ChannelBuzz.ca

Alex Webb, CEO of F12.net and Leanne Yeatman, chief of staff at F12.net F12.net has completed more than 15 acquisitions since founder and CEO Alex Webb and Chief of Staff Leanne Yeatman made their first deal in 2006. What started as a circumstantial opportunity evolved into a deliberate growth strategy that has taken the company from its Alberta roots to a national MSP with offices across Canada and over 500 employees. In this conversation, Webb and Yeatman open up about how they evaluate potential acquisitions – and why the criteria that matter most aren’t the ones on their website. Culture, resilience, and how distributed the workload is across the team all weigh more heavily than the financial table stakes. They also share hard-won lessons on integration, including why they stopped calling deals “mergers” and why leadership can’t outsource the transition work. The conversation takes a turn when Webb discusses F12’s recent private equity transition from Clairvest to Audax, putting him on the other side of the due diligence process he’s put sellers through for years. “Gives me a lot of empathy for what we put our sellers through,” he says. For MSP owners considering a sale, there’s practical advice throughout – from cleaning up your P&L and building leadership depth to understanding why recurring professional services isn’t managed services, and how that distinction affects your valuation when it surfaces in due diligence. Webb and Yeatman also weigh in on the AMTRA Solutions acquisition, a capability play that signals a shift in what acquirers are looking for beyond geographic expansion. Read Full Transcript Robert Dutt:  Hello and welcome to In the Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. If you go to F12.net right now — one of Canada’s largest managed service providers — you’ll find something you don’t see on most MSP websites. A page that says “Looking to sell? Let’s talk!” And it’s not vague. It lists exactly what they’re looking for and exactly what a seller gets. That kind of openness tells you something. It tells you that for F12, M&A isn’t opportunistic. It’s a core part of how they’ve grown from an Alberta basement operation in 1994 to a national MSP with over 500 employees and more than 15 acquisitions under their belt. My guests today are Alex Webb, founder and CEO of F12.net, and Leanne Yeatman, Chief of Staff, who’s been deeply involved in the company’s acquisition strategy and adds some valuable perspective throughout our conversation. We cover the full picture here — how F12 decides what to buy and what to walk away from, what integration actually looks like after the deal closes, and what MSP owners on the other side of the table need to know if they’re thinking about selling someday. Alex also shares what it was like to recently go through a recapitalization of his own company, putting him on both sides of the M&A equation. Let’s get right into it. My chat with Alex Webb and Leanne Yeatman. Robert Dutt:  Alex, Leanne, thanks for joining us. Alex Webb: Thanks. Leanne Yeatman: Thank you for having us. Robert Dutt:  Not every MSP has a “looking to sell” page on their website — much less one that is as prescriptive as listing what you’re looking for and what a potential seller gets. Pretty deliberate signal. When did M&A go from something that happened at F12 — an opportunity that came along — to something that became a core part of how you grow and something that you approach intentionally? Alex Webb: Going back to the memory here — I would say that transition happened right around 2015. Prior to that, we did two acquisitions and they were more circumstantial, opportunistic, presented themselves more than us actually going out and seeking them out. But that shifted when we wanted to expand into a new region that we targeted. That region was Ontario. We were Alberta-based in 2014 and we had a plan to expand into two more provinces — Ontario being first, then BC being second. So I would say that was the date. Robert Dutt:  Your first acquisition was CPU Technologies, way back in 2006 — 20 years ago. What was that experience like, and how much of what you do now was shaped by what you learned, for the good and the bad, doing it for the first time? Alex Webb: I’ll actually let Leanne go first. She played a big role in that acquisition. Leanne Yeatman: Going back a long time in history — that was our first transaction. It was different in the sense that we had some outside influence. One of our partners at the time, Wayne Scrivens, played a big role in coaching and teaching us what to look for and how to go through that process. I would say it was foundational in that it sparked this desire to do it more and to recognize that this can be a huge part of our growth story. It’s not the only piece of the journey, of course, but it definitely was a foundational moment for us. And while no two transactions are the same, there are obviously similarities. The more you do it, the more you look back and remember the specific things that went well and the things that maybe didn’t go so well — that you would do differently if given another shot. I remember the details very clearly still to this day. What we learned in that early phase of the CPU acquisition was that when you don’t have the relationships, it’s very hard to convert clients, because they don’t trust you, they don’t know you, they don’t believe you. You have to work really hard to build that trust. That was the biggest education we had: that integration and converting clients was going to be way harder than we thought. Robert Dutt:  Obviously it didn’t scare you off, because you’ve done 15 or so acquisitions over those last 20 years. Is there a rhythm to it? Is it a “you’re always looking” kind of thing, or do you find it comes in waves? Alex Webb: I would say waves. We found it a little easier to have a few acquisitions brought in and do that integration work together, because you’re usually assembling teams, and it tends to work a little better than fully integrating one and then starting another. You can do a lot of things in tandem, because you’re generally ripping and tearing not only at their systems but at your own — learning as you go all of the inadequacies in your own systems that need to be redeveloped. That work has to happen while you’re doing integration. So we just found it a little easier to do them in waves. Robert Dutt:  The technology tradition of batching — it kind of makes sense from that regard too. Your website lists the criteria you look for: north of $5 million in revenue, low churn, a majority of managed services, healthy EBITDA. Those are the table stakes. What’s the stuff that’s not on the website? What makes you lean in on a company that maybe looks more marginal on paper but gives you a good vibe — or conversely, walk away from one that checks all the boxes but just leaves you with a “no” feeling? Alex Webb: Culture plays a big role. The depth in the organization — how distributed is the effort? Does it all sit on one or two people? Or, even if they’re smaller, have they found ways to distribute the workload across the team? The test of resiliency in the organization matters too. Sometimes longevity brings a certain amount of resilience to a team and a culture. Sometimes experience doing their own expansions or acquisitions brings some of that. That’s important, because when you go through integration, things change — and not just for one entity. A wise person in the industry once explained it to us as: there are two cultures, and both cultures change and become one going forward. The pressure integration puts on both teams is significant. So you really want to look for a team that’s going to be able to weather that storm — one that has a good amount of trust built up with their leadership and with each other. Robert Dutt:  How much of the decision comes down to the owner? Their personality, their readiness to move, what they want their life to look like after the acquisition? Alex Webb: That’s a big one. The motivation for why they want to do it is a key ingredient. We try to get to that early, because in M&A, some owners might feel like they can get a little more value out of the business if they portray that they’re staying — but it’s actually traumatic on the business when the alignment is wrong. So we work really hard up front to figure out what’s actually going on. And it’s okay if you want to transition out, or if you want to stay and we work a role around you. Those are very important ingredients for a successful integration outcome. Sometimes there’s indecision — do I want to be part of it or do I want to leave? We just help them with that. We make it okay either way. F12 is a good home for their people and their clients, so they don’t have to worry about that part. We can concentrate our efforts on the outcome the owner actually wants. Robert Dutt:  To Leanne’s point about two cultures becoming one — you close the deal, it’s Monday morning. I presume champagne pops, but that’s just my vision of how these things work. What does that first week actually look like for the employees and the clients of the company you just acquired? Alex Webb: If you’ve done it right, it doesn’t feel any different. I know that’s a bizarre answer, but I think that’s what people build up in their minds — that day one, a bunch of things are going to change. Balloons and fanfare. And really you just wake up Monday morning and, you know what, we need to collect some money, answer the phone, go to the client site. All of the things just keep happening. The only difference is generally that there’s a little more money in your bank account than there was the day before — and that’s significantly the only difference. That’s a bit of an out-of-body experience for most owners who’ve never done it. The real work starts more like two or three weeks in. You want things to be business-as-usual for a beat, and then you’re working through the integration plan and executing against it. But that doesn’t happen on Monday morning. Robert Dutt:  After 15 or more acquisitions, what have you learned about that integration process? How does the playbook look different now than it did for deal three or four — once you’d realized you were going to do this more than once, but before it had become the muscle memory it is today? Alex Webb: I can say for sure what we don’t do: don’t call it a merger anymore. That’s the tendency with people who are new to it — “we’re merging, we’re going to take the best of both businesses.” That communication is false, because inevitably an acquisition is going to become one entity, and you’re not going to change the processes of the mothership too quickly. You might learn some things and adapt, but you’re not going to adopt their RMM tool or their PSA tool — not likely, because you’ve done so much work building your own. On the communication side, we’re very clear on that now. I think we presented it more like a merger in those earlier days, and it didn’t create a better outcome. The better outcome comes when it’s highly communicative all the way through the process, so people know what’s going on and can plan accordingly. Leanne Yeatman: I’d add two things. One — you can’t outsource the integration work. You can use outside parties to support it, but the leadership team needs to be present and own those pieces of integration very intently. And two — really understand the essence of the business: the things that make the culture what it is, the things that drive people’s loyalty and love for that entity. Make sure you foster those things and allow them to continue. Robert Dutt:  What does that transition look like? When you acquire a company, they have their own name, their own culture, their own way of doing things. How do you handle that — it doesn’t sound like it’s “welcome to F12” from day one? Alex Webb: It starts with core systems — getting the tools in place so that we have shared visibility into how the business is performing. That’s the first wave. What we’ve discovered from a culture perspective is that you can still have your identity as a region, as a location. Just because the logo is different, that doesn’t need to change how you do things. You can still have that Friday lunch if that’s what you did. You can still have the barbecues. You could still race RC cars in the parking lot. We don’t need to have a brand above the door to enable those things — but it’s bizarre how people interpret that they’re suddenly not allowed to do them anymore. So for us, it’s about being, as Leanne said, very intentional — making sure people continue doing the things that kept that culture alive. Then when the logo changes over, it shouldn’t feel that different other than it’s a different brand. And now there’s marketing support, sales support, and a lot of things that help that business that they didn’t have before. If you’ve done it right, you’ve added capabilities, expanded the offerings, and people can be more successful and feel more security about their future. That’s the magic. When that occurs, retention stays high — for both clients and team members. Robert Dutt:  You mentioned that you initially started doing acquisitions to expand geographically, and a lot of your acquisitions have looked like that going across Canada. AMTRA Solutions last year looks a little different, though — that’s a capability play, adding Microsoft Cloud and AI Copilot expertise. Is what you’re looking for in an acquisition changing? Alex Webb: It certainly is — or, maybe I should rephrase: it’s not so much changing as expanding. We’re still doing what we did on the geographic side, but we’re now adding strategic capabilities as an additional objective. For us, it’s either build it or buy it, and if it makes sense to buy it and bring that capability in, we will. AMTRA really presented a very unique opportunity. In full transparency — when clients get larger, into that upper mid-market range of roughly 350 to 500 seats, their IT needs shift from what a traditional managed service provider does. We handle level one, level two, level three help desk, patch management, backup, infrastructure management — all of those things. But as those organizations get a little larger, the needs change. They want to bring in more advanced Microsoft capabilities, and we would either lose those clients to larger enterprise providers, or bring those capabilities in-house. AMTRA presented that opportunity. It’s been incredibly successful, and we’ve been able to bring those technologies to our upper-end clients in a way that’s really working. Robert Dutt:  Without tipping your hand on anything specific — where are the gaps? Is the next chapter more geography, more capability, or are you looking at different frontiers altogether? Alex Webb: For us, the primary frontier is still geographic expansion — into Central Canada and Eastern Canada. That’s still on the to-do list. We also have our eye on more advanced security capabilities, because that’s forever changing and moving more toward the AI front. And we’re not ruling out ERP — the things I like to see are capabilities that all of our clients could utilize and benefit from. When we look at ERP applications, Dynamics 365, these are technologies that the broader client base can use and benefit from, having a mid-market provider able to bring them to market at scale. And we’re not ruling out going south of the border either. We already have clients in the U.S., and we’re starting to see opportunities in states just adjacent to Canada. Robert Dutt:  In December, Clairvest exited and Audax came in. You’ve spent 20 years as the buyer. What was it like to be on the other side of that process — having someone evaluate your company the way you evaluate the companies you acquire? Alex Webb: It gives me a lot of empathy for what we put our sellers through. How’s that for an answer? It’s tiring. It was a tiring process. It’s enjoyable on a lot of fronts, and incredibly rewarding when it’s done. But the six to eight months leading up to it — that was a ton of work for the organization. We had some really good support from our banking partners, from Clairvest, and the Audax team were terrific to work with. But even with all that, a lot of work and a lot of sleepless nights. That wasn’t our first experience on that side of the table, though. That was our third private equity transaction. We’ve been through it a few times — just enough to stay in tune with what it actually feels like. Robert Dutt:  You’ve got the muscle memory built on both sides of the equation — that’s an interesting place to be. You mentioned how it gave you empathy for what sellers go through. Did going through it change anything about how you think about and deal with the sellers you work with? Or did it confirm what you already believed, having lived as an MSP in this industry? Alex Webb: I think it did both. It confirmed some things, and I think we approach the process with a little more maturity now — on how we handle due diligence, data collection, and integration strategy — because every time you go through it from the other side, you learn a little more. And even when we’re not going through a full business integration, we’re still integrating at a board level, reporting to different people, going through change when you move from one private equity partner to another. I think that leveled us up a little bit and is making us stronger on the buyer side — helping sellers through the process with a little more elegance. Robert Dutt:  A lot of MSP owners hear “private equity” and get nervous. They picture cost-cutting and layoffs. From your point of view — having been through it a few times now — what actually changes when you have an institutional capital partner? Does it speed up acquisitions? Redirect them? Put guardrails on them? Alex Webb: Every private equity firm has their own view of what a good target looks like. So for any listeners thinking about private equity, it’s really critical that you align on strategy upfront. That becomes part of the conversation — what’s the tolerance, how does this look, who’s driving the acquisitions? These are important questions. Generally speaking, the private equity partners we’ve worked with liked that we had M&A capability and could hit the ground running. But the types of businesses and the size of acquisitions does change as you grow and move from one partner to the next. As your business gets larger, you can take on larger transactions. Leanne Yeatman: I’d add — knowing what you want to get out of the relationship and how you intend to continue operating the business with that new partner is critical. What we would do leading up to any transaction is decide on the top three things we were looking for in a new partner and what our vision for the organization was for the next five years — then stay focused on that through the process, to make sure you’re finding the partner that’s going to help you execute that vision. When done well, it should be a true partnership. It comes down to alignment. Robert Dutt:  You’ve sat across the table from a lot of MSP owners who want to sell. What’s the most common disconnect between what they think their company is worth and what the market says it’s worth? Alex Webb: I would answer that with their understanding of what should be normalized in the business and what shouldn’t — as it relates to EBITDA. The multiples vary a little, but M&A is generally a multiple of EBITDA. So what is that EBITDA, and what’s normalized? The biggest disconnect usually comes from owners running what you might call a lifestyle business — where a lot of their personal world is woven into the business finances. When it comes to doing a transaction, it’s very tricky to determine what’s truly in the business and what isn’t, and to convince the accountants, bankers, and funders of what the real number is. Owners who operate with a clean separation — who take a dividend and keep their personal world out of the business P&L — those are by far the easiest transactions, and you might even pay a little more for a company that runs a pure P&L. That’s one of those intrinsic things we look for. Robert Dutt:  In your experience, how many owners who say they want to sell are actually ready to sell? And what does “not ready” look like when you’re sitting across the table? Alex Webb: Tough to quantify, but I’d say it’s usually not a matter of “no” — it’s “not right now.” Either they’re ready and it makes sense, or they just need another year or two to readjust and get things to where they need to be. Everybody has a number in their mind: “If I could get this number for my business, I would sell it.” But nobody wants to reveal that number, because maybe they’d get more. The reality is, people who know their number and understand the mechanics of what it’s going to take to get there tend to have more success. Maybe they’re there now, or maybe they can get there in six months. But that’s the financial side. The mental side is probably trickier. Am I ready to let go? Am I ready to report into an entity? Am I ready to walk off into the sunset? Because sometimes the motivation for doing the transaction is fear — fear of industry change, all of the AI coming, feeling like you’re not ready to compete. That can be traumatic for an owner, because they’re doing it from a position of fear rather than from a position of opportunity for themselves and for their family. Robert Dutt:  There’s a whole generation of MSP founders who started their businesses in the nineties and early 2000s who are approaching retirement. Is that creating a wave? And if so, does that make it a buyer’s market? Alex Webb: I would still say it’s a seller’s market. The multiples are still high, there’s still lots of opportunity, and the industry loves businesses focused on recurring revenue with multi-year contracts — there’s real value in those businesses. As for the retiring founders — I’d say we’re just at the beginning of that wave. I haven’t seen a meaningful change in M&A deal flow as a result of it yet. But I believe we’re at the beginning, as some of these groups hit their late fifties and early sixties and start thinking about succession. In fact, I just had one of those conversations recently. Robert Dutt:  If I’m an MSP owner three to five years away from wanting to sell, what should I be doing right now to put myself in the best position — not just financially, but operationally and personally? Alex Webb: I’ll let Leanne start with this one. Leanne Yeatman: Build depth in the organization — have multiple leaders present and capable of guiding the rest of the organization through that change. On the normalization side, be clear on what’s acceptable going forward: anything personal that’s wrapped up in the business should start coming out. And third — focus on organic growth. Being able to demonstrate that the business is actively growing and has the ability to keep moving forward. Those three would be my top priorities. Alex Webb: I would add — bring your management team into the conversation when you’re ready to start thinking about a sale. It’s a tough situation when an owner goes through the LOI and due diligence process and then reveals it to the team at the very end. Everybody feels like, “why didn’t you trust me with this earlier?” Bringing them into the dialogue — saying “here’s what I’m thinking about” — you get their input, you get buy-in, you work it together. We do that even when we’re going into a transaction ourselves. When we were going through the Clairvest to Audax transition, we didn’t do it as a cloak-and-dagger move. It was intentional. And I think when it’s done that way, the outcome is even better. Leanne Yeatman: Exactly. The length of the process — if you’ve been in that seat for six or eight months going through due diligence, you’ve already had the time to mentally transition yourself to what’s next. But everybody else at close is just finding out. The more people who are part of that journey earlier, the easier that first week and beyond is. Robert Dutt:  My last question — if you could sit down with every MSP owner in Canada at one big table and tell them one thing about M&A that they probably don’t want to hear, what is it? Alex Webb: That recurring contract revenue needs to actually be in managed services. Meaning: you’re getting compensated on a contract whether you put a person out there or not. Recurring professional services — that isn’t managed services. This comes out in due diligence. People take that bucket of revenue and pile it in, trying to present it as managed services. But it gets found out and the deal gets discounted. So: be really clear about your lines of business. What’s product, what’s professional services, what’s managed services. You can have recurring professional services, and if it’s contractual, you’ll get a little more for it. But if you have true managed services, isolate it — because it won’t have the same revenue volatility, and you’ll get better rewarded for it. And if you want to improve your position, convert that recurring professional services to recurring managed services. It’s a lot of work, but we’ve successfully done that through integration for years. People are afraid to have those conversations — it goes back to the old time-and-materials, block-time days. That was the first wave. But when you look at block time and ask “why does this revenue move up and down?” — well, that’s because it’s getting classified as managed services when it isn’t. To hammer again on normalizations: less normalizations will actually benefit you more. Robert Dutt:  Great insights, and I appreciate you sharing what you’ve learned through 20 years of acquisitions. Good luck on the next 15. Alex Webb: Thank you very much. Leanne Yeatman: Get it. Robert Dutt:  There you have it — Alex Webb and Leanne Yeatman from F12.net. I’d like to thank Alex and Leanne for their time and for their candor. These aren’t always easy conversations to have publicly, and they were both remarkably open about what they’ve learned across 15-plus acquisitions and 30 years of building the company. A few things that stuck with me from this conversation. First, the shift from opportunistic to intentional. 2015 was the year that F12 decided M&A wasn’t just something that happened when a deal fell into their lap, but a deliberate growth strategy. That distinction matters, because it changes everything about how you prepare, how you evaluate, and how you integrate. Second, the culture point. Alex and Leanne both kept coming back to the idea that the numbers can look perfect and you still walk away if the culture isn’t right. And on the flip side, integration isn’t about slapping your logo on the door — it’s about two cultures becoming one new thing. “You don’t need a brand above the door to race RC cars in the parking lot,” as Alex put it. And third — and this is the one I think every MSP owner listening needs to sit with — Alex’s closer about recurring professional services versus managed services. If your recurring revenue is really just project work on a retainer, that gets found out in due diligence and your deal gets discounted. That’s specific, actionable, and probably uncomfortable for more than a few people listening. If you found this episode valuable, I’d appreciate it if you’d follow or subscribe to the show. We’re on Apple Podcasts, Spotify, YouTube, and most other podcast directories. And if you’ve got a minute, a rating or a review goes a long way to helping other people in the channel find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Frank Vitagliano, CEO of the Global Technology Distribution Council Every few years, someone announces the end of distribution. Direct sales was going to kill it. Then e-commerce. Then cloud. Then hyperscaler marketplaces. And yet here we are. Frank Vitagliano is CEO of the Global Technology Distribution Council, the industry consortium representing 21 of the world’s leading technology distributors, collectively responsible for more than $180 billion in annual IT sales. He spent more than 30 years in the channel as a vendor executive at IBM, Juniper Networks, and Dell – where he served as VP of Global Distribution Sales and Strategy – and as president and CEO of solution provider Computex Technology Solutions, before taking the helm at GTDC in 2019. In this episode, Vitagliano talks about why distribution keeps enduring through waves of disruption that should, on paper, have displaced it. His framing: distribution has evolved from what he calls “bank and warehouse” into the orchestrator of the IT ecosystem – the entity that connects vendors, solution providers, and end users in ways that no single vendor or hyperscaler marketplace can replicate on its own. He also gets into what distribution’s digital platform investments actually change – including GTDC’s recent research showing that 86% of suppliers are using or evaluating digital platforms – and why Vitagliano believes AI-enabled opportunity identification is “the game changer” that will define distribution’s next chapter. Vitagliano also draws on his vendor-side experience to explain what he wasn’t getting from distribution at Dell, and why platforms and data are finally closing that gap. This episode pairs with our solo essay on why reports of distribution’s demise have always been overstated. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. If you caught my recent solo episode on why reports of distribution’s demise have always been overstated, you know this is a topic I’ve been thinking about a lot lately. Distribution has survived every wave of disruption the IT industry has thrown at it – direct sales, e-commerce, cloud, marketplaces – and it keeps evolving. I want to explore that further, and I couldn’t think of a better person to do that than my guest today. Frank Vitagliano is CEO of the Global Technology Distribution Council, the industry consortium representing 21 of the world’s leading technology distributors, collectively responsible for more than $180 billion in annual IT sales. Frank has been in the channel for more than 30 years, holding senior executive roles at IBM, Juniper Networks, and Dell, where he served as VP of Global Distribution Sales and Strategy. He’s also been on the solution provider side as president and CEO of Computex Technology Solutions. He’s a member of the IT Industry Hall of Fame, and he’s one of the few people who’s seen distribution from every angle – vendor, solution provider, and the advocacy side. We talk about why distribution keeps enduring, what it actually does that’s harder to replicate than it looks from the outside, how digital platforms are fundamentally changing the distributor’s role, and what the next chapter looks like. Let’s get right into it. My chat with Frank Vitagliano. [Music] Robert Dutt: Frank, thanks so much for taking the time. It’s nice to catch up with you. Frank Vitagliano: Hi, Rob. Good to see you again. Robert Dutt: I guess to throw it open – you’ve changed roles since last we spoke, and I know you’re well-established at GTDC now, but because it’s an industry organization for distribution, can you tell us a little bit about the mandate of GTDC and what you guys are focused on over there? Frank Vitagliano: Absolutely. So GTDC has been around for quite some time. It stands for Global Technology Distribution Council – it kind of doesn’t exactly roll off your tongue – and it was established more than 20 years ago by some of the major distributors. Initially, the idea was to educate the financial community on the role and value of IT distributors, and this was before they were all public companies. There were a lot of questions about what do they do, how do they do it, why are they needed. For the first five or six years, GTDC focused on educating that group. After most of them went public, it wasn’t really necessary, because companies certainly did a better job of talking to the financial community themselves through earnings calls. So we pivoted to focusing on the supplier community and educating them on the role and value of distribution. You might think, why does the supplier community need to be educated on distribution? A couple of reasons. One, as you know, Rob, every day there are more players coming into the space, particularly in the cybersecurity area. You can’t count the number of cybersecurity vendors out there, and typically they’re all started by and run by very smart technical folks who really don’t know that much about taking a product to market. So that’s one reason. And the second group that continually needs a refresher is the broader vendor community, because most vendors rotate their people through a number of jobs. You start in direct sales, then you move to channel, and you don’t really understand distribution because it tends to be the least well understood aspect of channels. A lot of people view it as a cost element rather than a value driver. We’ve got about 21 members globally representing more than $180 billion of IT sales annually, so all of the major distributors are part of GTDC. We run three big conferences a year – one in Europe, one in Asia, one in North America. We do a lot with research and content – we had a particularly good year last year and released four strong papers on topics important to the vendor community. I do a podcast series every three weeks with members of the ecosystem. And we have global relationships with major data companies – IDC in North America, Context and Nielsen IQ GFK in Europe – where we collect POS data from distributors weekly and compile it into reports that the vendor community uses to track market share and pricing. So those are the major aspects of who we are and what we do. Robert Dutt: You sit in an interesting place. You’ve done the vendor side with Dell, IBM, Juniper. You ran a solution provider business at Computex. And now you lead the organization that represents and promotes the world’s largest distributors. Pretty rare trifecta. I’m curious how each of those vantage points shaped the way you think about distribution’s role today. Frank Vitagliano: That’s an excellent question, and it was actually one I had to answer when I first took the role at GTDC, because most of the folks previously involved in running the organization had worked in distribution, and I never have. But I had the advantage of working extraordinarily closely with distributors over the years. Back in my IBM days – and this is way in the way-back machine – I was involved in the early days of authorizing distributors to sell IBM PCs. It goes back that far. I understood early on the value they provided in getting a vendor’s product to market. Back then, you could argue it was a bank and a warehouse, which is how a lot of people still think about distribution. But it continued to evolve from a bank and a warehouse to a support mechanism that included pre-sale, post-sale, and solution support, to where it is today – a completely digitized route to market that I think orchestrates the IT ecosystem, because distribution sits right in the middle of it. Upstream is the vendor community, which I view as partners with distribution, and downstream are the customers, the solution providers. The second thing you mentioned is that I spent a couple of years running a solution provider, so I was a customer of distribution, not just a partner. It’s really something to have that perspective, because I thought I knew a lot about what distribution did, but I learned a lot more as a customer. And the last thing I’ll mention is that I have watched distribution evolve over the last 40 years – from a bank and a warehouse to what they are today. It’s incredible what they’ve been able to do to keep pace with technological changes and changes in how people buy technology. And they’ve continued to do it while maintaining the core function that a lot of people still consider critically important: help me get my product to market. That evolution has made me genuinely passionate about what they do and how they’ve done it. And it’s continuing now as they evolve into this new digital world with platforms and AI. Robert Dutt: In the time that I’ve covered the channel space, there’s always been a case being made for “well, this is finally the end of distribution” – it was direct sales, e-commerce, cloud, marketplaces, and yet here we are. You’ve touched on the nature of distribution’s evolution. What was the key through-line in that? What is it that distribution was able to do that allowed it to adapt through those waves of change? Frank Vitagliano: I think it’s one thing primarily. They listened very well to their customers – the solution providers – in terms of what they needed, and they listened and collaborated very well with the suppliers. At the end of the day, that’s the most important aspect of what they’ve been able to do. As the technology shifted – from hardware to services to SaaS, to the changing business models in terms of how products are delivered – they’ve been able to watch the evolution, watch the requirements, and adapt. The platforms that are now being built started probably six or seven years ago with very significant investments in an environment where, as you know, it’s a tight margin model. We’re not talking about hundreds of millions of extra dollars for investment. But they started making these major investments because they saw the requirements, and their customers pulled them in that direction. Another great example is that four or five years ago, the supplier community started pushing consumption models. And distributors have done an amazing job of combining their core capabilities – what they’ve been doing well for 40 years – with investments in key areas that keep them relevant. As for the disintermediation discussion, we’ve been hearing that forever. We heard it with the transition from hardware to software to SaaS. We heard it in the cloud transition. Now we hear it with hyperscalers. And the reality is it hasn’t happened. It won’t happen. You can go look at the earnings of the major distributors in 2025 and say, well, that certainly isn’t a business being disintermediated. That’s a business that’s thriving. And the secret is they’ve done an excellent job of understanding what’s required with their core constituency – the vendor community upstream and their customers downstream. Robert Dutt: One thing I’d add, maybe more from a solution provider point of view, is that a lot of the disintermediation predictions were tending to describe distribution as a transaction – the bank and the warehouse, a single point in the supply chain that can be removed. But there’s more to distribution than that transaction. There’s the ecosystem side – the way distribution has made itself stickier through things like partner communities. Can you talk about what distribution does that’s harder to replicate than simply having a bank and a warehouse? Frank Vitagliano: Absolutely. About three or four years ago, we started talking about distribution as the orchestrator of the ecosystem. You can look at that and say, okay, that’s a catchy marketing term, but what does it really mean? What it means is that there needs to be somebody within the IT ecosystem that connects all the pieces, and distribution is the logical point for that. When I do presentations about what distribution does, I can put up a chart with an enormous number of activities, and typically people’s eyes start to glaze over. But what I tell people is: these are all the activities that are part of getting a solution – not a product, but a solution – from the suppliers involved. And typically there are four or five vendors in every solution. It isn’t as simple as putting a PC on someone’s desk anymore. It’s way more comprehensive when you include all the technology, including the whole cybersecurity conversation. Distribution has the ability to do that, and has been doing it in a multi-vendor world since day one. Then when you look at the customer side – and this is the piece I really learned when I became a customer of distribution – there’s a whole set of capabilities around end user experience. Whether it’s managing the myriad of subscriptions that are out there, the typical solution provider today – whether it’s an MSP, a professional services organization, or the hybrid organization that I ran, with hardware, managed services, and professional services all combined – when they look around for who can help them, distribution becomes the natural spot. Vendors are very focused on training solution providers to sell their specific product, not necessarily to sell a complete solution. So partners turn to distribution for that, including now for AI guidance – how do I deal with it, what areas should I focus on, how do I train my people, how do I educate my customers. And then you add the communities. Distributors support partner communities that let a small solution provider in Canada, for example, punch way above their weight – accessing capabilities they couldn’t afford on their own because the distributor and the community members are supporting them. Really big deal. Robert Dutt: Let’s talk about some of the recent research. Your report found that 86% of suppliers are either using or actively evaluating digital platforms for transactions, lifecycle management, and analytics. That feels like a pretty fundamental shift in what distribution even looks like day to day. What does that transition mean in practice, and what does a distributor’s digital platform need to do that a vendor or a marketplace can’t? Frank Vitagliano: There are three things it does – and they’re well on the way to doing all three, although the third one is still a bit in transition. The first is that the platform provides an incredible productivity enhancement to just doing business. The basics – getting a quote, getting an order through the system, figuring out the right solution. There are studies showing that in some cases what used to take four hours is now taking 30 to 40 minutes. The productivity gains are significant enough on their own that vendors who have committed and built the appropriate API integrations will tell you it’s worth the engagement for that reason alone. The second thing is that distributor marketplaces are multi-vendor marketplaces. You don’t get that when you’re dealing directly with a vendor – you get their marketplace. Maybe some ancillary support, but it’s not a true multi-vendor, compatibility-tested marketplace. It’s the same with the hyperscalers. Hyperscalers have done a fabulous job and collaborate very well with distribution, but at the end of the day, a hyperscaler is a direct vendor – the same category as an IBM, a Juniper, a Dell. They have more capabilities than a single-vendor marketplace, but they still can’t match the breadth of a distributor marketplace when it comes to multi-vendor compatibility testing, subscription management, training, and services. So it’s not instead of – it’s in addition to. Hyperscaler marketplace, great. Vendor marketplace, great. Distributor marketplace can provide all of that plus. The third thing – which I believe will ultimately be the big differentiator – is this: if you ask any solution provider what the number one thing is they want from distribution, they tend to overlook the basics distribution already provides and say: I want distributors to help me drive sales. I want them to help me identify and close opportunities. AI-enabled opportunity identification, based on years and years of history and data, is providing that in ways that weren’t possible five years ago, two years ago. When you can go to a partner and say: three years ago you sold this configuration to these customers, and those customers now need an upgrade or new security features – here’s the customer, here’s the opportunity, here’s how we can help you close it – that’s the game changer. And it’s starting to happen. Robert Dutt: You hit on a key point there, which is the scale piece. Everything they do, they do at scale. And one of the reasons some of what distribution does gets taken for granted is they’ve been doing it for a long time at scale extraordinarily efficiently – because with a one to two percent net margin model, you don’t have a choice. Frank Vitagliano: Exactly. You can’t run a one to two percent net business and not be able to do it efficiently at scale. The margins aren’t big enough to survive any other way. That’s right. Robert Dutt: We’ve talked about the changing nature of distribution over the decades. When you were on the vendor side building distribution strategies, what did you expect or want from distributors that you weren’t always getting? And has anything changed about what vendors should be expecting today versus ten years ago? Frank Vitagliano: Back then, I was getting the basics – no debate there. What I wasn’t getting, and what I think we now have the opportunity to get, is leverage from data. I’ve been working with distributors for 40 years, so they’ve got 40 years of information. And in many cases, the distributors knew the end users that product was going to – it would go through a solution provider but ship directly to an end user. All that data existed, but we were never able to harness it to get what I needed for opportunity identification. I got inside sales support, both technical and to some degree sales. I got outside sales teams supporting opportunities. But I wasn’t getting the insights I really needed to figure out how to grow to the next level. I was getting the support I needed. I wasn’t getting the sales capabilities I needed. That was always the gap. So when we’d design programs and allocate MDF dollars to distribution, I’d fund inside sales heads focused on IBM, Juniper, or Dell. But the outcome I was looking for was increased volumes, increased opportunities, increased sales. I took for granted that if I brought distribution an opportunity, they’d support it flawlessly and at scale – no question. But I wanted them to bring me opportunities. And I’m not saying it didn’t happen, because it did – but it wasn’t completely consistent or transparent. It required effort. What’s happening now with AI-supported platforms, you have the ability to do that in a way that wasn’t possible before. Smart people are designing these platforms in conjunction with the supplier community and customers, and it’s happening. That’s a huge deal. Robert Dutt: One of the things I keep thinking about with distribution in a country like Canada is that it plays differently here. Part of that is the geography – huge country, relatively few major centres spread throughout. But there’s also Canadian-dollar credit, local peculiarities in terms of language – you have to parler français to be successful in the Quebec market – and different regulatory considerations. How do you see distribution’s role being amplified in markets like Canada versus larger, more centralized markets like the US? Frank Vitagliano: That’s one of the real values the global distributors provide – they have experience dealing with markets beyond their home territory, and they bring that cross-border understanding wherever they operate. One of the papers we did last year talked about how to build a distribution strategy for the vendor community. If you’re a supplier thinking about Canada, what do you think about? How many distributors do I need – one, three, twelve? We go through this in the paper, which is available on our website. You think about the TAM of the market, the geography, where you need warehousing to reach major markets effectively. You think about whether you need global players, what combination of local players – because every market has what we call local heroes who are really strong within their community. And then domain specialists – do you need a cybersecurity-focused distributor in addition to your broadline relationships? A lot of vendors think the more distributors they have, the more business they’ll generate. That’s not true. More distributors fighting with each other becomes a cost issue for the vendor and a margin issue for everyone. Building a thoughtful distribution strategy is genuinely important – and the nuances of a market like Canada are exactly the kind of thing that gets missed by vendors who don’t think it through. Fortunately, it’s all laid out in the paper for those who want the framework. Robert Dutt: My last question. We’ve talked about being at the early stages of the platform evolution and where it has the potential to go. If we’re sitting here again in five years, what does distribution look like? And what should partners and vendors be paying attention to right now? Frank Vitagliano: Good question. When I first took the job at GTDC in 2019, right before the pandemic, I was hearing all this discussion about disintermediation – hyperscalers were coming into play, cloud was a big deal, SaaS transition was accelerating. I took the job thinking: I don’t believe distribution is going to get disintermediated, but let’s go do a study. So we did Distribution 2025 – a five-year view of what we thought would happen. It turned out to be pretty accurate. A big part of that was validated by the pandemic, which made the value of distribution extraordinarily obvious. At the beginning of 2025 we did Distribution 2030, and we laid out what we see ahead. Clearly, a fully functioning AI-supported platform will be in place in five years. Not 86% of vendors – every vendor will be utilizing it. There will be major cybersecurity enhancements, and major opportunity identification scenarios where vendors will really begin to get that level of sales support from distribution with the existing basics still covered. I also see the enhancements creating stickiness. Today, any customer can work with any authorized distributor. The question is: how do you make your services sticky enough that they become primarily focused on one or two distributors rather than spreading everything around? Same on the supplier side – vendors will narrow to a smaller subset of distributors who can provide the level of service and platform integration they need. I don’t think it ever becomes exclusive, because most folks will view that as too risky. But it’ll certainly be a lot more thoughtful than “let me just sign up as many distributors as I can.” And I see potential for additional consolidation in the distributor market, particularly in Europe and Asia – not so much in North America, where five or six distributors already represent 90% of the business. But globally, I think we’ll see that over the next few years. Robert Dutt: Fun to have a talk about the ever-evolving nature of distribution. I appreciate your time, Frank. Frank Vitagliano: Rob, thank you for the platform. I love talking about it, as you can probably sense, because I’m genuinely passionate about what they do. I think distributors have done an excellent job over the years of doing what they needed to do to support existing business, while also making the investments required to ensure they weren’t left behind – they weren’t the Blockbuster or the Kodak of the IT space. You could argue that could have happened. But it isn’t happening. And it goes back to the number one point I made: they’re listening to their customers and their suppliers. Robert Dutt: It certainly has not happened. Frank, thank you. Enjoy the talk. Frank Vitagliano: Thanks, Rob. [Music] Robert Dutt: There you have it. Frank Vitagliano from the Global Technology Distribution Council. I’d like to thank Frank for his time and a really candid conversation. It’s not every day you get someone who sat on the vendor side, the solution provider side, and the industry body side, willing to talk openly about what distribution gets right, what it hasn’t always gotten right, and where it’s headed. A couple of things that stood out to me. Frank’s point about distribution evolving from what he called a bank and a warehouse into an ecosystem orchestrator – that’s not just branding. When you think about what it takes to stitch together multi-vendor solutions, handle consumption models, manage renewals, and now use AI to identify opportunities that individual vendors and solution providers can’t see on their own, that’s a fundamentally different value proposition than moving boxes and extending credit. And his candor about what he wasn’t getting from distribution when he was on the vendor side at Dell, and how platforms and data are finally closing that gap – I thought that was a really honest moment. The other thing I’d flag is his point about stickiness – the idea that vendors are going to narrow their distribution relationships and go deeper with fewer partners. That has real implications for solution providers too, in terms of which distributors they’re aligned with and what platforms they’re investing in. If you haven’t already, check out my solo episode on why distribution endures. It sets up a lot of the themes Frank and I explored here, and the two episodes work well together. If you’re enjoying In The Channel, I’d appreciate it if you’d follow or subscribe. You can find us on Apple Podcasts, Spotify, YouTube, and most podcast directories. And if you have a minute to leave a rating or a review, that goes a long way to helping other people in the channel community find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Rob Falzon, Head of Engineering in the Office of the CTO at Check Point Software Technologies Canada’s data sovereignty landscape is shifting faster than most organizations realize – and according to Rob Falzon, Head of Engineering in the Office of the CTO at Check Point Software Technologies, the conversation isn’t happening early enough. In this episode, Falzon breaks down the regulatory pressure building around Canadian data – including Quebec’s Law 25, Bill C-8, and new federal PIPEDA reform expected this spring that is expected to include data sovereignty provisions. He draws a sharp distinction between data residency (where data sits at rest) and data sovereignty (control over the entire processing chain) that many partners and their customers are still conflating – and explains why contracts alone can’t solve the problem. Falzon unpacks the CLOUD Act dimension: if data lives in the U.S., it is accessible to the U.S. government regardless of where your company is headquartered or what your service agreement says. For MSPs, the conversation turns to opportunity. Recent research from Kiteworks found that 23% of Canadian organizations experienced a data sovereignty incident last year, and mid-market firms lag enterprise by 15 to 25 percentage points in sovereignty maturity – despite facing the same penalties. Falzon’s advice: lead with risk, not product. He also raises a recent U.S. legal judgment holding that all data entered into ChatGPT belongs to OpenAI – and asks whether organizations using AI services even know where that data is going. Check Point launched a dedicated Canadian data region for CloudGuard WAF in March, opening doors to government and regulated-sector contracts that were previously unavailable to partners. But Falzon’s bigger point is this: the regulatory picture is still coming into focus, and MSPs who get educated now – before the legislation fully lands – have a real chance to stake out expertise and become the trusted voice in the room when urgency hits. