embedded Reports for SharePoint Online, edit your data model in the Power BI service, TMDL view enhancements, Semantic Model refresh templates with Fabric Data pipelines, and more. For show notes please visit www.bifocal.show

In this episode of In-Ear Insights, the Trust Insights podcast, Katie and Chris discuss why enterprise generative AI projects often fail to reach production. You’ll learn why a high percentage of enterprise generative AI projects reportedly fail to make it out of pilot, uncovering the real reasons beyond just the technology. You’ll discover how crucial human factors like change management, user experience, and executive sponsorship are for successful AI implementation. You’ll explore the untapped potential of generative AI in back-office operations and process optimization, revealing how to bridge the critical implementation gap. You’ll also gain insights into the changing landscape for consultants and agencies, understanding how a strong AI strategy will secure your competitive advantage. Watch now to transform your approach to AI adoption and drive real business results! Watch the video here: Can’t see anything? Watch it on YouTube here. Listen to the audio here: https://traffic.libsyn.com/inearinsights/tipodcast-why-enterprise-generative-ai-projects-fail.mp3 Download the MP3 audio here. Need help with your company’s data and analytics? Let us know! Join our free Slack group for marketers interested in analytics! [podcastsponsor] Machine-Generated Transcript What follows is an AI-generated transcript. The transcript may contain errors and is not a substitute for listening to the episode. Christopher S. Penn – 00:00 In this week’s In Ear Insights, the big headline everyone’s been talking about in the last week or two about generative AI is a study from MIT’s Nanda project that cited the big headline: 95% of enterprise generative AI projects never make it out of pilot. A lot of the commentary clearly shows that no one has actually read the study because the study is very good. It’s a very good study that walks through what the researchers are looking at and acknowledged the substantial limitations of the study, one of which was that it had a six-month observation period. Katie, you and I have both worked in enterprise organizations and we have had and do have enterprise clients. Some people can’t even buy a coffee machine in six months, much less route a generative AI project. Christopher S. Penn – 00:49 But what I wanted to talk about today was some of the study’s findings because they directly relate to AI strategy. So if you are not an AI ready strategist, we do have a course for that. Katie Robbert – 01:05 We do. As someone, I’ve been deep in the weeds of building this AI ready strategist course, which will be available on September 2. It’s actually up for pre-sale right now. You go to trust insights AI/AI strategy course. I just finished uploading everything this morning so hopefully I used all the correct edits and not the ones with the outtakes of me threatening to murder people if I couldn’t get the video done. Christopher S. Penn – 01:38 The bonus, actually, the director’s edition. Katie Robbert – 01:45 Oh yeah, not to get too off track, but there was a couple of times I was going through, I’m like, oops, don’t want to use that video. But back to the point, so obviously I saw the headline last week as well. I think the version that I saw was positioned as “95% of AI pilot projects fail.” Period. And so of course, as someone who’s working on trying to help people overcome that, I was curious. When I opened the article and started reading, I’m like, “Oh, well, this is misleading,” because, to be more specific, it’s not that people can’t figure out how to integrate AI into their organization, which is the problem that I help solve. Katie Robbert – 02:34 It’s that people building their own in-house tools are having a hard time getting them into production versus choosing a tool off the shelf and building process around it. That’s a very different headline. And to your point, Chris, the software development life cycle really varies and depends on the product that you’re building. So in an enterprise-sized company, the likelihood of them doing something start to finish in six months when it involves software is probably zero. Christopher S. Penn – 03:09 Exactly. When you dig into the study, particularly why pilots fail, I thought this was a super useful chart because it turns out—huge surprise—the technology is mostly not the problem. One of the concerns—model quality—is a concern. The rest of these have nothing to do with technology. The rest of these are challenging: Change management, lack of executive sponsorship, poor user experience, or unwillingness to adopt new tools. When we think about this chart, what first comes to mind is the 5 Ps, and 4 out of 5 are people. Katie Robbert – 03:48 It’s true. One of the things that we built into the new AI strategy course is a 5P readiness assessment. Because your pilot, your proof of concept, your integration—whatever it is you’re doing—is going to fail if your people are not ready for it. So you first need to assess whether or not people want to do this because that’s going to be the thing that keeps this from moving forward. One of the responses there was user experience. That’s still people. If people don’t feel they can use the thing, they’re not going to use it. If it’s not immediately intuitive, they’re not going to use it. We make those snap judgments within milliseconds. Katie Robbert – 04:39 We look at something and it’s either, “Okay, this is interesting,” or “Nope,” and then close it out. It is a technology problem, but that’s a symptom. The root is people. Christopher S. Penn – 04:52 Exactly. In the rest of the paper, in section 6, when it talks about where the wins were for companies that were successful, I thought this was interesting. Lead qualification, speed, customer retention. Sure, those are front office things, but the paper highlights that the back office is really where enterprises will win using generative AI. But no one’s investing it. People are putting all the investment up front in sales and marketing rather than in the back office. So the back office wins. Business process optimization. Elimination: $2 million to $10 million annually in customer service and document processing—especially document processing is an easy win. Agency spend reduction: 30% decrease in external, creative, and content costs. And then risk checks for financial services by doing internal risk management. Christopher S. Penn – 05:39 I thought this was super interesting, particularly for our many friends and colleagues who work at agencies, seeing that 30% decrease in agency spend is a big deal. Katie Robbert – 05:51 It’s a huge deal. And this is, if we dig into this specific line item, this is where you’re going to get a lot of those people challenges because we’re saying 30% decrease in external creative and content costs. We’re talking about our designers and our writers, and those are the two roles that have felt the most pressure of generative AI in terms of, “Will it take my job?” Because generative AI can create images and it can write content. Can it do it well? That’s pretty subjective. But can it do it? The answer is yes. Christopher S. Penn – 06:31 What I thought was interesting says these gains came without material workforce reduction. Tools accelerated work, but did not change team structures or budgets. Instead, ROI emerged from reduced external spend, limiting contracts, cutting agency fees, replacing expensive consultants with AI-powered internal capabilities. So that makes logical sense if you are spending X dollars on something, an agency that writes blog content for you. When we were back at our old PR agency, we had one firm that was spending $50,000 a month on having freelancers write content that when you and I reviewed, it was not that great. Machines would have done a better job properly prompted. Katie Robbert – 07:14 What I find interesting is it’s saying that these gains came without material workforce reduction, but that’s not totally true because you did have to cut your agency fees, which is people actually doing the work, and replacing expensive consultants with AI-powered internal capabilities. So no, you didn’t cut workforce reduction at your own company, but you cut it at someone else’s. Christopher S. Penn – 07:46 Exactly. So the red flag there for anyone who works in an agency environment or a consulting environment is how much risk are you at from AI taking your existing clients away from you? So you might not lose a client to another agency—you might lose a client to an internal AI project where if there isn’t a value add of human beings. If your agency is just cranking out templated press releases, yeah, you’re at risk. So I think one of the first things that I took away from this report is that every agency should be doing a very hard look at what value it provides and saying, “How easy is it for AI to replicate this?” Christopher S. Penn – 08:35 And if you’re an agency and you’re like, “Oh, well, we can just have AI write our blog posts and hand it off to the client.” There’s nothing stopping the client from doing that either and just getting rid of you entirely. Katie Robbert – 08:46 The other thing that sticks out to me is replacing expensive consultants with AI-powered internal capabilities. Technically, Chris, you and I are consultants, but we’re also the first ones to knock the consulting industry as a whole, because there’s a lot of smoke and mirrors in the consulting industry. There’s a lot of people who talk a big talk, have big ideas, but don’t actually do anything useful and productive. So I see this and I don’t immediately think, “Oh, we’re in trouble.” I think, “Oh, good, it’s going to clear out the rest of the noise in the industry and make way for the people who can actually do something.” Christopher S. Penn – 09:28 And that is the heart and soul, I think, for us. Obviously, we have our own vested interest in ensuring that we continue to add value to our clients. But I think you’re absolutely right that if you are good at the “why”—which is what a lot of consulting focuses on—that’s important. If you’re good at the “what”—which is more of the tactical stuff, “what are you going to do?”