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. There’s a phrase you’re probably hearing more and more in customer conversations: data sovereignty. And if you’re not hearing it yet, you probably will soon. Canada’s regulatory landscape around data is shifting fast. Quebec’s Law 25 is already in force with real financial penalties. Bill C-8, the Critical Cyber Systems Protection Act, is working its way through committee. New federal privacy reform is expected this spring, and underneath all of that, there’s a growing realization that the old assumption—that if it’s okay for the U.S., it’s okay for us—may not hold up much longer. My guest today is Rob Falzon, Head of Engineering in the Office of the CTO at Check Point Software Technologies. Rob has spent over 30 years in large-scale security architecture, including government work, and he’s been with Check Point for over two decades. He’s based here in Canada and has a front-row seat to how this market handles security and compliance differently from the rest of the world. We’re going to talk about what’s driving the urgency around data sovereignty in Canada right now, the distinction between data residency and data sovereignty that a lot of partners are still conflating, and what it all means practically for MSPs serving the Canadian mid-market. Let’s get right into it—my chat with Rob Falzon. Rob, thanks for taking the time. I appreciate it. Robert Falzon: No trouble. Robert Dutt: You’ve been in the industry a long time, with Check Point for two decades, and you’ve had a front-row seat to how the Canadian market specifically handles security and compliance. For an audience of Canadian VARs and MSPs, how has the data conversation in Canada changed over, say, the last 18 months or so? It feels like something’s shifted in that discussion. Robert Falzon: Yeah, there’s been a significant shift. In the past, obviously, we’ve seen the changes that have happened with our neighbors to the south and how the climate and atmosphere have changed. It’s caused folks in Canada to have a closer look at what their various different arrangements are from a trust perspective, and what their comfort level might be in where they store their data and how they manage that data—and where their customers are based as well. I think that’s been the primary change in the last few months specifically. For a long time, we’ve had this feeling that Canada and the U.S. have been sort of the same. There wasn’t really a big concern because we have agreements back and forth. A lot of the recent changes have forced us to really revisit those arrangements and see: are we actually making sure that the information is safe and protected? As a result of that, we’ve been getting those questions at Check Point, and it’s incumbent upon us to manage it in such a way that our customers get the security and safety they need while meeting their business requirements. Robert Dutt: From the regulatory side of things, there’s a lot going on. We have Quebec’s Law 25 in place with real penalties behind it. We have Bill C-8 working its way through committee. There’s going to be PIPEDA reform coming up sometime fairly soon, which is rumored to include data sovereignty provisions. Back in November, the government introduced the Digital Sovereignty Framework. For a Canadian MSP who hasn’t been tracking all of this closely, what’s the picture they need to have in their head right now of the regulatory scene? Robert Falzon: Well, like you pointed out, there’s no comprehensive federal law just yet. As you mentioned, there are a number of things on the table and we have some direct focus now from the federal government. There’s a minister assigned specifically for AI that’s taking a very close look at how Canada is managing that. We also have this provincial patchwork. Ontario probably has the most established AI-specific roles so far. Alberta’s Privacy Commissioner also has a report they released last year talking about Alberta creating its own AI law and updating its privacy legislation. All of these changes are happening fairly quickly right now, and it’s incumbent upon MSPs to make sure they’re aware of what these changes are and where they are operating their businesses. There are two aspects to this. The first is the business side: if you have customers that want to consume your services, you need to make sure your services are consumable by them—that you are meeting their data regulation requirements and that the residency and sovereignty requirements these new pieces of legislation introduce are met by whatever services you’re providing. The challenge is that there’s not a lot of clarity right now around what these actual services are. Maybe AI is touching it, or some security component is touching it, but maybe it’s a different type of service related to marketing. This is going to be a challenge for MSPs to make sure they understand their compliance obligations and to closely look at their service offerings. They need to start to decouple what we used to think was an accepted understanding—that if it was okay for the U.S., it was okay for us. It’s not going to be the same anymore. Robert Dutt: There’s another piece of legislation, not necessarily on our side, but the CLOUD Act hanging over all this. Can you walk us through how the CLOUD Act changes the calculus for Canadian organizations using a U.S.-headquartered cloud or security provider? Robert Falzon: There are a few things here to unpack. First of all, it’s not finalized; there are still a lot of negotiations underway. This started back in 2021 or 2022, and obviously, when that started, we were in a completely different geopolitical context than we have today. That’s transformed things into a more complex policy debate and even, to some degree, a national security debate. For us, we’re going to have to start looking very carefully about what regulations we put in place at the federal level that impact us from a legal compliance perspective. Is your CISO well aware of what your obligations are under this? I think if I look at what’s going to change, we’re still going to have to start hosting much of the information we work with in Canada. Anything related to security rule sets, business transaction information—all of this is going to have to be stored in Canada. If you are still leveraging contracts that you might have in the U.S., you’re going to have to look at how you separate out those specific types of data that are protected by law and have them processed and stored in Canada. You may not be able to get out of some of these hosting contracts in the U.S., but the fact is, if that data is in the U.S., it’s going to be available to the U.S. government. If that availability contravenes any legislation we have here, it’s something you’re going to be liable for. Robert Dutt: A lot of times, maybe at the customer level and the partner level, there’s some conflation between data residency and data sovereignty. Can you break that apart? I think when a lot of people hear, “We have a Canadian data center,” they assume the compliance checkbox is checked. Robert Falzon: Yeah. The difference fundamentally is essentially data at rest versus data in motion. If you are storing databases or static information about customers, that data must be resident in Canada. Data sovereignty is essentially the entire chain. Any processing has to be done in Canada, storage has to be done in Canada—the data cannot leave the country or its control sphere the entire time it’s in your possession. I think that’s a critical differentiation because they are often, as you say, conflated to be the same thing. Robert Dutt: What does a sovereignty-defensible architecture actually look like? What are the non-negotiables to make sure you’re covered off there, especially as a service provider? Robert Falzon: You have to look at all of your vendors. You have to make sure that not only are you managing your data effectively yourself, but that all of the vendors you interact with are also following the same guidelines. The challenge here is that we are so integrated with U.S. providers—cloud providers, data center providers. All of those things need to come together, and we need to be aware at all times where this information is stored. Our understanding of where that data is has to improve, so we need better tools to manage that visibility. But we also need to start making actual changes in our infrastructure to make sure it physically resides in Canada. And then we need to look at the rule sets you’re using to manage that data. Do you have the proper security context to store and manipulate that information strictly in Canada as per data sovereignty regulations? Robert Dutt: Let’s bring this to the partner level. There’s a recent survey from Kiteworks that shows 23% of Canadian organizations experienced a data sovereignty incident last year. Mid-market firms lag enterprise by 15 to 25 percentage points in maturity, but they face the same penalties. For an MSP serving that mid-market space, where’s the actual opportunity in terms of educating and compliance? Robert Falzon: Well, if MSPs are at the stage where they’re concerned and trying to get information, imagine where many of our customers are standing. Customers are trusting their partners to provide them with guidance and leadership. If we think about verticals like healthcare, financial services, or the public sector—these are not organizations that typically have heavy internal services or the skill sets to make these decisions about where their cloud data is processed. They’re relying on partners for that. If there are issues, the buck stops with the customer themselves. By helping to educate their customers—making them aware of coming changes, understanding the differences between sovereignty and residency, and looking at their other vendors—partners can take a leadership position. There’s a bit of a vacuum right now in speaking with both partners and customers, where everybody’s just going, “I wonder what’s going to happen next? Am I even ready for this?” It’s a great opportunity to improve their business. Robert Dutt: Is the first question to that customer the general, “Do you know where your data is living and who has access to it?” Or what’s the first concrete question an MSP can take to their customers? Robert Falzon: Well, there are a whole lot of things. First, partners are going to have a better understanding of their customer profile. If they have customers with significant multi-cloud complexity or exposure to the CLOUD Act, they’ll want to start by talking to them about their immediate risk. The challenge we often have is that we want to go in and talk about how a product or service is going to make a difference. Ultimately, what we really need to do is share the conversation about risk. The risk conversation is often overlooked in favor of saying, “I’d like this customer to buy some more Check Point.” But at the end of the day, all of that comes back to their understanding of what the risk is. I would start with risk: talk about what’s in the CLOUD Act, talk about complexity, and talk to them about AI data exfiltration and how that impacts leakage from a legal perspective. Stay away from conversations about specific products and focus on the business outcomes for the customers. That’s what’s going to get you the traction. Robert Dutt: Check Point launched a dedicated Canadian region for CloudGuard Web Application Firewall in March at the Victoria Privacy Summit. What’s driving security vendors specifically to put in infrastructure in Canada right now? Robert Falzon: This is an interesting question because it’s really not a “right now” thing. This is something we’ve been actively looking at for some time. It’s not as easy as just saying, “I’m going to do this in Canada only.” There’s a lot of backend stuff that has to happen. Five years ago, the technology and infrastructure available were somewhat limited. You have to be able to trust the infrastructure you’re placed in. It’s taken years to get here, and we’re quite confident in our ability to deliver the exact same level of quality as we did when it was solely based in the U.S. Countries around the world are starting to take a close look at their most important assets—data and intellectual property—and seeing how easily technology is being used to gain access to private information. Companies would be well-served to understand that this has been a long cycle; it’s not something that just happened overnight. Robert Dutt: For a partner who’s already selling Check Point solutions, what practically changes for them now that this Canadian data region is in place? What deals or conversations does it unlock? Robert Falzon: Certainly anywhere where privacy is paramount, it’s going to have a huge impact because you can start the conversation with the understanding that anything we’re talking about today is going to be data resident and data sovereign to your Canadian customers. That immediately sets you apart from many other vendors who cannot make that claim. If you can address the concern of privacy legislation right out of the gate, then you can focus on the actual business outcomes. It’s going to open doors with agencies very sensitive to this—government entities at the municipal, federal, and provincial levels that might have been off-the-table to a partner that didn’t have solutions meeting those criteria. Robert Dutt: For the MSP who’s a little earlier in the process, what’s the first practical step internally to make sure you’re building this out as an opportunity? Robert Falzon: You have to be extremely well-educated in the legal aspects because you’re going to want to make sure you have a compliance story and accountability you can speak to with your customers. But looking at all the uncertainty relating to AI and machine learning, being able to tie data residency and sovereignty into how that impacts their ability to utilize these new technologies would be a real door opener. There’s a tremendous amount of misunderstanding and lack of information available to customers currently running these solutions. If I were a partner today, I’d be looking at how I have the conversation about security, privacy, and data sovereignty in terms of their ability to be more competitive in the future by leveraging these advanced technologies in a secure way. Robert Dutt: What’s the risk of doing nothing? If I’m a partner and I decide to just keep selling the same way and assume data sovereignty is someone else’s problem, what does that look like 12 months from now? Robert Falzon: Hopefully your customers are already taking a zero-trust approach, so it might be easy to say, “I’ll wait until this settles a bit.” It’s not crazy to think that could still be effective. But if one waits too long and it becomes legislation, now you’re playing catch-up. You won’t be perceived as a leader in the space, and as we know, it’s much harder to win business away from someone else than it is to keep business you already have. Robert Dutt: Last question: what’s the thing about data sovereignty in Canada right now that you think isn’t getting enough attention? Robert Falzon: I think honestly, the conversation about data sovereignty and residency itself is not mentioned enough. It seems to be addressed after the fact. I’m starting to see it come to the forefront, but I still don’t have conversations on a daily basis about this. Even though this announcement was made, I’m still not getting a lot of phone calls about what this means for me, and I would have expected to get a lot more. If we look forward five years, we’ll look back at this and go, “Wow, I can’t believe we only just got that then.” Things are moving so rapidly. If we look at the adoption of AI internal to large corporations—I’ll ask them if they are using AI services, where those services are based, and what the legal ramifications are. Nobody is talking about where the data from ChatGPT lives. There was a legal judgment in the U.S. a couple of weeks back where it was agreed that all data entered into ChatGPT belongs to them—it belongs to OpenAI. Imagine if that’s your company’s data, and you don’t even know it’s leaving because the services you’ve invested in are hosting data all over the world and not in Canada. That’s a risk that’s really not being discussed in an appropriate way. Robert Dutt: It’s an interesting indicator. If the conversation isn’t happening early, it suggests we’re still early in the cycle, and that’s an opportunity for an MSP to stake out a brand in this space. Robert Falzon: Exactly. At this very moment, anyone in the partner ecosystem should be looking at their internal systems and processes and finding out how compliant they are personally. If you don’t understand your internal architecture and what partnerships you have in your own pipeline, you’re going to be well behind when it actually comes to implementation. Robert Dutt: Great insights. Thank you very much for your time, Rob. Robert Falzon: Thank you so much. Robert Dutt: There you have it, Rob Falzon from Check Point Software Technologies. I’d like to thank Rob for his time and for a conversation that I think went well beyond the usual talking points. Thank you for listening. Here’s a few things that stood out for me from this conversation. First, there’s a really important distinction between data residency and data sovereignty that Rob laid out cleanly. Residency is about where the data sits at rest. Sovereignty is about the entire chain—processing, storage, the works—and making sure none of it leaves the country’s control sphere. If your customers think having a Canadian data center checks the compliance box, that’s a conversation worth having with them. Second, there was that striking point about AI data exfiltration. A recent U.S. legal judgment held that all data entered into ChatGPT belongs to OpenAI. If your customers are using AI services and don’t know where that data is going and who owns it once it gets there, that’s a risk that most people simply aren’t talking about yet. And that brings me to what I think was the most telling moment: Rob’s candid admission that even after Check Point’s Canada data region announcement, he’s not getting a lot of calls about data residency. That tells me we’re still early. The regulatory picture is coming into focus, but it’s not fully formed yet, and a lot of partners and customers are in wait-and-see mode. That’s actually an opportunity. If you’re an MSP who moves now—gets educated on the regulatory landscape, audits your own internal compliance, and starts leading the sovereignty conversation with your customers—you have a chance to stake out real expertise and become the trusted voice before this becomes urgent and everyone’s scrambling. Follow or subscribe to the show. You can find In The Channel on Apple Podcasts, Spotify, YouTube, and most podcast directories. Ratings and reviews are always appreciated—they help other folks in the channel find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

JoeAnne Hardy, president of WBM Technologies In this episode of In The Channel, I'm joined by JoeAnne Hardy, president of WBM Technologies. WBM is a fixture on the Canadian channel landscape, but its story is one of constant, deliberate reinvention. Founded in 1950 as Western Business Machines in Saskatoon, the company has evolved from a local typewriter and copier shop into a sophisticated managed services provider with a team of 527 professionals across Western Canada and the US. JoeAnne shares her personal journey from starting as a sales assistant to leading a management buyout and eventually taking the helm as President. We dig into the “curse” of the entrepreneur—that moment when a thriving business begins to take a toll on personal well-being—and the specific leadership shift WBM made to ensure that as the company grew, life got better for its people. We also tackle the big questions facing MSP owners today. JoeAnne walks through WBM's strategic decision to partner with Westcap Mgt. Ltd. for growth capital, offering a masterclass in how to evaluate private equity without losing your company's soul. We also discuss the current supply chain volatility, the “RAMmageddon” memory crisis, and how WBM uses its patent-pending Enterprise Experience Platform to turn abstract managed services into measurable end-user outcomes. From the importance of values-based hiring in a competitive talent market to the impact of major regional developments like the Bell AI data center in Regina, this conversation is packed with actionable insights for any channel leader looking to scale with purpose. Read Full Transcript Robert Dutt: Hello and welcome to In the Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. My guest today is JoeAnne Hardy, president of WBM Technologies. WBM is one of those companies that if you’re in the Canadian channel, you’ve probably seen on the lists—the CRN Elite 150, nine years running, FastRiser on the SP500—but the story behind those rankings is more interesting than the rankings themselves. WBM started in 1950 as Western Business Machines, a storefront in Saskatoon selling typewriters. 75 years later, it’s a managed services provider with more than 500 IT professionals across five cities in Western Canada and a growing US operation. JoeAnne has been there for more than 20 years. She started as a sales assistant, worked in virtually every department, led a management buyout, and today runs the whole show. We talk about what it actually feels like to reinvent a company across multiple technology eras; the moment she realized her own success was making her life worse and what she did about it; building and keeping a team from a prairie base; the decision to take growth capital from Westcap; and what’s ahead in a market where supply chains are under serious pressure and AI is reshaping what managed services even means. Let’s get right into it. My chat with JoeAnne Hardy. JoeAnne, thanks for taking the time. I appreciate it. JoeAnne Hardy: Good to be here. Thanks for having me. Robert Dutt: WBM opened its doors on May 1st, 1950 in Saskatoon as Western Business Machines, obviously pre-computer by any definition we know. Now you’re a CRN Elite 150 MSP for nine consecutive years. What does it actually feel like from the inside to lead a company through that many transitions, and how do you decide when it’s time to let go of something that’s still working? JoeAnne Hardy: Well, what a big question to start with! Full disclosure, I have not been here since 1950. My journey at WBM started in 1996, but it is really a privilege to be part of an organization that does have this tremendous history in Western Canada. I think our history is really a testament to evolution around the right things. For us, that evolution has been evolving around our customers and our customer needs. We’ve got a picture that hangs in our Saskatoon Operations Centre from the 50s. The shingle says Western Business Machines and in the window there are posters for typewriters and adders. If we had clung to being experts in typewriters, we wouldn’t be here today. What we know with certainty is that we existed before the internet, and our business is not centered around technology evolutions—it’s centered around our client community. That makes sure we’re relevant, whether what we do today exists in 18 months or not. Robert Dutt: You mentioned the anxiety that can come with some of these pivots. Was there ever a pivot point that was scarier or one where you’re looking around the table like, “I don’t know what the outcome is going to be here”? JoeAnne Hardy: There is one thing that comes to mind. In 2008, myself, Brett Bailey, and Bob Hardy did a management buyout. We closed our deal right before the financial collapse. We reached a point where we had our partnership meetings on Tuesday mornings, and the business was doing great. But I came to one of those meetings and I wasn’t feeling so great. I felt like something was really upside down—that the better the business did, the worse my life was getting. It’s the “curse of the entrepreneur.” I didn’t know if I had another hour in the day to give. I said that out loud, and both Bob and Brett felt the same way. We decided in that moment that we wanted to create an environment where the better the business did, the better our lives got. The secret was building a leadership team around us. Since that point, we’ve completed nine acquisitions, expanded across Western Canada, opened a US entity, and taken on a private equity partner. And we’ve had fun the entire time. Robert Dutt: How has that been reflected throughout the ranks of the organization since you made that change? JoeAnne Hardy: We see it in all different ways. A number of years ago, we set a goal to contribute a million dollars back to the communities we live and work in over a five-year period. We hit that goal in 2025—which was our 75th anniversary—just three years in. These initiatives aren’t decided in a boardroom; they come from the connections our team members have in the community. Robert Dutt: You worked your way up from being a sales assistant. How does having been throughout the business in different roles shape how you lead it now? JoeAnne Hardy: I grew up on a cattle ranch in Maple Creek, Saskatchewan. I learned the value of hard work and understanding how things work. Because that was my upbringing, it felt natural at WBM to be curious. Probably the biggest way it impacts my leadership is that when we have a problem, you have to go right to the people doing the work. They’re in front of the customers. Decisions shouldn’t just be made by “smart people in a boardroom.” You have to maintain that curiosity about what the frontline roadblocks are. Robert Dutt: You have offices in Regina, Calgary, Vancouver, and Winnipeg, with headquarters still in Saskatoon. Is being outside the big city tech hubs a disadvantage, or is it part of the value proposition? JoeAnne Hardy: I think it’s part of the value proposition. When we sit down in a governance meeting and we’re telling stories about a local restaurant in their community, it’s a differentiator. One of our customers, Federated Co-op, has retail locations far and wide. When the team supporting them through our enterprise service desk showed up for their first meeting, they introduced themselves by their local Co-op member numbers. Robert Dutt: When you’re hiring, how do you think about values or gut-based “feel” versus technical credentials? JoeAnne Hardy: It has to be a fit on both sides. Hiring isn’t an individual sport; it’s a team sport. It’s important for many members of our team to be involved so they can give an honest assessment of how an individual would thrive here. We want to live up to being a great place to build a career. Robert Dutt: Let’s talk about right now. Your monthly procurement update has become must-read for me. You’re telling customers to “buy the RAM” for the life of the system right now. What are you seeing day-to-day on that front? JoeAnne Hardy: Our customers look to us for expertise in supply chain management. Our role is helping them manage their lifecycle, and that insight comes from deep relationships with manufacturers and distributors. Our ability to help our customers be insulated from the impact of these things is a big differentiator. We have warehouses across Western Canada, so we can help customers think proactively. Our job is to make our customers heroes in their own organizations so they can take that information to their leadership teams. Robert Dutt: In 2022, Westcap made a growth investment in WBM. Walk me through how you thought of that as a leadership team. JoeAnne Hardy: We cast a wide net to see what opportunities were available. We had clear goals: Bob’s retirement, fueling acquisitions, and staying in control of the organization. Before we started the process, we were rooted in what our goals were. That gives you a framework to evaluate everything from strategic takeovers to private equity. We chose Westcap because their value proposition was that they invest in management teams they believe in. They proved it through the process. My advice to other MSPs is to be rooted in what you’re trying to accomplish before you turn the page to looking at options. Robert Dutt: Bell just announced a $1.7 billion AI data center outside Regina. Does that change the opportunity for WBM, and what does AI look like as a service line for you? JoeAnne Hardy: AI has been part of our world for many years, so a news release about a data center isn’t the “turning point.” What’s different now is the rate of acceleration. We’re excited because this is now a conversation in every boardroom. Every CIO has AI initiatives underway, and we’re helping them enable technology they likely already own but need to understand how to leverage. Robert Dutt: You have a patent-pending Enterprise Experience Platform. How do you think about that kind of proprietary IP? JoeAnne Hardy: It takes all the individual service items we offer and looks at them through the customer lens—the end-user experience. If you have disconnected services, the end user feels it. Why doesn’t the service desk know I’m a new employee? Why is there no plan for my old device? The platform allows us to create a governance model built around making that experience seamless. The “end-user” isn’t just the person at the computer—it’s the IT department, the finance department, and the HR department. Robert Dutt: Last question. If you could go back to the JoeAnne who was just starting as a sales assistant and tell her one thing about what this journey was going to look like, what would it be? JoeAnne Hardy: I would say that everything that doesn’t work out is just as valuable as the things that do. As a young woman starting out, I had a fear of making a mistake. But I reached a point where I realized the “butterflies” in my stomach were just the feeling I got before something awesome happened. Those mistakes are the growth moments. They’re way more valuable than the days everything goes exactly as planned. Robert Dutt: “We win or we learn,” right? JoeAnne Hardy: Yes, exactly. Robert Dutt: JoeAnne, thank you so much for your time. JoeAnne Hardy: Thanks, it was great to visit with you. Robert Dutt: There you have it, JoeAnne Hardy from WBM Technologies. I’d like to thank JoeAnne for her time—and for her candour. It’s not often you hear a company president talk openly about the moment they realized the business was winning but they were losing, and then walk you through exactly how they fixed it. A few things I’m taking away from this one. First, the idea that growth should make your life better, not just your revenue bigger. Second, her framework for evaluating outside capital—know your non-negotiables before you start the conversation. And third, the way WBM thinks about the end-user experience as a platform. If you’re enjoying the podcast, find us on Apple Podcasts, Spotify, and YouTube. Follow or subscribe so you don’t miss an episode. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Dan Candee, CEO of Cork Cyber When Cork Cyber first showed up on the radar a few years ago, it was easy to file under “cyber warranty” and move on. But Dan Candee, who came in as CEO in mid-2024 from AWS and Dell, has been pushing the company well beyond that starting point. What’s emerged – a risk visibility platform, a scoring system, and now active remediation tools – looks less like a warranty company bolting on features and more like a deliberate platform play built on a foundation most vendors don’t have: financial skin in the game. Candee positions the warranty as Aflac for cyber insurance – a fast-response layer, not a replacement. But the more compelling moment was his account of a Canadian construction company that had every security check mark green and still got hit through a BEC attack because someone didn’t verify an ACH change by phone. Cork paid out. The MSP kept the client. The Cork Score is where things get practical for MSPs. Candee walked through showing a client they’re at a 350 because of incomplete MFA adoption, then demonstrating that three specific changes move them to a 700. It’s a QBR weapon, and the Credit Karma comparison holds up. On the business side, Vantage starts at a dollar per endpoint and scales to 35 cents. Financial protection comes in four tiers ($25,000 to $500,000), with the lower tiers designed for MSPs to absorb and bundle as a retention tool. Cork is active across Canada excluding Quebec, available through Pax8, and runs entirely through API integrations with no agent required. Candee teased an autonomous remediation engine for summer 2026. Whether Cork can deliver at the pace they’re promising is worth watching. Read Full Transcript TRANSCRIPT TO COME

In Case You Missed It for the week of April 13, 2026, for Canadian IT solution providers – and the final episode of ICYMI before The Buzz launches April 20: Cisco compute prices jump April 18 – and it’s not just Cisco. WBM Technologies’ April 2026 procurement update flags list price adjustments taking effect April 18 on Cisco compute hardware, driven by ongoing memory market volatility. HPE saw 24-30% list price increases in March alone. HP, Intel, AMD, and Fortinet have all announced increases of their own. SK Group’s chairman says the memory shortage could last until 2030. WBM’s recommendation: pull purchases forward now, and lock in any Cisco compute quotes before April 18. AWS begins paying partners direct cash for managed services – but requires revenue tagging by summer. In its most significant partner program update in years, AWS announced it will pay cash benefits to partners for delivering managed services – a first. A new Partner Revenue Measurement system uses resource tagging to attribute partner-generated revenue, even on AWS-booked deals. By end of 2026, all AWS programs will depend on this measurement; partners are asked to adopt it by July. The update also includes a revamped agentic AI-powered Partner Central hub (cutting admin time 30-40%), an AI Assessment Fund, and a new Greenfield Program for net-new customer incentives. Full CRN breakdown of all eight new AWS partner programs. Nutanix delivers complete agentic AI platform at .NEXT – and a Toronto partner wins the Americas. Nutanix used its .NEXT 2026 conference in Chicago to announce the Nutanix Agentic AI solution – a full-stack platform for building and operating AI applications on Nutanix Cloud Platform across hybrid multicloud environments. Currently in early access; GA expected H2 2026. Expanded hardware ecosystem integrations with Cisco, Dell, AMD, NetApp, and Lenovo were also announced. Toronto-based Arctiq took home the 2026 Americas Reseller Momentum Award, recognized for exceptional growth and technical depth in the Nutanix ecosystem. Canada’s unicorn list is longer – and more established – than you think. Various trackers now count 30-35 Canadian tech unicorns, including channel-familiar names like 1Password ($6.8B valuation) and eSentire. The list is a useful reality check on the depth and maturity of the Canadian tech ecosystem – and a handy reference when making the case that buying Canadian is a genuinely viable option across a wide range of technology categories. This is the final episode of In Case You Missed It in its weekly format. Starting April 20, In The Channel launches The Buzz – three things Canadian IT solution providers need to know, every weekday morning at 7 a.m. ET. Read Full Transcript Hello and welcome to In Case You Missed It from ChannelBuzz.ca, your weekly roundup where we pull the signal from the noise and bring you the stories that matter most to Canadian IT resellers and MSPs. I'm Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. And this one is a bit of a milestone, because it’s the last one – at least in this format. Starting Monday April 20th, In The Channel is launching The Buzz, a daily five-minute briefing every weekday morning with three things you need to know. Same editorial commitment, sharper cadence. More on that at the end. But first, we’re going out on a full week of genuinely important news. Let’s get right into it. Lead story this week has a hard deadline attached to it, so let’s not bury the lede. Cisco is implementing list price adjustments on April 18th – that’s a week from this Saturday – and those adjustments are focused primarily on compute hardware. The reason, as WBM Technologies laid out in their April 2026 procurement update, is the ongoing volatility in the memory market and broader cost pressures hitting the global IT supply chain. And Cisco is just one data point in a picture that WBM’s Director of Strategic Procurement, Ashley Schell, paints pretty vividly in their latest update. HPE saw a 24 to 30 percent increase in list prices in March alone. HP is raising prices by at least 10 percent on personal systems and Poly products, effective April 1st. Intel and AMD have both confirmed CPU price increases for OEMs. Fortinet is implementing monthly price increases averaging around 10 percent. Lenovo is warning that custom orders are being pushed out by 20 weeks or more on certain configurations. And Dell has cut quote validity to 14 days. The driver, as we’ve been tracking all year, is AI data center demand consuming memory capacity at a scale that’s pulling supply away from traditional commercial and channel products. Industry forecasters are now talking about this continuing well into 2027, and the chairman of SK Group – one of the largest memory manufacturers in the world – said this week that the shortage could last until 2030. WBM’s recommendation is clear: if you have upcoming technology requirements, evaluate opportunities to pull those purchases forward now. If you have Cisco compute quotes in flight, get them locked before April 18th. And take a hard look at the rest of your pipeline – the rolling increases across vendors are not slowing down. Shifting gears – this week AWS dropped its most significant partner program update in years, and for MSPs in particular, it changes the financial equation. For the first time, AWS is paying direct cash to partners for delivering managed services. Not credits, not MDF – cash. AWS VP of Partner Core Julia Chen told CRN that AWS data shows MSP-supported customers demonstrate 3.4x higher cloud spend, 58 percent better retention rates, and 5.1x customer growth. The message is: managed services creates better customer outcomes, and AWS is starting to reward that directly. But the bigger structural shift underneath this is what AWS is calling Partner Revenue Measurement. It’s a resource tagging system where partners tag workloads inside customer environments – so AWS can track and credit the revenue associated with partner-delivered work, even when the AWS seller is the one who books the deal. Chen was direct about the timeline: by the end of 2026, all AWS programs will depend on this measurement system, and she’s asking partners to have it in use by July. The full update includes eight major changes – but the other headline items are: a revamped Partner Central platform with agentic AI that AWS says can cut admin time by 30 to 40 percent, a new AI Assessment Fund to help partners fund the initial risk of AI proof-of-concept engagements, a new Greenfield Program for incentivizing net-new AWS customer acquisition, and an upgraded AI Competency framework based on real outcomes rather than just credentials. For Canadian MSPs on the AWS path: the program is getting more generous. But it’s also getting more measurement-driven. If you want the cash, you need to tag your work. Nutanix held its annual .NEXT conference in Chicago this week, and the headline announcement was what Nutanix is calling a complete platform for the agentic AI era. The Nutanix Agentic AI solution – first teased at NVIDIA GTC back in March – is now in early access, with full general availability planned for the second half of this year. It’s a full-stack platform designed to let enterprises build and operate AI applications on Nutanix Cloud Platform, integrating compute, storage, networking, and Kubernetes across hybrid multicloud environments. The timing of Nutanix’s broader pitch is not accidental – “run anything, anywhere, on whatever hardware you’ve got” is a message that lands differently in a market where HPE list prices just went up 30 percent in a month and Cisco compute is about to get more expensive. The company is explicitly positioning itself as the flexible infrastructure alternative for customers simultaneously reassessing their VMware dependency and trying to navigate a constrained supply chain. The partner ecosystem angle at .NEXT was notable too – this is the first year with more than 100 partners at the event, and Nutanix announced a significant expansion of its hardware ecosystem, adding or deepening integrations with Cisco, Dell, AMD, NetApp, and Lenovo. And for some Canadian content: Toronto-based Arctiq took home the 2026 Americas Reseller Momentum Award at .NEXT, recognized for exceptional year-over-year sales growth, customer success, and expanded technical certifications across the Nutanix platform. Arctiq has had a busy year on the M&A front as well – they announced acquisitions of both Verinext and Shadow-Soft in recent months, building out their hybrid cloud, security, and observability capabilities. A Canadian partner winning a global award on a stage like this is always worth noting. Well done, Arctiq. For our closer this week – a bit of perspective on the Canadian tech ecosystem. Various trackers now put the count of Canadian tech unicorns – companies valued at a billion dollars or more – somewhere between 30 and 35 depending on your source. And when you look at that list, a couple of things stand out. First, you’ll find companies we cover regularly in a channel context. 1Password is sitting at a $6.8 billion valuation. eSentire is on the same list. These are not scrappy newcomers – these are mature, established companies with deep enterprise footprints and real track records. The unicorn label sometimes makes everything sound like a startup story, but what this list actually tells you is that the Canadian cybersecurity sector in particular has been compounding quietly for a long time. Second, it’s a useful reference point. The next time someone frames Canadian tech as a branch plant, or treats buying Canadian as a compromise – this list is your answer. Thirty-plus billion-dollar companies across security, fintech, SaaS, and infrastructure. Worth bookmarking. And that’s a wrap – on this episode, and on the In Case You Missed It format. I want to take a genuine moment to thank you for tuning in to ICYMI over its run. The goal was always the same: surface the stories that actually matter for Canadian IT resellers and MSPs, connect the dots across a noisy week of news, and give you something you could act on. I hope it’s done that. Looking back at the arc of just the last few weeks – the Broadcom deadline forcing VMware decisions, the memory shortage turning into a full-scale supply chain crisis, agentic AI moving from vendor talking point to actual shipped product across Ingram Micro, AWS, Rewst, and now Nutanix – it’s been a genuinely consequential stretch of time for this industry. Lots to keep track of. That’s not slowing down. Which is exactly why we’re evolving the format. Starting Monday April 20th, In The Channel is launching The Buzz – a daily five-minute briefing published every weekday morning at seven a.m. Eastern, covering three things Canadian IT solution providers need to know that day. Same editorial standards. Tighter format. Every morning. I’d like to thank you for your support of In The Channel and ChannelBuzz.ca. You can find us on Apple Podcasts, Spotify, YouTube, and most podcast directories – and if the show has been useful to you, a rating or a review always helps more people find it. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Michael Khoury, vice president of Global Ecosystems Programs at Palo Alto Networks When Palo Alto Networks announced the first comprehensive overhaul of its NextWave partner program in more than three years this February, it raised a lot of questions for partners. What does the shift from transactional incentives to platform adoption rewards actually look like day to day? What happens to loyal, firewall-heavy partners who now face a diversification requirement? And is the promise of dramatically improved economics real, or is it marketing math? Michael Khoury, vice president of Global Ecosystems Programs at Palo Alto Networks, is the architect behind the changes. He joined the company, conducted an extensive listening tour with partners across markets, and built the revamp around the specific frustrations he heard: over-reliance on Palo Alto staff for routine tasks, managed services being valued like resale, incentive structures that looked good on paper but didn’t pay out, and training that wasn’t keeping pace with the platform’s evolution. In this conversation, Michael walks through the mechanics of the new program in detail. He explains why Platinum and Diamond partners will need to generate 20 and 30 percent of their business, respectively, from non-firewall product lineswithin 18 months, and why he believes most strategic partners are already within striking distance. He shares data showing the elimination of discount caps has resulted in 2-to-4x earnings improvements based on modeled past bookings, and explains why they timed the rollout to prevent partners from holding back orders. He discusses how the $25 billion CyberArk acquisition creates a new identity security practice path that counts toward diversification targets, the new Partner Development Fund that reinvests rebate earnings into partner growth, and what Canadian partners specifically should know about how their market stacks up. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. If you’re a Palo Alto Networks partner, or you’ve been thinking about becoming one, you’ve probably been hearing about the NextWave Partner Program revamp that launched in early February. It’s being called the first ground-up redesign of the program in about three and a half years, and the changes are significant. A shift from rewarding transactional volume to rewarding platform adoption, the elimination of discount caps that were leaving money on the table for partners, new diversification requirements, and a whole new approach to how Palo Alto thinks about managed services. My guest today is Michael Khoury, Vice President of Global Ecosystems Programs at Palo Alto Networks. Michael is essentially the architect of these changes. He joined the company, did a listening tour of what partners were actually frustrated about, and the revamp is his answer to what he heard. We got into the details of what changed and why, the real economics of the new incentive structure, what the 30% non-firewall requirement means for partners who’ve built their business around firewalls, how mid-market MSPs and resellers fit into a program that could easily be optimized for global SIs, and what the recent CyberArk acquisition means for the partner ecosystem going forward. Michael brought real data and real candor, and I think you’ll find it genuinely useful. Let’s get right into it, my chat with Michael Khoury. Robert Dutt: Michael, thanks for taking the time. I appreciate it. Michael Khoury: Thank you, Rob. Great to be here. Thanks for having me. Robert Dutt: It’s been about three and a half years, I guess, since the last major partner program update for you guys. What changed in the landscape, or in what you’re hearing from partners, that made this the moment to do a kind of ground-up revamp rather than a refresh and update kind of motion? Michael Khoury: Yeah, great question. Rob, I joined Palo Alto Networks about 18 months ago, and what I did, in addition to getting the internal feedback obviously from the various team members and various stakeholders, I made sure to go out on basically a tour, a listening tour, meeting with partners and getting their input frankly about our program at the time and what are the areas we needed to address. It was obvious to me in a lot of areas we had some challenges that we needed to address as a company. I’d put these things in a way – it’s not like what we had was necessarily bad, but it just didn’t evolve with the way the business kept transforming and evolving. So we needed to update. And if you’ve seen this, probably you’ve seen it with other vendors – it’s kind of common in our industry that every few years you need to evolve the program to keep pace with the business needs ever changing. And as I met with partners – and I met with partners across the globe, various regions, some of them were virtual, other meetings were in person, some of the meetings were larger like partner events that we hosted – the consistent feedback that I kept hearing was this. Number one, it was around “Hey Palo Alto Networks, that’s great that you have a program, but it feels like we need you for everything. We need someone at Palo Alto Networks to do anything with you. So we’re always relying on you to get things.” And those things can be as simple as if we needed to get a quote, if we needed to get a price, if we needed access to more training – we always needed someone at Palo Alto to give us that access. That was consistent feedback number one. Number two, obviously when we got into the program it was particularly with the managed services motion, because that motion has been growing for us at a much faster rate – and I’ll give you some percentages in just a minute – but that motion has been growing at a much faster rate than the traditional VAR motion. So when we discussed with the managed services partners, they were like “Hey, you kind of have a managed service program, but it kind of works like resale, not like truly like a managed service.” So we needed to revisit that. And then obviously the other areas that our partners care about – for partners who provide services, how do we ensure we’re leveraging more of their capability and training them and giving them the right support from a training and enablement perspective so they can build not just a go-to-market motion but also their services around Palo Alto Networks. And lastly, the last area was around the incentives. It was only two years prior to me joining the company that the company – and you’re right, you said three and a half years ago – which was the time when the company launched their first rebates program to partners. However, the feedback that I heard from partners, they said “Michael, you have rebates, you have these incentives for us, but they’re mostly on paper. It seems like it’s very hard for us to earn these incentives.” So we had to open that up and revisit that. So overall, Rob, those were the big themes that I heard from partners and why we needed to evolve the program with bigger changes, and why we did the things that we did and we launched the recent program. Robert Dutt: You’ve talked about moving from rewarding transactional volume to rewarding the platform and selling across that. Can you walk me through what that shift looks like concretely for a partner? If I’m a reseller who’s been doing well selling Palo Alto firewalls, what’s different about how I engage with you guys under this new program versus the old one? Michael Khoury: I found – and this is by the way common across the industry – because sometimes a vendor builds a program and sometimes they look at it almost like a static thing. “Oh, we built it, here’s the requirement.” And sometimes you have to also look at where your own field sellers are measured on and what they need to do. Because if you have the company field sales organization and the partner organization that are not in perfect harmony in terms of what they focus on and what they need to work on, then you end up having more friction. So as we evolved the program, we looked at our expectations from our sales teams and we said “Look, we expect our sellers not just to sell our firewall, but we expect them to support the platformization strategy,” which Nikesh talked about a few years ago. And now every company says “Oh, I have a platform too.” But if you think about that concept of we’re not just a firewall company – yes, that is our history, that’s our legacy, that’s where the company started – but when you evaluate our business, when you look at our next-gen security growing around 34-35% year on year, that’s been a big growth engine for us. So as our field sales organization started to focus on embracing the platform, which means if you look at our product platforms, you have the network security, the NetSec part of the house, where you have the firewall, but you also have SASE, which includes SD-WAN and Prisma Access. And also you have what we call our SOC transformation, which is our Cortex product, which is also part of our next-gen security. And under Cortex you have XSIAM, which is the next-generation SIEM. You have XDR, which is around endpoint detection. And then recently we added identity as well, as you know, with the CyberArk acquisition closing last month. So as we looked at all these things that our field sales organization is going to be measured on, when I looked at our program, there were no requirements toward those next-gen security platforms. It was mostly like if you can do firewall and keep doing firewall – which is not bad, it’s totally fine, we love those partners who continue to embrace us on the firewall side – but we also said in the new program, if you want to be driving bigger growth with us and being more aggressive, you need to do more across the platform. Meaning you need to embrace our SASE, you need to embrace next-gen security around Cortex, you now need to also embrace identity. So now the partners who play with us across the platform can unlock better benefits and have more leverage. And we continue to say, look, if you focus only on one area of the business you can excel, whether you focus on identity or you focus only on firewall, you can excel with us, but that will be your lane. That will be kind of your swim lane. Obviously the partners who are more strategic, who embrace the platform, will be able to unlock more. So what we simply did in the program, Rob, is we said now partners have requirements where they have to meet toward the next-gen security, where in the past there were no requirements. We put specific requirements. It’s very clear what they need to do. And then secondly, what we also did in addition to requirements, we also built the incentives and the rebates that support that motion. So we’re basically telling our partners we’re looking at both sides of the puzzle. And I’ve always talked about programs – people ask me “Michael, what is a partner program?” Frankly, for me it’s a value exchange. On one side you have the requirements of what we expect as a vendor from our partners. And on the other side, what do we offer them in return? What’s in it for them? And the way I look at this, where the two meet in the middle – where the requirements meet the benefit and the incentive – that’s the program. So every program, in order to be successful, needs to have both sides. We made sure in our program we updated the requirements, but we also updated the incentives that go with that. Robert Dutt: A couple of things coming out of that in different lanes. You mentioned setting those goals that folks have to reach outside of firewall and making that a requirement for the first time. You’ve said that 30% of revenues need to come from non-firewall lines of business within 18 months for you to reach both Platinum and Diamond, if I’m remembering correctly. That’s a real requirement. What happens to a longtime, loyal firewall-heavy partner who can’t or doesn’t get there? You say they have their lane, but what does that path look like? And the other side of that – is 18 months realistic for partners who need to build new practices around Cortex or Prisma or the other next-gen areas? Michael Khoury: So look, we’ve done the analysis across our partner ecosystem. And what I found when we did the analysis, even over a year ago versus when we did it recently, we already saw a shift. We already saw an increase over just the first year, even before we launched the program, because we started to signal especially to our key, bigger strategic partners. And you’re right – at the Diamond level we require 30% of their business to come from next-gen security. But the Platinum level is a little bit lower, it’s 20%. So it’s not as high of a bar. And obviously for the Innovator level, we did not put a specific requirement. We felt those partners are smaller in nature, maybe they’re focused on a specific area, they’re still building their business model. We didn’t feel we needed to necessarily be very prescriptive with our requirements in that area. In terms of the 18 months, when we looked at our partners – if I have a partner who’s already, let’s say, a Diamond and doing 20% of their business toward next-gen security, and now by adding identity as well, that adds to that percentage. So some of them actually have an identity practice that they can leverage as well. We know the vast majority of our strategic partners are within striking distance. Yes, they may need to stretch. Yes, they may need to do a little bit more work to get there. But look, this is why we gave the 18 months. This is why we enable our CBMs, our field team, to work with these partners early on to start having those plans. And I think overall, the partners who are committed to us, who are not ad hoc, opportunistic – “Oh, this deal I’ll work with Palo only, I’m not fully invested in them” – I get it, those partners may not get there. But frankly, those partners in the first place, they were not driving that much business and that much impact for us to begin with. They were opportunistic, they were bringing some deals, which is totally fine, but we’re not going to necessarily limit our program evolution and requirements based on those. Overall, I feel pretty confident that our strategic partners will be able to meet those requirements come the 18 months. And here’s what I’ll say – last time I did this when I was at ServiceNow and I evolved their partner program, it’s funny how things happen sometimes in the same way. I was there about 18 months before we launched the program. Somehow it worked out to be about 18 months. I don’t know why, it seems like that’s the magic number. And I recall at the time we gave about 18 months and the vast majority of partners ended up getting to where we expected them to go. Yeah, we had a few we had to work with and figure out a way how they can get there in a few more months, but overall it ended up moving that ecosystem in that direction. Now I understand cybersecurity is different than a workflow optimization company, but at the same time, I’ve done these things when I was at Cisco. I’ve done them at ServiceNow and I feel like this is the right move for us at Palo Alto. And I’m encouraged by what I’m seeing early on. The feedback from our partners seems like “Okay, we like this because it’s going to allow our unique partners to stand out.” And if you have too many that are all special, then no one is special. You know how that goes. So we believe 18 months is the right time and the early indication seems to support that. Robert Dutt: It’s funny how, as they say, history rhymes with the 18-month cadence for you across new roles. Switching to the incentive side of things, you’ve eliminated the discount caps that used to lock partners out of earning a rebate on heavily discounted deals. That sounds like a pretty big one for partners. Can you give me a sense of the magnitude here? You’ve said that some partners could be earning two to four times what they were earning before. Is that the aspirational number, or is that broadly achievable? Michael Khoury: That is the actual data. When I said that two to four times, it was actually based on actual data that we modeled based on last year’s performance. So as a matter of fact, when I’m looking at partners, we are more than halfway into our fiscal year ’26, which you know will end in July. So fiscal year ’27 will start August 1st. When I look at our performance for FY26, which we launched the program only in February, so we’re talking about only the second half of the year where these things are making an impact – as a matter of fact, when it comes to the rebates, we changed it in the last two weeks of the second quarter. We didn’t want to finish the second quarter where partners may be holding back on some orders to wait for Q3 where they can earn more rebates. So we made a decision to say “Hey, we’re just going to do it in the last two weeks of the quarter so we don’t hurt our Q2 numbers.” And it turned out to be a good decision because our data was very strong in Q2. So that was great. But it’s a great question. It’s not aspirational. It’s the actual data on past bookings. And what’s really exciting about it – when you look at our next-gen security, around SASE, Cortex, and obviously identity we’re going to address later – but when you look at SASE and Cortex, for us there were a lot of deals our partners were driving but they were not earning those incentives. And here’s one interesting fact. As we started to make that shift and we started to talk about it, all of a sudden in our deal registration – which means mostly the business that our partners obviously source and bring to Palo Alto – our next-gen security deal registration percentages were not as high. And once we started to make that shift and we’re tracking this, you won’t believe it, all of a sudden we’re starting to see an increase in our deal registration and partner-sourced business for us. So that tells me, even though with only one month or one month and a couple of weeks, because we did that change two weeks into the quarter, I’m starting to see the pipeline. I’m starting to see more booking toward that next-gen security. So it’s a good early indication. Obviously I need to wait a couple more quarters. I’m not going to claim victory only in six weeks that we’ve had this. But the early indication, Rob, seems to show that as we made the changes toward these incentives, especially with next-gen security – because in the past a lot of partners, because of the market and competitive dynamics and the way our list pricing model was set up, they were not able to earn incentives on next-gen security – but now they are. So that’s starting to show early indication of pipelines, early indication of deal reg percentages, and so on. So I’m encouraged by where we’re going to finish the year, but I’m more encouraged for next year. Because it’s funny, every time we do these things, when you launch something new it takes about a couple of quarters for the ecosystem to kind of understand, fully adopt, embrace, and put it into an operational vehicle so they can execute on it. And then you start to see in that third and fourth quarter it starts to get much better, and by the fifth and sixth quarter, that’s when you start reaching a higher level. So again, I don’t know why, but somehow things always end up working toward that 18-month kind of trajectory. Because you’re right, the ecosystem cannot pivot right away. They need time to adjust. But that’s what I’ve seen over the years dealing in this for a long time. That’s typically what it takes to get to a higher level. So I’m really excited about where we’re going to end up in ’26 and even more in fiscal year ’27. Robert Dutt: A lot of the audience are mid-market MSPs and resellers, the 15, 20, 50-person shops. When you designed this program, how much were you thinking about that sort of long tail of smaller partners who aren’t at global SI scale? The platform approach – I understand it, it sounds good in theory – but building specializations across the different areas, across network, across cloud, across SOC, requires investment that might be a reach for a smaller partner. What’s the path for that small partner MSP? Michael Khoury: That’s great. First of all, I said it earlier but I didn’t share the percentage with you. I will share it now. Our managed services route to market is growing over 60% year on year. So I can tell you that that’s where we’re seeing a lot of growth. Even traditional VARs, a lot of the traditional VARs are starting to build and deliver managed services. So the business has shifted from just resale, traditional VAR, to managed service. Regarding what we’re offering to that smaller VAR – or that smaller managed service partner, I should say, but it also applies to even our resellers if they want to build a business and go-to-market motion around Palo Alto Networks – we just launched, actually, as part of this program redesign, the ability to have access for all of our partners with on-demand learning experience. Not just for pre-sales and technical sales, which we had always available as on-demand learning, but we just expanded it for post-sales. So now if you’re a smaller partner, you’re going to have access to on-demand learning experience across sales, technical pre-sales, architect roles which are kind of more pre- and a little bit post-sales, across engineer roles for delivery, and across analyst roles for support. So now they have access to on-demand learning experience across all products, which we started with this quarter, and we’re adding more products within the next quarter as well. So that’s number one. Number two, we now incorporate as part of our training for partners an AI roleplay that is also available to them. And the early feedback from partners – we had solution architects from partners come in and do this AI roleplay not prepared. And their feedback initially was “Michael, it kicked my butt, I wasn’t ready.” And now they feel like it gave them an indication of what they need to do better. The new AI roleplay is enabling our partners’ sellers and technical pre-sales to help them position the product. And it’s also enabling the post-sales engineers, architects, and analysts as well. So we’re giving them access across all of that on the portfolio. In addition, once they have access to the on-demand learning experience, part of the ongoing certification model now includes a roleplay. But they also now have access to labs across the entire portfolio. That’s also available to them through that on-demand learning experience. And in addition to that, we just launched Demo Zone, which is also available through the Learning Center. So they can do demos across the product line, they can come in, get training for about an hour, hour and a half, and be able to do demos for customers, really without needing help from a sales engineer or solution consultant at Palo Alto Networks. I touched on this early on when we started – that was one of the key changes we needed to make. Sure, our partners need to have access to the right training, to the right enablement, so they can be self-sufficient. So technically, if you have a smaller partner who’s embarking on their journey with Palo Alto, they’re going to have access to really a lot of content, training, and capability across all roles, available to them on demand. It’s going to allow them to invest and grow and drive that business growth like never before. And obviously with MSSPs, we provide them with programmatic front-end discount that helps them win in that commercial segment, that mid-market that you touched on, without needing a lot of help from Palo Alto. So in a way, we’re giving them access to the training, the enablement, the tools, and also to the programmatic element from a front-end discount, and to the back-end rebate as well, to ensure they can grow and develop that go-to-market motion. So I’m really excited – even though our managed services was growing at 60%, I’m really excited about where it’s going to go a year from now, because I don’t think we’ve touched its full potential. A lot of those managed services partners are going to be able to reap a lot of benefits across the board, across the entire portfolio. Robert Dutt: The AI roleplay tool – that’s something that I thought was really interesting, really fun to see in there. It’s been interesting seeing AI start to find its way into partner programs. Sticking with the sort of idea of resources and smaller partners, are there any Canadian-specific resources or team support that smaller Canadian partners of Palo Alto should know about? Michael Khoury: Look, in Canada we have a very strong managed service motion with partners. And when I look at just the ratio of percentage of Canadian partners and the investment, I see that our Canadian partners actually invest – just from a percentage of resources to booking and revenue – I see our Canadian partners invest more in technical pre-sales roles and training for individuals than in other markets. So I’m very encouraged to see that in Canada, not just are we driving a strong managed service motion, but we also have more investment from a resources perspective. Because when I look at a partner, I don’t just look at how much booking you did with us, because to me booking is more of a lagging indicator. I look at the investments, and not just by the number of certifications they have – I look at the number of individuals. Because obviously you can have one individual sometimes accumulate multiple certifications. So I do look at the number of certifications by product, but we also look at the number of individuals that a partner has invested in. And I’m encouraged to see that in Canada, particularly in our managed service motion and even in our resale motion, I see more and more partners investing in sales and technical and obviously post-sales as well. I found that was interesting data that I uncovered as I was comparing, for example, US partners to Canadian partners. So that’s encouraging. That means our partners in Canada will be able to have, over time, as they leverage the new program, even bigger market share and better representation. Because the data is very clear – partners who invest more in their enablement and their certification, who really go on that journey, their revenue tends to be much higher than partners who don’t make that same commitment. And that’s why we have something that we’re now making available – it’s called our Partner Capacity Dashboard, something brand new. We’re making it available to our Channel Business Managers first for this year. Next year we’ll make it available to partners so they can have clear visibility on all the individuals, the training, the demos, the AI roleplays, all the things that their people are doing. And we also look at their projection for the year’s business and give them guidance on whether they have enough individuals, enough people who are certified. So it’s going to help them really with their business planning for the future. I’m excited about giving this first to our Channel Business Managers. We have a few things to work through, and then by beginning of ’27 we’re going to make it available to partners to help them on that journey. So that’s another one of those things that we’ve evolved and changed. Robert Dutt: You touched on this a couple of times, let’s discuss it now. The CyberArk acquisition closed in February, $25 billion, added identity security into the fold. And that’s something that we’re hearing a lot more about across the industry and throughout the channel. What does CyberArk being in there mean for partners right now? Is there a NextWave path for identity? And how quickly do you think partners are going to be able to build their capability there, particularly with Palo Alto? Michael Khoury: So this was my message probably a week before we closed the CyberArk deal. I went to a CyberArk event, their global sales kickoff, where we had about 200 or so partners. And one of my messages to those partners in the room, I said “Look, if your business is resale, managed service, or consulting implementation on identity only, that’s totally fine. That is a home for you at Palo Alto Networks.” Now it turns out, when we looked at the data, the vast majority of our partners are joint partners, meaning they are both a CyberArk partner and a Palo Alto Networks partner. We had a very small number of partners who are CyberArk-only partners. And those partners, we were in the process of ensuring we onboard them in the next few months before the new fiscal year starts. So the journey for those partners is, if you’re going to continue with identity, we’re going to give you all the support, all the things that I talked about earlier – from access to training, enablement, demos, AI roleplay, tools – all of that is going to be available for identity. All the incentives that I talked about, which today are not available in the CyberArk portfolio, we are going to be working on that for identity for the new year as well. So partners can be even more profitable when they do business on identity. And both CyberArk and Palo Alto, we both embrace partner delivery and support services as well. Between us and them, we have over 90% of the delivery on CyberArk – and a similar thing on Palo Alto – done by partners. So it’s not just the managed services motion or the support motion, but even the delivery motion as well is done by partners. So there will be a path if you just do identity – and again, those are a small percentage – there’ll be a path for those partners to be able to continue to invest in identity. And they’ll have plenty of time to adjust. And if they don’t ever want to go beyond identity, that’s fine. But again, the majority of our partners are actually joint partners between the two companies. So there is a lot more synergy there. When you start looking at data, you start looking at which partners drive the TCVs and the bookings on Palo Alto, there is a lot of overlap. And we’re rationalizing the rest of our ecosystem as well. But I’m excited about adding identity and being able to incentivize and give more support to those identity partners. And I’m glad to say, by having such a large joint overlap, I think that in itself will open up more business for them and more opportunities for us. And frankly, for the Palo Alto partners who do not sell identity – because we have more of those, Palo Alto partners who do not sell identity – this is going to be a great opportunity for them to embrace identity, get the right training, get the right certification and specialization, and be able, if they want to expand beyond what Palo Alto offers, into the identity space. That’s the bigger area of opportunity. Because as I said, the joint customers – all of the CyberArk partners are actually Palo Alto partners – but we had more Palo Alto partners who are not CyberArk, who don’t sell and support identity. And that’s where I feel there is a big potential for growth in that area. Robert Dutt: Do you have any kind of feel for how many of those partners that you describe, who are Palo Alto but not CyberArk, have made identity bets elsewhere? Michael Khoury: That’s a great question. I don’t have that top of mind to share with you as a percentage. Identity tends to be an area where you need to invest deeper. Let me give you an example – a certified delivery engineer at CyberArk is a minimum six-to-nine-month type investment. So it’s not as easy for a partner to pick it up overnight and say “Yeah, I’m ready to go down that path” unless it is part of their go-to-market motion and they have a plan for it. Now, the way we see the future, with more agentic AI and privileged access going to play a bigger role, we believe identity and the privileged access space is going to be an even more key component of that. So I’m going to see more and more partners – not just the joint partners, but more and more partners are going to start to embrace that. But I don’t have the exact percentage top of mind of, hey, if you are Palo Alto only, have you invested with another company versus us. I think they’re going to find very quickly, with all the things we’ve changed in the new program and implementing those with identity and incentivizing more on identity, I think it’s going to be very difficult for them to turn away, even if they were investing with another vendor, not to come to Palo Alto Networks and invest with our identity solution. Especially as we integrate the products and there’s going to be a lot more capability from a platform perspective by having identity. I think it’s going to be more and more difficult to say “Oh, I’m just going to keep working with another company on this one product only.” I think they will see the value, even if I don’t do all the great things I talked about in the program, which we are doing for identity. But from a product and a technology perspective, I think there is a lot of value there. Robert Dutt: My last question – if we’re sitting here a year from now, what does success look like for this program? What’s the metric or the outcome that tells you this revamp worked? Michael Khoury: Yeah. I mean, if I look at the key metrics that we’re looking for – and I think you heard me talk about them already – I’m going to look at how many more partners have trained individuals on Palo Alto Networks, how many more certifications across next-gen security, how much more booking is coming from that side of the house, what percentage more of deal reg is initiated by partners. I’m going to look across various elements to say, did we actually hit the mark? And obviously the other piece is we’re investing in those partnerships as well. All these things that I talked about to make available for partners, it’s an investment on our part. So I need to have that direct correlation to all these key success metrics. And so far the early indication says we’re heading in the right direction. There is one item we haven’t talked about and I want to mention this. Part of our incentive redesign, we also created a program called the Partner Development Fund. So partners will not just be able to earn rebates from us, but also part of the investment they earn will go into a Partner Development Fund that helps them invest in their future growth. So when I look at that future growth and all the activities that partners can drive with us – whether it’s investment in training, investment in headcount, investment in migration services, competitive takeout, whatever the case may be – they’re going to have funds available to them to make that investment in future growth. So one metric I’m going to be looking at is all these partners – how fast they’re growing, where were they growing with Palo Alto Networks as a percentage of business with us, and how fast that is growing now a year later, as we launch this new program with basically adding fuel to that fire and having a flywheel effect. The better job you do, the more we reward you. And the more we reward you, you have more funds to help you reinvest more in that growth. That part is really going to be a key differentiator for us and for those partners. In addition, frankly Rob, our platform strategy across these different products is going to give them a very real competitive advantage. So when you take all that holistically – from a technology perspective, from a program strategy, from a go-to-market motion – all of that combined with access to more training, more enablement, more funds, more support, I think the story is going to look a lot more positive across all these metrics. So I’m looking forward to, by end of fiscal year ’27, which will be the 18-month mark, seeing how this is going to play out. Robert Dutt: All right, I appreciate that, and certainly a lot going on with the NextWave redesign. I appreciate your walking us through some of your thinking around building the program and getting it out there. Michael, thank you. Michael Khoury: Thank you, Rob. Thanks for having me and great to be here. Appreciate the time. Robert Dutt: There you have it, Michael Khoury from Palo Alto Networks. I’d like to thank Michael for his time. He was generous with it, and more importantly, he was generous with specifics, which is not always the case when you get into a partner program conversation. A few things that stuck out for me with this one. First, the listening tour approach. Michael came in, asked partners what was working, and built the revamp around those answers. That sounds obvious, but it’s rarer than it should be. The four pain points that he identified – partners over-relying on Palo Alto staff for basic tasks, managed services being treated like resale, training and enablement that wasn’t keeping up, and an incentive structure that was, in his words, “mostly on paper” – those are complaints I’ve heard from partners across vendors over the years. The question is whether the new program actually fixes them, and the early signals are encouraging. The two-to-four-times earnings improvement isn’t a projection – it’s based on actual past booking data, and they’re already seeing increased deal registration for next-generation security lines within weeks of launch. Second, the diversification requirement. If you’re a firewall-heavy partner, the 30% non-firewall threshold for Diamond level is real, and the clock is ticking. But Michael made a reasonable case that most strategic partners are already within striking distance, and the CyberArk identity practice now counts toward that number, which opens up a path that didn’t exist six months ago. And third, for the audience here in Canada specifically, Michael noted that Canadian partners invest more per resource in technical pre-sales and certifications than partners in other markets. That’s a competitive advantage worth knowing about and leaning into. Thank you for listening. If you found this one useful, I’d appreciate it if you’d follow or subscribe. You can find the In The Channel podcast on Apple Podcasts, Spotify, YouTube, and most podcast directories. And if you have a moment to leave a rating or a review, that goes a long way to helping other channel pros find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Adam Ostopowich, country manager for Tanium Canada Tanium has long been known as a platform for managing endpoints at massive scale – federal governments, Fortune 500 environments, organizations with hundreds of thousands of devices. But the company’s newly appointed Canada country manager, Adam Ostopowich, says the mid-market represents Tanium’s biggest untapped opportunity in Canada, and the plan is to get there entirely through partners. In this episode, Ostopowich explains what changed when Tanium unified its Canadian operations under a single national structure covering enterprise, mid-market, major accounts, and public sector. Previously, partners worked with segment-specific contacts; now there’s one channel organization for all of Canada, designed to simplify engagement and open up new customer tiers for solution providers. We also dig into Tanium’s significant Government of Canada win through the EVAS program, which delivers real-time endpoint visibility across federal departments via Shared Services Canada and partner Computacenter. Ostopowich discusses what that means for the broader partner ecosystem and addresses the data sovereignty question head on, describing Canadian data residency as a “core requirement rather than an optional one.” The conversation also covers Tanium’s strategic shift from autonomous endpoint management to a broader autonomous IT platform vision, unveiled at Converge 2025, including agentic AI capabilities and ServiceNow integration. Ostopowich clears up a common misconception – Tanium is not an EDR and doesn’t compete with endpoint detection tools, but rather augments them with real-time operational intelligence. He also shares a striking data point: proof of concepts routinely uncover 10 to 25 percent more endpoints than organizations even knew they had. Named a Leader in the 2026 Gartner Magic Quadrant for Endpoint Management Tools and a five-time 5-star CRN Partner Program Guide recipient, Tanium is betting on doubling its Canadian footprint in two years – 100 percent partner-driven. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. Tanium has been a name that most people in the IT space associate with large-scale enterprise endpoint management. Think hundreds of thousands of endpoints, federal government deployments, Fortune 500 environments. But the company has been making some moves in Canada that are worth paying attention to. They recently appointed a new country manager, unified their Canadian operations under a single national structure, and are talking openly about going after the mid-market, and doing it entirely through partners. On top of that, they’ve landed a significant Government of Canada win, they’ve achieved Protected B certification, and they’re expanding their footprint with boots on the ground from Calgary to Ottawa. My guest today is Adam Ostopowich, the new country manager for Tanium Canada. And we’re going to talk about what this restructured approach means for Canadian solution providers, where the Canadian partner opportunities actually are, and how Tanium’s vision of autonomous IT fits into what’s happening in the Canadian market right now. Let’s get right into it. My chat with Adam Ostopowich. Adam, thanks for taking the time. I appreciate it. Adam Ostopowich: Thanks a lot for having me, Rob. I’m really excited to be here. Robert Dutt: So you’re just stepping into the role, heading up Tanium Canada. Tell us a little bit about the priorities in your new role, sort of where you’re investing your time and effort, particularly when it comes to partner-facing things. Adam Ostopowich: Yeah, that’s a great question. So it’s an exciting time to be at Tanium. It’s also an exciting time to be Canadian. You know, with the way the market’s headed right now, there’s a ton of opportunity. Really, our vision is to help build a more secure, resilient, competitive nation by empowering organizations with real-time visibility, control, and autonomous IT capabilities to become unstoppable. Now, where this becomes critical in partnering is we really do need to work closely with our partners in order to strengthen the cybersecurity backbone of Canada. And it’s really about protecting Canadians and the companies that drive our economy. Partnering has never been more important in technology. It’s really about bringing platforms together, integrating multiple solutions together, and really, we need our partners to help drive that with us. Robert Dutt: You guys recently rolled out a new unified national structure across Canada. Can you tell me a little bit about what that means in practice? What did the organization look like before, and what changes with this for a partner in, say, Calgary or Ottawa or Montreal or wherever? Adam Ostopowich: So historically, Tanium’s definitely invested in the Canadian market, but it’s been in definitely a little bit more of a unique way. We didn’t have as many dedicated resources located in Canada. That’s really shifted over the last couple of years. And more recently, with February 1, the start of our fiscal year, we really had to make a strategic decision to bring all those resources together under one umbrella and continue to invest in having dedicated resources on the ground supporting our customers, but also interfacing with folks like product marketing, customer success, and so on, across the board. Partnering also became extremely important with the strategy. In the past, we had multiple partner managers focused on different market segments of our business. Now we have one channel manager focused across the board on every market segment, and that’s so important for Canada, especially as a lot of the partners we work with, they cross all market segments. It’s very rare that you’ll come across a partner that’s just focused in one place. So having that unified approach, especially in the channel, has never been more important in Canada. Robert Dutt: So they were previously focused vertically or geographically, how was that? Adam Ostopowich: So primarily focused on – Tanium segments the market based on endpoint potential, and so it was based on the bands of endpoints that our customers would be. So that could be commercial, it could be mid-market, it could be enterprise, and then of course we’ve got our public sector and federal business as well. So now we’re pulling that all together and saying, “Hey, we need to go to market in a more unified way, and we need to pull in our customer success stories, make sure that our partners are aware of every stream of business that we do,” because a lot of that crosses into multiple organizations across the board. Robert Dutt: The EVAS win with the Government of Canada, obviously pretty significant for you guys. What does the partner ecosystem around that look like? Is there room for solution providers beyond Computacenter, who’s kind of the go-to partner there? Adam Ostopowich: Yeah, so we’re definitely partnered closely with Computacenter Canada. There’s potential opportunities across the board. I mean, ultimately, we’re servicing the Government of Canada, but there’s also the contracting in place with Shared Services Canada that’s ultimately going to be touching any organization that buys through that mechanism. So there’s a good chance that many of those organizations will already work with other partners that potentially are already working with Tanium, or there’s an opportunity to expand our partnerships in those spaces. But for the most part, right now we’re heavily invested in Computacenter and how we’re supporting that contract across the board. Robert Dutt: Historically, Tanium has been an enterprise and government play. With the mid-market now under the same national umbrella and building sort of across those bands, as you describe, in endpoints, are you actively trying to reach a different class, a different size of customer in Canada than you were in the past? Adam Ostopowich: Yeah, absolutely. Tanium’s roots are absolutely in the large enterprise space, and we define that as hundreds of thousands to millions of endpoints. Now, Tanium was built to handle the most complex environments in the world. However, what we’re learning very quickly is there’s a massive opportunity down market as well to use the same technology in a rapid way. And really, it’s never been more important as we think about autonomous IT and AI. Ultimately, Tanium’s platform is best positioned to deliver data in real time. And that’s where going into the mid-market space really does help strengthen our growth strategy across Canada. Robert Dutt: As you look at that mid-market and even below kind of level in terms of customer size, how does that change in terms of go-to-market, who you’re working with on the partner side? Basically, what does the channel look like for that space? Adam Ostopowich: Yeah, so right now we work with a multitude of channel partners. Everything from your SIs to your technical partners like Microsoft and ServiceNow that we’re deeply embedded with. But there’s also a lot of VARs and MSPs that we work with as well. And ultimately, especially in the mid-market, we’re often working with more boutique service partners that help us to get into existing customers they’re already with or help us to service customers that we already have in a better way. So that’s a more localized and near experience for them. Robert Dutt: For somewhat obvious reasons, data sovereignty is a huge issue in Canada right now. How much is that driving the conversations that you’re having with customers and how does that translate into partner-led opportunity? Adam Ostopowich: Yeah, so data sovereignty has never been more important. It’s definitely been important over the last decade, but it’s absolutely critical now. I’ll call it a core requirement rather than an optional requirement. And so with that being said, in all of our conversations, it’s kind of set up as it’s almost assumed that that is the way it is. In the conversations, absolutely, we need to position it in a way that Tanium has all the architecture and the delivery of the solution in Canada. And that even goes as deep as our AI modeling. All of that is regional model availability. And our product team is deeply focused on making sure that all of our customers in the region have all the data sovereignty requirements in place. Even when we think about the Government of Canada, we needed to obtain Protected B status to really make sure we align to the criticality of that. Robert Dutt: Is that a structure that’s been in place for a while now, or is that something that’s kind of come together with the Shared Services and the Government of Canada wins? Adam Ostopowich: Yeah, so it’s two separate things. The Protected B is dedicated for the Government of Canada, and that’s their own environment. With the rest of the Canadian regional environment, that’s been around for quite a while. I don’t have the exact timing on that, but when I joined Tanium, that was one of the first questions I asked in the interview process. I’m like, “Do we have all of our environments in Canada?” Because I know how critical that is, and it’s absolutely a bare minimum requirement for us to be successful in the market. Robert Dutt: At last year’s Converge event, you shifted the messaging and the overall structure from autonomous endpoint management to autonomous IT. What does that actually mean for partners? Does it change how they sell, what they sell, who they sell to? Adam Ostopowich: Yeah, so fundamentally, autonomous endpoint management is still a core solution. It’s absolutely part of the DNA of it. Where the message change came from at Converge is really around broadening the scope of what autonomous IT means and connecting it into various enterprise layers. So we can think about our partnership with ServiceNow as an example, or we can think about our partnership with Microsoft. It’s really about how we tie that whole ecosystem together and make sure that our customers can operate in an autonomous way. So with that, really the platform as a whole is really about managing and securing endpoints through a single unified platform driven by AI as real-time endpoint intelligence. And autonomous IT as a whole is bringing that outside of just the Tanium platform as well. So it’s extending it to things like mobile device management, extending it to other enterprise platforms as well that can really help our customers truly become autonomous in the modern day and age. Robert Dutt: That’s, I guess, four or five months ago now that rolled out at Converge. How has traction gone in getting that out to Canadian partners and getting them to understand the vision, the direction, and where things are going? Adam Ostopowich: Yeah, candidly, it’s gone way better than I think many of us expected. It uniquely aligns to everything that’s happening in the market right now where it’s never been more important for customers and organizations to really think about how do they create a more scalable, sustainable business through automation. And ultimately, it really does help our partners to bring that strategy into their visions with their customers that are asking for us to solve these complex business outcome-related solutions. And so with autonomous IT, there’s a number of ways that it ties in. For example, if we think about partnering with ServiceNow, there’s several service companies that manage the entire ServiceNow footprint for a customer. So autonomous IT nicely fits into that channel model there where we’re now augmenting the data that gets delivered to ServiceNow. It’s helping all their downstream workflows. And in several cases, it’s literally automating a help desk ticket process where something as simple as, “Hey, my laptop’s slowing down.” An employee can submit a ticket. Through ServiceNow, it can push or request Tanium to pull all the endpoint data. Then the AI model can run against that, and then it can push the action back to the end device without human interaction. And of course, there’s always going to be the controls in place to manage this, so that we can make sure that it’s effective and not doing anything haywire. Robert Dutt: The big event of summer 2024 kind of brought to light platform concentration as a risk. I’m curious if you hear that kind of idea in conversations from Canadian customers in terms of wanting to stay away from that kind of platform concentration. Adam Ostopowich: Yeah. So we’re actually seeing a trend more towards platform at the moment. And I think it depends on how the platform is defined. For Tanium, the important thing is we’re often connecting into existing data sources. We’re not like a large store of data, for example. So we’re tapping into existing data that’s already there, and we’re able to grab it in real time and deliver it to where it needs to be. And so with that, there’s already backups in place, so to speak, where the platform itself isn’t like a one-stop shop, if that makes sense. So with that, we’re actually seeing a lot of customers wanting to consolidate a lot of their tooling and leverage a platform to help rationalize IT spend, increase efficiency, be able to increase automation and leverage multiple data sources to feed AI. Robert Dutt: You’re currently hiring a director of strategic accounts in Calgary. What’s the western Canada play for you right now? What does that look like today and where do you see that going? Adam Ostopowich: So yeah, we’re actively hiring somebody in Calgary, and it’s really to focus on new customer acquisition. And I’ve been interviewing constantly for that role, as you can imagine. So the biggest topic actually that will be interesting for here is we’re always assessing, how are they plugged into the channel? How are they working with the ecosystem today? Because ultimately, that’s what’s going to drive our success in western Canada. We’ve already got a number of directors of strategic accounts, or DSAs as we call them, in the western Canada market. This is really a new business development role to continue to grow in the region. Robert Dutt: You mentioned earlier you’re working with the big SIs, you’re also working with VARs and MSPs. Particularly in that mid-size solution provider space, the VAR and the MSP, what’s the profile there that works? What are some common threads that make for a good Tanium partner? Adam Ostopowich: I think it spans a couple of different layers, depending on what the partner really specializes in. Like, for example, if the partner specializes in Microsoft, then we absolutely go in hand in hand with that whole story and how we integrate the whole stack together. There’s other situations where a partner might be focused more on a dedicated area, like patching, for example. Ultimately, the profile of the partner itself can definitely vary, but it really comes down to ensuring that they’re aligned with what autonomous IT is capable of, whether it’s use cases around patching, real-time asset visibility, or it could also be about vulnerability management and things like that. Robert Dutt: What’s your biggest untapped or under-realized opportunity in the Canadian market right now, and what can partners do to get access to that, to get into it? Adam Ostopowich: That’s a great question, and it’s absolutely mid-market. That’s an area where we’re really leaning in with partners to have them obtain the sales certifications, obtain the ability to do demos, obtain the ability to do proof of concepts or proof of values, because we really see that as an untapped opportunity where a lot of partners are already deeply embedded into these customers. And ultimately, mid-market organizations are really looking to get to that next level of autonomous IT. Robert Dutt: What’s the philosophy for building the channel for that mid-market space? On a continuum between sign up a bunch of new partners and get the folks that you’re already working with more active in that space, where between those two extremes do you fall right now? Adam Ostopowich: Right now we’re doubling down on the partners that we already have. That’s absolutely critical. We’re already starting to see a lot of traction, and it’s growing there. Also, with our partner manager that’s dedicated now for Canada, he’s really building out that strategy as to who are the right people, how do we ensure that we’re going to market together in an effective way, ensuring that we’re not spreading ourselves too thin, and that we’re really building out that ecosystem that can help to marry together what we’re both trying to accomplish for our organizations. Robert Dutt: A couple of quick lightning round type questions to wrap up here. First of all, what’s one misconception or misunderstanding you think partners may have about Tanium today? Adam Ostopowich: I think overall the misconception is where we play best. Ultimately, Tanium has for whatever reason been known in some cases as being like an EDR solution, for example. I hear that occasionally, and I’m like, interesting. So Tanium is not an EDR. That’s not an area that we’re trying to play in at all. We’re actually trying to augment EDR solutions and even help to deploy them and make sure that they’re governed in a proper way. So overall, for channel, it’s really about understanding what the platform is fundamentally. It’s really about being able to provide visibility across an enterprise. So whether that’s finding servers that maybe an enterprise didn’t know about or end user workstations that were unknown, it’s very common for us to do proof of concepts and find anywhere from 10% to 25% more endpoints than a company even knew they had. And so they might think that they’re fully protected, but then they realize very quickly that they were, but they didn’t know about all the other devices. Like maybe a server got spun up because it was there for a proof of concept or a point of view, and then it never got updates and patches and things like that. All it takes is for that to get plugged in and you become vulnerable. So Tanium really helps to provide that widespread visibility. And it’s also about being able to manage the endpoints, so seeing but also acting on them. And then being able to handle things like zero-day events, for example, things that get missed by an EDR. A major issue just got released that nobody knew about. Well, now Tanium can be used as that last line of defense to really go in and contain it, remediate it, find the blast radius, what the impact was of it. Robert Dutt: And finally, fill in the blank for me. Two years from now, Tanium in Canada will be… Adam Ostopowich: Yeah, so two years from now, Tanium in Canada absolutely will double in size. We’re extremely focused on the market right now. We’ve got a very clear plan on how we’re going to grow and it’s 100% partner-driven. That’s absolutely an area that we’re going to focus on. And so we really invite conversations with partners. We really want to have those conversations to help deepen the relationships we have, but also expand into other areas that potentially we haven’t thought of yet. Robert Dutt: That’s a great place to leave it at, I think. That’s an admirable goal and good luck in reaching that, both in the customer base and in the channel. Adam, thanks so much for taking the time. Adam Ostopowich: Thanks a lot, Robert. Robert Dutt: There you have it, Adam Ostopowich from Tanium Canada. I’d like to thank Adam for his time, especially as someone stepping into a new leadership role. First podcast, as he mentioned, and he handled it well. A couple of things that stood out for me in the conversation. First, the mid-market piece. When a vendor that’s been known for managing millions of endpoints says the mid-market is their biggest untapped opportunity in Canada and that they want to get there through partners, that’s worth hearing. Whether you’re a VAR already embedded with mid-sized customers or an MSP looking at where the next practice area comes from, that’s worth the conversation. Second, the data sovereignty angle. Adam described it as a core requirement rather than an optional one, and the fact that Tanium’s entire architecture, including their AI modeling, runs regionally in Canada is relevant context in the current environment. And third, I appreciate the honest correction on the EDR misconception. Tanium doesn’t compete with your EDR, they augment it. That changes the math on how a partner might position this in their stack. The goal of doubling the Canadian footprint in two years, 100% partner-driven, is ambitious. We’ll see how it plays out. Please be sure to follow or subscribe in the podcast app of your choice. We’re on Apple Podcasts, Spotify, YouTube, and most other major directories. And if you have a moment to leave a rating or review, it helps more than you’d think. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