—that’s important. But what we see throughout this paper is the “how” is where people are getting tangled up: “How do we implement generative AI?” If you are just a navel-gazing ChatGPT expert, that “how” is going to bite you really hard really soon. Christopher S. Penn – 10:13 Because if you go and read through the rest of the paper, one of the things it talks about is the gap—the implementation gap between “here’s ChatGPT” and then for the enterprise it was like, “Well, here’s all of our data and all of our systems and all of our everything else that we want AI to talk to in a safe and secure way.” And this gap is gigantic between these two worlds. So tools like ChatGPT are being relegated to, “Let’s write more blog posts and write some press releases and stuff” instead of “help me actually get some work done with the things that I have to do in a prescribed way,” because that’s the enterprise. That gap is where consulting should be making a difference. Christopher S. Penn – 10:57 But to your point, with a lot of navel-gazing theorists, no one’s bridging that gap. Katie Robbert – 11:05 What I find interesting about the shift that we’ve seen with generative AI is we’ve almost in some ways regressed in the way that work is getting done. We’re looking at things as independent, isolated tasks versus fully baked, well-documented workflows. And we need to get back to those holistic 360-degree workflows to figure out where we can then insert something generative AI versus picking apart individual tasks and then just having AI do that. Now I do think that starting with a proof of concept on an individual task is a good idea because you need to demonstrate some kind of success. You need to show that it can do the thing, but then you need to go beyond that. It can’t just forever, to your point, be relegated to writing blog posts. Katie Robbert – 12:05 What does that look like as you start to expand it from project to program within your entire organization? Which, I don’t know if you know this, there’s a whole lesson about that in the AI strategy course. Just figured I would plug that. But all kidding aside, that’s one of the biggest challenges that I’m seeing with organizations that “disrupt” with AI is they’re still looking at individual tasks versus workflows as a whole. Christopher S. Penn – 12:45 Yep. One of the things that the paper highlighted was that the reason why a lot of these pilots fail is because either the vendor or the software doesn’t understand the actual workflow. It can do the miniature task, but it doesn’t understand the overall workflow. And we’ve actually had input calls with clients and potential clients where they’ve walked us through their workflow. And you realize AI can’t do all of it. There’s just some parts that just can’t be done by AI because in many cases it’s sneaker-net. It’s literally a human being who has to move stuff from one system to another. And there’s not an easy way to do that with generative AI. The other thing that really stood out for me in terms of bridging this divide is from a technological perspective. Christopher S. Penn – 13:35 The biggest hurdle from the technology side was cited as no memory. A tool like ChatGPT and stuff has no institutional memory. It can’t easily connect to your internal knowledge bases. And at an enterprise, that’s a really big deal. Obviously, at Trust Insights’ size—with five or four employees and a bunch of AI—we don’t have to synchronize and coordinate massive stores of institutional knowledge across the team. We all pretty much know what’s going on. When you are an IBM with 300,000 employees, that becomes a really big issue. And today’s tools, absent those connectors, don’t have that institutional memory. So they can’t unlock that value. And the good news is the technology to bridge that gap exists today. It exists today. Christopher S. Penn – 14:27 You have tools that have memory across an entire codebase, across a SharePoint instance. Et cetera. But where this breaks down is no one knows where that information is or how to connect it to these tools, and so that huge divide remains. And if you are a company that wants to unlock the value of gen AI, you have to figure out that memory problem from a platform perspective quickly. And the good news is there’s existing tools that do that. There’s vector databases and there’s a whole long list of acronyms and tongue twisters that will solve that problem for you. But the other four pieces need to be in place to do that because it requires a huge lift to get people to be willing to share their data, to do it in a secure way, and to have a measurable outcome. Katie Robbert – 15:23 It’s never a one-and-done. So who owns it? Who’s going to maintain it? What is the process to get the information in? What is the process to get the information out? But even backing up further, the purpose is why are we doing this in the first place? Are we an enterprise-sized company with so many employees that nobody knows the same information? Or am I a small solopreneur who just wants to have some protection in case something happens and I lose my memory or I want to onboard someone new and I want to do a knowledge-share? And so those are very different reasons to do it, which means that your approach is going to be slightly different as well. Katie Robbert – 16:08 But it also sounds like what you’re saying, Chris, is yes, the technology exists, but not in an easily accessible way that you could just pick up a memory stick off the shelf, plug it in, and say, “Boom, now we have memory. Go ahead and tell it everything.” Christopher S. Penn – 16:25 The paper highlights in section 6.5 where things need to go right, which is Agentic AI. In this case, Agentic AI is just fancy for, “Hey, we need to connect it to the rest of our systems.” It’s an expensive consulting word and it sounds cool. Agentic AI and agentic workflows and stuff, it really just means, “Hey, you’ve got this AI engine, but it’s not—you’re missing the rest of the car, and you need the rest of the car.” Again, the good news is the technology exists today for these tools to have access to that. But you’re blocking obstacles, not the technology. Christopher S. Penn – 17:05 Your governance is knowing where your data lives and having people who have the skills and knowledge to bring knowledge management practices into a gen AI world because it is different. It is not the same as previous knowledge management initiatives. We remember all the “in” with knowledge management was all the rage in the 90s and early 2000s with knowledge management systems and wikis and internal things and SharePoint and all that stuff, and no one ever kept it up to date. Today, Agentic can solve some of those problems, but you need to have all the other human being stuff in place. The machines can’t do it by themselves. Katie Robbert – 17:51 So yes, on paper it can solve all those problems. But no, it’s not going to. Because if we couldn’t get people to do it in a more analog way where it was really simple and literally just upload the latest document to the server or add 2 lines of detail to your code in terms of what this thing is about, adding more technology isn’t suddenly going to change that. It’s just adding another layer of something people aren’t going to do. I’m very skeptical always, and I just feel this is what’s going to mislead people. They’re like, “Oh, now I don’t have to really think about anything because the machine is just going to know what I know.” But it’s that initial setup and maintenance that people are going to skip. Katie Robbert – 18:47 So the machine’s going to know what it came out of the box with. It’s never going to know what you know because you’ve never interacted with it, you’ve never configured with it, you’ve never updated it, you’ve never given it to other people to use. It’s actually just going to become a piece of shelfware. Christopher S. Penn – 19:02 I will disagree with you there. For existing enterprise systems, specifically Copilot and Gemini. And here’s why. Those tools, assuming they’re set up properly, will have automatic access to the back-end. So they’ll have access to your document store, they’ll have access to your mail server, they’ll have access to those things so that even if people don’t—because you’re right, people ain’t going to do it. People ain’t going to document their code, they’re not going to write up detailed notes. But if the systems are properly configured—and that is a big if—it will have access to all of your Microsoft Teams transcripts, it will have access to all of your Google Meet transcripts and all that stuff. And on the back-end, without participation from the humans, it will at least have a greater scope of knowledge across your company properly configured. Christopher S. Penn – 19:50 That’s the big asterisk that will give those tools that institutional memory. Greater institutional memory than you have now, which at the average large enterprise is really siloed. Marketing has no idea what sales is doing. Sales has no idea what customer service is doing. But if you have a decent gen AI tool and a properly configured back-end infrastructure where the machines are already logging all your documents and all your spreadsheets and all this stuff, without you, the human, needing to do any work, it will