The Huntress 2026 Cyber Threat Report found a 277% year-over-year surge in the abuse of RMM tools, which now account for roughly a quarter of all observed incidents. The ConnectWise 2026 MSP Threat Report frames 2025 as the year of “the abuse of trust,” with attackers increasingly exploiting valid credentials, misconfigured remote access, and trusted software updates rather than relying on novel exploits. For MSPs, the implication is uncomfortable: the tools you use to manage and protect your clients are increasingly being turned against you and them. Tony Anscombe, Chief Security Evangelist at ESET, returns to the podcast to dig into how these attacks actually work – from daisy-chaining multiple CVEs for entry, escalation, and persistence, to ClickFix-style social engineering where users are tricked into pasting malicious PowerShell commands through fake browser prompts. The conversation also gets into why attackers are going after MSP toolchains specifically, the patching dilemma MSPs face when every hour of delay is an hour of exposure, and why groups like Akira are now targeting backup infrastructure first to neutralize the recovery path before encrypting. On the business side, Tony is candid about what a breach through your own tools means for trust, reputation, and survival – and offers practical starting points: audit your environment, clean up stale credentials, patch on cadence, and run tabletop exercises with your customers, not just internally. He also introduces the concept of cyber warranties as a potential competitive differentiator for MSPs looking to stand out on RFPs. This is the second in an ongoing series of conversations with Tony. The first, covering the cybersecurity trends MSPs can’t ignore in 2026, is also available. Read Full Transcript TRANSCRIPT TO COME

Gareth Pettigrew, founder of Pettigrew Communications I’ve thought about doing an episode like this for a while, but I kept bumping into the same problem: the “so what” question. Why should a 15-person MSP owner, already wearing six hats, care about communications? Gareth Pettigrew cracked that code in about 30 seconds. As the industry moves from search to chat, non-paid citations and earned media are proving to be critical to how large language models answer queries and surface companies. If you’re not showing up in that landscape, you’re increasingly invisible in ways that didn’t exist two years ago. Gartner is projecting PR budgets to double over the next year. The ground has shifted. Gareth spent years leading partner communications for Cisco and Okta, and what always stood out to me is that he genuinely understands the partner business – not just the vendor talking points. He’s now launched his own consultancy, Pettigrew Communications, offering fractional senior comms leadership and project-based consulting for companies across the channel. In this conversation, we dig into why PR isn’t what most partners think it is anymore – it’s not press releases and pitching journalists. The media landscape has changed dramatically with AI, and the real opportunity for small partners is in thought leadership, LinkedIn engagement, and building an externally wired narrative that positions you as a trusted voice in your niche. Gareth offers a three-week roadmap: week one, listen to the industry conversations and identify one or two niches you can credibly insert yourself into. Week two, build your story – one page, three to five core messages. Week three, identify ten influencers to follow. Then activate on LinkedIn by commenting meaningfully for a month before posting your own perspectives. We also talk about common mistakes – like treating PR as a marketing tactic or relying on internally oriented messaging – and what success actually looks like when you’re starting from zero. This is the first in a planned series. Future episodes will go deeper into messaging, LinkedIn best practices, crisis communications, and more. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last sixteen years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. My guest today is Gareth Pettigrew. Gareth spent years leading partner communications at Cisco and most recently at Okta, and he’s now launched his own consultancy, Pettigrew Communications, offering fractional comms leadership to companies across the channel. I’ve known Gareth for a long time, and what’s always stood out to me is that he genuinely understands the partner business – not just the vendor talking points, but how partners actually operate and communicate day to day. I’ve wanted to do an episode on communications and PR for partners for a while now, but I kept bumping into the same problem: I couldn’t crack the “why should a 15-person MSP care about this” question in a way I thought would actually land. And then I talked to Gareth, and he cracked it in about 30 seconds. We’re going to get into why communications matters more right now than it ever has, why it doesn’t have to be the heavy lift you think it is, and Gareth’s going to give you a practical, week-by-week roadmap for getting started – even if you have zero budget and zero comms experience. This is also the first in what we’re planning as a series. Gareth and I are going to go deeper on specific threads in future episodes – things like crisis communications, LinkedIn thought leadership, working with your vendor’s PR team – so think of this one as the foundation. Let’s get right into it, my chat with Gareth Pettigrew. Robert Dutt: Gareth, thanks for taking the time. I appreciate you joining us. Gareth Pettigrew: Glad to be here, Rob. Robert Dutt: I thought of you to have this conversation because we’ve sat down at many conferences and with many vendor execs when you were running comms around the world, one might say. You know, channel leaders from Cisco and even after you’d moved off the partner beat specifically, I think you always did a really good job of, when talking to us on the channel side, framing up the partner side of the conversation in a way that leads me to believe that you’ve got a pretty good grip on what a lot of these guys are doing, which I think is really important for this conversation. This is something that I’ve thought about doing for a while, doing an episode like this, but I kept bumping into the same problem. Basically the “so what” problem. Why should I care about communications as a 15-person MSP owner? Then when we did our pre-call to discuss the possibility of doing this and where it could go, you kind of cracked that code in about 30 seconds. So let me put it right to you. For that 15-person MSP kind of partner who’s listening to this, they’re busy, they’re wearing six hats. They own marketing. They oversee sales. They probably do HR. They have a business to run. Why should communications be on their radar right now, and what’s changed that makes that even more urgent than you would have said a few years ago? Gareth Pettigrew: Fundamentally, in a word, like almost everything right now, it’s around AI. And perhaps not intuitively, it appears that PR is emerging as one of the big winners of AI. Maybe not for the reasons you think, though. Number one is that non-paid citations, and specifically earned media, are proving to be incredibly important in terms of the LLMs answering their questions. So as the industry shifts from search to chat, we’re seeing PR be much more important in terms of that overall mix. The second thing, and this will resonate with a lot of people, is the amount of AI slop that’s out there. And Rob, as a journalist, I see you laughing. What we see is a lot of content being created, but it’s all generic crap. It’s all the same. What happens is that damages trust, damages customers’ belief in executives, in companies. So increasingly we’re seeing companies, and especially it’s happening a lot at the higher end of the market, executives are really investing in human communicators to help them break through the slop and stand out. So that’s the real reason for why now. I will say though, Rob, I think at the end of the day for PR, you need two ingredients. You need a story and you need a storyteller. And one of the things, why I’ve always been partner-focused, it wasn’t just because I liked the channel. It was self-interested as well, in that I found some of the best storytellers in the industry weren’t the vendor executives, they were the partner executives. So I’ve always been stunned that more partners don’t lean quite heavily into comms as a real big part of their new biz and their marketing mix. A lot of them are really well positioned to raise their awareness through communications. Robert Dutt: So tell me a bit about that. I’m curious what you’ve seen. What sets apart those partners who you’ve sat there and thought, “You know what, you could be doing my exact role here and telling this story.” What is it, and particularly what separates those who do it really well and those who just kind of either go through the motions or leave it on the table, as it were? Gareth Pettigrew: And let’s be clear, everyone isn’t a great storyteller. But what I’ve seen is that in the partner communities, we’re rife with the type of personalities that make for great storytellers. A lot of those people with entrepreneurial spirit who are very proactive sellers, they spend their day not talking to engineers and vendors and all of that stuff, but they spend their day talking to customers. So they know what’s top of mind for their customer. Often with vendor executives, that’s one of the biggest challenges. It’s pivoting from that internal orientation to an external orientation. And a lot of partners are already there. So I’ve really seen some come across consistently. I’ve seen partner executives be on the level with my top executives at the vendor, or even better. So they’re in a great place. Robert Dutt: So for the partner who’s hearing this and thinking, “Okay, I get it. That’s cool. I can tell my story and I understand the customer’s viewpoint, so I should be able to put it in their words and their thoughts. But I don’t have the budget and I definitely don’t have a comms person, nor is that on my roadmap of my next few hires.” I think a lot of people still picture PR as press releases and pitching journalists, and that feels like a lot of work. How would you position what communications actually looks like today for a company at that kind of 15-person size? Gareth Pettigrew: I think the biggest blocker to companies getting involved in PR is they’ve got a legacy idea of what PR is. PR equals press release. That’s 15, 20 years ago. The reality is, especially over the past year and now with AI, we’ve seen the media landscape change absolutely dramatically. The media business model has been disaggregated with Google and others blowing up the advertising business model. And we’ve seen a decrease in some ways in terms of the number of journalists that we have out there. But an increase in some other mediums – things such as podcasts, things such as Substack. We see much more new media, much more niche media. And that’s in the traditional, what we call the earned space. We’ve also seen the social media rise. We’ve seen the advent of owned media, be that executives taking a thought leadership stance on LinkedIn or X as it may be, or in terms of their newsrooms. A lot of vendors do this. They turn their newsrooms into actual content destinations to get their story out there. And finally, there’s a lot of paid options, right? Whether that’s traditional publications offering paid events, paid content, or paid influencers. If we think about political conventions or Apple events, it used to be media dominating the front row. Those are all influencers now. So with that in mind, with the landscape changing, that means there’s a flywheel of options to get your message out there. But that also changes your tactics. And I’d strongly recommend for any partner getting involved, don’t try to boil the ocean. Let’s really make sure you pick one thing, pick two things. Let’s do it well. And if it works for you, then you start to lean in and invest more. Then maybe you bring in the consultant. Maybe you think about hiring a multimedia kid right out of PR or journalism school. Maybe you look to get a freelance journalist to help you write some articles for your website. So there’s definitely a strategy you can follow as a big partner organization. We see Worldwide Technologies and others really investing aggressively in some of these things. But for smaller organizations as well, especially if you’re a strong storyteller. Start small, pick your battles. Robert Dutt: What do you find are some of the common, especially for that smaller partner, some of the common places to start? If you were sitting down with that 15-person MSP, no budget, no comms person, just saying, “All right, I want to give this a shot.” What are the first and second things to think about? Gareth Pettigrew: Let me give you a bit of a roadmap in terms of how I do it. The first thing I’d recommend is let’s think about your story. The single biggest mistake that most technology companies make is that they’re internally wired. “What do we want to talk about?” You’ve got to flip that orientation. So it’s, what are the industry conversations – maximum two conversations – that you can insert yourself into? I would spend your first week listening to the conversations out there. Be honest with yourself. How can we insert ourselves into this conversation? Be very specific in terms of what that conversation is that you want to insert yourself into. Are you a security partner? Is it about securing AI agents? It could be whatever niche you’re in. Be very prescriptive with what that conversation you’re going to insert yourself into. Second week, build out your story. Most companies don’t spend enough time on their story. One page, three to five messages. Build out your messages, build out your bullet points, your sound bites. That’s going to be your foundation. You don’t have to say the exact same thing every time, but you have to know what your general storyline is. It doesn’t mean you’re repetitive, but you do know where you’re going to play and what you’re going to say in general. The final part of that, week three, think about the influencers that you’re going to follow. Pick 10 influencers for that conversation. Who are the journalists? Who are the industry analysts? Who are the vendors in the industry that you admire the most, that have the best perspective? And then finally, let’s activate. We’re going to start on LinkedIn. The first thing you’re going to do is comment. Spend maybe a month not even posting, just commenting. Block 15 minutes, twice a week. Comment on others in a meaningful way. Think about your narrative, focus on your conversation, and then start getting out there with some of your own perspectives, your own posts. You’ll be able to find your niche. Just get started on LinkedIn. That’s the path I would take if I’m a partner and I just want to get my toe in and see how it’s going. Robert Dutt: That makes sense. And by meaningful, I presume you mean something that is not directly self-promotional when you’re commenting, but adding value into the conversation in a way that maps to those messages that you’ve laid out. Gareth Pettigrew: It’s externally wired. Don’t talk about your products. Don’t talk about any of those things. Talk about you as an industry expert. What’s your perspective on this protocol? What’s your perspective on a new product that one of your vendors is putting out there? What’s your perspective on a controversial topic that’s come up? Get your perspective in there. You are not selling. You’re thinking of yourself more as a consultant, not a salesperson. That’s an important flip that needs to take place. The difference between PR and marketing – PR is that thought leadership. It’s very much that top of funnel. You’re about raising awareness. You’re about getting yourself in the door. It’s not the middle or lower part of the funnel in which you’re actually actively selling to that prospect. It’s about raising awareness. Robert Dutt: On the marketing side, I think a lot of partners are used to the idea of leaning on, borrowing from, adopting from vendor resources, MDF-type stuff. Is there a similar motion that can be applied on the communication side, wherein I can take some stuff that my vendors are producing anyway and repurpose or reuse? Gareth Pettigrew: Absolutely. That’s where a lot of the partners may also find where those narratives are that may well fit. Some vendors do it better than others, let’s be honest. Some are very self-promotional. I think you want to stay away from those. But yes, follow those executives. Follow the social handles of your vendors. When you’re at the events, introduce yourself to the PR people. I’ve got to tell you, when I was at Cisco, when I was at Okta, I always had my handful of partners who I knew I could always go to if I needed them to talk to a journalist. One of them, and we’re talking Canadian here, Kent McDonald over at Longview Systems was always one of my go-tos. When I was at Cisco, I knew I could send Kent a text and Kent would always give a great quote. He’d always be responsive. He’d always be friendly. He’d always be positive. That’s one of the other things. Once you build up that thought leadership muscle, don’t be shy about introducing yourself to the PR person. Give them your card. When they call, just be responsive. Robert Dutt: And similarly, I guess there’s an opportunity to not necessarily cold-call a tech journalist such as myself, but think about the niches that your customers are in and reaching out to the journalists who are covering that, establishing yourself as someone that they can go to. Let me tell you, I’m always looking for that Kent McDonald or those other partners who are available, have a take, and can riff with you. It’s something that my peers are certainly looking for. Gareth Pettigrew: I completely agree. But the way to make sure that you’re not cold-calling that journalist is you’re very targeted. Remember when we said identify your conversation and then identify who’s really influential in that conversation? Figure out who those journalists are and comment regularly. And then once they start responding to you a little bit, after a while, maybe you DM them and say, “Hey, by the way, if you’re ever writing a story, I’m happy to chat with you.” I think that’s, as a DIY PR practitioner, how I would approach that. Robert Dutt: So as you start doing this, how do you know it’s working? What does success look like when you’re starting from zero and you don’t have the luxury of an agency sending you a monthly report on what you did, how it hit, where it appeared, those kinds of things? How do I measure what I’m doing? Because obviously that’s something that’s important to partners on anything they’re doing. Gareth Pettigrew: Well, Rob, let’s assume if we’re talking to that 15-person MSP who’s just getting started, primarily your impact is going to be on LinkedIn. And really, LinkedIn is an engagement platform. You want to go in and measure your engagement and see how that’s increasing on a monthly or quarterly basis. The one thing I will say, and I’ll pass on this fabulous little piece of advice – or this story – it starts to become self-evident as well, in that you can have those quantitative measures, but also qualitative. When I started working with Okta, the country manager was a guy who became a good friend of mine, Dan Kagan. I remember our first meeting, we sat down and said, “Okay Dan, one of the things we regularly need you to do is we need you to be engaged on LinkedIn. We’re going to need you to post once a week or once every couple of weeks, and we’re going to have to have you go in and comment.” He said, “Guys, listen, I love this idea, but I’m not going to have time to do it. I’m working 50 hours a week. I’ve got a young family. I can’t make this happen.” After two months, he’s pinging us once a week if we haven’t got anything out. And the reason for that is he’s getting inbound recognition. He’s getting people pinging him saying, “Hey, could you speak at this conference?” “Hey, I saw what you said.” When you talk to CTV News, when you post it on LinkedIn, it becomes somewhat self-fulfilling in that it really is a strong funnel to help build your awareness. So that’s one of the things I’ve seen. There’s the quantitative and the qualitative, but it is important to measure your rhythm. Robert Dutt: We’ve talked about what to do as easy first steps. I’m curious, as you’ve been through this exercise or seen others go through this exercise, what’s a common mistake that organizations, particularly smaller organizations, make when they start to pay attention to comms? Maybe a well-intentioned first step that backfires or ends up being a waste of time? Gareth Pettigrew: Rob, I think the couple of mistakes that I see companies make in this – and by the way, this isn’t just on the partner side, this is all across. Number one is they view PR as a marketing tactic. And ultimately, PR and marketing – there’s a big gray area in between, increasingly right now – but they do have different centers of gravity. Marketing, for the most part, is about demand generation. And PR, its center of gravity is about awareness, building awareness and managing reputation. So while there is an overlap, they’re not the same things. And when you look to apply a marketing lens to a PR strategy, that results in you being typically very internally oriented. “We have a new product, we’ve got to launch a product.” Well, the media landscape has changed. There aren’t many, if any, journalists, certainly not in Canada, that really write on product anymore. So that’s part of the challenge, when you view through a marketing lens. The second one that’s related is executive skin in the game. If you’re going to do this, the executives need to get involved. It’s not something you punt over to your marketing team. Marketing should be an incredibly close partner of comms, but the executives need to have skin in the game as well. Executives are going to be the ones that are out there, the thought leaders. If you get to the point of having spokespeople, they’re going to be the spokespeople. So marketing is a partner, but they can’t be the single driver. And we talked about internal versus external orientation. Being externally wired is absolutely essential, both in terms of your story but also your strategy. Those, Rob, would be the biggest hurdles that I see. Robert Dutt: This is a topic that we could probably go off in many different directions for hours, but I’m respectful of people’s time who listen to this podcast. So let me end it with this. We’ve covered the basics of it, the “what to do” as those first steps, and given some good actionable advice, I think. If we were to keep going and do this on a regular drumbeat and discuss aspects of communications, what are the threads that you think matter most for this audience? Where would you go next in terms of topics? There are so many different things I think we could pull on, but I’m curious what you see as the next steps, or maybe step two for a partner organization. Gareth Pettigrew: In all honesty, if we were to think about future podcasts here, Rob, I think about, let’s dig a little deeper in terms of how you actually architect that externally wired narrative. How do you identify that conversation? Be a little bit more prescriptive. What does a messaging house look like from a PR standpoint? How do media messages differ from marketing messages? That would certainly be one. For me, I’m a storyteller at heart. It should start with the story. But then I think digging a little bit deeper into, “What are some best practices in terms of building up your thought leadership on LinkedIn? How can you, as an executive, up your game? What are the pragmatic steps? What are five things you can do to become a better LinkedIn thought leader?” I think, Rob, those are a couple that I’d start with, but then I’d love to hear from the audience, from some partners out there. What are those challenges that they would love some help solving? Robert Dutt: Brilliant. And that’s not even getting into potentially crisis communications, internal communications, any number of different aspects of this dialogue. I think we’ve set the stage nicely and I thank you very much for taking the time, Gareth. I know you’re setting up your own shop and just getting started with Pettigrew Communications. Do you want to share a little bit about what you’re doing and what the goal is there? Gareth Pettigrew: Absolutely. So Rob, I’m a Canadian boy. Raised in Toronto and I live on Vancouver Island. I’ve spent the last 20 years inside big tech, working with Cisco, working with Okta, and really I’m looking to bring some of that expertise to smaller companies or to tech communications firms. So it’s time for a new chapter, Rob. I’m very lucky. I found a profession I absolutely love, but I needed a little bit of a different rhythm. We’ve heard from Gartner that with the focus on AI putting a bit of a tailwind towards PR, the anticipation is that over the next year, PR budgets are going to double. So hopefully it’s a good time to get into this. And I’m really excited to work with a lot of different companies and help them fix some of the things that we talked about here. I’m very passionate about it, excited to get started, and it should be fun. Robert Dutt: Brilliant. And anytime you’re entering into a market that’s doubling in the course of a year, that’s probably a good sign. Gareth, I appreciate you taking the time. Let’s chat again soon. Gareth Pettigrew: Thanks, Rob. Take care. Robert Dutt: There you have it, Gareth Pettigrew from Pettigrew Communications. I’d like to thank Gareth for his time, and honestly, for making the case I’ve been trying to make to this audience for years, better than I ever could. The idea that earned media is now one of the primary ways that AI and large language models surface information about your company – and that if you’re not showing up in that landscape, you’re increasingly invisible – I think that reframes this whole topic from “nice to have” to “you’re leaving real business on the table.” And Gareth’s three-week roadmap for getting started – listen, build your story, find your influencers, then show up on LinkedIn – is about as actionable as it gets. No budget required, no agency required, just intentionality. We’re going to keep going with this. Gareth and I are planning deeper dives on specific topics – messaging, LinkedIn best practices, crisis comms, and more – and we’d love to hear from you on what communications challenges you’re facing in your business. Drop me a line, I’m easy to find. Thanks as always for listening. If you’re enjoying In The Channel, you can find us on Apple Podcasts, Spotify, YouTube, and most podcast directories. A rating or a review goes a long way if you have a minute. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Ryan Sydor, head of Okta Canada When a global SaaS vendor says it’s investing in a national market, what does that actually look like? In this episode, we put that question to Ryan Sydor, Okta’s Area Vice President and Country Manager for Canada. Okta has been making some significant moves north of the border. The company now has over 600 employees in Canada, including an engineering hub in Toronto – not just a sales branch. It recently launched a Canadian data cell based in Montreal with a Calgary failsafe, designed to keep customer identity data in-country and open the door to regulated sectors like government, financial services, and healthcare that previously couldn’t deploy Okta due to data residency requirements. French language support is also part of the rollout, with an eye on Quebec’s public sector. On the channel side, Sydor says Okta is now running over 80 percent of its Canadian revenue through partners, up from roughly 70 percent a few years ago. The company has been bringing select Canadian partners to its internal sales kickoff to train alongside Okta’s own sellers – a tangible sign of how central partners are to the go-to-market here. Sydor’s stated ambition is to triple Okta’s Canadian business within two years, backed by the infrastructure and headcount to support it. This conversation pairs well with our recent interview with Okta VP of Product Jack Hirsch on shadow AI and non-human identity – the global product story alongside the Canadian market story. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. Here’s a question I think about a lot. What does it actually mean when a global tech vendor says they’re investing in Canada? Because there’s a spectrum, right? On one end, you’ve got a vendor that sells into Canada from a US office, maybe sends someone up to a conference once a year. On the other end, you’ve got real infrastructure, real headcount, real commitment to treating Canada as a market with its own needs and its own opportunities. Somewhere in the middle is where most vendors actually land. Today I’m talking to Ryan Sydor, the head of Okta Canada. Okta’s been making some pretty significant moves here over the past year or so. They launched a Canadian data cell, they’ve redesigned their Toronto office, and they’ve now got over 600 employees in the country. If you caught our recent conversation with Okta’s Jack Hirsch about shadow AI and non-human identity, think of this as the companion piece. That was the global product story. This is the Canadian market story – what Okta’s building here and what it means for partners. Let’s get into it. My chat with Ryan Sydor. Robert Dutt: Ryan, thanks for taking the time. Ryan Sydor: Good to see you again, Robert. Robert Dutt: You’re in this role heading Canada at a pivotal moment. New office, new data cell in Canada, new channel chief on the global level. When you look at the Canadian market for identity, what’s the picture that you walked into and what’s the mandate that you’ve been given for the Canadian organization? Ryan Sydor: Well, the market obviously has changed, and there’s been a focus in the last six months that has been dominating every conversation. It’s AI. Every conversation we have with a customer or prospect is around AI. There’s a curiosity around it, there’s an urgency, there is uncertainty. Everyone’s trying to figure out how do we use AI to improve our business and at the same time, protect our business and ensure that we’re safe. It’s this balance of the need for cybersecurity, the need to protect your organization. Cybersecurity attacks have increased 200 percent year over year, and it was on a high baseline as it was. Customers are really focused on how do we stay safe and keep our company and our brand safe. At the same time, AI has changed the way we think about running a business in ways I’m not sure companies fully understand yet. How do we leverage innovation to stay ahead of our competition? The opportunity where you can vault ahead, you can really differentiate, create new business streams, create new efficiencies, and do it at the same time that you’re secure. The mandate that we have is not just a Canadian mandate. The mandate is how do we help our customers along that journey, and how do we do it quickly? Because this is all happening fast. It’s an unpaved road in some respects. No one really knows exactly how it’s going to play out, but we understand the value and the benefit and the risks that come with it. We feel at Okta that we’re really well positioned to help our customers, partner with them, and help keep them safe while still allowing them to be innovative. From a Canadian perspective, our goal is how do we partner with our customers and with Canadian businesses, help paint that picture, sit with them on the same side of the table, and put together our plans so that they can innovate and be safe. And from a channel partner perspective, one of the major pillars that we have as an organization this year is to partner. We’re focused on AI, we’re focused on a better methodology of how we approach our customers, and then it’s about being a partner-first organization. What I’ve seen with our new SVP is a stronger alignment with our partners, making sure that these conversations that we’re having, we’re having together. A lot of this is about relationships, it’s about comfort, it’s about trust, and who better to work with than our partner network. Robert Dutt: Sticking with the theme of the Canadian investment, when Okta looks at Canada as a market, are we at the “we need a flag planted here” level, or is there something structurally different about the Canadian opportunity that’s driving the investment at this point? Ryan Sydor: I think it is AI, and it’s our need to partner with organizations. I think it’s also the opportunity that Okta sees. When we invest in the data cell, it opens up the market to companies that we haven’t been able to sell to in the past. The regulated industries, local governments, provincial governments, federal governments. That presents a great opportunity for us as an organization, and it’s a need for these different levels of government. There are regulations that have come out, C-8 and the need to be more focused on cybersecurity. We as the trusted identity company are a good fit at this time with those organizations. Robert Dutt: You touched on the data cell that went live this quarter. For partners and customers who aren’t themselves deep in the identity space, can you explain what that actually is and what it means in practice? What changes for a customer on day one of being on the Canadian cell versus where they were before? Ryan Sydor: It means the data is hosted in Canada. The data cell is in Montreal. We have a failsafe in Calgary. So it means that those companies that need to have their data in Canada, managed by Canadians, now have the opportunity to do so. Robert Dutt: You touched on how that unlocks government and other areas. Can you explain what are the verticals and what types of deals weren’t on the table before but are now? Ryan Sydor: There’s two kinds. First of all, there’s the federal government. There were RFPs that came through that we couldn’t even bid on, because without data residency, you’re not eligible to bid. So it does open up that opportunity. Then there are companies who are making decisions on where they want their data. It’s a decision around regulation, but also it’s a costing question. It’s about what their customers are comfortable with. There have been customers in the past who have asked to be on the EU cell or have chosen to go with other options. Now they have the opportunity to work with Okta with our workforce product and have their data hosted in Canada. Robert Dutt: A few years ago, you were running about 70% of Canadian revenue through partners with a pretty small direct team. Is that still the ratio today, or how has that shifted? Ryan Sydor: The number has increased. I think that number is over 80% from last year. Our direct team has grown a little bit, but the partnership is meant to help really scale the business. I’ll give you an example of how we’ve prioritized partners to help us grow. We actually invested to have partners join us at our sales kickoff this year, where we went through a new sales methodology, and we wanted our partners to be with us so that we could sell together. It wasn’t all our partners, it was a select group of partners. But it was the company demonstrating that as a partner-first organization, we’re now eliminating the silos. We understand the same language, we think about the business the same way, and we think that’s going to be beneficial to our partners, to our customers, and obviously to Okta as well. Robert Dutt: Expanding on that, with Laura Padilla coming in as channel chief globally, she’s talked about doubling down on partners in every geography and driving more toward partner-led markets. From what you’re saying, it sounds like Canada is firmly in that space. What does that mean practically for an MSP or a VAR who’s working with you or potentially working with you? Ryan Sydor: What I hope it means is, one, as we continue to focus on being partner-first, it means that we should be speaking earlier. That’s the first thing we’re trying to do, make sure we’re aligned earlier. We’re investing in programs and processes to make sure that we’re talking to our VARs, that we understand who the relationships are, and make sure we leverage them. And doing that on a consistent basis where we build trust not only with the customer, but between the partners and Okta. We think this is so important because the customers are talking about AI. As I mentioned, there’s uncertainty, and they’re looking for their trusted partners to help advise them. So the more we’re aligned, the more we have people who are trusted, who have solutions and opinions that can support the customer base, it’s beneficial for all parties. Robert Dutt: Okta’s own data says that something like 93% of Canadian businesses are using AI agents, but a very small percentage, maybe 1%, have a strategy for managing non-human identities. I recently talked to Jack Hirsch, who heads up product for you, about the shadow AI problem from the product side. From where you’re sitting looking at the Canadian business, what are you hearing from customers about this? Is the awareness there, or are people still in the “that’s a tomorrow problem” or “that’s somebody else’s problem” phase? Ryan Sydor: No, I heard the interview with Jack, and I heard your comment about unintended consequences. I think that is the message that we’re hearing from senior-level CISOs and IT leaders at our customers. They understand the need for governance. They understand the need for control. Again, it’s this balance that our customers are facing: how do you go fast, but how do you do it in a safe way? They recognize that it’s an important thing and it’s not something to be overlooked. AI agents become the new attack front, the new point of entry for bad actors. That’s why we’re having as many conversations as we are right now, because everyone is trying to figure it out and trying to figure out what great looks like. Robert Dutt: When you’re having that conversation, where do you see partners fitting in? Is it something partners can lead on, or is it something Okta takes the lead on and partners follow? Ryan Sydor: In most cases, it’s the partner relationship that helps us get to the conversation. And then it is generally an Okta-led conversation. We have a dedicated team that will have those conversations with the customers. What we’re trying to do is figure out what our customers are doing, what is the plan, what’s in place, what initiatives are coming up, how do we align, where are the governance controls that we can help with. But it’s a conversation that comes from the Okta side. Robert Dutt: The federal government has been signaling hard on digital sovereignty. There’s talk of a billion-dollar sovereign cloud investment, procurement requirements are tightening. Is that creating tailwind for you, or is it more complicated than that? Ryan Sydor: Having our own data cell has certainly made it very important. The conversation around data in Canada is becoming, especially for government and these regulated industries, really important. But I think possibly in time you may see more companies who are not required to have their data held in Canada choose to do so. Robert Dutt: French language support also came alongside the data cell launch. How important is that in the Quebec market, and can you talk about how that fits into the Canadian strategy and opens up your partner plays in la belle province? Ryan Sydor: I’ll go back to government opportunities in Quebec. If you don’t have French language capabilities, you can’t bid on many of these contracts and RFPs. So what it’s doing is obviously an investment and a commitment in supporting all of Canada, and it opens up a door for us to focus on helping a very big opportunity. In many of those cases, the relationships with partners are how we have those conversations. Partners who are dealing with the government of Quebec now have the opportunity to work with Okta. Robert Dutt: Just a couple of lightning round quick answers before we wrap up. What’s the biggest misconception you hear from Canadian partners about the identity market right now? Ryan Sydor: I’m not sure I’d call it a misconception. I think it’s perhaps understanding where Okta fits with AI, as everything is happening so fast. But we’ve invested a lot of money in training, not only our partners in our sales methodology, but training them in how Okta supports customers with AI. So I wouldn’t say there’s a misconception. I think there’s an alignment to ensure that we’re having the conversations that our customers want to have. Robert Dutt: What’s one thing that you wish every MSP in Canada would start doing tomorrow? Ryan Sydor: I think every MSP in Canada should be having conversations with their customers about AI, trying to understand what the strategy is, understand where the challenges are, and having Okta join them to help with those conversations. Robert Dutt: What’s the most underrated vertical opportunity in Canada for you right now? Ryan Sydor: I think we have opportunity in lots of verticals. Financial services – I’d almost say underrated, but I think where we want to spend a lot of time, we’re seeing a lot of traction. We see a lot of traction in technology. And clearly we talked about government. I think there is a tremendous opportunity in the public sector – underrated in how things have operated up to this point, but creates the greatest opportunity for us moving forward. Robert Dutt: And finally, fill in the blank for me. In two years, Okta Canada will be… Ryan Sydor: Triple in size. Robert Dutt: That’s a good place for you to be, and that’s a great place for partners, I think. Ryan, I appreciate your taking the time. It’s been an interesting conversation, and good luck reaching that triple-the-size number. Ryan Sydor: Thank you. Appreciate it. Robert Dutt: There you have it – Ryan Sydor from Okta Canada. I’d like to thank Ryan for his time, and thank you for listening. So here’s what I’d take away from this one. Okta is running over 80% of Canadian revenue through partners now, up from around 70% a couple of years ago, and they’re backing that up with real investment – 600-plus employees, a Montreal-based data cell with a Calgary failsafe that unlocks regulated verticals like government and healthcare, and they’re bringing partners to their own sales kickoff to learn the same methodology their sellers use. Ryan says he wants to triple the Canadian business in two years. That’s ambitious, but the pieces are being put in place. For partners, the bigger signal here is that identity is becoming a practice area you can’t afford to ignore. Between data sovereignty, AI governance, and the explosion of non-human identities, this is where real services revenue is going to be built. Keep an eye on it. If you’re enjoying the ChannelBuzz.ca podcast, do me a favour and hit follow or subscribe wherever you’re listening. We’re on Apple Podcasts, Spotify, YouTube, and most major directories. And if you’ve got a minute to leave a rating or a review, that goes a long way in helping other people in the community find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Four stories shaping the Canadian IT channel heading into the second week of April. SonicWall’s seven deadly sins SonicWall released its 2026 Cyber Protect Report, reframing SMB security around seven predictable failures: ignoring fundamentals, false confidence, overexposed access, reactive posture, cost-driven deferral, legacy access models, and chasing hype over execution. Key data: 88% of SMB breaches involve ransomware — more than double the enterprise rate. Identity, cloud, and credential compromise account for 85% of actionable security alerts. The average breach goes undetected for 181 days. More on this topic coming in an upcoming In The Channel episode with SonicWall’s Michael Crean. Cisco pulls compute deal registration Cisco eliminated compute deal registration effective immediately, cancelling associated promotional discountsamid rising memory costs. Partners are calling the move out of character, warning of direct margin impact. The latest development in the ongoing hardware cost squeeze affecting vendors across the board. Lenovo 360 bets on services Lenovo updated the Lenovo 360 partner framework with simplified tiers and a new Lenovo 360 for Services pathway launching April 13th, plus a new Tech Connect technical community. ChannelDive frames it plainly: Lenovo is boosting the partner program as a PC sales slowdown looms. The services pivot is the hedge. Canadian cybersecurity data CDW Canada and IDC Canada released the 2026 Canadian Cybersecurity Study based on 700+ Canadian security leaders. Cyberattacks on Canadian enterprises surged nearly 80% year-over-year; enterprise cloud infection rates hit a record 53%. The full study is available at CDW Canada. The report’s “maturity paradox” framing — security investment rising, breach success rising with it — echoes findings from Auvik and OpenText covered in last week’s episode. Read Full Transcript Hello and welcome to In Case You Missed It from ChannelBuzz.ca. I’m Robert Dutt, editor of ChannelBuzz.ca, and this is your weekly look at the stories that matter for the Canadian IT channel community. April 6th, 2026. Four stories this week. SonicWall reframes what security actually means for SMBs. Cisco hits partners in the deal reg. Lenovo bets on services. And some sobering Canadian numbers on the state of cybersecurity. Let’s get into it. SonicWall released its 2026 Cyber Protect Report this week, and the headline is a reframe worth understanding: most SMBs aren’t losing ground to sophisticated attacks. They’re losing ground to seven predictable, preventable failures that SonicWall has named the Seven Deadly Sins of Cybersecurity. Those seven sins: ignoring the fundamentals like authentication and patching; operating with false confidence about your risk level; overexposed access with flat networks and implicit trust; a reactive security posture rather than proactive monitoring; cost-driven security decisions that defer investment until after a breach arrives; reliance on legacy access models like VPNs that authenticate once and trust everything thereafter; and chasing hype over execution — buying tools without actually deploying them properly. The supporting data is striking. SMBs see ransomware involvement in 88% of their breaches, more than double the rate at large enterprises. Identity, cloud, and credential compromise account for 85% of actionable security alerts. The average breach goes undetected for 181 days. The stolen password, not the zero-day, is the attacker’s weapon of choice. The quote from Michael Crean, their vice president of Managed Services,  captures it best: “The danger isn’t that AI isn’t working; it’s that we’re using it as an excuse not to do the things we already know we should.” We’ll go deeper on this with Crean in an upcoming In The Channel episode. Watch for that in the coming weeks. Now for something that hits closer to home — specifically, closer to the margin line. Cisco has eliminated compute deal registration, effective immediately. No more deal reg on compute products, no more associated promotional discounts. The driver, per Cisco, is rising memory costs — the same hardware squeeze we’ve been tracking for weeks. Channel reaction has been blunt. Partners are calling the move out of character for Cisco and warning of lost margins. CRN’s coverage makes clear this is not a minor adjustment — it’s a structural change to how Cisco compute goes to market through the channel. This is the latest domino in the RAMmageddon effect. Memory prices surge, vendors absorb what they can, and eventually the cost lands on partners and customers. Intel and AMD both raised prices last week. Cisco just removed the cushion that was softening the impact for partners. Lenovo’s answer to the same hardware headwind looks quite different. They’ve announced updates to the Lenovo 360 partner framework, with the headline being a new Lenovo 360 for Services pathway launching April 13th. The pitch is straightforward: structured resources and incentives to move partners from transactional hardware deals toward managed and professional services. Given everything we just said about margin compression, that direction makes sense. New additions include a Lenovo 360 Tech Connect technical community and an upgraded partner portal. Not flashy, but this is exactly the kind of structural investment that matters when hardware economics are working against you. ChannelDive’s framing is the honest one: Lenovo is boosting its partner program as a PC sales slowdown looms. If you can’t win on hardware margin right now, services is where the conversation needs to go. We’ll close with some Canadian numbers worth paying attention to. CDW Canada, working with IDC Canada, surveyed more than 700 Canadian security leaders for the 2026 Canadian Cybersecurity Study released this week. The headline: cyberattacks targeting Canadian enterprises surged nearly 80% year-over-year. Enterprise cloud infection rates hit a record high of 53%, up from 41% the prior year. The report calls this a maturity paradox — organizations are investing in security architecture, but breach success rates are climbing anyway. It’s Canadian-specific data, which makes it more immediately applicable than most global threat reports for conversations with clients here at home. That’s your In Case You Missed It for April 6th, 2026. Links to everything we covered are in the show notes at ChannelBuzz.ca. If you’re finding this useful, subscribe on Apple Podcasts, Spotify, YouTube, or wherever you listen. Ratings and reviews always help. I’m Robert Dutt for ChannelBuzz.ca. Have a great week, and I'll see you in the channel.

Faraz Siraj, vice president of global channels and alliances at Fortra Faraz Siraj, vice president of global channels and alliances at Fortra, joins the podcast to talk about what it looks like to build a channel program around a cybersecurity platform assembled through more than 20 acquisitions – and why MSPs should be paying attention now. Fortra’s portfolio spans offensive security tools like Cobalt Strike and Core Impact, data protection through Digital Guardian, and security awareness training via Terra Nova Security. It’s a wide footprint, and as Faraz acknowledges, many partners still know the acquired brands without realizing they’re all under one roof. The Fortra Protect partner program, launched in 2025 with guaranteed margins and a single FortraOne partner agreement, is the company’s answer to the fragmented discount structures and multiple contracts that came with all that M&A. The conversation also digs into Fortra’s recent decision to sell its Alert Logic managed detection and response services to LevelBlue – a deliberate move to position the company as a software provider, not a services competitor to its own partners. Faraz is candid about where offensive security capabilities realistically fit into an MSP’s stack and where they don’t, and offers a practical on-ramp for Canadian partners through Fortra’s acquisitions of Ottawa-based Titus and Montreal-based Terra Nova. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. If I say the name Fortra, there’s a decent chance you might not immediately place it. But if I say Cobalt Strike, or Digital Guardian, or Alert Logic, or Titus, especially if you’re in Ottawa, those might ring a bell. Fortra is the company that’s been quietly acquiring cybersecurity companies for the better part of a decade. More than 20 acquisitions in all, and now they’re trying to stitch it all together into a unified platform, pointed squarely at MSPs and MSSPs. What makes this story interesting right now is they’ve recently made some moves that signal where they think they fit into the ecosystem. They sold off their Alert Logic managed services business to LevelBlue, which is a pretty clear statement. We make software, we’re not going to compete with you on service delivery. And they’ve rolled out a new partner program called Fortra Protect with guaranteed margins and a single partner agreement that covers the whole portfolio. My guest today is Faraz Siraj, Fortra’s Vice President of Global Channels and Alliances, and I wanted to talk to you about what it looks like to build a channel program around a platform that was assembled through acquisition, how MSPs should think about the balance between offensive and defensive security capabilities, and whether there’s a Canadian go-to-market story here. Let’s get right into it. My chat with Faraz Siraj. Faraz, thanks for taking the time. I appreciate it. Faraz Siraj: Great to be here. Robert Dutt: Fortra has been built through a bunch of acquisitions. 20+, 25+ I think? For MSPs who know Cobalt Strike or Digital Guardian but don’t necessarily know the umbrella brand of Fortra, what’s the pitch for why they should think of you guys as a platform rather than sort of a collection of tools? Faraz Siraj: Great question. Well, all of these products that we acquired over a, I’d say, a five-year period, it was around a little over 20 companies, we are going to platformization, and all of these will be available via the platform. And the platform provides a variety of tools to manage, and so MSPs would probably want to welcome that opportunity to utilize a single platform with multi-tenancy to help manage those solutions for their customers. It’s just a natural fit, and rather than having multi-screens, multiple interfaces to be able to provide those types of managed services, so it’s a very, very powerful way of bringing it all together. Robert Dutt: For that MSP market, you guys sold off Alert Logic’s managed services business to LevelBlue a couple of months ago. What does that signal to MSPs about where you see Fortra sitting in the ecosystem moving forward, in terms of trying to be a technology brand behind the MSP? Faraz Siraj: Well, that’s a perfect fit. I think we realized that the managed service business is not really what our strong suit is. And we aligned our Alert Logic business with a suitor that can take full advantage of that kind of business, and they’re very good at it. We, over time, realized that if you want to do that business, you have to really focus in on it, whereas we had other priorities. And so what that tells the market and other partners out there is that we need our partners to be able to provide those managed solutions. We truly are in the business of making and providing software. We do not want to be in the services game. We want to have our partners provide those services, whether it is managed services or whether it’s installation services, optimization services delivery, we need our partners to do that. And that’s what creates opportunity. And that’s what I’m really excited about with our platform play, as well as where our future direction is as a company around the products that we provide. Robert Dutt: One of the most interesting things I think you guys talk about is the idea of MSPs balancing offense and defense. And I guess I want to dig into what that actually looks like in terms of the service delivery level. Where does offensive insight realistically show up in the day-to-day stack for an MSP? Faraz Siraj: Well, it shows up everywhere, whether you realize or not. It is in whether it is vulnerability management, it’s in offensive security tooling, it is in pen testing, it is in simulations. That takes some knowledge and ability to provide those services around those capabilities. And that’s just from an offensive side. There is a need for support for those particular product sets. On the defensive side, it’s pretty simple. I mean, we have a lot of those defensive protection products, and we need our partners to be able to provide solutions around it. Robert Dutt: Yeah, and MSPs, most I would dare say at this point, are defensive operators by nature. Prevent, detect, respond, deal with the problem. What can MSPs realistically do with offensive capabilities, and where should they not be trying to operationalize offensive capabilities in their stack? Faraz Siraj: Well, the first thing that I would tell them is be comfortable with what you’re providing. Be comfortable with your capabilities that you can go to your market with, with your customers. If you don’t know it, you can certainly learn, but you don’t want to try to pigeonhole yourself into a technology that you’re unfamiliar with. We can help with that. We have a lot of training. We have a lot of classes available through our Fortra Academy that can help them, and we have onboarding that we can help partners with. Again, it would be, I would think about the customer and work backwards. You would want to qualify the customer and qualify their needs. And if offensive security is something that is a pain point for your customer, then investigate it. And sometimes it’s not. And if it’s not needed, why would you want to venture and invest in an area that you’re unfamiliar with? Now I’d love for all of them to do it, but I’m an honest person. Sometimes it doesn’t make the right business sense. Robert Dutt: You guys acquired Red Macros Factory to enhance Outflank Security Tooling. Cobalt Strike is used by red teams worldwide, but it’s also used by threat actors who are probably using cracked copies. That led Fortra and Microsoft to take joint legal action in the past. How do you talk to partners about selling offensive tools when some of those tools have been weaponized against their customers? Faraz Siraj: It’s a discussion point. It’s also sort of a proof of concept in a twisted sort of way. Well, we do not support any illegal use of our products. We do not support using it for the wrong reasons, so to speak. We have strict legal language on it and we have gone to legal with Microsoft about those kinds of things, because we have strict requirements of how you’re going to utilize this tool. If we find out that you’re using it for the wrong reasons, weaponization, we cut it off. And that’s part of the qualification. And that’s also part of the execution and inspection that we look at. These are very powerful tools and they are not for that purpose. And just as another example is when we provide NFR gear, it’s meant for testing purposes and lab gear. You cannot be utilizing it to provide protection from as a customer standpoint, even though it’s not the same completely. It’s similar. And we just, we have to be very transparent and upfront about what these tools are about and how they’re supposed to be used. Robert Dutt: Let’s talk about the program and what you guys are doing there. You’ve introduced guaranteed margins with Fortra Protect and the FortraOne agreement. What problem were you specifically trying to solve with that model and what was sort of the problem with how partners were engaging with Fortra before? Faraz Siraj: Yeah, there’s several problems that we were addressing and yet we came to an innovative way on how to address it. So let’s look at a little history. When you acquire so many companies, your discount structure is all over the place. In Fortra transparency, we had discounts that were in the low 20s and going way north into the higher discounts. And when partners want to work with you, they expect a certain discount table for all products. And when you’re all over the map, you can’t really do that. Additionally, we wanted to encourage our partners to look at the entire portfolio and be encouraged by representing all Fortra. We had different agreements and we had different programs by product lines and we needed to bring it all together. And so as I joined, we did the FortraOne agreement, which brings everything into one unified legal agreement to be able to represent our products. And that’s the easy part. Second, we wanted to provide incentives to our partners to represent not only the products they’re familiar with, but all the other products that we had. And guaranteed margin was the best way to do it. Now there’s no guesswork on partner profitability. You know what you’re going to be making. And when you know that upfront, you can now focus in on the real problem at hand is providing customer solutions. We can work on it jointly. I can tell you I’ve been in the industry long enough where I continuously talk to partners and their pain points are around profitability and the unknown. Working deals and then being squeezed or not knowing what they’re going to make until the very end. And you’ve spent all this time working on these solutions and then you are not going to kind of have that profitability that you want. That’s a big deal. And we took the guesswork out of it. And now let’s focus on the customer, which is quite from what I hear the most important thing. Robert Dutt: I’ve heard the same thing, believe it or not. What do you see as sort of the, as you’re looking at the platform structure and trying to make it easier and more smooth for partners to sell across that, what are kind of the one or two top entry points for partners? And what do you see as sort of the next adjacencies that partners naturally gravitate towards as they get to know what all you guys are doing and get comfortable with the model? Faraz Siraj: Yeah, I think the best entry point would be around data protection. And we offer so many varieties of security solutions, but the best way is around data protection. And let’s face it, data has been exploding and will continue to explode. There is a fun new variable out there called AI that is in the forefront of everybody’s minds. And it’s being utilized for the right reasons and the wrong reasons. And whatever your case is, you need to protect your data with however which way it’s exposed. And so we have data protection solutions that will be enhanced by AI, but also will protect against AI because your data is the most valuable commodity that you have as a company. And so with our data protection, such as our DLP solutions, our data classification solutions, DSPM, that’s a great entry point. And then you can expand from there with the use of the platform. But that’s what I highly recommend for partners that are just getting into this. Robert Dutt: You joined Fortra in late 2024, and this is being described as kind of the company’s first dedicated channel push. For Canadian MSPs who aren’t in the ecosystem currently, what’s the realistic on-ramp for working with you guys? And I’m curious where you’re at in the Canadian market in terms of is there a distribution and go-to-market story here, or is it sort of primarily still being built around the US model? Faraz Siraj: No, it’s a true North American model. By the way, we acquired a few Canadian companies, and we have several Canadian MSPs already that we work with. We are always looking to expand within the Canadian market. Companies that we acquired that are well-known in Canada, such as Terra Nova and Titus. Terra Nova out of Montreal. Titus was out of, I believe, Ottawa. Terra Nova, by the way, human risk management or security awareness training, if you want to call it, is an MSP’s dream. It can be branded by a partner, and it can be run as if it were the partner’s business. And we actually go to market heavily with a lot of Canadian companies for that particular product line. If you ever wanted the easy button to get involved with Fortra, it would really be the Terra Nova product, human risk management, because everybody needs security awareness training. I go through it every six months at Fortra ourselves. I’m a user on product, but you need to have that refresher, because in the simplest forms, we are exposed to crazy stuff that comes to us, and you need to be trained on it. So that’s where I would go from a market perspective, but we love our Canadian companies, and we’ll continue to operate that way. Robert Dutt: It sounds like you’re open to adding additional MSPs, obviously. What do you find are some of the common threads among successful Fortra MSPs? Faraz Siraj: It really is around providing good customer joint solutions. We obviously want to be in the software business, but we also want to be with partners that align to that software as well as providing the customer satisfaction. And so the ones that do it well are the ones that are able to bolt onto their services on top of the solution and do it well. And we’re not hearing about issues. In fact, the successful ones are the ones that are expanding those solutions and going into more and more customers. The other piece of it is being able to be creative with billing for the partner so that it entices them to go out and obviously have partner profitability. Robert Dutt: If an MSP is listening to this and they’re doing the standard defensive stack – EDR, SIEM, firewall – but they’ve never really offered anything on the offensive side, what’s the first conversation they should be having with customers? And how do they avoid turning offense into, you know, the once-a-year pentest PDF and call it a day kind of thing? Faraz Siraj: Yeah, well, it really goes back to understanding the customer. Now, it starts with, yes, pen testing is very important, but it’s not just once a year. Given today’s threat landscape, you need to do that a lot more often. Vulnerability management, those are the two major entry points. We built our vulnerability management tool from a mixture of six different technologies from six different companies, and we fused it together to make our own Fortra vulnerability management tool. Such companies like Tripwire, Digital Defense, Beyond Security, even a little bit of Alert Logic that was in there and there’s a couple others that I’m forgetting, but when you’re able to do that, it makes for a great value product. Robert Dutt: Interesting conversation. I appreciate the colour around the partner program and I appreciate the idea of adding offensive capabilities to the MSP stack. I think that’ll be an interesting space to watch. Faraz, thank you very much for joining us. Faraz Siraj: Oh, you bet. Thank you, Robert. Robert Dutt: There you have it, Faraz Siraj from Fortra. I’d like to thank Faraz for his time. I appreciated his candor, especially on the managed services exit and the reality of what MSPs should and shouldn’t try to take on when it comes to offensive security. Thank you for listening today. A couple things that stuck with me from this conversation. First, the Alert Logic move. When a vendor sells off their managed services business and tells you straight up, we’re in the business of making software and not competing with you on services, that’s worth paying attention to. Doesn’t guarantee anything, but it’s the right signal. And in a market where MSPs are constantly wondering which vendors are going to show up as competitors, it matters. Second, the platform story. 20-plus acquisitions is a lot of integration work. And I think the jury’s still out on how seamless that experience actually is for partners day to day. But the FortraOne agreement and the guaranteed margin model suggest they’re at least thinking about the partner experience at the business level, not just the technology level. And for Canadian MSPs specifically, the Terra Nova and Titus acquisitions mean there’s a local footprint here that a lot of people might not realize. If you’re not subscribed to the ChannelBuzz.ca podcast, now’s a great time. You can find us on Apple Podcasts, Spotify, YouTube, and most podcast directories. If you’re finding value in these conversations, a rating or review goes a long way. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Larissa Crandall, 1Password’s global vice president of channel and alliances 1Password is a company many Canadian partners know, but the Toronto-based firm has evolved well beyond the password vault it’s historically been associated with. Now positioning itself as an identity security company, 1Password recently expanded its global partner program, won the 2025 AWS Canada Rising Star Technology Partner of the Year award, and was named to CRN’s 2026 Security 100 list. The company counts more than 180,000 business customers, with over 75 per cent of its revenue now coming from the enterprise side. Larissa Crandall, 1Password’s global vice president of channel and alliances, joins us to talk about what that evolution means for MSPs looking to build identity security practices. Crandall talks openly about the need to “myth bust” how partners think about 1Password, pointing to strategic integrations with CrowdStrike and Zscaler and the company’s growing presence in AI labs and enterprise security stacks as evidence of the shift. The numbers that emerge are striking. Non-human identities – AI agents, service accounts, API keys – now outnumber human identities 82 to 1, according to Crandall, and SMBs remain largely unprepared for the challenge. That’s the gap MSPs can step into. She shares the story of an MSP that made 1Password mandatory across its entire customer base – not as an add-on, but as a baseline requirement – because you can’t credibly sell identity security if you haven’t secured the front door yourself. On building a profitable practice, Crandall identifies three keys: proper discovery, understanding scope and complexity, and having the right skill sets on your own team before delivering it to clients. Partners interested in learning more can visit the 1Password partner program page. Read Full Transcript Robert Dutt: Hello and welcome to In the Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always, your host for the show. If you’ve been following the cybersecurity conversation this year, you’ve probably noticed that identity keeps coming up – not as one item on the security checklist, but increasingly as the item. The attack surface is shifting. SaaS sprawl, shadow AI, and a growing universe of non-human identities – things like AI agents, service accounts, and API keys – are creating access governance challenges that traditional security tools were never designed to handle. And for MSPs, that shift represents both a risk and an opportunity to build a real practice around identity security. 1Password is a company that a lot of us know, but the Toronto-based company has evolved beyond the password vault that many partners may remember. It’s now positioning itself as an Extended Access Management platform, recently expanded its global partner program, and counts more than 180,000 businesses among its customers. Joining me today to talk about what that evolution means for the channel is Larissa Crandall, global vice president of channel and alliances at 1Password. We’re going to dig into why identity has become the front door to the security conversation, what MSPs need to understand about non-human identities before their customers start asking, and what building a profitable identity security practice actually looks like. Larissa, thanks for taking the time. I appreciate it. Larissa Crandall: Thank you so much for having me. Excited for a conversation. Robert Dutt: We keep hearing that identity is the new security perimeter. For a lot of MSPs, the bread and butter is still firewall, endpoint, some MFA. Can you help me with what’s changing in the threat landscape that makes identity security an urgent, a “build a practice around it right now” kind of opportunity? Larissa Crandall: Yeah, absolutely. AI is here to stay. I think the opportunity for MSPs is now. It’s prevalent. We’re seeing a lot of MSPs build practices around identity security, and those are the ones that are getting ahead of it, are leading the charge. I think for us personally, spending a lot of time with MSPs, the attack surface has changed. It’s no longer about human, it’s about non-human identities, and it spans across SaaS applications, endpoints, APIs, service accounts, and AI agents. All of the MSPs that are getting ahead of it are helping our customers and growing. Robert Dutt: You guys have been around for 20 years now or so. I think for a lot of folks, the on-ramp, the familiar place is the personal password vault, of course. Some partners certainly are selling you alongside other tools, are working you into the mix. What would surprise a partner who hasn’t looked closely at 1Password in the last couple of years about where you guys are at right now? Larissa Crandall: Love this question, because I’ve been talking to a lot of partners. As we’ve built out the partner program that we just launched and going to truly partner first, we have to – what I call – myth bust. A lot of how people perceived us is just traditional EPM, the Enterprise Password Manager business, into this true solution that’s attached to everything that they’re already selling. For instance, we have large integrations with CrowdStrike and Zscaler, and that’s getting the attention of some of the partners out there not realizing that we fit into that full conversation and that tech stack as a platform play, versus thinking of us traditionally just on that human-centric credential management play. We’ve definitely flipped the script, I would say, on having sellers think of us different. MSPs – we also have a lot that we’re doing with AWS, and that has changed some of the landscape for us here, is positioning that full technology solution. Robert Dutt: You touch on partner first on the program launch. Can you walk me through what partner first means from a 1Password point of view at this point and the highlights there in terms of what it means to your partner base or your prospective partner base? Larissa Crandall: Sure, absolutely. We built what I call a customer-centric partner strategy. What that means to us internally – and as I’ve shared this with our partner ecosystem – is however a customer wants to transact with us. Via AWS Marketplace, whether they want to work with us with a partner through Marketplace, if they want to work with their traditional reseller and VAR partners out there. We have obviously SMB customers, a lot around working with their MSPs. We have that all taken care of, where we have prescriptive partners across the globe as well as working with our distribution partners. What that means for us internally is we have worked through an entire strategy top-down. It goes from our executives all the way through our sellers that they’re to engage partners. Now it could be an existing account that we have that we’re wanting to bring a partner into. We’re also spending a lot of time with partners, both new and existing, teaching them the 1Password story and teaching them how we fit in what they’re selling today and what the opportunity is. Increased enablement, certifications, all of that. Again, it goes back to what I would say is that myth bust of how you think of us and what we’re doing, versus how we’re getting a lot of attention from partners that have talked with us previous but are seeing us different, talking about putting us in their AI labs and their security practices and a full wrapper into platform. Robert Dutt: That’s two fronts of myth busting, or developing the stories to partners. Where would you say you’re at in getting that out there, broadly disseminated and well understood on both of those fronts? Larissa Crandall: It’s a daily, right? I think it’s a daily spend. I spent this morning talking to two partners and they were both new. They were in a region that we have not spoken to before, and it was newer partners wanting to learn more because they’re hearing the market demand and they’re having customers call about 1Password and identity security. That has flipped as well, where identity security is no longer a “it’s a nice” – it’s needed. Same thing across MSPs. They’re building foundational practices as well around identity security and we’re having them come to us and say, “Teach us more. How do we build this? How do we do the discovery and how do we get in front of it?” Especially around AI. Robert Dutt: You’ve talked about something you call the Access-Trust Gap – the space between what IT can see and control versus what employees are actually using to get their work done. Can you walk us through what that looks like in a real organization and the why as to why traditional IAM tools aren’t closing that gap? Larissa Crandall: I have an example for you that I love to use, and it’s related to an MSP that we have that shared with us how they personally worked with 1Password. It’s a mature MSP that made a deliberate decision as a company to bring in 1Password and make it mandatory for all of their customers. Not an add-on – make it mandatory for all. They did that because they wanted to ensure that security was embedded into everything they did from the start and how they interacted with customers. The reason that they did that is they wanted to make sure – if they weren’t ahead of it and they weren’t giving customers a secure way to manage their credentials, they would find their own way. That’s the problem still. There’s spreadsheets, there’s shared sticky notes. You put it in your phone. That’s never good. This MSP shared that and said, “If we’re going to go preach this and sell 1Password, we’re going to basically do it ourselves.” If you leave it up to your own devices, employees will do it on their own and that’s the big risk. For us, that’s the big opportunity that we’re sharing with our partners to make sure that they know that – that is not the way to go. You need to make sure that you’re protecting it. You can’t begin to address that identity sprawl if you haven’t first secured the front door. When we say that to partners, we let that sink in. If you haven’t done it personally as an organization and you’re working with customers, you have to secure that front door. MSPs that are building the basics and getting ahead of it are going to nail this and be far ahead of their competition. I love that example because it’s a real life, “If I’m going to go sell it, I’m going to make sure that we’re using it ourselves.” Robert Dutt: The new front, I think, that’s maybe catching MSPs a little bit off guard, that’s certainly building awareness, is the non-human identities side of things. You touched on AI agents a little earlier, the service accounts, the API keys – the things that need credentials but aren’t employees. How big of a governance problem is this becoming and what does it mean for an MSP who’s trying to help clients figure this out and navigate this problem? Larissa Crandall: It’s a big problem. Non-human machines are growing every day, and a stat that we’ve been using and explaining this – just on the severity of it – with our partners, is non-human identities now outnumber human 82 to 1. Think about that. If that is the number of how much you would have to protect non-human, you can’t just think about it from that human perspective. “I log in, I do the right thing.” It’s everything that they don’t know. That gap, again, is helping customers get that visibility and control around that across human and non-human, is generally hard to replicate because you have to teach it. That’s where, again, the partners come in and they bring that up and explain that. They’re ahead of it. What I will say, though, is SMBs are not ahead of that just yet. They’re not thinking about non-human every day, and that’s where partners can come in and being their true trusted advisor and explain that and explain the risk to their businesses. Because that’s their job – to keep businesses running – and that’s why customers go to them. Robert Dutt: For an MSP who’s at the point of saying, “OK, I see your point. I see the opportunity around identity security. I need to build around this,” but they aren’t there yet necessarily – what does a profitable identity security practice look like? What are they selling? What services are they wrapping around it? Where do you fit into that stack? Larissa Crandall: MSPs are all different. Obviously, they’re great about doing that first initial assessment and analyzing the infrastructure and set of tools and governance that they have. I think the first piece that we’re explaining, and we’re talking to MSPs, is just how to get started and how to build a practice around this. You first have to do that discovery. Most customers are not getting an accurate inventory of what they have. That piece, and explaining “if you do this, here’s the risk mitigation around it, this is how it could help your business.” The second piece I think that some don’t really truly understand is the scope complexity, meaning identifying the infrastructure, the dev, the security, the operations team, everybody else that’s all-encompassing around this. I think the third is staffing. Some MSPs don’t realize, “OK, if we have this, how do we build a profitable practice?” – you need to ensure that you have the right skill set from your own teams to do that assessment up front. It’s a step-by-step, but you can’t do only one of those. Proper discovery, scope, and staffing are really key. Robert Dutt: You guys are a Toronto-based company. For Canadian MSPs or resellers in the audience, is there anything specific about how you’re building the partner ecosystem up here in the market that they should know about, and what’s the first step that a partner should take who’s intrigued by this conversation and wants to find out more? Larissa Crandall: Join a partner program. Obviously, I will say that. I think one of the proud moments for us right now is we launched a new partner program in February. Simplified, it did increase profitability and economics for them, and also did a complete overhaul of all the training, enablement, everything that they were asking for. It sounds simple, hard to do. We did this outside in. We spent a lot of time surveying Canadian resellers, MSPs across the world and really asking them what was needed around that. When we launched it, we had a record number of logins immediately on our partner portal in the first eight days of the program that we had seen in a while. That just goes to show that there’s just this strong pent-up demand for “Teach me and tell me more” because they’re hearing customers with some of these issues. We want to be there first and foremost and be proactive with them. Join the program. That’s what I would say. It’s very simple to start. I promise you, it’s a very profitable program. We’ll help you through and do all the onboarding and spend some time with us. Robert Dutt: From a Canadian point of view, anything particular that you’re looking at in the market up here, as far as building the ecosystem or as far as how you view where the Canadian channel’s at with you guys? Larissa Crandall: I’ve spent quite a bit of time there, talking to partners up there and spending some time with AWS. We spent a lot of time – we just won the Rising Star Award for Canada for the work that we’ve done in partnership with AWS. That has got a lot of press for us personally and what we’re doing and how we’re building solutions together. I would also say we have quite a bit of employees there, obviously. That’s been where we started. I would say a lot of loyal partners that have been with us through the entire journey. I would say that I’m hoping they’re pleased with all the changes and the added incentives there, and happy to talk to them. Robert Dutt: All right, a few quick-answer lightning round type questions before we wrap up. You touched upon this a little bit, but can you maybe elaborate? When you talk to MSPs who are doing identity security really well, what’s one thing that’s common amongst them? What’s the common thread amongst those who are doing well in this space? Larissa Crandall: Great. I would say exactly how we started this conversation – that they have recognized that AI is here and here to stay, and the ones that have built in the forefront and done really well with enablement out to their customers around that human and non-human identity security space and explained it are crushing it. Those are the ones that we’re seeing seat count increase, seeing some of their large customers come on and do true – what I would say, we call it – wall to wall. Bring in customers that have done exactly what that mature MSP did and said, “If we’re going to go do this and preach it ourselves and sell it, we better make sure that we are doing it as a company.” We’re continually seeing that. The ones that really get that from the very beginning are the ones that are on the forefront and being proactive about it versus reactive. You have to be trusted advisors out there, especially to even the SMB community. Robert Dutt: Finally, without naming any names if you don’t want to, what’s the worst password hygiene you have personally witnessed? Larissa Crandall: I would say sticky notes. I would say everything that your grandparents have done, your parents have done. I think it’s one of those where we’re all guilty of – where do we put that password? Did you share it with someone? That’s the worst thing that you can do. Of course, I work here, I’m going to say it, but being a 1Password customer even before – and that’s the fun about being here. I could be in an airport, I’d have a 1Password sweatshirt on walking through and we’re this beloved brand out there because they started with us on that B2C journey and have moved and brought us through into their businesses today. It’s a great place to be. Robert Dutt: Quite the evolution, and thanks for walking us through it, and good luck with the program rollout. Thank you so much for taking the time. Larissa Crandall: Thank you so much, Robert. I appreciate it. [MUSIC] Robert Dutt: My thanks to Larissa Crandall from 1Password for that conversation. A couple of things I want you to take away from it. First, that stat: non-human identities now outnumber human identities 82 to 1. If that number doesn’t make you rethink the scope of the identity conversation you’re having with customers, I’m not sure what will. Second, the MSP who made 1Password mandatory across their entire customer base – not as an add-on, not as an option, but as a baseline requirement for doing business. That’s the kind of conviction that turns a product into a practice. Whether 1Password is the right fit for your stack or not, the broader point stands: identity security is no longer a nice to have, and the MSPs who treat it that way are the ones building real recurring revenue around it. Thanks for listening today. If you haven’t already, please do consider subscribing to or following the podcast in your podcast app of choice. We’re up on Apple Podcasts, Spotify, YouTube Music, iHeartRadio, and more. And if you’re old school and you like your RSS feed to be, well, an RSS feed, we got you covered too. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Joe Smolarski, CEO of WatchGuard Technologies, joins the podcast for a wide-ranging conversation about why the company believes 2026 is “the year of the cybersecurity-focused MSP” – and what that actually means beyond the tagline. Smolarski came to WatchGuard in November after nearly a decade at Kaseya, where he served as president and COO. He’s been open about applying what he calls the “Kaseya playbook” to WatchGuard – driving down platform costs and consolidating tools to improve partner margins. In this conversation, we dig into what parts of that playbook he’s bringing, what he’s leaving behind, and why he believes WatchGuard can double MSP margins on cybersecurity. We also explore WatchGuard’s latest threat research, which showed a 1,500% spike in unique endpoint malware, and what the company’s 2026 predictions – including the first fully autonomous AI-executed cyberattack and the extinction of crypto-ransomware – mean practically for MSPs and the customers they protect. The conversation takes a Canadian lens as well. Smolarski discusses WatchGuard’s new partnership with Bell Cyber, the data sovereignty investments required to win that deal, and why he sees the Canadian market as ripe for its next level of MSP maturity – driven by regulation like Bill C-26 and the consolidation wave now reaching this side of the border. We also touch on WatchGuard’s 30th anniversary, what longevity means in a market full of startups and PE roll-ups, and how Vector Capital’s decades-long involvement shapes the company’s outlook. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. My guest this week is Joe Smolarski, the CEO of WatchGuard Technologies. Joe took the helm at WatchGuard back in November after spending nearly a decade at Kaseya, where he served as president and COO. He’s now leading a company that just celebrated its 30th anniversary, has been 100% channel-focused since day one, and is making a pretty bold claim that 2026 is the year of the cybersecurity-focused MSP. Now, that’s the kind of line that can sound like vendor marketing if you’re not careful, so I wanted to dig into what’s actually behind it. We talked about the explosion in endpoint malware, why the shift from ransomware to pure data extortion changes the game for MSPs, what Joe is bringing from his Kaseya experience and what he’s leaving behind, and why he thinks Canadian MSPs are at a tipping point. We also get into the economics of it all – his promise to double MSP margins on cybersecurity, and how WatchGuard’s platform play is supposed to make that math work. Let’s get right into it. My chat with Joe Smolarski. Thanks for taking the time, I appreciate it. Joe Smolarski: My pleasure, Rob. Robert Dutt: Security has been one of the biggest, maybe the biggest, growth driver for MSPs for years, and your company is saying that 2026 is the year of the cybersecurity-focused MSP. Help me understand what makes this year different from the last three or four, where people have been seeing the same kind of momentum in security in the MSP space. Joe Smolarski: Yeah, sure, Rob. I think ultimately many of the stats are clear, and they’re really eye-opening. I think no longer are MSPs having to educate and evangelize why it’s needed, because when you see eye-popping stats like the fact that cybercrime is the third largest GDP in the world behind the US and China, it’s like, holy cow, how the heck is that possible? But it’s escalated very, very quickly. And unfortunately for SMBs, SMBs have become the focus of those attacks, and I think that’s becoming clearer and clearer every day. SMBs used to feel as though they’re not the focus, that the big guys will be the focus. But what we’ve seen – and unfortunately I have some firsthand experience – is that when cybercriminals attack the big guys, they have people come after them. If you know my past, I served as president and COO of Kaseya for nearly a decade prior to becoming CEO at WatchGuard. And there, on July 2nd of 2021, we got attacked by Russian cybercriminals. When that occurred, within four hours I had the FBI and the White House and Department of Homeland Security and everybody else in my office, which was not very pleasant. So you get the attention when you’re a major provider, a big company. Look at Stryker right now, what they’re going through. In that situation, within four hours, they’re all in my office. Within three weeks, we got the bad guys, and those bad guys are sitting in a federal prison right now. But that’s not the case when it comes to SMBs, and it’s a shame. I had access to a bunch of inside information within the government when we went through that, because we also hired the FBI lead as our CISO at that time. And what they say is they’re just overwhelmed. There’s no way that they could get to all of the attacks that are occurring. The big guys get attention and the small guys don’t, and that’s become prevalent. So I think ultimately, this is the year for cybersecurity to get to that next level because the pace of attacks is picking up so much, in particular in the SMB market. We posted our bi-annual security report and showed a 1,500% increase over the last year, just in the velocity of attacks, which is scary. It’s scary for SMBs. And quite frankly, even if they have some of their own internal IT staff, they’re not going to be at the level that they require to stay protected. So they’re relying on the fantastic MSPs that are out there to get them to that next level. I will say, I caught up with three or four large MSPs in Canada over the last week, just to prepare for this a little bit, just to get some of the latest trends directly from the MSPs themselves. And they said they still feel like Canada is a little bit behind when it comes to the US, just a little bit behind in terms of education and things like that. And certainly, small business is so prevalent in Canada, given how dispersed it is. So they’re working on that. I know your government in Canada is working to increase regulation. I think some of the fighting back and forth with Trump and Carney has been interesting and ultimately fueling the Buy Canadian campaigns and some of that stuff. But you’ve got a lot going on. I know you’ve got a C-26 bill from an infrastructure perspective trying to be passed, just to make sure that the awareness is there for all businesses on what needs to be protected – supply chain and everything else. But it’s a huge opportunity for the MSP market to take it to that next level, because from my perspective, Rob, you have to. What I’ve seen – and this is very, very unfair – is that when a small business even declines that next level of, say, platinum service from an MSP, they’re like, “I don’t need that. We don’t need that level of protection. We’re not willing to pay that amount.” If something negative happens, then unfortunately the MSP still gets blamed. And that’s ridiculous, but it’s the reality of the situation. So this is the year to capitalize on it. There’s enough news and information out there that supports everything. It’s an exciting year and, of course, a nervous year, because you’ve got to protect your clients and use the best technology and services to get there. Robert Dutt: You touch on the 1,500% spike in endpoint malware in the second half. A quarter of those attacks are evading signature-based detection. At the same time, though, your team is predicting that crypto-ransomware is essentially going extinct this year as attackers say, “You know what? We’d rather just steal the data and extort you.” What does that shift mean practically for how MSPs need to think about protection and what they’ve been offering, given that ransomware has been such a driver for the last half decade or so? Joe Smolarski: Yeah, I think ultimately you just have to make sure that you have layers of protection. To your point, lots of things get through. You could have the very best technology in the world, whether that’s WatchGuard or some of the other leading providers, and things can get through. Ultimately, that’s why you need the layers. One of the things that you should also consider is the platform approach. There are many providers, WatchGuard being one of the leading providers in the MSP space. When you have a platform that gives you multiple layers and those layers get to be correlated together, it just increases your chances of detecting those things. You may see something on the firewall that’s not definitive evidence of something happening, but when you piece that together with what’s happening on the endpoint and you’ve got those two data points, you piece it together faster than point solutions can. I think ultimately you need to make sure you have 24/7 SOC monitoring. Things that you didn’t think were possible – you thought you put in the best products to protect you, why do I need that, nothing should get through. You just threw the stats out there that things do get through. The only way to stop that is to catch those anomalies at one of the respective layers. If you’re at 99.9999%, you’ll get it at the product level. But what gets through – and with the velocity of attacks that is there – you’ve got to make sure you’ve got AI-based SOC solutions and MDR solutions backed up by great security professionals to ensure you’re protected. Robert Dutt: On the AI tip, you guys have predicted the first fully autonomous, end-to-end executed-by-AI cyberattack this year. That’s a big call. What would that look like? And how do I, as a mid-market MSP, even begin to prepare for something like that? Joe Smolarski: Number one, it should scare the heck out of us. It scares me. It certainly scares me, Rob. It’s a world that is evolving very quickly. I think AI in and of itself – there are some anomalies. I’ve done a few interviews where I’ve said half of AI is bullcrap. Because so many people claim AI and everybody’s taking credit for it. Some of it’s real, some of it’s not. But what’s very real is the rate of acceleration of technological advancement, both for the good guys and unfortunately for the bad guys. So I think you can’t fight AI attacks with human-based people. You need to fight AI with AI. There’s no way, from a rate of defense, pace of defense, that you can fight that with just good security professionals. You want to make sure, as the complexities of these attacks, the velocity of these attacks – because it is AI-based – continues to accelerate at an unprecedented pace, that you’re fighting that with AI-based solutions. Because it can match the speed and complexity of the response. We’re seeing it. While we haven’t seen a complete 100% autonomous end-to-end, we’re seeing pieces that are getting very, very close. We have so many millions and billions of data points coming through and it’s getting scarier by the day. Our job is to stay ahead of that. We stopped billions and billions of attacks last year and we had seven reports come through of malware that maybe got through. So the success rate is phenomenal, but the only way that will stay phenomenal is if we just stay on top of that 24/7, 365 and read all the indicators of what the bad guys are doing and how we need to stay ahead of that to protect our MSPs and protect our end customers. Robert Dutt: We talked about platformization a little bit off the top. I wanted to circle back to that. First, you’ve been pretty open about bringing the Kaseya playbook to WatchGuard – driving down platform costs, consolidating tools, increasing margins. But Kaseya can be a complicated word in the MSP space. Some partners hear it and think great economics. Others hear it and think about aggressive bundling or the friction of integrating acquisitions. Which parts of the playbook are you looking to bring to WatchGuard, and which parts are you consciously choosing to leave behind? Joe Smolarski: Yeah, definitely. And listen, every company has its pros and cons. And certainly over there, I was the number two, not the number one, which is a difference, because you’ve got to abide by certain things. It had a fantastic leader with Fred and a great leader with Rania in the current leadership. But I think ultimately what always resonated – no matter, I say time and time again, even if somebody didn’t like certain practices at Kaseya – what always resonated was, “I need to lower my operating costs because my margins are too tight and I can’t scale efficiently.” It’ll be tough to get liquidity as an MSP if I’m not getting the proper margins and profitability. And we know that there’s a great opportunity for MSPs to get liquidity and have an event, because there’s a great rollup occurring in the industry. So just making sure that the unit economics continue to get better. And the second component is just an integrated platform. It makes all the difference in the world. Imagine you hiring your next technician, your next engineer, and then you’ve got to reach out to seven different vendors to get that person set up. That engineer has to learn seven different platforms and seven different logins and swivel chair through all of it. So those two components, no matter what, always resonated with the base, whether they were Kaseya lovers or Kaseya haters, those two things always resonated. And those are some of the common components. I think the benefit for me, and the reason why I left a very successful career at Kaseya – we did a lot of great things from a financial perspective, growing it tenfold in my tenure there – the reason why I left and the reason why I took that call is because WatchGuard just has a tremendous partner focus and is well respected in the industry. So you take that, you take the great products that we have, and then you have the focus on the unit economics that I’m certainly bringing to the table. It’s just very, very important. Sometimes an MSP needs some bells and whistles and sometimes they just need it to work and be a world-class security solution that gets to lower their costs in parallel. And that’s what we’ve done. It’s just a great combination of a company that is 1,000% focused on the partner community. That’s all we do. If you look at us compared to very amazing firms like a CrowdStrike – just phenomenal firms – but they’re not solely focused on MSPs. Prior to a decade ago when I joined Kaseya, I spent my life in the enterprise. And when you’re a firm dealing with enterprises and MSPs, I’m sorry, but it’s only natural that the enterprise gets the attention. They just do because, number one, if you look at how they segment their customer base, the Bank of America and the General Electric – when they call in, they’re going to get prioritized, let alone the human element. When you’re on support and you’re dealing with the big guy versus the little guy, it’s just different. You go above and beyond. That’s why for us, we never try to mix the two. We want to make sure that we’re dedicated to the MSP community. It makes a massive difference in terms of focus. We understand that if we let an MSP down, this is their livelihood. You let an IT director down at Bank of America, his life keeps on going. But you let an MSP down and this is their absolute livelihood, and we just can’t let that happen. That’s embedded throughout the culture of WatchGuard, which we’re super proud of. You put great products on top of that and the focus on unit economics, and it’s getting that cost down so that we allow them to be more aggressive. You and I talked earlier in the call about the fact that if an MSP offers a cybersecurity package and it gets declined, they’re still going to get blamed. So if we can keep getting that cost down to allow them to make sure all of their end customers are protected, it’s just a great thing for all. And that’s our genuine focus and we’re super excited about it. Robert Dutt: You’ve said that you want to double MSP margins on cybersecurity, and that’s a very specific promise, one that I have to imagine gets a lot of MSPs’ ears perked up. Can you walk me through the mechanics of how that actually works? Is this pricing, is it operational efficiency through the platform? And what does that transition to higher margins look like for a Canadian MSP with, say, 500 managed endpoints? Joe Smolarski: Yeah, listen, I think it’s all of the above, Rob. If you look at it, you can buy a dirt cheap solution and think that you’re saving money. But when it comes to cybersecurity, you buy a dirt cheap solution and then you get bombarded with alerts and noise and everything else. All you’re doing is increasing your operational headcount, your human capital. And you’re getting an absolutely nasty math equation that you just didn’t realize when you signed on the dotted line up front for the rock bottom price. So it’s not solely based on price. This is a world where there is a ton of noise. And if you’re not efficient with what we’re providing to the MSP in terms of threat indicators and things like that, they just get overwhelmed and either have to overstaff to accommodate for it, or they miss important things and ultimately allow bad stuff to occur within their environments. For us, we really focus on simplicity of the platform and making sure that we can give you absolute world-class solutions. You do the research on WatchGuard – we have world-class solutions across the board with tremendous success rates. So give world-class solutions, limit the noise that an MSP has to deal with, and always be there for that MSP when something occurs. We have a six-minute response time on our SOC, which is best in the industry. All of those things combined, along with very aggressive commercials. We have to be. We’re getting more and more aggressive when it comes to commercials and have a lot of great stuff planned for this year. I’ve been here four months, so give me a little bit of time, just a little bit. But we’re making progress every single day to continue to meet the needs of our MSP community. Get that price further down, improve the unit economics, and more importantly just provide a great simplified platform that simply works, and always show up when our customers need us. Robert Dutt: You’ve shipped a lot of product in a short time. The Zero Trust Bundle, FireCloud, Open MDR with third-party support, the unified agent. For an MSP that’s currently running your firewalls, maybe another piece of the stack, what’s the realistic path, the realistic starting point to adopting the full platform, and how do you avoid the rip-and-replace fatigue that you can feel from vendors who are in the platform play? Joe