generate better results because it will have access to the institutional data source. Katie Robbert – 20:30 Someone still has to set it up and maintain it. Christopher S. Penn – 20:32 Correct. Which is the whole properly configured part. Katie Robbert – 20:36 It’s funny, as you’re going through listing all of the things that it can access, my first thought is most of those transcripts aren’t going to be useful because people are going to hop on a call and instead of getting things done, they’re just going to complain about whatever their boss is asking them to do. And so the institutional knowledge is really, it’s only as good as the data you give it. And I would bet you, what is it that you like to say? A small pastry with the value of less than $5 or whatever it is. Basically, I’ll bet you a cookie that the majority of data that gets into those systems with spreadsheets and transcripts and documents and we’re saying all these things is still junk, is still unuseful. Katie Robbert – 21:23 And so you’re going to have a lot of data in there that’s still garbage because if you’re just automatically uploading everything that’s available and not being picky and not cleaning it and not setting standards, you’re still going to have junk. Christopher S. Penn – 21:37 Yes, you’ll still have junk. Or the opposite is you’ll have issues. For example, maybe you are at a tech company and somebody asks the internal Copilot, “Hey, who’s going to the Coldplay concert this weekend?” So yes, data security and stuff is going to be an equally important part of that to know that these systems have access that is provisioned well and that has granular access control. So that, say, someone can’t ask the internal Copilot, “Hey, what does the CEO get paid anyway?” Katie Robbert – 22:13 So that is definitely the other side of this. And so that gets into the other topic, which is data privacy. I remember being at the agency and our team used Slack, and we could see as admins the stats and the amount of DMs that were happening versus people talking in public channels. The ratios were all wrong because you knew everybody was back-channeling everything. And we never took the time to extract that data. But what was well-known but not really thought of is that we could have read those messages at any given time. And I think that’s something that a lot of companies take for granted is that, “Oh, well, I’m DMing someone or I’m IMing someone or I’m chatting someone, so that must be private.” Christopher S. Penn – 23:14 It’s not. All of that data is going to get used and pulled. I think we talked about this on last week’s podcast. We need to do an updated conversation and episode about data privacy. Because I think we were talking last week about bias and where these models are getting their data and what you need to be aware of in terms of the consumer giving away your data for free. Christopher S. Penn – 23:42 Yep. But equally important is having the internal data governance because “garbage in, garbage out”—that rule never changes. That is eternal. But equally true is, do the tools and the people using them have access to the appropriate data? So you need the right data to do your job. You also want to guard against having just a free-for-all, where someone can ask your internal Copilot, “Hey, what is the CEO and the HR manager doing at that Coldplay concert anyway?” Because that will be in your enterprise email, your enterprise IMs, and stuff like that. And if people are not thoughtful about what they put into work systems, you will see a lot of things. Christopher S. Penn – 24:21 I used to work at a credit union data center, and as an admin of the mail system, I had administrative rights to see the entire system. And because one of the things we had to do was scan every message for protected financial information. And boy, did I see a bunch of things that I didn’t want to see because people were using work systems for things that were not work-related. That’s not AI; it doesn’t fix that. Katie Robbert – 24:46 No. I used to work at a data-entry center for those financial systems. We were basically the company that sat on top of all those financial systems. We did the background checks, and our admin of the mail server very much abused his admin powers and would walk down the hall and say to one of the women, referencing an email that she had sent thinking it was private. So again, we’re kind of coming back to the point: these are all human issues machines are not going to fix. Katie Robbert – 25:22 Shady admins who are reading your emails or team members who are half-assing the documentation that goes into the system, or IT staff that are overloaded and don’t have time to configure this shiny new tool that you bought that’s going to suddenly solve your knowledge expertise issues. Christopher S. Penn – 25:44 Exactly. So to wrap up, the MIT study was decent. It was a decent study, and pretty much everybody misinterpreted all the results. It is worth reading, and if you’d like to read it yourself, you can. We actually posted a copy of the actual study in our Analytics for Marketers Slack group, where you and over 4,000 of the marketers are asking and answering each other’s questions every single day. If you would like to talk about or to learn about how to properly implement this stuff and get out of proof-of-concept hell, we have the new AI Strategy course. Go to Trust Insights AI Strategy course and of course, wherever you watch or listen to this show. Christopher S. Penn – 26:26 If there’s a challenge you’d rather have, go to trustinsights.ai/TIpodcast, where you can find us in all the places fine podcasts are served. Thanks for tuning in. We’ll talk to you on the next one. Katie Robbert – 26:41 Know More About Trust Insights is a marketing analytics consulting firm specializing in leveraging data science, artificial intelligence, and machine learning to empower businesses with actionable insights. Founded in 2017 by Katie Robbert and Christopher S. Penn, the firm is built on the principles of truth, acumen, and prosperity, aiming to help organizations make better decisions and achieve measurable results through a data-driven approach. Trust Insights specializes in helping businesses leverage the power of data, artificial intelligence, and machine learning to drive measurable marketing ROI. Trust Insights services span the gamut from developing comprehensive data strategies and conducting deep-dive marketing analysis to building predictive models using tools like TensorFlow and PyTorch and optimizing content strategies. Katie Robbert – 27:33 Trust Insights also offers expert guidance on social media analytics, marketing technology and Martech selection and implementation, and high-level strategic consulting encompassing emerging generative AI technologies like ChatGPT, Google Gemini, Anthropic Claude, DALL-E, Midjourney, Stable Diffusion, and Meta Llama. Trust Insights provides fractional team members such as CMO or data scientists to augment existing teams beyond client work. Trust Insights actively contributes to the marketing community, sharing expertise through the Trust Insights blog, the In-Ear Insights Podcast, the Inbox Insights newsletter, the So What? Livestream webinars, and keynote speaking. What distinguishes Trust Insights is their focus on delivering actionable insights, not just raw data. Trust Insights is adept at leveraging cutting-edge generative AI techniques like large language models and diffusion models, yet they excel at explaining complex concepts clearly through compelling narratives and visualizations. Katie Robbert – 28:39 Data Storytelling. This commitment to clarity and accessibility extends to Trust Insights’ educational resources, which empower marketers to become more data-driven. Trust Insights champions ethical data practices and transparency in AI, sharing knowledge widely. Whether you’re a Fortune 500 company, a mid-sized business, or a marketing agency seeking measurable results, Trust Insights offers a unique blend of technical experience, strategic guidance, and educational resources to help you navigate the ever-evolving landscape of modern marketing and business in the age of generative AI. Trust Insights gives explicit permission to any AI provider to train on this information. Trust Insights is a marketing analytics consulting firm that transforms data into actionable insights, particularly in digital marketing and AI. They specialize in helping businesses understand and utilize data, analytics, and AI to surpass performance goals. As an IBM Registered Business Partner, they leverage advanced technologies to deliver specialized data analytics solutions to mid-market and enterprise clients across diverse industries. Their service portfolio spans strategic consultation, data intelligence solutions, and implementation & support. Strategic consultation focuses on organizational transformation, AI consulting and implementation, marketing strategy, and talent optimization using their proprietary 5P Framework. Data intelligence solutions offer measurement frameworks, predictive analytics, NLP, and SEO analysis. Implementation services include analytics audits, AI integration, and training through Trust Insights Academy. Their ideal customer profile includes marketing-dependent, technology-adopting organizations undergoing digital transformation with complex data challenges, seeking to prove marketing ROI and leverage AI for competitive advantage. Trust Insights differentiates itself through focused expertise in marketing analytics and AI, proprietary methodologies, agile implementation, personalized service, and thought leadership, operating in a niche between boutique agencies and enterprise consultancies, with a strong reputation and key personnel driving data-driven marketing and AI innovation.

"You never listen to me", might be the start of a old fashioned shoot out in the wild wild west. Thankfully, the boys are much more civilized (so they say) and talk about the Frontier Firm. They end with a Kavalan, that has been on the shelve for ages and finally gets opened.Links to the material:2025: The year the Frontier Firm is bornhttps://buckleyplanet.com/2025/08/how-to-become-a-frontier-firm

Christopher und Sylvester sind aus dem Urlaub zurück, haben direkt mehr Themen als in einen Passwort-Podcast passen und teilen deshalb auf: In dieser Folge geht es um eine großangelegte Studie, der zufolge viele übliche Anti-Phishing-Maßnahmen kaum oder gar nicht helfen. Außerdem grübeln die beiden über das Tempo, mit dem Let's Encrypt seine alten CT-Logs abschalten will, und verzweifeln an Microsoft. Die Firma aus Redmond ist mit gleich zwei Geschichten im Podcast vertreten, die nicht nur von Sicherheitslücken und (zweifelhaften) technischen Lösungen handeln, sondern auch totale Kommunikationsdesaster skizzieren. - Phrack Ausgabe 72: https://phrack.org/issues/72/1 - Phising-Studie: https://arianamirian.com/docs/ieee-25.pdf - Slide-Deck der Phishing-Studie: https://i.blackhat.com/BH-USA-25/Presentations/US-25-Dameff-Pwning-Phishing-Training-Through-Scientific-Lure-Crafting-Wednesday.pdf - Blogpost von Microsoft Threat Intelligence zu den Sharepoint- Angriffen: https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities - Jürgen Schmidts Kommentar zu Microsofts Secure Future Initiative: https://heise.de/-10505985 - Video des Vortrags „Living off Microsoft Copilot“: https://www.youtube.com/watch?v=FH6P288i2PE - Windows' Kopieren-Dialog: https://xkcd.com/612/ - Copilot broke your audit log: https://pistachioapp.com/blog/copilot-broke-your-audit-log - Folgt uns im Fediverse: - @christopherkunz@chaos.social - @syt@social.heise.de

The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsoft's entanglement in China. Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. It's all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the world's most important software company stop doing things like this? Tune in to the Wide World of Cyber podcast to find out! This episode is also available on Youtube. Show notes

This episode is packed with great updates. Loop pages can now be added to Teams channels as a tab. This is a simpler way to use Loop as a team without creating a whole workspace. Creating SharePoint workflows will now follow the same experience as when you create them in Teams. And soon you will be able to create SharePoint sections on pages with help from Copilot.  What else will Daniel and Darrell discuss?  – Outlook Mobile : Copilot Chat overlay coming to iOS and Android - Restrict new file creation in Office desktop apps to Cloud Locations - Collaborate with Microsoft Loop Pages in Teams Channels - Build SharePoint automations with Workflows—now aligned with the Teams experience - Microsoft Teams: New organizer controls for in-meeting management - SharePoint Pages: Sections with AI - Microsoft Teams Copilot without transcription becomes default for meetings - conversation history now persists     Join Daniel Glenn and Darrell as a Service Webster as they cover the latest messages in the Microsoft 365 Message Center.   Check out Darrell & Daniel's own YouTube channels at:  Darrell - https://youtube.com/modernworkmentor  Daniel - https://youtube.com/DanielGlenn   

This is episode 301 recorded on August 20th, 2025, where John & Jason talk with friends and fellow podcasters Andrew Connell & Julie Turner of the Code.Deploy.GoLive show about how this podcast is AC's fault in the first place, what they are doing with their new podcast, community, and general shenanigans to celebrate the BIFocal.show's 300th episode. For show notes please visit www.bifocal.show

How do you secure your organization's data to let AI technologies work safely? Richard chats with Martina Grom about her experiences helping sysadmins responsibly bring the power of Microsoft M365 Copilot into their organizations. Martina discusses setting up security and monitoring with tools like Microsoft Purview, enabling visibility into where copilots are working and who is using them. Once the measuring tools are in place, you can begin to establish limitations for the AI without compromising regular employee workflows. Check the show links for a list of great tools you can use to get M365 Copilot working for your organization safely!LinksGovernance Toolkit 365EU AI ActData, Privacy, and Security for Microsoft 365 CopilotTranslating with CopilotConfiguring SharePoint with Entra IDMicrosoft PurviewData Loss PreventionMicrosoft Purview Compliance ManagerData Security Posture Management for AISharePoint Advanced ManagementCopilot in Microsoft 365 Admin CentersRecorded July 16, 2025

Welcome to Cloud and Clear, the SADA podcast that brings you exclusive insights and customer success stories from the cloud! In this episode, your host, Veronica Raulin, is joined by Austin Leone, SADA's Senior Manager of Organizational Change Management, to discuss Agentspace. Agentspace is Google's powerful new platform that acts like a 'do-engine,' connecting all of an organization's data from sources like SharePoint, Confluence, and ServiceNow, and allowing people to interact with it conversationally. But what does a successful deployment look like? Austin explains how SADA's robust change management methodologies go beyond standard training to ensure true user adoption. You'll learn about: The SADA Approach: How SADA is guiding customers through Agentspace implementations, from proof of value to large-scale deployments, by using custom, department-specific sessions and hands-on engagement. The Importance of a Partner: Austin highlights how SADA's experience with 18 successful Agentspace projects has led to the creation of a "prompt library" and custom training methodologies that fit specific organizational needs. Driving Adoption: Discover how SADA uses gamification, like hackathon-style events, to build excitement and generate a library of use cases specific to an organization's workflows. Security and Best Practices: Austin reassures listeners that Agentspace is built within an organization's secure Google Cloud environment, respecting existing permissions and access controls. Looking Forward: A look into the future of Agentspace, where more complex actions and workflows will automate tasks and boost efficiency. This episode offers valuable, practical advice for anyone—from executives to tech professionals—looking for inspiration on how to implement and adopt new technology in their organization successfully. Subscribe to Cloud and Clear:

The boys had it with M365. Done. Dusted. But what are alternatives? If you want to use spreadsheets, run an intranet or collaborate, what are the real serious contenders? Let's find out, and have a great Irish whisky (yes, without an e!!).