Smolarski: Yeah, we’re doing everything we can to avoid the fatigue. Not to kick anybody when they’re down, but we’ve had a flurry of major activity from SonicWall customers looking for relief from some of the challenges they’ve had. Our team has worked around the clock to put together fast, easy, white-glove migration using AI that can carry across profiles and configs to make it as easy as possible to reduce that fatigue when you do decide to move. We definitely concentrate on reducing that fatigue through automated migrations using AI tools to make sure that some of those things happen. But fatigue aside, in terms of next logical steps – we’re blessed, we have 25,000 MSP partners, most of which are using our firewall solution, which we’re famous for. The red boxes. It’s world-class and extremely well respected. If they’re just using the traditional firewall, the next easy logical step is to get the endpoint protection with fully managed SOC, because you need it and it just works so tightly together. Our goal when we work with our partners is just to show that one plus one truly does equal three. We work on that every day through additional integrations and ease of migration tools. We’re super excited about it, and we think it’s going to be a banner year for us. We had a record-breaking 2025 and think we’re just getting started at this stage. Robert Dutt: Vector Capital has been involved with you guys for decades, which is pretty unusual for private equity. Your partners are making long-term bets on the platform – obviously, that’s the nature of the beast. What are you giving them in terms of assurance that there’s continuity of investment there, that this structure keeps going, that it doesn’t become a growth-for-exit kind of play? Joe Smolarski: Yeah, well, I think you just answered it for me. You just said Vector’s been involved for decades. That is very rare, Rob. Very, very rare. Number one, Vector’s just a fantastic partner. I’ve dealt with many different private equity firms. I’ve been in private equity my entire life – very prestigious ones. Insight was fantastic at Kaseya. But ultimately, Vector has been in this for the long run. Some of the principals at Vector have personal financial interest in this company, which just creates a loyalty and a common vision for us to build a great company. And they tell me that every single day. We don’t build for an exit. We want to build a great company. We believe we have a great image and perception and brand in the market today, and we’ll never do anything to compromise that. Our focus is to build a great company, protect our partners, continue to build with our partners. Both myself, the WatchGuard team, and Vector – that’s the sole focus here. Because they’ve been involved for decades, it’s a little bit different than many other firms that are going through change of ownership every couple of years. And then they’ve got to cut costs and go through all that. We’ve had stability from that perspective, which is great. We’re still a business. We’re a for-profit business. We’re not a charity. So of course we always have to make business decisions in an ever-changing business world. But I think that continuity has really made a big difference. Having a private equity firm that has a personal interest in this company has made a big difference for us, and I think our partners see that with the level of focus and dedication to the partner community. Robert Dutt: Earlier in the conversation you mentioned data sovereignty. You mentioned some of the moves being made on the government side in terms of legislation. As you’re pushing a cloud-delivered security platform, how do you see data sovereignty factoring into that? Joe Smolarski: Yeah, it always has to, because otherwise it’ll preclude you from being able to penetrate certain markets. Ultimately, that started decades ago in Europe, in terms of having to make sure that data is stored locally. Any major vendor needs to make sure that focus is there. Canada is catching up quickly in terms of many of those requirements. Sure, it requires extra capital and build-out in terms of making sure we have local data centers and all of that. But at this stage of the world, unfortunately it’s getting more complex with all the wars and the turbulence that’s in the world now, which is unprecedented. So you’re going to get more of that – “No, it can’t leave the country, it’s got to be here” – more and more. All of us in the SaaS space need to be prepared for additional investments to accommodate for that. You’re not going to win and be able to get that business at a large scale without it. Our business has quickly taken off in many key areas. You may have seen we just announced the Bell Cyber partnership this week. Bell is the largest telco in Canada, as you know better than me, and Bell Cyber is their cyber arm. They’re embedding WatchGuard to make sure their customers are protected. As part of that, we had to make sure that there are no data sovereignty issues when you’re going to the largest telco to get to their millions and millions of customers. We’re super proud of that. WatchGuard – we’re not at the level of a gazillion-dollar firm, but we’re big, we’re serious, we have great technology. And to go and get the number one telco in Canada to use our solution for their cybersecurity offering is just evidence of how we’re attacking problems like that. Robert Dutt: I’m curious, as you’ve looked over the landscape, do you see the Canadian market differently than the US in terms of MSP maturity, cybersecurity adoption, those kinds of market condition issues? Joe Smolarski: I think the Canadian market is a fantastic market in this space that is ripe for the next level of maturity. As I mentioned, and this is not coming from my speculation, this is coming directly from some of the larger MSPs. I think F12 and Calvin caught up with them and a bunch of others earlier this week. Large, prestigious MSPs that are doing great things and growing significantly. Canada is just a little bit further behind, needs a little bit more education from an end-customer perspective. As regulation comes up, that’s going to solve some of that. As some of the geopolitical stuff continues to occur, that’s going to happen. The consolidation that we saw in the US on the MSP side, starting maybe five, six, seven years ago, is starting to pick up in the Canadian market as well. And that’s a great opportunity. To me, MSPs should be excited. When you see consolidation occurring and rollups occurring, that’s a chance for you to get a nest egg. What we’ve seen is MSPs can get some liquidity, either stay invested or exit, and then they go do it again because they’ve got the playbook. The MSP world’s not that complicated in the sense that there are playbooks on how you win. We certainly work with a lot of MSPs to share those playbooks. The Canadian market is ripe for that next level of maturity. I am super confident that it’s going to accelerate, because you have a lot of great MSPs and technology providers taking advantage of that now, and it’s going to continue. Robert Dutt: You guys just turned 30. In a market where a lot of security vendors either get acquired, completely change what they’re doing, or flame out, what does that longevity actually mean? What do you see as the selling points of it, and what do you see as the baggage of having that long of a history? Joe Smolarski: Listen, the selling points are we’re not going anywhere. We’ve been doing this for 30 years. We haven’t done it for 30 years at a small level, Rob. We’ll approach a half a billion dollars in revenue by the end of this year, well over $120, $130 million profit. We’re doing great things. We’re big, we’re stable, and that longevity gives customers and partners the assurance that we’re not going anywhere. Because I think you know it – there are many firms out there that look sexy. They’ve got the sizzle. They’ve been around for three years and everybody’s talking about them. And then I meet with many of these CEOs from an acquisition perspective, and you talk to them and you realize, “Oh, they’ve never made any money.” And when you’ve never made any money, sometimes you can get away with that because you sell and do your thing. But many other times, there’s a reckoning from a macroeconomic perspective, where money’s not free anymore and ultimately either make money or there’s going to be a problem. In those situations, when you change hands and you get swallowed up by a bigger company at some minimal value because of economic challenges, you invested in something that’s not going to be there for very long. Customers love knowing, “I can go with WatchGuard. I know you’re going to be around forever, quite frankly.” And they see how we’ve evolved. We have not been stagnant. On the positive front, we went from being the leading provider of firewall solutions, which are still very critical from a perimeter security perspective, in the MSP and SMB space. We protect many of the agencies that are protecting the world. Our firewalls are in government agencies throughout the United States and throughout Canada that are actually protecting our soldiers. Our solutions are in fighter jets. So we’ve got a lot to be proud of just in terms of that level of security that our government relies on us for, which is amazing. What you need to fight against, just to make it a balanced conversation, is being stagnant. This is a fast-changing world. If you’ve been here for decades, you have to make sure that you’re staying up with technology, understanding how AI can help you do your job three times more efficiently. Many people can, some can’t, but many people can because they have great roots in technology and innovation. So you just have to keep pushing the team to be aggressive, not stagnant. And that’s what you get with me, certainly. I know how to push people. I’m a little bit over-energetic, probably a few too many Celsius on a daily basis. My goal is to get the most out of people, but when you have a great team and a great foundation like we do, it’s not that tough. Robert Dutt: Just to wrap it up, let’s go back, if we can, to that Canadian MSP that we were talking about – that SMB-focused MSP who’s been focused on the firewall side of the business but hasn’t really gone too much deeper. What’s the single biggest reason that you see for them to take another look at what you guys are doing right now? Joe Smolarski: I think the progression of our platform is well beyond what people understand. The level of embedded AI throughout the platform is beyond what they would expect – if they looked at us three, four years ago, they just don’t understand where we’re at today. Ultimately, we have an AI-enabled platform that’s dedicated to the MSP and SMB market. Sure, firms like CrowdStrike are fantastic. They’re not dedicated to this. For us to have technology on par with anybody that’s out there throughout the entire cybersecurity stack and to solely dedicate that to the MSP and SMB market – so when you have a problem and you go through a breach or anything else and you call in, you’re not competing with Bank of America, you’re not competing with these other massive companies. You’re our sole focus. We understand your business is your lifeline. You get all of that sophistication and then a level of simplicity provided within the platform that is second to none, to just make your job way more efficient. That’s the ultimate selling point for us – that you can get everything you need throughout the cybersecurity stack from WatchGuard, plus that friendliness of just the pure partner focus and commitment. We truly believe the next few years are going to define which MSPs become security leaders and which stay as commodity IT providers. The opportunity is enormous. The demand is structural. And the partners who build disciplined, automated, security-first practices are really going to thrive. We’d love to be their partner. Robert Dutt: It’s a great point to leave it on. Joe, I appreciate your taking the time. This has been a great conversation. I think you’ve given partners lots to think about. Joe Smolarski: Thank you so much, Rob. Take care. Robert Dutt: There you have it. Joe Smolarski from WatchGuard Technologies. I’d like to thank Joe for his time. This was actually one of his first podcast appearances, and I thought he was remarkably candid throughout. I appreciate that. And of course, thank you for listening. A few things that stuck with me from this conversation. First, the honesty about AI. When a CEO tells you that half of what’s being called AI out there is, in his words, bullcrap, but then makes a clear case for where it genuinely matters – fighting the velocity of AI-driven attacks with AI-driven defense – that’s the kind of nuance I think partners need to hear more of. Second, the Kaseya question. Joe didn’t dodge it. He acknowledged the baggage, drew a line between what he’s bringing forward – the unit economics focus, the platform consolidation – and what belongs in a different chapter. Whether that distinction holds up over time is something we’ll all be watching, but I thought that was a fair answer. And third, the Canadian angle. WatchGuard’s partnership with Bell Cyber is a significant validation of their platform in this market. And Joe’s observation that Canada is ripe for the next level of MSP maturity, driven by regulation like C-26 and the consolidation wave that’s hitting us now, is worth paying attention to. If you found this conversation useful, I’d love it if you’d follow or subscribe to the ChannelBuzz.ca podcast. You can find us on Apple Podcasts, Spotify, YouTube, and most other podcast directories. And if you’re feeling generous, a rating or review goes a long way towards helping other folks in the channel find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Bob Bonneau, country manager for ESET Canada The ESET Women in Cybersecurity Scholarship is in its eleventh year globally and its fifth year in Canada. This year, ESET is awarding three $5,000 scholarships to Canadian women pursuing careers in cybersecurity, with applications open through April 8, 2026. The numbers are substantial. Across North America, ESET has awarded $187,000 to 39 women since the program launched. In Canada alone, 14 women have received a combined $50,000 since 2021. But here’s what caught our attention. When we asked ESET Canada country manager Bob Bonneau where past recipients have ended up, the answer was honest: they’ve largely gone to work at tech companies at the source of the technology, not at channel partners or MSPs. It’s a gap Bob acknowledged openly, and one he committed to thinking about differently as the program evolves. That matters for the channel. Canada’s cybersecurity workforce gap is well documented — the ISC2 Cybersecurity Workforce Study puts women at roughly 22% of the global cybersecurity workforce, and Canadian numbers have been largely stagnant for two decades. Every MSP competing for security talent is drawing from the same thin pool, and retention is just as hard as hiring. As Bob put it, the second someone updates their LinkedIn with cybersecurity experience, the recruiters come calling. Worth noting: the scholarship is open to any woman enrolled in or accepted to an accredited Canadian college or university, including those studying part-time while working. That means someone already in the channel who’s upgrading her skills could be eligible. If you’ve got someone on your team who fits, point her toward the application before April 8. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. If you’ve been in the channel for any length of time, you know that finding and keeping cybersecurity talent is one of the biggest operational challenges MSPs and other solution providers face. Canada needs to fill roughly 25,000 cybersecurity roles and produces fewer than 4,000 graduates a year. That math doesn’t work, and it’s not getting better fast enough. One program that’s been trying to move the needle is the ESET Women in Cybersecurity Scholarship, now in its 11th year globally and 5th year in Canada. This year, ESET is awarding three $5,000 scholarships to women in Canada who are pursuing careers in cybersecurity. Applications are open right now through April 8th. But I didn’t want to just tell you that the scholarship exists. I wanted to dig into the thinking behind it. Why a security vendor invests in something like this, what happens with the talent it produces, and whether programs like this are actually connecting to the channel or feeding the pipeline somewhere else entirely. My guest today is Bob Bonneau, country manager for ESET Canada, and he had some candid answers to those questions. Let’s get right into it, my chat with Bob Bonneau. Bob, thanks for taking the time. Nice to chat with you again. Bob Bonneau: Likewise, I appreciate being here. Thanks for the invite. It’s always a pleasure to catch up. Robert: The ESET Women in Cybersecurity Scholarship is in its 11th year now, 5th year in Canada. Can you tell me what was the original thinking behind expanding the program here, and has the program evolved in ways you didn’t expect when you were thinking about that five or six years ago? Bob: Yeah, for me, as you know, I took over the role of leading Canada about six years ago, and it was too soon in the first year for us to kind of jump on board. But having been exposed to what the US office had initiated from an ESET perspective in terms of the scholarship was certainly something that I thought was just a great initiative and something that I was excited to kind of join and be part of. So I quickly made plans to ensure that we were included in the next year, and we’ve been a part of it ever since. I would say initially, we started with a single $5,000 scholarship, and as much as there was — it was an investment we were making that, contrary to popular belief where every vendor-invested dollar, especially in something like this, has to have some sort of ROI metrics to it — this didn’t have that. This is purely something that we felt passionate about needing to do, and we thought it addressed a couple of different main areas in our business that we were trying to address. But when I look at the early days, it was funny because it is very much a marketing effort just to get the information out there that we’re in fact offering it. So I would say we had the $5,000 scholarship offered and we worked hard to get that communicated out so that we could get a good submission base to start to evaluate. And if we fast-forward to going into this year, it’s now scaled to three $5,000 scholarships that we’re offering. What used to be largely an internal company effort — we would look at the submissions and evaluate them and select the winners — there’s now a 10-person selection committee made up of representation from business, tech partners, large customers of ours, our reseller community. So it’s really expanded from there, and it’s great to see. Part of why we scaled it is because the volume of submissions has grown so much, which is great. But quite frankly, the impressiveness of the applicants just makes that job really hard. So it really has evolved to what we’re seeing today, and it’s been great to be part of that. It’s also evolved from a company perspective, which is great. Now having, I think we’ve got seven countries participating in it. Robert: Wow. So far you guys have awarded $50,000 to 14 Canadian women through this program. When you look at where past recipients have ended up, they’ve largely gone to work at tech companies rather than, say, roles in the channel with partners or MSPs. Is that the intended outcome, or is there a gap between investing in the pipeline and seeing that young talent show up in the channel? Bob: Yeah, it’s a great point. I think the effort was obviously established to address two main gaps that we have in our business today. One, obviously, the underrepresentation of women in technology. I think that number is hovering around the mid-20% in Canada, but it’s only grown from about 21% in 2001. So it’s been largely stagnant — a number that we wanted to, in at least our small way, try to impact. The broader challenge obviously is the skills shortage in cybersecurity, which there’s no shortage of articles around. I think the more recent data suggesting 25 to 30,000 open positions in Canada, with that gap expected to hit somewhere around 100,000 by 2035. And globally it’s even more ridiculous — it’s 4.8 million, I think, is the current number. So two major challenges that we have in our industry, but you bring up a good point. I think initially it was less about — I don’t think we were thinking that deep in terms of how does this impact channel, how could it impact channel. I would say we’re engaging our channel partners through the effort, and they’re really enjoying being part of the selection committee and those types of things. We’re seeing partners, as a result of their participation in the selection committee, starting to do their own version of this, which is great to see. But I think you’re right. I think there’s probably an opportunity for us to evangelize the channel part of the opportunity from an employment perspective as we’re doing some of this effort, and it’s probably something that we can look to in the future. But holistically, the gap and the challenge in terms of women in tech as well as just the skills shortage affects both our partner community and our customer base as well. So yeah, I think you bring up a good point. There’s probably an opportunity for us to maybe use our exposure to the applicants to try to evangelize the channel a little bit more going forward. Robert: Well, and it’s often a good entry point for folks just starting out in cybersecurity. I can tell you that every MSP I’m talking to, one of their biggest challenges — the biggest challenge — is hiring the right people, especially in security, for the numbers that you point out. And I think as you say, maybe there’s an opportunity for you guys too. I mean, I understand that the goal of the scholarship is to grow the overall pool and then the market sorts it out. But it does occur to me — the scholarship itself isn’t strictly limited to students who are purely full-time at a school. If I’m a solution provider who has a female employee who also happens to be upgrading her skills at college part-time, they could theoretically be pointing her toward this. Is that a use case you’ve seen or thought about? Bob: We haven’t seen it in terms of — we tend to see more full-time students applying. We haven’t seen those returning to either enhance their current skills or — actually, we have seen some submissions from part-time students. So let me correct that. But specifically from channel, not to date. But you do bring up a great point. It’s one that we — I think if we look to subsequent years, next year, to really promote both the channel to the applicants who may be applying, but also to the channel to solicit those that might want to consider applying for it. For those that are doing some reskilling on their part, there’s probably an opportunity for us to evolve that. Again, like I said, the initiative has been more philanthropic than it’s been carved down into how do we use this as an opportunity to work with the channel more. But I think you bring up a great concept and idea and one that I certainly will take under advisement and work with the team on for next year. I think they’re great ideas. Again, it’s part of the evolution of how this thing has grown and how we think about it. I think there’s a good opportunity to start to look at it a little bit more strategically around how we work with and engage the channel and use it to promote the channel a little bit more. Robert: And it’s not too late. To your listeners, if you’re listening to this and you have a woman working for you that fits in that category, nominations are open through — correct me if I’m wrong here Bob — April 8th? Bob: April 8th is when those submissions close, correct. So there’s still time to get your submissions in. We’re starting to see them come in now. It’s interesting — we see a big spike in those that have initiated, and we tend to see those applications get submitted closer to the deadline. So it’s really something that people are spending a lot of time working on, which is great. And I would say we really focused a little bit more on the cybersecurity element, whereas initially it was a little bit broader, more sort of STEM, and now we’re really trying to focus in on those applicants that are showing a real proficiency or directive toward cybersecurity. Robert: Makes sense, given both where you sit and the need, which we’ve talked about and which everyone listening to this is no doubt well acquainted with. You guys added the Future Leader tier in Canada last year — a $1,000 award alongside the $5,000 Trailblazer level. What was behind creating that second tier, and what have you learned about reaching people earlier in the pipeline as you’ve done this? Bob: Yeah, so it’s again part of the evolution. We initially said $5,000 times one, then it was $5,000 times two, and even when we got to the $5,000 times two, the applicant pool was so strong that quite honestly our selection committee — and again, this is made up of directors and general managers and VPs from all sorts of business, large enterprise customers, partners, other technology-aligned partners — they really just struggled with how do we pick just two. So we said, okay, well, what can we maybe do in terms of evolving the program? That’s when we made the decision last year to offer five $1,000 bursaries. But as we pivoted back to this year, we pulled that back a little bit and went to three $5,000 scholarships, as opposed to the five $1,000 bursaries. Part of our thinking was we wanted it to be more impactful, even if it meant fewer people, and given just the cost of education and what’s happening today, it just felt like it was more relevant to offer $5,000 times three versus the additional $1,000 bursaries. So that’s where we’re at today, and I think directionally that’s likely where it’ll continue to go. In terms of the stats from North America, there will be a total of $35,000 given this year — $20,000 in the US and $15,000 in Canada. And since inception for North America, there’s been over $187,000 awarded to 39 women. So we’re excited to evolve this. I think we’re tweaking it for the right reasons, and we’ll continue to tweak it. Some of the recommendations you made for going forward, I think, are certainly ones we want to take advantage of as well. Robert: I love those relative American-to-Canadian numbers, given that we’re so used to either multiplying or dividing by 10 depending on which way you’re going. To see it so close to parity given market sizes, that’s a great sign. The Alumni Club is relatively new. What’s the vision there — is that mainly a networking thing for recipients, or are you trying to build something more structured that connects those folks to the industry longer term? Bob: Yeah, I think it’s a bit of both. We first of all wanted to make sure that we have methods to maintain relationships with these folks, and to see where they end up and how they evolve, and to continue to be a support mechanism for them as they look to build their careers in this industry. So it really created that tether for us to keep in contact with them, which is great, and to continue to offer them some opportunity for mentorship. We see a lot of students nowadays open to the idea of moving and traveling and seeing the world and maybe working in different locations. And because we’re global and we’re seeing more and more of our regions participate in it, there’s that opportunity for us to potentially help them in terms of building their career. What we wanted to create was long-lasting relationships with our recipients, and not just hand them an award and bid them adieu and wish them all the best. So I think this is just another evolution, in part of the program, as well as the adoption. Like I said, we’re in seven countries now, and we continue to see countries added every year. We’re excited to be able to offer it, and like anything else, it’s just continuing to make sure that they’re aware it exists and that we encourage them to take advantage of it. Robert: ESET picked up the CRN Gender Parity Award last year. How do you think about whether vendor-side diversity commitments actually translate out into the partner ecosystem? Is that connection real now, or is that still sort of aspirational? Bob: That’s a great question, and I guess it’s going to be a little bit more opinion-based. But I do think the latter is true — I do think you’re starting to see some really good movement in the positive direction across both channel and vendor communities. Certainly when you look at where the gaps would have been in terms of women representation in our organization, we’re pretty proud of our mix. And the more that we engage, the more that we work with our partners, the more that we solicit folks to be part of even our selection committee — it’s surprising how many women are starting to hold higher positions within both our partner communities and within our commercial customers. So that’s great to see, and it’s great to see how excited they are to participate in a venture like this to try to continue to encourage that statistic to change. Robert: My last question. If an MSP or other partner came to you and said, “I want to hire more women into security roles, but I don’t know where to start,” what would you tell them? Bob: Well, first of all, I would probably say I don’t think it’s as difficult as it might appear to be. I think if you’ve constantly landed at that decision, that you want to try to do that, I think there’s enough opportunity to go and find those folks for those types of roles. I just think you need to decide that that’s something you want to address. When it’s just sort of passive, it may be a little bit more difficult to do if you’re just kind of waiting for it. But we’re happy to put them in touch with — there’s several organizations, there’s events happening now, even in Canada and Toronto and in the US, that are really communities based on women in cybersecurity. There’s a growing number of them. I think attending those, or being part of those, or reaching out to those communities is a great way to find good talent that’s really proactively working at their career in cybersecurity. Robert: Some good advice there, and good luck finding those lucky winners for this year when those nominations close in just a little bit. Bob, thanks for taking the time. Bob: Appreciated, as always. We look forward to seeing what the applicant pool looks like this year, and certainly going through the applications and reading what they have to say and what their submissions are. It’s a great part of what we do. We enjoy it every year, and we look forward to the event when we get to invite them and hand them the big novelty check at the end. The novelty check is always a fun time. Robert: Yeah, for sure. Thanks so much. There you have it, Bob Bonneau from ESET Canada. I’d like to thank Bob for his time and for being genuinely open about where the program is and where it could go. It’s not every day that a vendor admits on tape they haven’t fully connected a talent initiative to their channel and then commits to thinking about it differently. A couple of things I want you to take away from this. First, the obvious one: if you know a woman in Canada who’s enrolled in college or university and has an interest in cybersecurity, point her toward the ESET Women in Cybersecurity Scholarship. Applications close April 8th — we’ll have a link in the show notes. And that includes women who might already be working in the channel and upgrading their skills part-time. There’s nothing that says this is only for traditional full-time students. Second, and maybe more importantly: Bob’s comment about retention — that the second someone updates their LinkedIn with cybersecurity experience, the recruiters come calling — that should land for every MSP owner listening. You’re not just competing to hire these people. You’re competing to keep them. And if you’re not thinking about what makes your shop attractive to a 21-year-old with security skills and options, someone else is. Thanks for listening. You can find In The Channel on Apple Podcasts, Spotify, YouTube, and most podcast directories. If you’re finding the show useful, a rating or review goes a long way. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

RSA week may be over, but the Canadian channel news cycle kept moving. Four stories this week that deserve your attention heading into April. Sherweb goes global Sherbrooke-based cloud distributor Sherweb secured a $125 million minority equity investment from Investissement Quebec — the company’s first outside investment in 28 years of bootstrapped operation. The investment follows Sherweb’s expansion into the UK market, targeting over 11,000 MSPs, built on the acquisition of Irish distributor MicroWarehouse. CRN’s interview with Sherweb’s co-CEO confirms AI marketplace expansion and M&A ambitions. Broadcom’s VMware reckoning March 31 marks the VCSP program termination deadline in Europe. CISPE filed a formal antitrust complaint with the European Commission (Reuters). Broadcom “strongly disagrees”. VMware’s Krish Prasad told CRN there’s a “huge VCF tailwind” from memory shortages, pitching VCF 9.0 as a software solution to the hardware crisis. Independent analyst firm Virtified found roughly half of VMware users plan to reduce usage by 2028. The silicon squeeze Intel’s David Feng says Panther Lake will help regain commercial PC market share while also confirming ~10% OEM CPU price increases. AMD is signaling GPU price increases of at least 10%, driven by the same DRAM supply crisis. The AI governance gap Auvik’s 2026 IT Trends Report: 67% of IT pros are optimistic about AI, but only 5% say it’s core to operations. 76% of IT leaders believe an AI policy exists — only 42% of help desk staff agree. OpenText and the Ponemon Institute: 52% of enterprises have deployed GenAI, but 79% lack full AI maturity in cybersecurity. Two independent studies, same week, same conclusion: AI adoption is outrunning governance. Read Full Transcript Hello and welcome to In Case You Missed It from ChannelBuzz.ca. I’m Robert Dutt, editor of ChannelBuzz.ca, and this is your weekly look at the stories that matter for the Canadian IT channel community. March 30th, 2026. Four stories this week. A Sherbrooke cloud distributor goes global after 28 years of bootstrapping. Broadcom’s VMware reckoning arrives just in time for a March 31st deadline. Intel and AMD both signal price increases that will squeeze your clients’ hardware refreshes. And two independent reports paint the same uncomfortable picture about where enterprise AI adoption actually stands. Let’s get into it. We’re starting this week with a feel-good Canadian story, and it’s a big one. Sherweb, the Sherbrooke, Quebec-based cloud marketplace distributor, has secured a $125 million minority equity investment from Investissement Quebec. And here’s the detail that makes this significant: this is Sherweb’s first outside investment ever. The company has been bootstrapped and founder-owned since 1998. Twenty-eight years without a dollar of outside capital. This comes on the heels of Sherweb’s expansion into the UK market, where they’re targeting over 11,000 MSPs. That move was built on their acquisition last year of Irish cloud distributor MicroWarehouse, so they’re not just parachuting in — they’ve got a beachhead. Put those two announcements together and the picture is clear. This isn’t a company raising money because it needs to. This is a company that’s been profitable for nearly three decades, deciding it’s time to go global, and bringing in a strategic partner to fund the expansion and, notably, M&A. CRN’s interview with Sherweb’s co-CEO made the ambitions explicit: AI marketplace expansion and acquisitions are on the table. For Canadian partners, this is worth watching. Sherweb has been a reliable, partner-first distributor for a long time. The question now is whether they can scale that model internationally without losing what made it work. Now for a very different kind of story. The Broadcom VMware saga has been building for months, and this week several threads converge at once. March 31st is the deadline for Broadcom’s termination of the VMware Cloud Service Provider program in Europe. CISPE, the European cloud infrastructure providers group, filed a formal antitrust complaint with the European Commission on March 19th, calling Broadcom’s actions — and I’m quoting here — a “death sentence” for smaller cloud providers. They’re asking for interim measures to block the shutdown while the complaint is investigated. Broadcom’s response, per CRN, was that they “strongly disagree” and that the complaint “misrepresents the realities of the market.” Meanwhile, Broadcom is making a very specific pitch to customers. Krish Prasad, who heads the VMware Cloud Foundation division, told CRN — and again, direct quote — “We have essentially solved the hardware shortage and the hardware cost issues with a software solution.” The argument is that VCF 9.0’s advanced memory tiering lets you offload expensive DRAM to cheaper NVMe storage, so the memory super-cycle becomes a reason to buy more VMware, not less. Prasad called it a “huge VCF tailwind.” Here’s the irony, and it’s hard to miss. Broadcom is simultaneously telling customers they need VMware more than ever to survive the hardware crunch, while pushing licensing and program changes that are driving those same customers to look for alternatives. And the data on customer sentiment is now documented. Independent analyst firm Virtified, founded by former Gartner VP Michael Warrilow, surveyed 450 VMware users across 14 countries and found roughly half plan to reduce their VMware usage by 2028. That’s not channel chatter. That’s documented customer intent. Whether the EU complaint gains traction or not, the market is speaking. Speaking of hardware getting more expensive — let’s talk silicon. Intel had an interesting week. Their VP David Feng told CRN that the new Core Ultra Series 3 “Panther Lake” chips will help Intel regain market share in commercial PCs. The pitch: Panther Lake brings meaningful AI processing capabilities to the commercial fleet. This is Intel’s play to win back ground they’ve lost to AMD and Apple Silicon in the enterprise. On the other hand — and this is from the same executive, same week — Intel confirmed it’s raising CPU prices for OEMs by roughly ten percent. Supply crunch, rising component costs, tariff pressure. The usual 2026 cocktail. So Intel is counting on a commercial PC refresh cycle to reclaim market share, while simultaneously making that refresh more expensive for everyone involved. And lest you think this is Intel-specific — AMD is also signaling GPU price increases of at least ten percent in 2026, driven by the same DRAM supply crisis. For partners helping clients plan hardware refreshes right now, the message is straightforward: budget accordingly, and budget up. The cost pressure is structural, not temporary. We’ll close this week with some data, and it tells a story every MSP needs to hear. Auvik released their 2026 IT Trends Report this week. The headline finding: sixty-seven percent of IT professionals are optimistic about AI. But only five percent say AI is actually core to their operations today. Five percent. That is an enormous gap between enthusiasm and reality. The governance picture is even more striking. Seventy-six percent of IT leaders believe their organization has an AI policy. Only forty-two percent of help desk staff agree. That’s not a gap, that’s leadership and the front line living in completely different realities about whether the rules even exist. Auvik also found that 61 percent of organizations discover unauthorized SaaS applications at least monthly. Shadow IT is not a hypothetical — it’s a standing Tuesday meeting. And these findings aren’t isolated. The same week, Waterloo-based OpenText released a Ponemon Institute study of nearly 1,900 IT and security practitioners. Fifty-two percent of enterprises have deployed GenAI. But seventy-nine percent haven’t reached full AI maturity in cybersecurity. Only 41 percent have AI-specific data privacy policies. Two independent studies, same week, same conclusion: AI is being deployed faster than organizations can govern it, secure it, or even agree on whether governance exists. For MSPs, this is the opportunity in neon lights. Your clients are adopting AI. They think they have policies. Their front-line staff disagrees. Someone needs to fill that gap. That’s your In Case You Missed It for March 30th, 2026. Sherweb going global, Broadcom’s VMware reckoning, the silicon squeeze, and the AI governance gap — confirmed from two independent angles. Links to everything we talked about today are in the show notes at ChannelBuzz.ca. If you’re finding this useful, subscribe wherever you get your podcasts — Apple Podcasts, Spotify, YouTube, most directories. Ratings and reviews always help us out. I’m Robert Dutt for ChannelBuzz.ca. I’ll see you in the channel.

Martin McNicoll, founder of Distillerie des Cantons de l’Est This is the first episode in an occasional In The Channel series called “Life after the channel” – conversations with people who built careers in the Canadian IT channel and then went on to do something completely different. Martin McNicoll founded Gurus Solutions, originally ERP Guru, and grew it into one of NetSuite’s most decorated Canadian partners over nearly two decades – President’s Club, nine consecutive years as a Five Star Award winner, and offices from Montreal to Chicago. He sold the company in 2022 and turned his attention to something that had been brewing since a 50th birthday trip to Scotland: whisky. Distillerie des Cantons de l’Est is a grain-to-bottle operation in Mansonville, Quebec, where Martin and his team are growing organic barley and rye using regenerative agriculture, distilling on-site, and aging their whisky in oak casks. First barrels went in in December 2024, with the first whiskies expected around 2028. In this conversation, we talk about the failed attempt to buy a cask at Balvenie that started it all, the sale of Gurus and what made him finally say yes, why the skills he built running an ERP consultancy translate surprisingly well to running a distillery, and what it means to retrain a SaaS-speed brain for a product that takes years to mature. Martin also shares the story behind the McNicoll brand – his Scottish ancestors who came to Quebec with the 78th Fraser’s Highlanders in 1757 – and talks about the fight to get a distillery approved on Quebec agricultural land, replanting American oak for barrels that won’t be ready for 30 years, and what’s coming next, including a butterscotch liqueur later this year. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. This episode is a little different from what you’re used to hearing on In The Channel. It’s the first in what I’m hoping becomes an occasional series I’m calling “Life After the Channel” – conversations with people who built careers in the Canadian IT channel and then went on to do something completely different. My guest today is Martin McNicoll. If you were in the NetSuite ecosystem in Canada at any point over the last two decades, you probably know Martin. He founded ERP Guru, which was later rebranded to Gurus Solutions, grew it into one of NetSuite’s top partners in the country, picked up every award in the book, and eventually sold the company in 2022. And then he went and did something that nobody saw coming. Martin’s now building a grain-to-bottle whisky distillery in the Eastern Townships of Quebec, growing his own organic barley and rye, aging his own barrels, and building a brand rooted in his family’s Scottish heritage going back to the 1700s. It’s a great story. So let’s get right into it, my chat with Martin McNicoll. [MUSIC] Robert: Martin, thanks for taking the time. Thanks for joining us. Martin McNicoll: Robert, it’s great to be here with you today. Robert: Nice to catch up. We ran into each other a lot at SuiteWorld. And for years, when I talked to Craig West about the channel in Canada for NetSuite, you guys would be one of the first names that came up. President’s Club, Five Star, the whole nine yards. And now you’re making whisky in the Eastern Townships. Walk me through that. How did we come to be where we’re at today? Martin: Well, it’s a note on Craig. He was my RSM. He was the guy managing me and Gurus when you started. He wasn’t like head of the channel. He actually came down to Montreal to help me start the practice. So we connected for all that time. But to go back to the whisky business, I’m a Scotch fan. I’m a whisky fan. And now, like eight years ago, for my 50th birthday, I went to Scotland with a bunch of friends and had a great time visiting distilleries for a full week, just drinking Scotch and having fun and eating good food. And when we came back, a couple of years later, it was COVID. And COVID, I think, happened and a lot of people got ideas of what they really want to do. And I have a cottage in the Eastern Townships, which is, for your listeners, a bit up north of Vermont. I’m 15 minutes from Jay Peak, which is a ski resort in Vermont, on the Canada side. Beautiful place. And we stayed there for the first year of COVID. We had amazing success with Gurus. I think for everybody in the channel, cloud services companies really boomed during that time. Everybody wanted to run their business from home. It was a great time. And I said, what can we do? We had supply chain issues our customers were trying to solve. And I said, what can I do? What can I contribute? I started with ideas of being a farmer. These were shut down pretty fast. But a friend of mine said, you know what, we can grow barley and rye and we can make whisky. And I said, oh, that’s a great idea. And then the hunt was on. We found some land – I mean, that’s the only thing we could do during COVID, drive around and look for land – and found great land with a great combination of good water and enough acreage to grow the cereals. And it started like that. And then a French company approached us to buy Gurus. And it was just the right timing. So everything happened. It just gave me more money to spend on booze, sort of saying. Robert: As it should be. So to your point on that 2018 trip to Scotland, I read that the dream sort of began with a mission of bringing home a cask of whisky. Is that true? Martin: It is true. We tried to, actually. When we went to the Balvenie and we said we’d like to buy one of your casks. And they looked at us like aliens. It’s like going to a Michelin restaurant and asking to buy the pan of the chef, right? Because the cask is part of the process. That’s what gives some of the aromas to the whisky. That’s where it’s aging. So you just can’t leave with the cask. You just can’t. I mean, I guess there were some barrel programs today, but you leave the cask there. You buy the liquid that’s in the cask, that’s all yours, but you can’t leave with the cask. But that was funny. That led to very interesting conversations at the distilleries in Scotland. Crazy Canadians trying to buy a cask. That’s the IP. That’s the trade secrets of the industry. Robert: So you had Gurus for 18 years, Alan Allman Associates comes knocking. You said initially you didn’t want to sell. What changed your mind? How much of it was about making room for the distillery that was already percolating in the back of your mind versus just feeling like it was the right time to do something new? Martin: I mean, it was that. I wanted to dedicate more time, because at that point the guy running Gurus was my COO, Dominic, and he was doing a great job. I was taking more time off and giving him more bandwidth on the business to run it. And I wanted him to be the president and continue running it. And these guys came in and they said, “We want to buy your company.” I said, “Okay, I’m not interested.” So they came back a couple times and the second time said, “Okay, how much do you want?” And I gave what I thought was a crazy number and they said yes. So I was done. And today it’s one of the most profitable businesses they have in their portfolio, and they’ve added other ERPs to the mix buying other companies in North America. And for the French, Quebec and Canada is kind of the bridgehead to go to the rest of Canada and the US. They needed a company that can speak English, which Gurus dealt with very well all the time. Not all of them do. But it was great for them. A great acquisition on their side. I’m still sitting on their board in Montreal every quarter, so it keeps me connected to the business, having fun there and very proud to see the company continue to thrive. Robert: You guys built Gurus through a string of acquisitions – Enabled Success, NetStra, MD Technical Resources. You had offices from Montreal to Chicago. When you look at what you’re doing now with the distillery – buying land, building infrastructure, hiring a master distiller – does it feel like it’s the same muscles that you built in building up Gurus, or is it completely different? Martin: It is the same thing. That’s very funny. I thought it would be something else. It’s not. It’s just managing people, managing providers. I mean, the problems are different – it’s like a truck being stuck emptying a cargo of casks going to the distillery, or a pump that is broken. But it’s like following up with the providers, finding the right partners, researching, researching, researching, reading. And all the skills that I’ve developed in BI and everything that we’ve built with Gurus is fully applied here at the distillery. So I started with cloud solutions first, and we’re using all the Google stack, which I always used, with their Google Cloud. All the data of the distillery is stored in a Google Cloud database and we can do analysis. It’s just great to look at it from a data perspective and have the right people to do the job. And I recognize what I’m good at and what I’m not good at. So I break stuff sometimes. That keeps me away from some pieces of equipment. Robert: One thing that jumped out on the website for the distillery was the grain-to-bottle concept. You grow the grain, you distill it, you age it, you sell it. You control the whole chain. For 20 years you kind of sat as the middleman doing the consulting and implementation in between NetSuite and the customer. Was it something about that experience that made you want to own the whole thing this time around? Martin: Definitely. And as you know, Robert, in the ERP channel, it’s not your software, it’s NetSuite. And my team understood the software, and the best successes we had were when we found a customer, sold NetSuite, understood the requirements, gave them a realistic estimate, implemented, and took them live with the right time frame. So that to me was like the perfect – everything that would work great, boom, boom, boom. We sold, we implemented, we took them live, converted all their data. Happy customers stayed with us for years. And that was a bit of that, right? Where the channel model is changing – like the Salesforce model, even NetSuite is changing where there’s more of a side where you need to work with a direct sales team, which by definition have different objectives. Their objective is to sell the software for as much as possible. As for a partner, when you do the implementation, there’s a lot in it for you also in year two and year three. So you want the whole thing to go as smooth as possible. Different pros and cons there. And I think that was definitely an inspiration in owning the whole supply chain and making the product. And even then, I need to buy bottles from China. Robert: Yeah, it’s the classic case study, right? If one person could make a nail, it would be completely impossible to gather all the skills you would need to go from getting the metal out of the earth to producing a nail, much less a bottle of whisky, much less enterprise ERP. The distillery website says patience is part of your essence, and whisky obviously is a product that has to age for years before you can sell a bottle. In the channel, again to the contrast you were just describing, everything’s about this quarter’s numbers, this year’s President’s Club. It’s fast, it’s iterative, things change very quickly, new features are added rapidly. How do you retrain your brain from SaaS speed to whisky speed? Martin: I’m still impatient. But you know what, you go out in the field. And in the last couple years we had a lot of rain. And we had issues with weeds going into our fields, because we took fields that were used for hay to give to cows. So there’s a lot of seeds that you need to take out of that land. And we’re doing it with regenerative agriculture techniques, where we don’t use Roundup, we don’t use chemicals. And sometimes you just sit there and you prepare the soil and then you go into the field and you make it super nice and you plant. And then two weeks later it’s full of weeds. Like hectares of weeds just popping up on top of your barley. And you’re like, yeah, what are you going to do? You try, you go in there first and you try to pull them out, and then you realize the scale of this. It’s impossible, right? So patience is pushed on you, I would say, in agriculture. And for the whisky, I mean, we’re tasting it. I love whisky. And we have now barrels that are one year old. And these are rye – rye is something that grows very fast, very high, super easy. It’s like a weed in itself if you talk to the farmers. So we had a great crop of rye and we made our first rye last year. So we were opening up that cask and tasting it now, and it is great. But you can taste after one year the immaturity of the whisky. So I think you have to trust your taste buds and say, okay, this is great. There’s something nice, nice colour, this is the direction I want it to take. But it’s not ready. So you sit on it, you put the cork on top of it, hammer it down, and then just wait again. And I’m telling people, when is it ready? It’s going to be ready when it’s ready. It’s going to be great. Robert: Can’t rush it. You’re working 60 acres of organic grain, you’re building your rickhouse, you’re hiring a master distiller, you’re planning a tasting centre. This doesn’t sound like a hobby thing for retirement. This is a full second career. Do you find you’re working harder now than you were when you were running Gurus? Martin: Definitely. Because at the end, when you build a business, you assemble a team and people know what to do. You’ve got a PMO office, a back office, and a marketing team. And now you’re alone. So I’m like, can I get some help here? I have nobody. So you’re back into entering data in QuickBooks. No, I’ve solved that, I delegated that. But it’s tough. And the problem is, when I sold the business, I told my wife I’m retiring. And she said, yeah, yeah, you’re retiring. But I didn’t think, and she didn’t think, it would be this intense in terms of running