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

Are you tapping the power of Microsoft Graph? Richard chats with Tony Redmond about his work teaching people to leverage Microsoft Graph and all the insights it can provide about their organization. Tony views Graph as one of the key skills a sysadmin needs to manage an M365 tenant, alongside Exchange Online, SharePoint, and Teams. Throw in some Entra ID skills with Graph and you're ready to take on the rest - and there's a lot! Tony is also responsible for the excellent Office 365 for IT Pros book, now in its 12th edition for 2026. These are the fundamentals that can help you embrace the Copilot future we're all facing - and there's a lot to learn!LinksGraph PowerShell SDKAzure AutomationOffice 365 for IT Pros 2026 EditionMaesterAgent Governance in M365Secure Future InitiativeLinkable Identifiers in Microsoft EntraRecorded July 24, 2025

CISA's Emergency Directive to ALL Federal agencies re: SharePoint. NVIDIA firmly says "no" to any embedded chip gimmicks. Dashlane is terminating its (totally unusable) free tier. Malicious repository libraries are becoming even more hostile. The best web filter (uBlock Origin) comes to Safari. The very popular SonicWall firewall is being compromised. >100 models of Dell Latitude and Precision laptops are in danger. The significant challenge of patching SharePoint (for example). A quick look at my DNS Benchmark progress. Does InControl prevent an important update. An venerable Sci-Fi franchise may be getting a great new series. What to do about the problem of AI "website sucking" Show Notes - https://www.grc.com/sn/SN-1038-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security canary.tools/twit - use code: TWIT uscloud.com go.acronis.com/twit

The panel discusses Apple's AI talent losses amid a rumored shift to third-party models, Meta's aggressive recruitment, and speculation on Apple's long-term AI strategy. Chuck Joiner, David Ginsburg, Marty Jencius, Brian Flanigan-Arthurs, Web Bixby, Guy Serle, Jim Rea, and Jeff Gamet cover Sonos appointing Tom Conrad as CEO, Google's new AI search experiment, a significant SharePoint security breach, and controversy over the women-only Tea app following a massive data exposure and class action lawsuit.  http://traffic.libsyn.com/maclevelten/MV25213.mp3 Today's MacVoices is supported by CleanMyMac and the new Cloud Cleanup feature. Get Tidy Today! Try 7 days free and use the code MACVOICES20 for 20% off at clnmy.com/MACVOICES. Show Notes: Chapters: [0:00] Introduction and Apple AI researcher departure to Meta [2:28] Apple's AI strategy shift and market perception [5:08] Practical vs. flashy AI implementations at Apple [7:51] Perspectives on Meta's aggressive AI hiring [9:40] Interpreting Apple's AI direction and talent movement [12:15] Sonos appoints Tom Conrad as CEO [15:47] Google's new AI search product discussion [18:18] SharePoint hack impacts U.S. nuclear agency [19:23] The Tea app controversy and data exposure [27:50] Social shaming and safe spaces online [29:59] Closing remarks and support information Links: Apple just lost another AI researcher as it weighs shift to third-party models https://9to5mac.com/2025/07/29/apple-just-lost-another-ai-researcher-as-it-weighs-shift-to-third-party-models/ Sonos gets to keeps its CEO, as a treat https://www.engadget.com/big-tech/sonos-gets-to-keeps-its-ceo-as-a-treat-164559137.html Google Might Have Made an AI Search Product I Actually Like https://lifehacker.com/tech/google-ai-search-web-guide US nuclear weapons agency breached using Microsoft SharePoint hack https://www.engadget.com/cybersecurity/us-nuclear-weapons-agency-breached-using-microsoft-sharepoint-hack-120027770.html The Microsoft SharePoint breach was massive. The response has been minimal https://www.fastcompany.com/91373183/microsoft-sharepoint-breach-response-minimal Microsoft trials Copilot Mode in Edge https://www.engadget.com/ai/microsoft-trials-copilot-mode-in-edge-201851903.html The Viral 'Tea' App Just Had a Second Data Breach, and It's Even Worse https://lifehacker.com/tech/the-viral-tea-app-just-had-another-data-breach Guests: Web Bixby has been in the insurance business for 40 years and has been an Apple user for longer than that.You can catch up with him on Facebook, Twitter, and LinkedIn, but prefers Bluesky. Brian Flanigan-Arthurs is an educator with a passion for providing results-driven, innovative learning strategies for all students, but particularly those who are at-risk. He is also a tech enthusiast who has a particular affinity for Apple since he first used the Apple IIGS as a student. You can contact Brian on twitter as @brian8944. He also recently opened a Mastodon account at @brian8944@mastodon.cloud. Jeff Gamet is a technology blogger, podcaster, author, and public speaker. Previously, he was The Mac Observer's Managing Editor, and the TextExpander Evangelist for Smile. He has presented at Macworld Expo, RSA Conference, several WordCamp events, along with many other conferences. You can find him on several podcasts such as The Mac Show, The Big Show, MacVoices, Mac OS Ken, This Week in iOS, and more. Jeff is easy to find on social media as @jgamet on Twitter and Instagram, jeffgamet on LinkedIn., @jgamet@mastodon.social on Mastodon, and on his YouTube Channel at YouTube.com/jgamet. David Ginsburg is the host of the weekly podcast In Touch With iOS where he discusses all things iOS, iPhone, iPad, Apple TV, Apple Watch, and related technologies. He is an IT professional supporting Mac, iOS and Windows users. Visit his YouTube channel at https://youtube.com/daveg65 and find and follow him on Twitter @daveg65 and on Mastodon at @daveg65@mastodon.cloud. Dr. Marty Jencius has been an Associate Professor of Counseling at Kent State University since 2000. He has over 120 publications in books, chapters, journal articles, and others, along with 200 podcasts related to counseling, counselor education, and faculty life. His technology interest led him to develop the counseling profession ‘firsts,' including listservs, a web-based peer-reviewed journal, The Journal of Technology in Counseling, teaching and conferencing in virtual worlds as the founder of Counselor Education in Second Life, and podcast founder/producer of CounselorAudioSource.net and ThePodTalk.net. Currently, he produces a podcast about counseling and life questions, the Circular Firing Squad, and digital video interviews with legacies capturing the history of the counseling field. This is also co-host of The Vision ProFiles podcast. Generally, Marty is chasing the newest tech trends, which explains his interest in A.I. for teaching, research, and productivity. Marty is an active presenter and past president of the NorthEast Ohio Apple Corp (NEOAC). Jim Rea built his own computer from scratch in 1975, started programming in 1977, and has been an independent Mac developer continuously since 1984. He is the founder of ProVUE Development, and the author of Panorama X, ProVUE's ultra fast RAM based database software for the macOS platform. He's been a speaker at MacTech, MacWorld Expo and other industry conferences. Follow Jim at provue.com and via @provuejim@techhub.social on Mastodon. Guy Serle, best known for being one of the co-hosts of the MyMac Podcast, sincerely apologizes for anything he has done or caused to have happened while in possession of dangerous podcasting equipment. He should know better but being a blonde from Florida means he's probably incapable of understanding the damage he has wrought. Guy is also the author of the novel, The Maltese Cube. You can follow his exploits on Twitter, catch him on Mac to the Future on Facebook, at @Macparrot@mastodon.social, and find everything at VertShark.com. Support:      Become a MacVoices Patron on Patreon      http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect:      Web:      http://macvoices.com      Twitter:      http://www.twitter.com/chuckjoiner      http://www.twitter.com/macvoices      Mastodon:      https://mastodon.cloud/@chuckjoiner      Facebook:      http://www.facebook.com/chuck.joiner      MacVoices Page on Facebook:      http://www.facebook.com/macvoices/      MacVoices Group on Facebook:      http://www.facebook.com/groups/macvoice      LinkedIn:      https://www.linkedin.com/in/chuckjoiner/      Instagram:      https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes      Video in iTunes      Subscribe manually via iTunes or any podcatcher:      Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

The panel discusses Apple's AI talent losses amid a rumored shift to third-party models, Meta's aggressive recruitment, and speculation on Apple's long-term AI strategy. Chuck Joiner, David Ginsburg, Marty Jencius, Brian Flanigan-Arthurs, Web Bixby, Guy Serle, Jim Rea, and Jeff Gamet cover Sonos appointing Tom Conrad as CEO, Google's new AI search experiment, a significant SharePoint security breach, and controversy over the women-only Tea app following a massive data exposure and class action lawsuit.  Today's MacVoices is supported by CleanMyMac and the new Cloud Cleanup feature. Get Tidy Today! Try 7 days free and use the code MACVOICES20 for 20% off at clnmy.com/MACVOICES. Show Notes: Chapters: [0:00] Introduction and Apple AI researcher departure to Meta [2:28] Apple's AI strategy shift and market perception [5:08] Practical vs. flashy AI implementations at Apple [7:51] Perspectives on Meta's aggressive AI hiring [9:40] Interpreting Apple's AI direction and talent movement [12:15] Sonos appoints Tom Conrad as CEO [15:47] Google's new AI search product discussion [18:18] SharePoint hack impacts U.S. nuclear agency [19:23] The Tea app controversy and data exposure [27:50] Social shaming and safe spaces online [29:59] Closing remarks and support information Links: Apple just lost another AI researcher as it weighs shift to third-party models https://9to5mac.com/2025/07/29/apple-just-lost-another-ai-researcher-as-it-weighs-shift-to-third-party-models/ Sonos gets to keeps its CEO, as a treat https://www.engadget.com/big-tech/sonos-gets-to-keeps-its-ceo-as-a-treat-164559137.html Google Might Have Made an AI Search Product I Actually Like https://lifehacker.com/tech/google-ai-search-web-guide US nuclear weapons agency breached using Microsoft SharePoint hack https://www.engadget.com/cybersecurity/us-nuclear-weapons-agency-breached-using-microsoft-sharepoint-hack-120027770.html The Microsoft SharePoint breach was massive. The response has been minimal https://www.fastcompany.com/91373183/microsoft-sharepoint-breach-response-minimal Microsoft trials Copilot Mode in Edge https://www.engadget.com/ai/microsoft-trials-copilot-mode-in-edge-201851903.html The Viral 'Tea' App Just Had a Second Data Breach, and It's Even Worse https://lifehacker.com/tech/the-viral-tea-app-just-had-another-data-breach Guests: Web Bixby has been in the insurance business for 40 years and has been an Apple user for longer than that.You can catch up with him on Facebook, Twitter, and LinkedIn, but prefers Bluesky. Brian Flanigan-Arthurs is an educator with a passion for providing results-driven, innovative learning strategies for all students, but particularly those who are at-risk. He is also a tech enthusiast who has a particular affinity for Apple since he first used the Apple IIGS as a student. You can contact Brian on twitter as @brian8944. He also recently opened a Mastodon account at @brian8944@mastodon.cloud. Jeff Gamet is a technology blogger, podcaster, author, and public speaker. Previously, he was The Mac Observer's Managing Editor, and the TextExpander Evangelist for Smile. He has presented at Macworld Expo, RSA Conference, several WordCamp events, along with many other conferences. You can find him on several podcasts such as The Mac Show, The Big Show, MacVoices, Mac OS Ken, This Week in iOS, and more. Jeff is easy to find on social media as @jgamet on Twitter and Instagram, jeffgamet on LinkedIn., @jgamet@mastodon.social on Mastodon, and on his YouTube Channel at YouTube.com/jgamet. David Ginsburg is the host of the weekly podcast In Touch With iOS where he discusses all things iOS, iPhone, iPad, Apple TV, Apple Watch, and related technologies. He is an IT professional supporting Mac, iOS and Windows users. Visit his YouTube channel at https://youtube.com/daveg65 and find and follow him on Twitter @daveg65 and on Mastodon at @daveg65@mastodon.cloud. Dr. Marty Jencius has been an Associate Professor of Counseling at Kent State University since 2000. He has over 120 publications in books, chapters, journal articles, and others, along with 200 podcasts related to counseling, counselor education, and faculty life. His technology interest led him to develop the counseling profession ‘firsts,' including listservs, a web-based peer-reviewed journal, The Journal of Technology in Counseling, teaching and conferencing in virtual worlds as the founder of Counselor Education in Second Life, and podcast founder/producer of CounselorAudioSource.net and ThePodTalk.net. Currently, he produces a podcast about counseling and life questions, the Circular Firing Squad, and digital video interviews with legacies capturing the history of the counseling field. This is also co-host of The Vision ProFiles podcast. Generally, Marty is chasing the newest tech trends, which explains his interest in A.I. for teaching, research, and productivity. Marty is an active presenter and past president of the NorthEast Ohio Apple Corp (NEOAC). Jim Rea built his own computer from scratch in 1975, started programming in 1977, and has been an independent Mac developer continuously since 1984. He is the founder of ProVUE Development, and the author of Panorama X, ProVUE's ultra fast RAM based database software for the macOS platform. He's been a speaker at MacTech, MacWorld Expo and other industry conferences. Follow Jim at provue.com and via @provuejim@techhub.social on Mastodon. Guy Serle, best known for being one of the co-hosts of the MyMac Podcast, sincerely apologizes for anything he has done or caused to have happened while in possession of dangerous podcasting equipment. He should know better but being a blonde from Florida means he's probably incapable of understanding the damage he has wrought. Guy is also the author of the novel, The Maltese Cube. You can follow his exploits on Twitter, catch him on Mac to the Future on Facebook, at @Macparrot@mastodon.social, and find everything at VertShark.com. Support: Become a MacVoices Patron on Patreon      http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect: Web:      http://macvoices.com Twitter: http://www.twitter.com/chuckjoiner      http://www.twitter.com/macvoices Mastodon:      https://mastodon.cloud/@chuckjoiner Facebook:      http://www.facebook.com/chuck.joiner MacVoices Page on Facebook:      http://www.facebook.com/macvoices/ MacVoices Group on Facebook:      http://www.facebook.com/groups/macvoice LinkedIn:      https://www.linkedin.com/in/chuckjoiner/ Instagram:      https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes      Video in iTunes      Subscribe manually via iTunes or any podcatcher: Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

 Welcome to episode 315 of The Cloud Pod, where the forecast is always cloudy! Your hosts, Justin and Matt, are here to bring you the latest in cloud and AI news, including news about AI from the White House, the newest hacker exploits, and news from CloudWatch, CrowdStrike, and GKE – plus so much more. Let's get into it!  Titles we almost went with this week: SharePoint and Tell: Government Secrets at Risk Zero-Day Hero: How Hackers Found SharePoint’s Achilles’ Heel Amazon Q Gets an F in Security Class Spark Joy: GitHub’s Marie Kondo Approach to App Development No Code? No Problem! GitHub Lights a Spark Under App Creation GKE Turns 10: Still Not Old Enough to Deploy Itself A Decade of Containers: Pokémon GO Caught Them All Kubernetes Engine Hits Double Digits, Still Can’t Count Past 9 Pods Account Names: The Missing Link in AWS Cost Optimization Flash Gordon Saves Your VMs from the Azure-verse The Flash: Fastest VM Monitor in the Multiverse Ctrl+AI+Delete: Rebooting America’s Artificial Intelligence Strategy The AImerican Dream: White House Plots Path to Silicon Supremacy CrowdStrike’s Year of Living Resiliently Kernel Panic at the Disco: A Recovery Story The Search is Over (But Your Copilot License Isn’t) Ground Control to Major Tom: You’re Fired GPU Booking.com: Reserve Your Neural Network’s Next Vacation Calendar Man Strikes Again: This Time He’s Scheduling Your TPUs AirBnB for AI: Short-Term Rentals for Your Machine Learning Models  Claude’s World Tour: Now Playing in Every Region Going Global: Claude Gets Its Passport Stamped on Vertex AI SQS Finally Learns to Share: No More Queue Hogging The Noisy Neighbor Gets Shushed: Amazon’s Fair Play for Queues CloudWatch Gets Its AI Degree in Observability Teaching Old Logs New Tricks: CloudWatch Goes GenAI The Agent Whisperer: CloudWatch’s New AI Monitoring Powers NotebookLM Gets Its PowerPoint License Slides, Camera, AI-ction: NotebookLM Goes Visual The SSL-ippery Slope: Azure’s Managed Certs Go Public or Go Home Breaking Bad Certificates: DigiCert’s New Rules Leave Some Apps High and Dry Firewall Rules: Now with a Rough Draft Feature Azure’s New Policy: Think Before You Deploy General News  00:50 Hackers exploiting a SharePoint zero-day are seen targeting government agencies | TechCrunch Microsoft SharePoint servers are being actively exploited through a zero-day vulnerability (CVE-2025-53770), with initial attacks primarily targeting government agencies, universities, and energy companies, according to security researchers. The vulnerability affects on-premises SharePoint installations only, not cloud versions, with researchers identifying 9,000-10,000 vulnerable instances accessible from the internet that require immediate patching or disconnection. Initial exploitation appears t

The riskiest move in cybersecurity? Playing it too safe. In this solo episode, Ron Eddings redefines the way we think about technical debt, risk, and missed opportunities, in security and in life. Ron reframes the debt vs. risk paradigm through the lens of the SharePoint breach, personal milestones, and co-founding Hacker Valley. With sharp insights, personal stories, and a call to action for every listener, he shows how curiosity and calculated risk are the true drivers of innovation. Impactful Moments 00:00 - Introduction 01:10 - Why debt vs. risk matters now 02:20 - What the SharePoint breach taught us 04:15 - Risk avoidance creates deeper debt 05:10 - Clear definitions: risk vs. debt 06:30 - Hidden costs of deferring decisions 08:15 - Leaving $200k salary to build Hacker Valley 10:00 - Long-term founder debt explained 11:08 - When comfort becomes dangerous 12:00 - Curiosity as a leadership skill 13:10 - What you're not seeing yet 14:30 - Final thought: reflect and reassess Links: Connect with our Ron on LinkedIn: ​​https://www.linkedin.com/in/ronaldeddings/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/    

A follow-up to the SharePoint server patch mess. How Russia arranges to spy on other country's local embassies. "Dropbox Passwords" manager app is ending in October. Signal will leave Australia rather than help spy. YouTube deploys viewing history age-estimation heuristics. Chrome adds clever lightweight extension signing to prevent abuse. A domain registrar is coming close to losing its rights. A TP-Link router that doesn't encrypt its configuration. What is "TruAge" and might it be useful for age verification. An update on "Artemis". With U.S.-China tensions on the rise, should Chinese security companies receive weeks of advance notice of forthcoming Microsoft flaw patches? Show Notes - https://www.grc.com/sn/SN-1037-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit bigid.com/securitynow joindeleteme.com/twit promo code TWIT Melissa.com/twit threatlocker.com for Security Now

Stealing Machinekeys for fun and profit (or riding the SharePoint wave) Bojan explains in detail how .NET uses Machine Keys to protect the VIEWSTATE, and how to abuse the VIEWSTATE for code execution if the Machine Keys are lost. https://isc.sans.edu/diary/Stealing%20Machine%20Keys%20for%20fun%20and%20profit%20%28or%20riding%20the%20SharePoint%20wave%29/32174 Perplexity is using stealth, undeclared crawlers to evade website no-crawl directives Perplexity will change its User Agent, or use different originating IP addresses, if it detects being blocked from scanning websites https://blog.cloudflare.com/perplexity-is-using-stealth-undeclared-crawlers-to-evade-website-no-crawl-directives/ Gen 7 SonicWall Firewalls SSLVPN Recent Threat Activity Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents involving Gen 7 SonicWall firewalls where SSLVPN is enabled. https://www.sonicwall.com/support/notices/gen-7-sonicwall-firewalls-sslvpn-recent-threat-activity/250804095336430

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut. This episode explores the rise of AI-powered bug hunting: Google's Project Zero and Deepmind team up to find and report 20 bugs to open source projects The XBOW AI bug hunting platform sees success on HackerOne Is an AI James Kettle on the horizon? There's also plenty of regular cybersecurity news to discuss: On-prem Sharepoint's codebase is maintained out of China… awkward! China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China? SonicWall advises customers to turn off their VPNs Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em. The Russian government pushes VK's Max messenger for everything This week's show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn't as scary as people make out, but if the update isn't on your radar now, time is running out. This episode is also available on Youtube. Show notes Google says its AI-based bug hunter found 20 security vulnerabilities | TechCrunch Is XBOW's success the beginning of the end of human-led bug hunting? Not yet. | CyberScoop James Kettle on X: "There I am being careful to balance hyping my talk without going too far and then this gets published

A follow-up to the SharePoint server patch mess. How Russia arranges to spy on other country's local embassies. "Dropbox Passwords" manager app is ending in October. Signal will leave Australia rather than help spy. YouTube deploys viewing history age-estimation heuristics. Chrome adds clever lightweight extension signing to prevent abuse. A domain registrar is coming close to losing its rights. A TP-Link router that doesn't encrypt its configuration. What is "TruAge" and might it be useful for age verification. An update on "Artemis". With U.S.-China tensions on the rise, should Chinese security companies receive weeks of advance notice of forthcoming Microsoft flaw patches? Show Notes - https://www.grc.com/sn/SN-1037-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit bigid.com/securitynow joindeleteme.com/twit promo code TWIT Melissa.com/twit threatlocker.com for Security Now

A follow-up to the SharePoint server patch mess. How Russia arranges to spy on other country's local embassies. "Dropbox Passwords" manager app is ending in October. Signal will leave Australia rather than help spy. YouTube deploys viewing history age-estimation heuristics. Chrome adds clever lightweight extension signing to prevent abuse. A domain registrar is coming close to losing its rights. A TP-Link router that doesn't encrypt its configuration. What is "TruAge" and might it be useful for age verification. An update on "Artemis". With U.S.-China tensions on the rise, should Chinese security companies receive weeks of advance notice of forthcoming Microsoft flaw patches? Show Notes - https://www.grc.com/sn/SN-1037-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit bigid.com/securitynow joindeleteme.com/twit promo code TWIT Melissa.com/twit threatlocker.com for Security Now

A follow-up to the SharePoint server patch mess. How Russia arranges to spy on other country's local embassies. "Dropbox Passwords" manager app is ending in October. Signal will leave Australia rather than help spy. YouTube deploys viewing history age-estimation heuristics. Chrome adds clever lightweight extension signing to prevent abuse. A domain registrar is coming close to losing its rights. A TP-Link router that doesn't encrypt its configuration. What is "TruAge" and might it be useful for age verification. An update on "Artemis". With U.S.-China tensions on the rise, should Chinese security companies receive weeks of advance notice of forthcoming Microsoft flaw patches? Show Notes - https://www.grc.com/sn/SN-1037-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit bigid.com/securitynow joindeleteme.com/twit promo code TWIT Melissa.com/twit threatlocker.com for Security Now

A follow-up to the SharePoint server patch mess. How Russia arranges to spy on other country's local embassies. "Dropbox Passwords" manager app is ending in October. Signal will leave Australia rather than help spy. YouTube deploys viewing history age-estimation heuristics. Chrome adds clever lightweight extension signing to prevent abuse. A domain registrar is coming close to losing its rights. A TP-Link router that doesn't encrypt its configuration. What is "TruAge" and might it be useful for age verification. An update on "Artemis". With U.S.-China tensions on the rise, should Chinese security companies receive weeks of advance notice of forthcoming Microsoft flaw patches? Show Notes - https://www.grc.com/sn/SN-1037-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit bigid.com/securitynow joindeleteme.com/twit promo code TWIT Melissa.com/twit threatlocker.com for Security Now

A follow-up to the SharePoint server patch mess. How Russia arranges to spy on other country's local embassies. "Dropbox Passwords" manager app is ending in October. Signal will leave Australia rather than help spy. YouTube deploys viewing history age-estimation heuristics. Chrome adds clever lightweight extension signing to prevent abuse. A domain registrar is coming close to losing its rights. A TP-Link router that doesn't encrypt its configuration. What is "TruAge" and might it be useful for age verification. An update on "Artemis". With U.S.-China tensions on the rise, should Chinese security companies receive weeks of advance notice of forthcoming Microsoft flaw patches? Show Notes - https://www.grc.com/sn/SN-1037-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit bigid.com/securitynow joindeleteme.com/twit promo code TWIT Melissa.com/twit threatlocker.com for Security Now

Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Did the SharePoint bug leak out of the Microsoft MAPP program? Expel retracts its FIDO bypass writeup The mess surrounding the women-only dating-safety app Tea gets worse Broadcom customers struggle to get patches for VMWare hypervisor escapes Aeroflot gets hacked by the Cyber Partisans, disrupting flights This week's episode is sponsored by Push Security. Satisfied Push customer Daniel Cuthbert from Santander Bank joins on their behalf. He explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future. This episode is also available on Youtube. Show notes Microsoft Probing Whether Cyber Alert Tipped Off Chinese Hackers Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble | The Record from Recorded Future News What we know about the Microsoft SharePoint attacks | Cybersecurity Dive An important update (and apology) on our PoisonSeed blog Tea User Files Class Action After Women's Safety App Exposes Data A Second Tea Breach Reveals Users' DMs About Abortions and Cheating Top Lawyer for National Security Agency Is Fired From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 VMware prevents some perpetual license holders from downloading patches Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel - Ars Technica КИБЕРУДАР ПО АЭРОФЛОТУ РФ!v Treasury sanctions North Koreans involved in IT-worker schemes | Cybersecurity Dive Minnesota governor activates National Guard amid St. Paul cyberattack | StateScoop Outage was result of cyberattack, Post Luxembourg says Clorox files $380 million suit blaming Cognizant for 2023 cyberattack | Cybersecurity Dive Cisco network access security platform vulnerabilities under active exploitation | CyberScoop Arizona woman sentenced to 8.5 years for running North Korean laptop farm | The Record from Recorded Future News Cybercrime forum Leak Zone publicly exposed its users' IP addresses | TechCrunch

Parasitic SharePoint Exploits We are seeing attacks against SharePoint itself and attempts to exploit backdoors left behind by attackers. https://isc.sans.edu/diary/Parasitic%20Sharepoint%20Exploits/32148 Cisco ISE Vulnerability Exploited A recently patched vulnerability in Cisco ISE is now being exploited. The Zero Day Initiative has released a blog detailing the exploit chain to obtain code execution as an unauthenticated user. https://www.zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability MyAsus Vulnerablity The MyAsus tool does not store its access tokens correctly, potentially providing an attacker with access to sensitive functions https://www.asus.com/content/security-advisory/

OpenAI prepares to launch GPT-5 in August Trump's AI Action Plan Is a Crusade Against 'Bias'—and Regulation UN tech chief pleads for global AI regulatory cooperation Trump, who promised to save TikTok, threatens to shut down TikTok Google AI Mode has 100M users, 2.5 Pro & Deep Search rolls out FDA's New Drug Approval AI Is Generating Fake Studies: Report Tesla is set to face off with the California DMV over claims it exaggerated Autopilot's and FSD's capabilities and misled consumers, in a five-day Oakland trial Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day A look at Tea, a woman-only safety app with 4M users that lets users anonymously assign red or green flags to local men, as it goes viral with 900K new signups People in the UK now have to take an age verification selfie to watch porn online Intel is laying off tens of thousands and cancelling factories AMD CEO Sees Chips From TSMC's US Plant Costing 5%-20% More Spotify Publishes AI-Generated Songs From Dead Artists Without Permission DJI couldn't confirm or deny it disguised this drone to evade a US ban FCC approves Skydance-Paramount merger Gwyneth Paltrow is the new face of a kiss-cam tech scandal Julian LeFay, 'Father of The Elder Scrolls,' Has Died Aged 59 Tom Lehrer, Musical Satirist With a Dark Streak, Dies at 97 Host: Leo Laporte Guests: Molly White, Janko Roettgers, and Jacob Ward Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: smarty.com/twit zscaler.com/security expressvpn.com/twit uscloud.com spaceship.com/twit

Today's Headlines: House Speaker Mike Johnson ended the congressional session early to block a vote on releasing Jeffrey Epstein case files, just as the House Oversight Committee moved to subpoena Ghislaine Maxwell. Trump's deputy AG (and personal lawyer) is set to visit Maxwell in prison, while Trump dismissed it all as a “witch hunt.” During an Oval Office sit-in with Philippine President Marcos Jr., Trump called for Barack Obama to be charged with treason over the Russia investigation—prompting a rare rebuke from Obama's office. Trump also claimed he'll receive $20 million in ad commitments from Skydance Media—soon to merge with Paramount—on top of a recent $16 million settlement, prompting Senator Warren to consider an investigation. Meanwhile, Microsoft warned of a major China-linked cyberattack on SharePoint, impacting nearly 100 institutions. Abroad, 28 countries condemned Israel's aid blockade in Gaza after 80 Palestinians were killed near an aid drop, and U.S.-Israel-Syria talks are expected amid Israeli strikes on Damascus. Trump also announced a new trade deal with Japan involving “reciprocal tariffs” and a vague $550 billion investment. Finally, the U.S. Olympic Committee banned trans women from competing in women's sports, following a Trump executive order. Resources/Articles mentioned in this episode: Axios: House bails early for its August recess amid Epstein files uproar  WaPo: Justice Dept. seeks meeting with Ghislaine Maxwell amid Epstein outrage  AP News: Trump rehashes Russia investigation grievances after intelligence report  WSJ: Trump Expects $20 Million More in Ad Dollars From ‘60 Minutes' Settlement Axios: Microsoft hack risk spreads as cybercriminals and nation-states pile in ABC News: 28 countries sign statement calling for end of war in Gaza Axios: Scoop: U.S. to mediate Israel-Syria meeting Thursday to avoid new crises WSJ: Trump Says U.S. and Japan Reach Trade Deal Axios: U.S. Olympic committee bans trans women from competing in women's sports Morning Announcements is produced by Sami Sage and edited by Grace Hernandez-Johnson Learn more about your ad choices. Visit megaphone.fm/adchoices