it. And you’re fighting against all the bureaucracy and you have to understand all the rules, environmental rules. And you have to understand, to be a farmer, you have to apply for a permit to be a farmer. So what’s your background, sir? Well, I’m a software engineer. So really, good thing. Do you know about farming? Absolutely not. Okay, what are you going to do about it? Well, I’m going to hire someone. Who is it? I don’t know. Well, you need to get the licence first. So no, I found someone actually that really helped me and was working in the prairies in Saskatchewan for more than 10 years, working with cereals there. So it’s assembling a team, making it work together, putting all the resources in place so they can succeed. It’s the same thing. What I like is the manual labour, which you don’t get in tech. I’ve lost some weight. So that’s good, being out there and working with the equipment. One of the projects we’re working on now – for your listeners, we’re in March and mid-March in Quebec, it’s still very cold, it’s like minus 15 Celsius – so it’s the last time we’ll be able to go in the forest. And what we’re doing is harvesting some trees to plant oak trees. We’re introducing Quercus alba, which is the American oak, into our forest, because we have more forest than we have land. And the goal would be in, I don’t know, 30 years – I won’t be there – to make some barrels, maybe. So again, in that supply chain of getting there. But there’s no more oak in the area. It was all cut down for the lumber industry. So we’re replanting. That’s one of the side projects. So we’re going to go out with the equipment on Friday and go in the woods and cut some trees. That’s something I didn’t used to do. And that’s what my job involves now. A chainsaw. I’m happy. Robert: This is what you get to invent for yourself. And if you’re happy, that’s brilliant. You’re making three types of whisky as I understand it – a single malt, you touched on the rye, and a Canadian bourbon, which is not a concept I’d heard before. Very interesting. I enjoy a whisky, I am not a well-educated drinker. But for those who are listening, what’s the vision of the distillery? What are you going for with the whisky products? Martin: So we’re looking to develop high-end whisky. We’re talking about $100 bottles. So it really needs to be fine-tuned to the taste of the different products that you build. When you talk about rye whisky, it’s mainly – the cereal has to be rye. Single malt is just barley. And when you talk about bourbon, or if you talk about bourbon in Kentucky, it’s mainly based out of corn. So we have corn also on the land and we’ve added some wheat that we’ve tried. It’s a mix of different – they call it a mash bill. So our mash bill, the cereals that get taken into the equipment for the mash to create a beer. We make a beer, then we distill that beer and that’s the whisky at the end. The big difference is the cereals. So that batch we had, I think it was two years ago, big winter, and we couldn’t get the rye out of our silos because of the amount of snow and ice that was out there. So we said, hey, we have some corn there. Why don’t we make some – it’s all Canadian whisky, right? If you look at the official denomination, it’s Canadian whisky. Don’t confuse marketing with the real stuff. But it’s a mash bill that involves more than 50% corn. In this one I think it’s 65% corn. And it has that – you’ll recognize it if you’re a bourbon drinker – that very sweet, mellow taste of corn that you get into the whisky. That’s what you get from bourbon. So that’s what we’re making with that corn. Robert: I look forward to trying that, actually. Hopefully someday. On your website, I love the clan story – the McNicoll ancestors coming over with the 78th Fraser’s Highlanders in 1757, fighting at Louisbourg and Quebec, settling in La Malbaie. And now you’re bringing that Scottish whisky tradition back to Quebec soil. How much of this, as well as the ability to play with the chainsaw and hopefully bring in some casks, how much of this is about honouring that heritage? Martin: Well, that was a big part. When I started to enjoy more whisky and go back to Scotland, I went back to the land of my ancestors. So that was Portree, close to the Isle of Skye. And there’s another area also, another region, that there’s two big areas that the McNicoll clan were. So I got to visit that. That was always part of the story. And then as I was publishing some of my content on Scotland, a professor from a university here in the Eastern Townships contacted me. He said, you know, I wrote a book on the McNicoll clan, the whole story. So we started to talk and that became a very nice collaboration between him and the distillery to tell more of the story, to the point where we decided to call the whisky McNicoll. So the whiskies are going to be called McNicoll, with the different types of whisky we’re going to sell. The brand itself is my last name, which is an honour to this Scot who came to America, really, because they fought down, they went down to New York with the 78th, and the original dude came back north. And my mother has French ancestry – she’s a Chevalier, she’s French, French, French – and then Scottish, Scottish, Scottish. And then there’s a mix. You can see there’s a mix in between those two. And you look at the genealogy, and that professor went back and he found all the ancestors and all the churches here in Quebec and went down to New York, went to Scotland to find all the origins. Very interesting to see the different clans and the French into making our population today. Robert: Very cool. You touched a little earlier on the bureaucracy and that kind of fun. You went through an interesting fight with Quebec’s Agricultural Land Protection Commission to get permission to build a distillery on farmland. Without getting too deep into the legal weeds, what was that like? And is that a challenge other people thinking about agritourism or value-added agriculture should be ready for? Martin: Definitely. And doing business in anything that involves food – there are some guidelines and some rules of law that you need to follow, which is, I would say, much harder than to open a NetSuite provider or a NetSuite partner licence. I had offices all across the US and also in the rest of Canada. It was 100 times easier to open an office in California than to start an agri business in Quebec, or even I would say Canada. Some provinces are easier than Quebec, but it was always a challenge. But I knew I was right. So one thing you learn is that you surround yourself with great people. My lawyers – that’s the thing you can do when you have money, you just lawyer up. But they were great at understanding everything that was going on. I found the expert and this woman knew exactly what was happening. She found some other people that were able to go through it. And we just had to go through all the legwork and convince the commission that what we’re doing is okay. And here’s why. But it’s a process and it’s frustrating because you’re there and you want to do this project. And you’re like, I’m going to be environmentally friendly. I’m going to do this from the grain to the bottle. I want to do all those different things. And then you see all those obstacles. But I think it’s part of the challenge, going through them and winning. At the end, I won. So that’s what counts. Robert: It is exactly what counts. So if someone in the channel who’s in a place that you were at when you were with Gurus is listening to this and thinking, I’d love to do something like that someday – not necessarily to be a competitor to you, but to sell the practice, go off and do something completely different, that’s their dream – what would you tell them, having gone through this process as far as you have now? Martin: I think the fact that they have done it before – starting a consulting firm and running it and dealing with customers – they’ve built their knowledge and their expertise and their resilience into doing anything else. I would always say that implementing an ERP system is the Formula One of computer science, because you have so much complexity. And if you fail, the company can die. They will not operate. Products will not ship. Invoices will not go out. You can cripple a business by doing a wrong implementation. So I would say you’re really prepared to do anything, in my mind, after the channel, after running that type of business. I think it’s just to look at what you like to do and what’s your ambition and take it head on. Robert: Good advice. Good advice from someone who has done it and is doing it. And my last and no doubt most important question – when do we get to actually taste the whisky? When do you get to market with your products? Martin: At least two years. So to be whisky, to be called whisky, it needs to be three years in a cask, in an oak cask. And for us, we just reached our first anniversary in December. So we still have a good two years to go. And we have to decide if we are going to put it in a bottle or not. We’re going to taste it and say, is it ready or not? And if not, I’m just going to sit on it again. However, we’re coming out with a liqueur that we’re making. It’s a butterscotch liqueur that our master distiller has been developing. And he’s working also on another liqueur that we want to put out, and we’re going to sell locally. Just to get some things out of the distillery with a Scottish-type accent. Our master distiller has also some Scottish ancestry. He went to school at Heriot-Watt University in Edinburgh to learn about the trade. So he’s got all those ancient recipes of Scottish liqueurs. We’re pulling out of that book to create some interesting products. So that should come in a couple of months, hopefully, if I can get my bottles from China. Robert: Fascinating stuff. Good luck. It’s been very interesting catching up and it’s always fascinating to hear about the journeys of folks who’ve made a career in the channel and see what they’re doing afterwards. All the best with getting that liqueur out, and the longer term getting those three whiskies out the door. Martin: Thank you, Robert. Robert: There you have it – Martin McNicoll, formerly of Gurus Solutions, currently of Distillerie des Cantons de l’Est. I’d like to thank Martin for his time and honestly for his openness. It’s not every day that someone walks you through what it’s actually like to trade quarterly SaaS targets for fields of organic barley and barrels that won’t be ready for three years. A couple things that stuck out for me in this conversation. First, the idea that the same muscles that Martin built running a channel business – the acquisitions, the growth planning, the systems thinking – are the same muscles he’s using to build the distillery. Different industry, same instincts. I think anyone running a channel practice will recognize themselves in that. And second, the patience piece. Martin talked about planting trees today for barrels he won’t use for 30 years. That’s a fundamentally different relationship with time than most of us have in the tech world. And I think that’s something worth sitting with. If you want to learn more about what Martin’s building, you can find the distillery at distilleriedescantons.ca, and we’ll have a link for that in the show notes. Keep an eye out for the butterscotch liqueur, which should be available before the whisky is. If you enjoyed the episode, do me a favour – follow or subscribe wherever you’re listening, whether it’s Apple Podcasts, Spotify, YouTube, wherever else you find your podcasts. And if you’re feeling generous, a rating or review goes a long way for a small show like ours. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Erin Gertner, vice president of the Partner Organization and SMB Sales at Cisco Canada When Cisco CEO Chuck Robbins told investors the campus and data centre refresh is at “the top of the first inning” of a multi-year, multibillion-dollar opportunity, it raised an obvious question for Canadian partners: what does that inning look like here? Erin Gertner, vice president of the Partner Organization and SMB Sales at Cisco Canada, says Canada is tracking with the global trend – and that the opportunity is being driven by a “perfect storm” of three converging forces: the largest last-day-of-support (LDOS) wave Cisco has seen in years, growing urgency around AI readiness, and increasing pressure around data sovereignty. The AI readiness gap is particularly striking. Only 7% of Canadian organizations say they’re fully prepared to deploy AI – down from 9% the previous year – while 96% say the urgency has increased. That tension is creating real opportunities for partners who can lead with outcomes rather than product. Gertner says the partners winning the biggest deals are those taking a consultative approach – running assessments, broadening the conversation beyond a like-for-like swap, and helping customers understand their full security and AI readiness posture. In one example, a security assessment nearly quadrupled the deal size compared to a straight hardware refresh. The conversation also touches on where vertical demand is hottest (financial services and healthcare are leading), how the Secure AI Factory with NVIDIA translates for mid-market partners, the role of data sovereignty in driving on-prem modernization, and what smaller MSPs should be doing to get in the game. Gertner’s advice to partners who haven’t started? Reach out to your Cisco partner account manager or distributor and get access to the PXP data – the opportunity is there, and Cisco wants to make it easy to find. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always, your host for the show. On Cisco’s most recent earnings call, CEO Chuck Robbins called the campus and data centre refresh the top of the first inning of a multi-year, multi-billion dollar opportunity. Double-digit growth in networking, six consecutive quarters. But that’s the global picture. What does the first inning look like in Canada? My guest today is Erin Gertner, VP of the Partner Organization and SMB Sales for Cisco Canada. Erin sees what she calls a “perfect storm” converging right now – a massive wave of aging infrastructure hitting last day of support, growing urgency around AI readiness, and increasing pressure around data sovereignty. We get into what Cisco Canada is seeing on the ground, where partners are finding the most traction, and what separates the ones winning those deals from the ones leaving the door open for somebody else. Let’s get right into it. My chat with Erin Gertner. Erin, thanks for taking the time. I appreciate it. Erin Gertner: Thank you so much, and thank you for having me, Robert. It’s nice to see you. Robert Dutt: Nice to see you as well. It’s been a little while since Partner Summit when last we sat down, but I wanted to chat because of Chuck’s comments on the earnings call, talking about the top of the first inning on a multi-year, multi-billion dollar opportunity around campus refresh. Double-digit growth in networking for six consecutive quarters. That’s the global picture. I guess to throw it open, what does that top of the first inning look like from where Cisco Canada sits? Are we tracking with the US on this one? Are we still back in spring training? What does the Canadian opportunity look like in this moment? Erin Gertner: I think we’re seeing something very similar to what Chuck spoke about on the earnings call. We are seeing a multi-year, multi-billion dollar refresh cycle taking place here in Canada. And I think it is the perfect storm of three things coming together. One, we have a lot of aged infrastructure out there. Sometimes we call it last day of support, or LDOS. When we look in our portfolio, we’ve got the largest LDOS opportunity that we’ve had in many, many years this year and next year. We’ve been working with many of our partners as well as our account teams to start going out and pursuing those opportunities because we really do need to get in front of them. But we’re also seeing the dynamics of a few other things taking place. One is AI readiness. I think you probably heard in our earnings call, Chuck talk about the success that we’re having in AI. A lot of that today is really centred in the world of the hyperscalers. In our last earnings call, I talked about doing over $2 billion worth of infrastructure with the hyperscalers. So there’s this huge influx of demand around AI. But where we haven’t really scratched the surface is AI in the enterprise. The hyperscalers are very well prepared, but now we’re starting to see this big wave of enterprise deployment, or at least enterprises thinking about the use cases and the ROI, because it is a board-level conversation. And then lastly, and this is probably a topic you hear a lot about working in Canada, is around digital resilience and data sovereignty. You need a modernized, secure network in order to deploy AI, and the network is more critical than it’s ever been as you think about the role it’s going to play in the next few years. The ability to fuse together security into the network is really unique and core for Cisco and driving refresh. I often talk to partners about the LDOS opportunity, and we used to get the question a lot of, “Why would a customer upgrade?” or, “How do I have this conversation with a customer?” because their response is often, “It all still works. Why bother?” I think AI especially is really giving them that reason to modernize, because while their network may work, it wasn’t necessarily built to run the applications that they’re going to need today and in the future. So it’s a really compelling conversation, and we’re seeing huge uptake and demand in networking. Robert Dutt: You touch on the customer size, especially on the AI side of things. Looking across the Canadian market in terms of customer size, vertical, geography – is the refresh opportunity relatively evenly distributed, or is it concentrated? Where’s the heat at right now? Erin Gertner: It’s been interesting. All of our account teams, some of which are verticalized, others which are organized geographically, talk a lot about where they’re seeing refresh opportunity. A great example is what we’re hearing from financial services organizations. We had that long period of COVID, and then there’s been a ton of conversation around return to office. Our financial services team will tell you that there’s massive demand because if you listen to what the banks or insurance companies are doing, they’re asking people to come back to the office. Those networks, many of which were built in 2018 or 2019, can’t support the applications that are being driven in today’s world. They can’t even support the number of people they have anymore. [A lot of those organizations saw a boom.] So there’s a huge network refresh taking place right now in that specific vertical. We’re also hearing a lot about mission-critical verticals like healthcare, where uptime is hugely important and security and resilience are top of mind. But it’s really spread throughout. Many companies had a long period of time where they spent a good majority of their budget on work from home and getting people set up for different use cases. Now that we’re living in this hybrid world, or a lot of organizations are back to work, that’s putting a huge change in demand on what is being asked from the network, plus everything that’s happened from the AI perspective. Robert Dutt: You bring in a lot of different threads in terms of things that are driving this – AI readiness at the top of the list, aging infrastructure, data sovereignty, security modernization, probably a few more. What’s actually leading the charge in this moment for the conversations you’re having with Canadian partners and customers? I’m curious if one of those things is the leader and the others follow, or if there’s really a convergence where this is a big pile of conversation topics at the same time. Erin Gertner: I think it’s a big pile of conversation topics at the same time, and it also depends on the partner you talk to and how they’re approaching a customer. Every partner has got a really interesting and different approach, especially when it comes to AI, and I love that about our partner community. A lot of them are taking, for example, an advisory services-led approach, or they’re taking the approach of – I hate this expression, but it’s one that makes sense – eating your own dog food. I was with a partner last week and they were talking about a lot of the work that they had done to embed AI into their own workflows. Then they were taking their success out into the market and starting new conversations with customers they hadn’t historically had access to. All of that was leading to a network refresh conversation, because customers are excited about the opportunity with AI, and then the partner was able to embed the question around, “Well, are you ready? Do you have the right infrastructure in place?” The conversation often is bigger than that, and obviously security is a huge area of concern when it comes to AI. I think that’s where Cisco is very uniquely positioned to win in this space. We’re seeing a lot of our competitors try to bring network and security together, and we’re really the only organization who can truly embed network and security together and then traverse it from the campus to the data centre. Robert Dutt: To your point on dog food, I learned from a partner years ago that the way to phrase it is “drinking one’s own champagne.” Erin Gertner: Oh, I like that expression a lot better. Thank you for that. Robert Dutt: Let’s talk about the AI side of things. Cisco’s own AI Readiness Index showed that 7% of Canadian organizations feel they’re fully prepared to deploy AI, and that’s actually down a couple of points from 9% in 2024. 96% say it’s more urgent than ever. That’s a pretty big gap. How’s that tension showing up in the conversations that partners are having with their customers? Erin Gertner: I’ve spoken to a lot of partners in the last little while, and again, each are taking a very individual approach. I think leading with outcomes and that consultative mindset – and it looks very different for each partner – but they’re all trying to understand what outcome a customer is trying to deliver, or what is the ROI, or what is that metric that’s going to help move a CEO’s agenda forward, or help them understand how they can build a true business case to build out a full AI deployment. It’s hard, right? We’re going through our own transformation at Cisco. We’ve got a team of individuals who work with us internally building out our AI workflows, and even on my own team, we’re trying to do all these things to help our team adopt AI tools to make their lives easier and more efficient. You often hear that somebody’s job is not going to be taken by AI – it’ll be taken by somebody who knows how to use AI. It is even more critical than ever that organizations figure it out. A lot of our partners have deployed some interesting things for themselves or worked through really interesting consulting engagements where they have use cases they can take out to market and help customers build that business case for themselves. They need to start small, they need to define what success looks like, and I think many customers have a long road there, but there’s certainly hope that we’re headed in the right direction. Robert Dutt: Raj, the president of Cisco Canada, wrote an op-ed recently saying that Canadian businesses risk – I think the quote was – “Blockbuster-style failure” without having the right AI infrastructure. For a partner who’s sitting across the table from a customer who feels that urgency but hasn’t really started yet, what do you counsel that partner to advise the customer on? What’s the practical starting point? Where do you begin? Erin Gertner: It’s tough. Again, it depends what type of customer they are and what their use case looks like. But I think for that customer, it’s really leaning back to outcomes – what is going to demonstrate success for that organization? The last thing you want anybody to do is go out and deploy an AI application and see absolutely no success out of it. That will move that executive’s agenda back probably a couple of years. But we are also really encouraging partners to talk through: Are they ready? You can have the best use case out there, but do you have a good data strategy? Do you have a good security strategy? Have you thought about modernizing your network? Is sovereignty important to you? And if it is, do you want to start thinking about potentially building that on-prem, or taking a different approach than maybe what you have historically done, because there are new considerations being layered on top of all of that. Robert Dutt: Talk to me about the Secure AI Factory side of things. Tim Coogan called it the partner opportunity of this year. I’m curious how that translates practically for Canadian partners. Is this a play mostly for the big SIs, or are you finding mid-market partners who are finding a role in the AI infrastructure buildout? Erin Gertner: I think it’s a little bit of both. We’re having conversations around Secure AI Factory with some of our largest partners because it is really unique. Our relationship with NVIDIA is truly one of a kind, and we’re actually creating products together. I know everybody has done a great job of partnering with NVIDIA in the market, but our relationship with them is a little bit different. What I love about the whole notion of Secure AI Factory is the fact that it’s everything built together. We make it really easy. We’ve pre-built all the CVDs. We’ve essentially created a blueprint for partners and customers to go out and deploy an entire AI pod. That includes everything from networking to servers to security to observability. We can even include storage, even though we don’t make it – we’ve got a bunch of great storage partners. Is it going to work for a small customer being serviced by a small partner? Probably not. It might be outside the scope of what they’re doing. But for mid-sized customers who are running interesting workloads and they want them on-prem, and especially for bigger customers who want to scale and deploy really quickly, or partners who have a ton of depth and capability in that space, the Secure AI Factory is a great solution. Robert Dutt: For a Canadian partner who’s looking at this refresh opportunity, where are you seeing the most traction in terms of the technology stack? Is it campus switching, data centre modernization, Wi-Fi, security? What’s the entry point that’s helping partners produce pipeline right now? Erin Gertner: We’ve done a lot of work with partners. We’ve got a tool called PXP – I think you’ve probably had some exposure to it – but we’ve been doing quite a few workshops with our partners to help them understand where their opportunity is. PXP does a great job of being very data-rich and data-centric. As we go through the enablement with partners, it gives them a good sense of what their refresh opportunity looks like. Then we are trying to make sure we enable them around the broader conversation. You don’t want to just be refreshing a switch for a switch. Our best partners are taking that data and – again, to your question, some partners, let’s say their history was really in the data centre – data centre networking is probably their biggest opportunity because that’s where they’ve sold the most in the past. For more broad-scale partners, it could be a combination of two or three different things. What we’re really trying to coach them to do is take that opportunity and don’t refresh a switch for a switch. Help the customer understand what outcome they’re trying to achieve. Do they have the right security posture? What’s their Wi-Fi strategy? What’s their device strategy? We’re trying to help them take that data and broaden the conversation into something that’s more outcome-driven. Our best partners are doing an excellent job of that and building really big, interesting deals alongside their customers. Robert Dutt: In doing that, when you’re looking at the services layer, are there any particular areas that you find are especially productive? Assessments, design, migration, managed services post-deployment – where are partners getting the most return from focusing their energy? Erin Gertner: Consulting services has been a huge one. We’ve got a great assessment program and we have some partners who are doing a great job leveraging it and seeing a ton of success. I was in a partner QBR the other day and they were giving an example of having done a security assessment with a customer that significantly broadened the scope of the deal and helped the customer understand where they had some vulnerabilities in their current infrastructure. That deal almost quadrupled in size. Partners are doing a great job with that. What we’re really trying to encourage partners to do is make sure we’ve got an adoption plan for every software deal out there upfront, because we want to make sure anything our customers buy from our partners, they have a great experience with. If they aren’t doing a good job of adopting that and showing value all the way throughout the chain, we’re not going to see a renewal at the end. The other thing we’ve been talking a lot about with our leadership team is some of what’s happening in the industry right now with some of the shortages that are industry-wide. In COVID, we saw something similar happen – a lot of supply chain constraints. Then there was this really long ingest period that happened afterwards because customers just had so much technology. We are really encouraging our partners and our teams to make sure we’re leading with services, so there is an outcome attached to the end and there is a plan with the customer to consume the technology so they can get the most out of what they’ve bought from us. Robert Dutt: We talked a little bit about the big guys, the SIs, and the opportunity around AI Factory. For the smaller partner, that long-tail 15-to-20-person MSP that’s living in Meraki and maybe doing some security, is this a real opportunity for them, or is this fundamentally a larger VAR and SI play? Where it is accessible to that SMB-focused partner, what does the on-ramp look like? Erin Gertner: It’s absolutely accessible for that SMB partner. I also have the SMB part of our business, so this conversation is very close to my heart. Given the IT skills shortage that is very dominant in the Canadian market, we are seeing a lot of customers who don’t want to manage their own network. As customers grow – let’s say they were a very small customer four or five years ago and they chose more of a consumer-grade solution at that time – as they want to move into a more enterprise-type solution with security and all the other bells and whistles embedded in it, a lot of those customers are choosing not to manage that themselves. But they want to be in the same place as their competitors, because the expectation is they grow and scale just as fast, probably faster in fact, as a big company. A lot of those companies are born in the cloud, leveraging tons of cloud applications, so the way they create their foundation is even more critical than ever. We have a bunch of great small to mid-size partners who are doing awesome things in that space and growing pretty significantly, actually gaining a lot of market share because of their agility and their ability to manage something at a cost-effective price. Robert Dutt: You mentioned the importance of data sovereignty in the conversation. The federal government has launched a call for proposals for sovereign AI data centres of over 100 megawatts, and we’ve seen Cohere get a lot of federal backing for their data centre build. Is data sovereignty a driver in this enterprise refresh, or is it a parallel conversation that’s happening at the same time? Erin Gertner: I think it’s a bit of a parallel conversation, but it’s certainly driving a huge – not even refresh – just huge modernization effort. A lot of it is centred around Canadian organizations who are worried about data sovereignty, or who are worried that sovereignty requirements might hit them in the next few years. They’re trying to prepare themselves by building out new types of data centres on-premise – new data centres to support applications coming back on-prem. While maybe they haven’t built everything on-prem today, we are seeing a massive surge in companies starting to think about what that might look like. For customers who had almost all of their applications in the cloud previously, their data centre network didn’t necessarily support the low-latency, really high-bandwidth requirements that would come into play if they start putting mission-critical applications back on-prem. We are seeing a lot of customers starting to think about what they would need to build to support sovereignty requirements, or if they’re going to continue to live in a hybrid world – which, let’s be honest, the majority of Canadian organizations are probably going to live in that world, and that’s all good – the network they have today probably doesn’t support that in the way they’d like either. Robert Dutt: Let’s talk about what you’re doing to support partners through this process. What are the incentives, enablement resources, the programs that are particularly relevant to Canadian partners who are looking at this opportunity and going after it? Erin Gertner: I think we’ve been pretty declarative about wanting to be the critical infrastructure for the AI era. We’re doing a lot of enablement with our partners. We’ve aligned our incentives, both front-end and back-end, to this opportunity. We’re doing a lot of workshops to help our partners understand where those opportunities lie and help them understand how to go out and capture them. We’ve also been running a lot of demand generation alongside our partners around our AI strategy, what that looks like, as well as showcasing the innovation that Jeetu has put forward in our portfolio around network and security coming together, because I do think it’s a great story and one that maybe not everybody knew. Some people probably think we’ve still got two different platforms with Catalyst and Meraki, where the truth is those have come together in the last year. With our acquisition of Splunk, there’s a lot that’s been infused into the network. Jeetu has also done a fantastic job of creating a really innovative security portfolio, a lot of which is actually embedded into the network layer. So there’s been a lot of education that we’ve had to do with both our partners and our customers to make sure they’re able to go out and tell that story to the market. I think Tim Coogan said this best – our job is to create that innovation, and then our job is also to help enable our partners to go out and be an extension of our sales force and help them deliver value to customers based on that innovation. Robert Dutt: What do you see as separating the partners who are winning these refresh deals from those who aren’t? What are the best partners doing differently? Erin Gertner: Again, I think really leading with that outcomes-based conversation and not just doing a like-for-like refresh. The ones who are going out and really taking a consultative approach, they’re winning a lot more and they’re winning much larger deals. I was on with a partner yesterday who was showcasing some of the work they’d been doing around AI and sharing with us some of the success they had just recently had, and they’re winning amazing deals by taking a very consulting-led approach. What we have seen in the past from certain partners is they go in and focus very much on that refresh opportunity, and then they almost leave the door open for another partner to come in and have a conversation around networking, observability, and all the other aspects around that critical infrastructure. So the best partners are the ones who are leading with the whole portfolio. I know we’re going to talk about 360 as well, but we’re really trying to incentivize our partners to build a lot of skills and technical depth around our solutions, and the ones who are really good at being able to tell the story of how our whole portfolio comes together – that “One Cisco” story that we often talk about – they’re the ones who are winning the most. Robert Dutt: If I’m a Canadian partner listening to this and I haven’t really started leaning into that refresh opportunity yet, what should I be doing about this on Monday morning when I show up to work? And looking further out, we’re in the top of the first – what do you see the second and third innings looking like here in Canada? Erin Gertner: Firstly, reach out to us. However you engage with Cisco, whether it’s through one of our distributors – who are amazing and have access to all of our tools – or reach out to your partner account manager at Cisco. We can provide all the training required on how to have the right conversation, as well as access to all the data you need to help you figure out where you should start and which customers are due for a refresh or have a refresh opportunity in the next six months. We can make it really easy for our partners to know where to spend their time and get a pretty fruitful payoff, both on the front-end and the back-end with us. What do I think the second and third innings might look like? I think we’re still really at the infancy of that. We’ve seen a few customers go down the refresh path – probably our largest customers have gone down the refresh path. Some of them have modernized networks or they’ve gotten to where they think they need to be to support AI applications. But I do think we’re going to see some of our smaller customers start to catch up. I also think we’re still really at the infancy of the success of AI. We talk a lot about the role of agentic AI and how that’s going to proliferate through organizations in the future. I don’t know that many customers have figured that out yet today. There are some who are really at the edge of innovation and who’ve done an amazing job with that, but it isn’t mainstreamed yet. As agentic AI really starts to roll out, the demands on your network and the demands around security especially become even more complex and even more critical. I think that’s going to be the next wave. A lot of companies have done a good job of finding one or two use cases, maybe small ones, that have delivered value for them in AI. But there are very few organizations – and we talked about it through the AI Readiness Index – very few organizations who have really found tremendous value from AI today, but they will in the future. Robert Dutt: I think you’ve done a great job of setting up the game for Canadian partners here. Good luck with the rest of the ballgame, and thanks so much for taking the time. Erin Gertner: Thank you. Robert Dutt: There you have it, Erin Gertner from Cisco Canada. I’d like to thank Erin for her time on this one, and thank you for listening. A couple of things that stood out to me. First, how strongly the consulting and assessment-led approach is paying off. Partners who are going in and helping customers understand the full picture – security, AI readiness, network modernization – aren’t just winning deals. They’re winning deals that are three and four times the size of a like-for-like refresh. And the other is something Erin said that I think is worth sitting with: there’s no AI without a network. Simple statement, but it reframes the entire refresh conversation for partners who aren’t sure where AI fits into what they do. If you’re enjoying In The Channel, you can find us on Apple Podcasts, Spotify, YouTube, and most podcast directories. Follow, subscribe, leave a rating or a review if you’re feeling generous. It all helps. Till next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

RSA Conference 2026 produced hundreds of announcements from San Francisco’s Moscone Center this week. We curated the ones that matter for Canadian IT channel partners into three themes: agentic AI as the new attack surface, identity and hardware resilience, and partner economics. The big theme: agentic AI is the new attack surface The dominant message from RSA 2026 was clear — AI agents are a brand new attack surface, and the security industry arrived with its first wave of answers. Cisco extended its Zero Trust framework to treat AI agents as a new identity type, with visibility, access controls, and real-time monitoring for autonomous agents operating on the network. CrowdStrike launched Next-Gen SIEM support for Microsoft Defender for Endpoint with no Falcon sensor required, plus Shadow AI Discovery and AI Runtime Protection for finding unauthorized AI tools across client environments, and Agentic MDR for managed detection and response at machine speed. Proofpoint unveiled its AI Security platform and Agent Integrity Framework, defining a new standard for governing autonomous AI agents in the enterprise, alongside email and data security updates for the agentic workspace. Black Duck brought Signal to general availability, an agentic application security platform designed to secure AI-generated code in autonomous development workflows. Other notable RSA announcements along the agentic AI theme included Arctic Wolf’s Aurora Agentic SOC, Darktrace’s managed email security offering for MSSPs, and Huntress expanding ITDR coverage to Google Workspace while surpassing 10 million Microsoft 365 identities protected. Identity and resilience RSA launched ID Plus Sovereign Deployment, fully air-gapped, on-premises identity security for environments where cloud isn’t an option — directly relevant for Canadian organizations navigating data sovereignty requirements. RSA also announced an expanded partnership with Microsoft around M365 E7 and passwordless authentication, going deep on cloud integration at the same time as the sovereign deployment — both directions simultaneously. Dell Technologies expanded cybersecurity and resilience for the AI era and emerging quantum risks, including quantum-ready commercial PCs with post-quantum cryptography at the firmware level, AI-powered ransomware recovery for PowerProtect, and MDR extended to AI data platforms. HP launched TPM Guard from their Imagine event in New York, a hardware-enforced security feature protecting TPM-to-CPU communications from physical attacks — a similar hardware-level security play announced the same week. And here’s what you can sell Barracuda advanced the BarracudaONE cybersecurity platform alongside updates to the Partner Success Program, investing in both platform and partner program at the same time. Sectigo introduced an industry-first multi-tenant partner platform for certificate lifecycle management as a managed service, designed to help MSPs turn the shift to shorter certificate lifespans — now 200 days and eventually shrinking to 47 days by 2029 — into a scalable, recurring revenue stream. Further reading SecurityWeek’s RSAC 2026 Day 1 announcements summary SecurityWeek’s RSAC 2026 Day 2 announcements summary CRN: 10 hot new cybersecurity tools announced at RSAC 2026 Read Full Transcript Hello and welcome to a special midweek edition of In Case You Missed It from ChannelBuzz.ca. I’m Robert Dutt, and this week, RSA Conference 2026 took over San Francisco’s Moscone Center. Hundreds of announcements, dozens of press releases, and a whole lot of noise. So we went through the pile and pulled out what we think actually matters for Canadian IT channel partners. Let’s get into it. If there was one defining message from RSA this year, it’s this: the AI agents your clients are starting to deploy? They’re not just productivity tools. They’re a brand new attack surface, and the security industry just showed up with the first wave of answers. Cisco made the biggest splash, extending their Zero Trust framework to treat AI agents as a new identity type. Their pitch: if an AI agent can browse, query, and act on behalf of a user, it needs the same visibility, access controls, and real-time monitoring as any human on the network. CrowdStrike came in heavy across multiple days. Their Next-Gen SIEM now ingests Microsoft Defender for Endpoint telemetry with no Falcon sensor required — which is a big deal for MSPs managing mixed Microsoft environments. They also launched Shadow AI Discovery, which finds unauthorized AI applications running across client environments. If you’ve ever had to track down rogue SaaS subscriptions, imagine that problem, but with AI tools that can actually take actions on behalf of employees. CrowdStrike also introduced Agentic MDR — managed detection and response that operates at machine speed against AI-driven threats. Proofpoint went after the same problem from the email and collaboration side, launching their AI Security platform and Agent Integrity Framework. Their angle: securing the “agentic workspace” where humans and AI agents are operating side by side across email, cloud, and collaboration tools like Teams and Slack. And Black Duck brought their Signal platform to general availability — agentic application security designed specifically for AI-generated code. When your developers are using AI to write code, who’s checking the AI’s work? That’s the gap Signal is designed to close. They weren’t alone. Arctic Wolf launched what they’re calling the world’s largest commercial agentic SOC. Darktrace rolled out a managed email security offering for MSSPs. Huntress expanded their identity threat detection to Google Workspace. The message from the industry was unanimous: agentic AI security is not a future problem. It’s a right-now problem. If you’re advising clients on AI adoption, the security conversation just got significantly more complex. And that complexity is an opportunity — because your clients are going to need help navigating it. RSA — the company, at their own conference — made two announcements that pulled in opposite directions, and that was the point. They launched ID Plus Sovereign Deployment — fully air-gapped, on-premises identity security for environments where cloud is not an option. Think regulated industries, government, anyone with serious data sovereignty requirements. For Canadian partners dealing with OSFI E-21 or federal procurement, that’s directly relevant. At the same time, they announced an expanded Microsoft partnership around M365 E7 and passwordless authentication. So RSA is going both directions: as sovereign as you need on one end, as deeply cloud-integrated as you need on the other. On the hardware side, Dell announced quantum-ready commercial PCs with post-quantum cryptography built into the firmware, AI-powered ransomware recovery for their PowerProtect line, and an extension of their managed detection and response service to cover AI data platforms like PowerScale. HP made a similar hardware security move from their own event in New York this week, launching TPM Guard to protect TPM-to-CPU communications from physical attacks. The common thread: the security conversation is moving below the operating system and into the silicon. Two announcements that translate directly to partner economics. Barracuda — a hundred percent channel company — advanced their BarracudaONE cybersecurity platform alongside updates to their Partner Success Program. Platform investment and partner investment at the same time. That’s the kind of announcement that tells you a vendor is serious about the relationship, not just the product. And Sectigo launched a new partner platform built around the reality that SSL certificate lifespans that are already shrinking and headed to 47 days. When certificates need to be renewed every 47 days instead of every year, that’s either a massive headache or a recurring revenue opportunity. Sectigo is betting that partners who automate the process will turn a compliance burden into a managed service. That’s RSA Conference 2026 through the Canadian channel lens. Agentic AI security dominated the conversation. Identity and hardware resilience matured. And a couple of vendors made moves that directly affect your bottom line. Links and details for everything we covered are in the show notes. We’ll be back on Monday with the regular edition of ICYMI. Until then, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Rob Scott, co-founder of Monjur Rob Scott, co-founder of Monjur and managing partner at Scott & Scott LLP, joins the podcast to talk about what’s broken in the average MSP’s contract stack and what it takes to fix it. Rob has spent more than 27 years at the intersection of technology and law, and his firm works with over a thousand managed service providers across North America. The conversation covers the three biggest areas of contract risk Rob sees across the MSP community: agreements that haven’t kept pace with the services being delivered, unaddressed vendor and third-party liability, and missing data processing agreements in an increasingly complex regulatory environment. Rob walks through practical provisions most MSPs don’t have but should, including a “security recommendations” clause that shifts liability to customers who decline recommended protections. Rob also digs into why AI is changing the contracting equation in both directions – from the new service attachments MSPs need when delivering AI-powered services, to the risks of using unsupervised LLMs for contract drafting – and offers a candid assessment of where Canadian MSPs stand relative to their American counterparts when it comes to contracting maturity. The conversation wraps with a practical starting checklist for MSPs who know their contracts are out of date but don’t know where to begin. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. My guest today is Rob Scott. Rob is the co-founder of Monjur and managing partner at Scott & Scott LLP, where he’s spent more than 27 years at the intersection of technology and law. His firm works with over a thousand managed service providers across North America on their contracts, and he recently launched Monjur Pilot, an AI-powered legal assistant built specifically for MSP contracting. Now, I know what you’re probably thinking – contracts aren’t exactly the sexiest topic in the channel. But here’s the thing. Most MSPs, I think, know their contracts are out of date, and they also know that they should do something about it. They just don’t. And in a world where the threats are evolving, AI is changing the service landscape, and the regulatory environment, particularly here in Canada, keeps getting more complex, the gap between what your contracts say and what your business actually does is becoming a real liability. Rob has seen what happens when that gap catches up to you, and he’s got some very practical advice about what to do about it. Let’s get right into it. My chat with Rob Scott. Rob, thanks for taking the time. I appreciate it. Rob Scott: Thank you for having me. Robert Dutt: You’ve been working with MSPs on their contracts for, I think it’s over two decades. What’s the state of the contract stack for the average MSP in 2026, and how wide is the gap between what most MSPs are actually running on and what they should be running on? Rob Scott: That’s a great question. When I look at contracts, I see three big areas of risk for MSPs. One is that their agreements don’t keep up with their services. In the MSP world, that means you’re offering compliance advisory services without proper compliance advisory contracts. We call that service attachment for managed compliance. You’re now working with clients in and around AI and AI products, which are using a pre-AI customer contract. These are the things that change with frequency in IT, and for MSPs, that means one area of contract protection – static agreements don’t fit with emerging service offerings like tech. Sometimes their agreements don’t keep up with their services, and other times, their agreements are not reflected for trends in the marketplace or specific risks. For example, ransomware attacks or emerging cybersecurity risks. MSPs don’t frequently have, for example, very clear-cut exclusions from responsibility for the criminal acts of third parties. Similarly, their contracts don’t limit their liability for acts or omissions of vendors. We monitor the terms and conditions of over 1,200 vendors in the MSP channel, and our clients get their customers to sign a waiver for any acts or omissions of those third parties. That’s an area – what I call vendor risk – which many MSPs are exposed. Then the third big category is regulatory risk, operating with customers in regulated markets without the appropriate data protection agreements and data processing agreements that are required by both international, federal, and state laws. Those are the areas where most MSPs have been underserved by traditional legal services, which have caused many to move in the direction of do-it-yourself, which has many exposing themselves to unsupervised LLMs. While contracting for MSPs is very complex, they really have not been well-served by traditional legal services. Robert Dutt: The open LLMs is what keeps me up at night. Shadow AI is a concern for lawyers, or at least us, as much as it is for MSPs. Shadow AI in their customers’ organizations, us for different reasons. But the MSPs are faced with a challenging choice between choosing fast and inexpensive do-it-yourself legal protection that lacks accountability and supervision, or traditional legal services that can be slow, can be expensive, and can be out of touch with what MSPs do. Many of my clients have shared stories about interactions with lawyers, not fondly, in part because the lawyers had no clue what they did, and they felt like they were paying the legal fees to explain to the lawyers what an MSP does. Rob Scott: And so it’s been a challenge for many MSPs to get legal protection that’s both fast, affordable, and offered by MSP-specific attorneys. Robert Dutt: You touch on the problem of keeping up with technology trends. I’m thinking in broader terms than that. What about whole directions of risk, I guess I would say. The example I think of is we’re doing a lot of tracking of the trend of abuse of trust. Attackers not breaking in, but logging in through trusted identities, VPNs, software supply chain attacks, those kinds of things. Basically, when the threat itself has shifted so fundamentally, how far behind are most MSPs in terms of accounting for that in their contracts? Rob Scott: I would say very far behind. I would say overall, the customers that we talk to, the people we meet, are either on some do-it-yourself approach that really hasn’t been updated by an experienced attorney, or hasn’t been updated recently to reflect the emerging threat landscape as you described it. But we’re constantly updating our agreements to properly reflect detailed terms and conditions about these emerging threats. And I’ll give you an example. We have in our MSA a provision called security recommendations. And what that provision says is the MSP may from time to time give the customer recommendations about security compliance. For example, multi-factor authentication. And if the client does not accept or move forward with those proposals, anything that happens as a result that those things could have prevented is 100% on the customer – the MSP is off the hook. And so when I think about emerging technology and the changing threat landscape, a lot of it has to do with how you manage the communications and the risk associated with that. And MSPs have had the hard choice in the past of having to either tell a client, “No, I’m not going to support you,” or, “Hey, I’m going to give you this waiver to sign.” And this whole topic of declination of services around point solutions that deal with emerging threat factors has been a common issue with MSPs. They go to the customer. They’re like, “You’re exposed. You need these advanced security features.” I mean, there’s new stuff all the time, but right now, it’s a lot of focus on zero trust. And so it’s not inexpensive to implement a zero trust model within a business. And if an MSP wants to implement zero trust, the customer has to cooperate to buy those things. And the customer doesn’t understand them well enough to know what they do or why they need it. So their first reaction is to say, “No, it’s too expensive.” And that puts the MSP at risk, because I tell the MSPs, my opinion is their network is only as strong as its weakest link. So if you let these customers on that you know are overly risky, that puts the whole portfolio of customers at risk. And that’s a lot of what you’re talking about with those threat vectors. Those threat actors are thriving on being patient. And it’s not just like, “Do we have guards at the front door?” It’s like, “We need guards in every room.” They’re already in. So that’s one of the things that I think most people think about. Cybersecurity is like hacking events or ransomware events, but so much more of it is they’re in your networks, they’re able to move around, they’re squirreling their way into different areas, and they’re being very patient waiting for that opportune moment. And so it’s not just about keeping people out, it’s also about catching them after they get in. And that’s where a lot of these emerging technologies and emerging threats are posing unique challenges from a cybersecurity perspective. And the question is, “How are your agreements evolving?” And that’s where making sure that your vendors are all on there. So if there’s any act or omission of a vendor, that you can be covered for it. And the things that happen in cybersecurity, like criminal acts of third parties, is expressly excluded. I don’t think you need to go into as much of the specific threats. If you get a strong and enforceable exclusion against the criminal acts of third parties, almost every cybersecurity risk that would be impactful to an MSP is also a criminal act by the person who perpetrates it. Robert Dutt: About a year ago, you did a piece around the theme of “Your MSA is broken and AI is to blame.” We’re a year further in, things have only accelerated. MSPs are selling Copilot bundles, offering AI-powered services. Their customers are deploying AI tools whether the MSP knows about it or not. From the customers’ point of view, how far behind are most MSP contracts relative to the AI services that they’re delivering or their customers are using today? Rob Scott: We came out with a special service attachment for managed AI in 2024. And at that time, people said, “I don’t really need it. We don’t know what we’re doing yet.” Today, people come to Monjur just because of that attachment. And the way that attachment is built is, number one, you don’t have the right definitions in your current agreement for things like AI input, AI output, the model, the trainings – all of these things that are relevant to AI that wouldn’t be in a master services agreement for managed services. Beyond that, you need your service descriptions. Is this AI readiness assessments? Is this app dev? Are we building RPA and automations? What is it exactly that the services entail? And so that’s a big part of it. And our structure is designed to cover just about every AI service that an MSP could do. But it’s also important to make sure that you have the proper exclusions and client obligations. So when you think about exclusions, it’s like the MSP shouldn’t be responsible if the legal world changes and suddenly that client’s use becomes illegal. Think of helping customers deploy voice agents. And then it becomes clear that you can’t use a voice agent to do cold calling, or voice agents get outlawed altogether. It needs to be clear that the MSP is not taking the responsibility for how government reacts to the impact of AI. Similarly, there should be an obligation on the customer’s part to be committed to ethical use of AI. Responsible AI is something that I put in as a mutual obligation to all parties to a contract that I write around AI. I think it’s foundational for humans to be committed to responsible AI. So there’s things – just a few examples – but things that you wouldn’t see in an MSA. So ask yourself, why would you expect your pre-AI MSA to protect you in an AI world? The answer is MSPs increasingly are offering AI-related services under contracts that weren’t built for these services, and those that are, are putting themselves at significant risk. And it’s not necessary, because there is a ready-made solution for MSPs to protect themselves when engaged in selling Copilot, helping clients with AI projects, which we’re all going to be doing. Let’s get it straight. This is not new. This is not a temporary blip. I think the only temporary part of it is this AI distinction. I don’t think there will be, in the long run, a distinction between AI tools and non-AI tools. All tools will be AI. So the way things are going, MSPs need to be prepared for that. All of what so many more MSPs are now in the territory where they would be protected by a specific service attachment that doesn’t exist in their contract stack today. Robert Dutt: The other side of that equation of AI use in the MSP is that a lot of MSPs themselves are tempted to use some of the generic LLMs to draft or review their own contracts. Where do you see the line between that being helpful and that being dangerous? Rob Scott: I don’t think MSPs should be forced to choose between using AI and using attorneys. I think that’s the state of the market today. They’re faced with these unsupervised LLMs that are risky, where there’s no accountability. They’re telling you, “Don’t use this for law,” and you’re using it for law. If you have a bad outcome, whose fault is it? The New York State Senate has got a Senate bill, which I think will be the first of many, that would make it illegal for LLMs to give out legal advice, because it’s doing way more harm than good. I think the one thing to think about the perspective on this is lawyers are getting sanctioned and held in criminal contempt for using AI, and the AI is making mistakes. If it’s going undetected by the lawyers, why do you think you’re in a position to supervise the AI to protect your legal interests? I mean, it gets it wrong so much. The accuracy of legal outputs from unsupervised LLMs is so low that it is like playing Russian roulette. So I don’t blame the MSP. I just think that the future is attorney-supervised AI, where the customer starts with a template that is lawyer grade. I think if you put Monjur Pilot up against these unsupervised LLMs and you draft an agreement starting with a Monjur template versus starting with nothing and an unsupervised LLM, your first pass is a totally different thing. And then the second thing is lawyers need to be in the loop at the last mile. You should be able to press a button within your AI and say, “Submit for legal review,” and the lawyer should be able to just look at it in-app and finish what you built. So you start with a legal template that’s legal grade. You operate in a legal-grade AI environment that has the proper guardrails, and you make sure that attorneys supervise all of the work that the clients are doing, so that the MSP no longer has to choose between fast and inexpensive and slow and sometimes cost-prohibitive. So we think that AI unlocks something pretty special for the Monjur subscriber, which is the benefit of having your lawyers at your fingertips 24/7 through a trained AI legal assistant. But that’s not a replacement for your lawyers. It just supplements your relationship with your lawyer. So in this way, we deliberately call them legal assistants because they play the same role as a legal assistant in a law firm. The legal assistants don’t practice law without the lawyer supervision. They help the clients get better service from the lawyers. And that’s the role of AI in the Monjur vision, which is attorney-supervised LLMs that provide a safety layer on top of the LLM of your choosing. So our system is called “at any LLM,” but in each instance, we’ve implemented prevention of hallucination and preservation of context through RAG architecture that allows our legal assistants to give responses that the lawyers feel they can stand behind and nevertheless supervise. Robert Dutt: Our audience is primarily Canadian MSPs and other types of IT solution providers. You serve over a thousand MSPs across North America, including Canada. What are the things that Canadian MSPs need to be thinking about in their contracts that their American friends don’t? I’m thinking PIPEDA, I’m thinking Quebec’s Law 25, the cross-border data question and data sovereignty, but I’m curious what you see as the biggest gaps from the Canadian side specifically. Rob Scott: I think the ones that you mentioned are sort of at the surface, in the sense that those are concrete, objective things. Like, the data processing agreement for our US customers has different regulations in it than our Canadian customers, and the Canadian ones contain the laws that you mentioned. The bigger issue that I see in Canada is a cultural issue. This idea that contracts are not important because we’re not in America where everybody sues at the drop of a hat. We don’t value legal protection in the same way that people might in the US, because the threat of litigation in their mind is lower than maybe the threat of litigation in the minds of the MSPs in America. My response to that is I acknowledge the differences between the US and Canada as relates to litigation and dispute resolution, but I don’t think that that means that Canadian MSPs don’t benefit from having great contracts. It’s more of a question of what level of risk is being mitigated and the best way to mitigate it. I fear that too often in Canada, it’s not a question of does your DPA properly reflect Law 25 or PIPEDA. It’s a question of, are your agreements well thought out at all, because maybe you don’t think that it’s that important to have good agreements. And it’s about 15 years culturally and mindset-wise behind the MSP market that I began working on. Where early on in America, there was a large sentiment that a handshake deal is good enough. I deal with my friends and I don’t perceive a high risk of litigation. And if someone wants to get out of my contract, they’re not happy with me, I let them go anyway. Why do I need all this paperwork? And I think that’s a big thing that we have to work on for education with MSPs in Canada, which is you don’t have to be in a litigious market like America to benefit from good contracts. Robert Dutt: Well, and here’s an interesting aspect to that cultural thing too. A lot of Canadian MSPs are serving clients on both sides of the border, or are using US-based vendor tools to deliver services to their Canadian customers. How should MSPs be thinking – even if they’re functional just in Canada in terms of customer base – how should they be thinking about cross-border exposure in their contracts? Rob Scott: Well, look, I think that unless you know, for example, where every data subject resides in every system that you manage, you could be in Canada with customers with data subjects in their systems that you manage all over the US. And the laws run by where the data subject resides. So that’s one of the big challenges. And then the other challenge is, don’t you want to put yourself in the position where you can say yes to as many deals and customers as possible? And don’t you want to make sure that you have compliant agreements that will allow you to operate in multiple markets? And we have a lot of MSPs, I would say, that are on the Monjur platform that are enjoying dual libraries. So a set of agreements in English for the US, a set of agreements in Canada in English for English-speaking provinces, and then a set of agreements in Quebec, specifically for Quebecois law, presented in French. So we do offer some granularity in terms of localization in each market. And our strategy is we partner with local law firms in each jurisdiction to localize and maintain the updates of our agreements. And so we have a law firm that we work with in Quebec and several others in other provinces, including one in Toronto, where we partner with them to keep the agreements updated for those markets. Robert Dutt: I think for a lot of MSPs, contracts are in the category of necessary evil, something they grudgingly do to avoid getting sued – or in some cases don’t do well enough to avoid getting sued. But I wonder if there is a case to be made for treating your contract stack as a competitive advantage, and if so, can you walk me through what that looks like in practice? How you can take a solid contracting situation and use it as a way to help your organization grow, and not just stay out of trouble when things go wrong. Rob Scott: Yeah. So I think it’s an excellent question. I think the first part of it is something that now jives to me going to the dentist. Like, I know I have to go to the dentist. If I want to not have cavities, I have to go to the dentist. If I don’t want gum disease, I have to go to the dentist. I hate to go to the dentist. I’m so anxious when I get there, I tell them, please don’t take my blood pressure until we’re done, because it’ll just make it worse when you give me a really high blood pressure reading. I’m only going to be more anxious. And I think with MSPs, that’s real too, as it relates to law. Many don’t feel comfortable with the subject matter. Many have had bad experiences. Many, like you say, would say it’s a necessary evil, but they try to avoid it as much as possible. Even if you caught them in a quiet moment of reflection to ask them if they really needed it, they would say yes, but they would go back to their office after that and lose track. And this is why I think dynamic agreements that auto-update are so important for MSPs. I think legal needs to work in the background. And MSPs, I think, as a group, are carrying a very heavy cognitive load around contracting. A lot of the senior people that run MSPs are not contract people. It’s way out of their element. It doesn’t play to their strengths. It drains them of their energy. They’re constantly second-guessing whether they’re getting it right. And what I think about competitive advantage, we talk in terms of the maturity model. Maturity level one: legal protection. You have the legal protection in place. Maturity level two: standardization and efficiency. Standardization and efficiency is like, how well have you collapsed your contracting processes into your sales process, so sales and contracting is one seamless step? So that’s kind of level two. Are all of your customers efficiently on the right paper? Can we update their terms without having to go get a signature? This is how Monjur enables MSPs to grow revenue fast. We remove the friction from the sales process. We make deals go faster. We make it less likely that customers are going to want to comment or request changes to agreements. So that’s level two. Level three is what we call contract intelligence. Using AI to optimize revenue opportunities. Making AI context-aware of your renewals, of your upgrades, of what people are paying, who is using a lot of resources but not paying for very much. These are the opportunities where contract intelligence drives better decision-making as well as automation to fuel efficiency to grow revenue faster. So it really depends on where you are on this maturity level about how it helps you grow. Initially it may make it harder to grow while you’re getting the right legal protections in place. But ultimately you want something that can scale with your business, and that means dynamic versus static agreements. Robert Dutt: My last question – I want to make this as concrete as possible. If you’re talking to a Canadian MSP owner, let’s say a 15-person shop doing managed services, building out security, starting to do AI in there too, they know their contracts are out of date or in bad shape but don’t really know where to start. What are the first two or three things that you’d tell them to do right now, right away, to get that ball rolling and to hopefully see the most improvement in the situation? Rob Scott: Well, one of the things that I would say is benchmark what you’re currently using. Do an assessment of where you are. We have some tools online that can help you walk through an assessment of your current contracts, and we’ll also review them for you for free. If you have a contract, you’re an MSP in Canada and you want to understand what the gaps are relative to best practices, we’ll use our toolset to analyze your agreement, compare it to what we think are best practices in Canada, and do a report for you. We do that as part of our consultation process. There’s no fee for that. That’s a complimentary review. If you could get an experienced attorney to help you benchmark it, great. The other thing to think about is updating your vendor list and asking yourself the question, “How am I protecting my MSP against acts or omissions of the vendors in my tech stack?” If you don’t have a good solution for that, then you need to be thinking about something like our schedule of third-party services, which allows you to list all your vendors and contains a waiver of the right for your clients to sue you. Now we’re covering a really big category of risk with that one attachment. Then emerging services – advanced security and AI. You need specific agreements for these things. You can’t just continue to operate under the agreements that you were using pre-AI in the AI world. You can’t start offering compliance-related advisory services like GRC and other advanced security and compliance offerings without the appropriate contract. We call it the service attachment for managed compliance. Similarly with AI, we have a service attachment for managed AI. You really need to be thinking about, do your agreements cover the services that you’re offering, delivered through the tech stack that you’re delivering it through, and in a way that’s compliant with the emerging framework of regulations that impact you and your customers? Given all of that – and we cover that with our data processing agreement – you can see why static agreements for MSPs can become very challenging very quickly. If I was in the process of trying to figure out a way to manage risks for my MSP in Canada, I would be looking for a service that would give me dynamic updates that was specific to managed services, that was customizable for me and my customers. And think about this question: if my client were to sue me in court tomorrow, how confident am I that my current agreements would hold up in court? If the answer to that is, “I’m not so sure,” or “I’m not that confident,” or “I’m sure it would be a problem,” then getting a complimentary review of your current agreements and a game plan to move forward with broader protection is probably a good idea. Robert Dutt: All right, I appreciate that. It’s a lot to think about, and it’s an area that I don’t think we focus on as much. We tend to get caught up in the tech stack and all that, so I appreciate your taking the time to share some wisdom on where things are at with contracts and where they’re going. Rob Scott: Thank you. Thank you very much. I appreciate you having me. Robert Dutt: There you have it. Rob Scott from Monjur. I’d like to thank Rob for his time. He brought a lot of depth to a topic that frankly doesn’t get a lot of attention in channel media. A few things that are sticking with me from this conversation. First, the idea of the security recommendations clause – building language into your contract that says if you recommend a security measure and the client declines, anything that could have been prevented is on them. That’s the kind of provision that can save your business, and I’d wager a lot of MSPs listening don’t have it. Second, his point about Canadian MSPs being about 15 years behind their American counterparts on contracting maturity – not because the laws are weaker, but because the culture around litigation is different up here. That’s a gap that works until it doesn’t. And third, the question he posed that I think every MSP should sit with: why would you expect your pre-AI master service agreement to protect you in an AI world? If you’re selling Copilot bundles or managed AI services on a contract you wrote five years ago, you’ve got some homework to do. If you’re enjoying the ChannelBuzz.ca podcast, we’d love it if you’d follow or subscribe. You can find us on Apple Podcasts, Spotify, YouTube, and most podcast directories. And if you have a minute to leave a rating or review, that goes a long way in helping other folks in the channel find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Peter Kujawa, executive vice president and GM of Service Leadership and IT Nation at ConnectWise Labor is roughly 75% of a managed service provider’s cost of goods, which makes compensation strategy one of the biggest levers in the business. In this episode of In The Channel, Robert Dutt sits down with Peter Kujawa, EVP and GM of Service Leadership and IT Nation at ConnectWise, to dig into the findings of the 2026 Annual IT Solution Provider Compensation Report. The conversation starts with the Canadian data, which shows that solution providers in this market are planning the lowest pay increases of any region surveyed – just 7% of employees are seeing raises above 6%, and 42% are getting 3% or less. Kujawa attributes that to macro-economic softness, pullbacks in hiring by large tech firms, and the return-to-office trend reducing the remote competition for talent that was driving up wages in 2021 and 2022. From there, the discussion turns to what separates top-quartile firms from the rest. Best-in-class MSPs pay their service teams roughly $10,000 less on average, but the reason isn’t underpayment – it’s a staffing model built on a higher ratio of Level 1 technicians, made possible by unified tech stacks and narrower customer profiles. Those same firms use three times as much incentive-based compensation as bottom-quartile operators, yet industry-wide adoption of incentive pay has barely moved despite years of data supporting it. The episode also covers early data on AI and automation in the service desk, where digital workers are starting to show up in Level 1 and Level 2 roles, and a look at sales and marketing investment benchmarks – including why the most profitable firms are adding lead generation roles instead of sales headcount. The full report is available from Service Leadership for $2,000 USD, or free for MSPs who contribute their data during the annual survey period. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. If you run an MSP, labor is your single biggest cost – roughly 75 cents of every dollar you bring in. So knowing what to pay, who to pay more, and where you might be over or under investing in your people isn’t just an HR exercise, it’s a profitability question. Service Leadership, part of ConnectWise, has been benchmarking compensation across the IT solution provider space for years, and they’ve just released their 2026 annual report. What makes this year’s data especially interesting for our audience is that it includes dedicated Canadian data, and the Canadian picture looks quite different than the rest of the market. My guest today is Peter Kujawa, Executive Vice President and General Manager of Service Leadership and IT Nation at ConnectWise. Peter is a former MSP operator himself, and he brings a practitioner’s eye to the data that I think you’ll find really useful. Let’s get right into it, my chat with Peter Kujawa. Robert Dutt: Peter, thanks for joining us. Appreciate it. Peter Kujawa: Yeah, happy to be here. Thanks for having me on. Robert Dutt: I guess the name of the report kind of says what it does on the tin, but for listeners who aren’t familiar with the Service Leadership compensation report, can you kind of give us the 60-second version of what it is, how long it’s been running, and why you guys choose to run it? Peter Kujawa: The compensation report has run – I think this is our seventh or eighth edition of it – but what’s significant is we’ve been running it as an annual report for the last four years. The reason that we’ve made it an annual report is because when we hadn’t run the report for seven years – Service Leadership last had run it in 2015 – in 2021, wage inflation was running so high and causing so many challenges for MSPs that we were getting a lot of questions about what I should be paying my people, what are increases looking like, I’m getting requests for 10, 12, 14% increases, is this in line with the market. And we didn’t have the data. And we’re data people – we like to be able to not talk in theoretical, but talk in data. And so we decided to dust off the older methodology and we ran the report in 2022. It was so successful that we decided to make it an annual report. And so every year in October and November, we open up our portal and MSPs from all over the world enter their data into the system. Anybody who enters their data gets a free copy of the report. We publish it, and anybody else can still buy a copy of the report for $2,000 US. But the value of it’s incredible. What we’re able to do with the report that nobody else can is, because we measure profitability of the industry worldwide, we’re able to correlate what companies – what MSPs – are paying their people, and profitability. So in other words, you’ll see in the report entire sections of analysis saying, what is it that the top quartile most profitable companies are doing differently in terms of paying their people than the bottom quartile? So that provides a lot of really useful guidance. But really the meat of it is when you go into the actual tables. We have over 60 positions that we collect compensation data on from MSPs. And you can see, based on experience level, what MSPs are paying their people for these positions. One of our objectives going in was to be able to provide a report that only shows data from the industry. All of our data is industry-specific data. And why that’s important is, while a hospital system or an enterprise company or others may have level one help desk positions, or they might have project engineers or other positions that sound like MSP positions, in reality, the jobs of those positions are different than they are at MSPs. It’s really hard when you go out and you do a market-based compensation study to really understand, as an MSP, what I should be paying my people versus what enterprise pays for similar positions. So our data is industry-specific. We collect it every year. It’s really recent. We carve it up by region and do different things to give value to MSPs all over the world. Robert Dutt: You’ve said in the past that we’re in the golden age of running an MSP. The compensation data from this year’s report – does it back that up? Does it complicate things? Basically, what’s the headline here in terms of the compensation trend? Peter Kujawa: I would say both. And so first of all, yes, I said that – including last week at London from the main stage keynote. The last six years have been the best profitability years ever for the industry. Best in class has done better than ever. Bottom quartile has lost less money than ever. Still in many cases losing money, but that’s a different discussion. However, MSPs’ largest source of cost is what they pay their people. Delivering services is, by definition, a services-based business. So if I’m delivering managed services, I’m spending about 25% of my cost of goods on my tools. The other 75% or so is on my people. And MSP employees have historically had wage increases at about twice the rate of CPI. So the challenge for MSPs has been, I’m having to pay my people these increases, I’m seeing my cost of labor going up at twice the rate of inflation, I can only increase my customer’s cost by a certain degree. I probably can’t increase them year over year for too many years in a row at twice the rate of inflation. So I need to figure out how to be more efficient in my business. The good news for MSPs is that crazy wage inflation we saw back in ’21 and ’22 has mitigated in three of the four geos. The only exception is Europe. So it’s gotten better, but wage inflation is still a huge issue for MSPs. Since 2013, we measure the relationship between service revenue and the cost of your service team and wages. It’s one of our most important KPIs at Service Leadership. And we haven’t seen any improvement in that since 2013, despite the tools getting better, despite pricing increasing. MSPs have been stuck because wage inflation has been so hot. And so yes, the last six years have been the best time ever for MSPs. But MSPs have to fix this issue with labor costs. And so that’s what’s so exciting about AI and automation, the things that we’re doing at ConnectWise with zofiQ and our platform. These are things that give MSPs the opportunity to finally get ahead and really take a bite out of this labor cost issue. Robert Dutt: Let’s talk about Canada specifically. Your data shows that Canadian solution providers are planning the lowest pay increases of any region. I think it was only 7% of employees are getting raises north of 6%, 42% getting 3% or less. What’s behind that? Peter Kujawa: Well, I think there’s a bunch of things that are going on right now. Number one is, depending on the region, there’s some economic softness. And when there’s softness in the economy in general, that comes into the labor pool. So if other companies are not adding staff at the same rate, it takes some of the pressure off of MSPs in that area. So there’s definitely some of that going on. I think also just the overall tech economy, especially in North America – we’ve seen a lot of announcements about significant cuts from some of the larger tech companies. And that has a way of bleeding down into the MSP space. We saw the opposite in 2020 and ’21 and ’22, and that was all these companies are hiring and they’re adding remote labor all over. And all of a sudden, local MSPs are having to compete with some of the biggest tech companies in the world for their local talent because of remote work. Well, many of those – A, many of those companies have been cutting a lot of jobs and it’s been very publicized over the past year. B, remote work has changed as well. We have analysis in there showing that most companies in the MSP space have returned to the office. And that’s definitely something that I think you’ve seen in big tech as well. So those two things have taken some of the pressure off and improved those really high-level increases. And I think that’s what we’ve seen in three of our four markets. Robert Dutt: In terms of the Canadian numbers, I’m curious if you see them making – is it a company choice? Is it discipline, or is it a sign that Canadian MSPs are under more financial pressure than their peers in other markets? Peter Kujawa: I’d have to run and take a look at the data on the profitability of the Canadian market compared to some of the other markets right now. I’m not aware of any of that being an issue right now, but I could certainly take a look at that, Robert, and get back to you. I think it’s more a case of the North America trends on labor. It’s probably indicative of a general softness in the Canadian economy and just some concerns that companies have. When companies are concerned about what’s going on today in the macro economy in their region, they pull back on hiring. Well, when they pull back on hiring, that creates less opportunities for the employees of the MSP to jump ship and go somewhere else and get a big bump. Second of all, I think MSPs are known as great training grounds for tech employees, and the tech employees know this. Recruiters know this. MSPs are really fertile recruiting ground. Well, it’s a lot more tempting to take that offer when it looks like the economy is red hot and everybody’s growing. When it looks like, you know, things are pretty good for me at the MSP – I like what I do, and yes, I could go to this other company, but we’re seeing all these cuts at all these other companies, and my MSP is doing fine and growing and has been good to me – maybe I’m happy with a normal increase and maybe that huge increase I was looking at getting is not as tempting and I’m maybe not going to leverage it. So I think all these things tie together when you’re looking at what goes on in wage inflation in our industry. Robert Dutt: So from the other point of view, it kind of cuts the chances of it becoming a retention issue. As you say, there’s those kinds of loyalty factors built in. One of the more counterintuitive findings is that best-in-class MSPs – the top quarter in profitability – gave roughly three times fewer large pay increases than bottom quartile firms. What are they doing differently? Peter Kujawa: Yeah, it’s an interesting question. There’s a few factors that tie in. There’s some other linkage to what the best in class is doing differently, but I think specifically in terms of increases, there’s a couple things that play out. Number one is the best in class have built a business that is much easier to recruit somebody into and get that person to be productive faster. And what I mean by that is best-in-class companies are servicing a more narrow target customer profile. They are much more likely to have their customer base on a singular tech stack. So they’re not servicing multiple vendors per each thing that they offer. So let’s say, for example, firewall support – just a basic example. A best-in-class company is much more likely to have unified on a single vendor and have 100% of their managed service clients on that vendor’s products. As a result, it’s a lot easier for a new tech coming in to understand their offerings, to become productive faster. So they hire more level one techs and they’re able to recruit those techs and get them up and running easier. That gives them an advantage when there’s techs that are thinking of leaving and they need to match a higher increase in order to keep that tech. If you know that we’re going to lose a certain number of techs a year and we’re going to need to replace a certain number of techs a year and it’s fine, we’ll deal with it, we have the engine that’s capable of sustaining and bringing them in – well, then I’m more likely, when a tech comes in on a Friday and says, “Hey, I’ve got this offer. I like it here, but it’s a 20% increase or 15% increase. If you match it, I’ll stay” – well, if I’m a bottom quartile shop and I have all this additional complexity in my organization, it’s harder for me to get somebody up and running. I’m probably more likely to match that or come close to it if they stay. If I’m a best-in-class shop, I’m much more likely to say, “Hey, you’ve been great here. Glad we hired you two years ago or whenever. Keep in touch. And if you know anybody who’d be a good fit, send them our way.” So that’s one factor. Number two is, when you work at a bottom quartile MSP, it’s not a lot of fun. Process is not as good. As I said, you don’t have as much of a unified tech stack and target customer profile. As a result, the quality of your service delivery tends to suffer. You’re probably getting yelled at more often by your customers. It’s just, in general, not as enjoyable of a place to be. Best-in-class shops grow the fastest. When you’re working at a best-in-class MSP that’s growing at twice the rate of a bottom quartile MSP, that means there’s going to be more opportunity for you from a career perspective. Life is a lot more fun when you’re at a faster growing, more profitable firm. So those companies are able to be more discerning on the increases that they give. I think the other factor at play is the best-in-class MSPs tend to be much better at using data to make decisions. And that’s not just for what they pay their people – they use data and really understand what’s going on in their business, in their industry. They’re less likely to just throw around increases for the sake of increases, and they run their businesses in a tighter way. So I think there’s several things that tie into that. Robert Dutt: It sounds like the takeaway, the lesson, is not so much “pay less” as it is structure the organization more intentionally, more thoughtfully, and you’re able to – for all these reasons that you outline – keep people or better react when folks do want to move away for a much higher paycheck. Peter Kujawa: Yeah. Run your business at a higher operational maturity level, and you will get all sorts of other benefits from it, including this. One of the other slides that is in there that’s tied into what you just said is, we looked at on average, by category of employee, what is the best in class, median, and bottom quartile pay in each category. And one of the questions I get a lot from the report is, on average, the best in class pays their managed services team $10,000 a year less than the bottom quartile. It’s about $75,000 for bottom quartile, about $65,000 for best in class. So the question is, well, if I go work at a best-in-class MSP, am I being underpaid? Do I have to take a pay cut to go work at a best-in-class MSP, or are they just not fair with what they pay their people? The answer is, that’s not the way to look at that data. The best in class is able to pay less on average because, if you look at a managed service team, you have level one techs, level two techs, level threes. You also have service managers, you have vCIOs, project managers or project coordinators. So you have all these people that constitute the team, but the majority of the positions are your techs – level one, two, and three techs. Our data says that the best in class have a much higher percentage of level one techs. The bottom quartile have a much higher percentage of level two and three techs. So if I have two MSPs side by side, and they both have 10 techs in their tech team, but one of them has two level ones and the other eight are a mix of level twos and threes – well, those level twos and threes cost a lot more. So if I have another MSP that has 10 techs but six of them are level one techs and four of them are level two and three, those level one techs cost a lot less. If I add all those up and I divide by the number of employees I have, my average cost per tech is much lower if I have more level one techs than if I have more level two and three techs. So you can go to work at a best-in-class MSP and do well. In fact, they pay more incentive pay as a percentage on average. So if you’re really a rock star and you go in and do a great job at the business, you should actually be able to make as much or more money. Robert Dutt: You talked before about the 14% or so of gross margin benchmark for marketing spend. Are there similar concrete benchmarks in this report that an MSP owner could take back to their business this week and immediately act on in terms of improving profitability or improving the business? Peter Kujawa: Yes. There’s a number of them. I would say it would depend on the size or maturity of the MSP what they would act on or take back. But if nothing else, the first thing I would suggest is go into the actual data tables and see how your people compare and understand if – first of all, no MSP leader or owner ever hears from their people, “You know, I think we’re kind of overpaid. Why don’t we – we would like to see our pay reduced to the market,” right? There’s a constant pressure to do two things when you’re running an MSP. Number one is to pay more. Number two is to add more bodies. So I would go back first and foremost, look at the tables and say, here’s what I have for people, here’s their experience level, here’s where they’re at. How am I comparing to what I’m seeing in the market? That would be number one. Number two is I would, regardless of the size of the MSP, look at my incentive pay for both managers and staff positions. I would take a look at what percentage of total annual earnings are tied to incentive. The best in class on average ties about three times as much to incentive pay as the bottom quartile, for both staff and for managers. Well, how do they do that? There’s some best practices to incentive compensation. What you don’t want to do is go out tomorrow and just cut a percentage of pay out of your people’s base and shift it to incentive and say, “Hey, great news guys. Effective today, I just cut your pay by 10%, but now you get an incentive and you can actually earn a little bit more.” That will not go well. So there’s best practices for how to implement this. Start with your managers. Build the incentive, make sure you’ve got it right, you’re measuring it right. Then roll it out to your staff positions. What you’re incenting is really important. You want to make sure you’re tying it to the greatest degree of what they have control over. And you’re not just tying everything to the profitability of the business or sales growth. There are other things that people tend to have more influence over. So really understand incentive pay and how to leverage that as well. Depending on the size your MSP is, there’s also some really interesting information in there about some of the staffing composition. For example, we know that – you cited the 14% of gross margin should be invested in sales and marketing. That’s true. About 4% or so of that tends to go to marketing. About 10% of that tends to go to sales. But what’s interesting is, when we looked at staffing FTEs by role, the best in class are actually adding more lead gen people in marketing and the bottom quartile are adding more salespeople. So they’re both trying to grow their business. They’re both focused on new logo acquisition. But the best in class has learned that salespeople are expensive. They’re hard to find great ones. It takes a while to get them productive. When I have a good one, I’m much better off to invest some additional money in my marketing engine and use that marketing engine to drive more leads back to my salespeople and make sure that my salespeople are really doing what they’re best at all day. The bottom quartile tends to just add more sales bodies and hope that they can be more productive. So there are some differences in the report that get into some of those best practices. It’s part of the reason the ConnectWise partner program was designed the way that it was – to really help with lead gen and to help MSPs tackle some of those challenges. Because it’s really frustrating when you add salespeople and you’re spending a lot of money and you’re not seeing new sales come in. You want to make sure that they’re really productive. Robert Dutt: This year you’re tracking digital workers for the first time – AI agents, automation bots. How widespread is adoption right now amongst the firms in your data set? Are we talking about 5% experimenting, or is this something that’s pretty material in the results? Peter Kujawa: At this point, the data told us about what we expected, which is we’re really early on. Our goal this year was to collect a baseline number. And what we saw was that most MSPs as of last year did not yet have full-time digital workers, but where we did see them was in level one and level two tech roles, which – that’s where we’re seeing it in the industry in general. So that makes perfect sense to us. What we think we’ll see is, over the next couple of years, those numbers are going to start to ramp up pretty significantly. Robert Dutt: When you look at firms that are deploying digital workers and you look at their compensation data side by side, are they paying fewer people more, or are they just running leaner? Peter Kujawa: I think at this point, because of how early on they are, they’re just getting up and going. But where we’re starting to see the gains is you’re starting to see a little bit of a shift in the staffing model mix. Back to that firm that has 10 employees in their help desk – let’s say they’re best in class and they have six of those are level ones, three of them are level twos and they have one level three. What we’re starting to see is, as the report says, there’s about 23% or so turnover in your level ones. So as they are losing some of their level one techs, they’re not backfilling some of those positions at all or as quickly. As they’re building these efficiency gains into their help desk and starting to see some automation gains, we are starting to see some impact in profitability and in that staffing model. Again, we’re really in the early, early stages of this. We think it’ll start showing up significantly in the Service Leadership data by later this year, because our profitability data is always a quarter behind by definition. But anecdotally, some of the MSPs that we talk to are starting to see those gains, and they are starting to see that manifest with their level one staffing particularly. Robert Dutt: It’s going to be an interesting space to watch and see what that looks like as that trend line develops. If you’re a Canadian MSP owner, particularly a smaller MSP, and you could look at only two or three data points from this report to kind of pressure test your own comp strategy, what would you be looking at first? Peter Kujawa: I would look first at the data tables of the average by experience per position. So I would first start with all my most common positions. For most MSPs, those are going to be level one and maybe level two techs. And I’m going to look at by experience, what am I paying each of my people? So I’m going to use that. And then I’m going to go into my other positions through my organization. I’m going to use that to really pressure test – am I paying correctly? Number two is I would go in and look at my incentive pay. Do I have something tied to performance for every one of my people? If I do, am I doing this the right way? Have I set up the plans in a way that’s going to lead to better results for the business and for the employee when the employee does great? I mean, that’s one of the measures of an optimal incentive plan – when the employee overperforms and gets paid on an overperformance, everybody’s happy. If the employee is happy but the owner of the business is unhappy because the employee hit their overperformance, well, that’s bad. I’ve got a problem with my incentive. So I’m going to look at how I structured the incentive for everybody. Those would be number one and number two. Number three, I’m going to start looking at, depending on the size of MSP I am, what should my model be evolving into? I’m going to use this as part of my budgeting. So depending on the fiscal year timing, you might be early-stage fiscal year, you might be late-stage if you do a mid-year fiscal year. Regardless, I’m going to start looking at this data and start modeling it out to see how does this fit into my budget for next year. What should I be starting to plan on for changes I’m going to want to make in my compensation structure? Because you really want to get ahead of those and make sure that they fit into the overall business goals of what you’re trying to do. Robert Dutt: You mentioned near the top of the interview that wage inflation peaked in 2022. It’s been easing since. Is that a reason for MSPs to breathe easier, or is it masking something that they should be watching? Peter Kujawa: Yeah, it’s the opposite. In 2022, wage inflation was running upwards of 10% or more. We were seeing these crazy increases out in the market as a norm. But on the flip side, we were also seeing managed service organic revenue growth running at its peak – about 25%. And the reason it was so hot was a mix of a few things, but a significant contributing factor was price increases on managed service offerings. MSPs got much better at that time at understanding, I have a gun to my head from all this wage inflation – I better start doing some uncomfortable things with increasing pricing for my customer base. And they did. And we saw that in the data, which got the MSPs through it. They were able to maintain profitability, et cetera. So that was the good news. The bad news is that you can’t increase prices at that level indefinitely. And so yes, wage inflation is better, but again, we’re back to more of a normal increased cadence on pricing. And yet MSP wage inflation, even though it’s much, much better than 2022, still runs about twice the rate of CPI. MSPs cannot take their eye off the ball with this. It’s really important as we go forward that MSPs be focused on where can I drive efficiency gains in my business. Where do I have waste today? Forget AI and automation for a second. Are there employees that I’ve been carrying that are not producing, but I like them, and so I keep them around? I just haven’t been disciplined at making some tough decisions. If that’s the case, make those tough decisions first. Second is, every MSP out there needs to be focused on automation and AI. It’s not for luxury reasons. It’s for survival reasons. The industry is changing rapidly. Every MSP needs to be focused on how can I get more efficient with my cost of labor and how can I make sure that as I’m growing my business, I’m not growing my labor cost at an equivalent rate to the growth of my business. These things will ensure that not only will the MSP survive, but they should be able to improve their profitability. If they’re bottom quartile, get up to median. If they’re median, get up to best in class. And really be well positioned for the evolution of the industry over the next few years. So yes, it’s good news that wage inflation has improved. But it hasn’t taken the pressure off at all for MSPs to focus in on AI and automation. Robert Dutt: And my last question – what’s one thing that surprises you in this year’s data that you didn’t expect to find there? Peter Kujawa: That’s a great question, because nothing surprises me at this point ever looking at the data year in and year out. I think I continue to be really surprised by the bottom quartile and the median. We’ve been talking for years about incentive pay and tying your employees to performance. And yet we’re not seeing the needle move significantly in the bottom quartile and the median in that regard. I would have expected by now, with how many years we’ve been talking about this and publishing this data, that we would have seen some more significant improvements in tying employees’ pay to performance. But we’re not really seeing that significantly change. So again, if I’m a smaller, midsize MSP, or even a larger MSP, I’m going to use the report as an opportunity to go in and look at what we’re doing in that regard and make sure that we’re doing what we can to tie employee performance to their pay. Robert Dutt: It makes a lot of sense. I think that disconnect is a big neon sign pointing towards an opportunity to optimize. Peter, I appreciate your taking the time and walking us through so much of this data. There’s some real value in there for the MSP community. Peter Kujawa: Well, thanks for having me, Robert. Enjoyed the interview. Robert Dutt: There you have it – Peter Kujawa from ConnectWise and Service Leadership. I’d like to thank Peter for his time. He brought a lot of substance to this one. And thank you for listening. A few things I’m taking away from the conversation. First, that Canadian stat. We’ve got the lowest planned pay increases of any region in the report. Peter’s read on that is that it’s less about financial pressure and more about a macro environment that’s eased the competitive pressure on talent. Whether that’s a strategic advantage or a risk you’re not seeing yet is worth thinking about. Second, and this might be the most actionable piece – the best-in-class firms aren’t just paying less. They’re paying differently. More incentive-based comp, smarter staffing mix, investing in lead gen over sales headcount. That’s a playbook, not just a data point. And third, if you’re not using incentive pay yet, you’re in the majority, but that’s not necessarily where you want to be. We’ll have a link to the report in the show notes. If you’re enjoying the ChannelBuzz.ca podcast, do me a favor and follow or subscribe wherever you’re listening. We’re on Apple Podcasts, Spotify, YouTube, and most of the major directories. And if you’ve got a minute to leave a rating or a review, that goes a long way to helping other folks in the channel find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Today is Monday, March 23, 2026. Welcome to In Case You Missed It, our weekly five-minute rundown of important channel news stories that might have flown under the radar last week. This episode of In Case You Missed It is brought to you by ESET Canada. ESET's Women in Cybersecurity Scholarship is now open for 2026, with three $5,000 awards available to women pursuing careers in cybersecurity. Applications close April 8. Learn more and apply. On this episode: Bell Canada bets big on AI in Saskatchewan. Bell Canada and the Government of Saskatchewan announced a 300-megawatt AI data center outside Regina — Canada’s largest purpose-built facility, projected to generate up to $12 billion in economic value for the province. Cerebras Systems and CoreWeave are signed on as anchor tenants. For the Canadian channel, the downstream opportunities in connectivity, edge infrastructure, and AI professional services are worth watching, as is the data sovereignty angle of keeping AI compute on Canadian soil. The Globe and Mail’s take on what this signals about Bell’s broader AI strategy. WBM Technologies says buy your RAM now. WBM’s March IT Procurement Update is the most useful thing a Canadian partner has published this month. Every vendor category is listed as constrained. HPE has seen a 24-30% list price increase in March alone. Fortinet is implementing monthly 10% price increases. HP is coming with another 10%+ increase April 1. WBM’s recommendation: buy the RAM and storage you need for the lifetime of the system. Nature magazine is calling it “RAMmageddon.” AWS brings AI agents to partner selling. At its Global Partner Summit, AWS announced AI-powered sales agents in Partner Central, built on Amazon Bedrock AgentCore. Partners can upload meeting notes, auto-update opportunity records, check funding eligibility, and generate draft MAP funding requests. AWS reports 15% higher win rates and 44% faster close times from its solution matching engine. Another signal that vendors are using AI to fix the administrivia of partner selling. Exabeam launches new MSSP commercial framework. Exabeam expanded its APEX Partner Program with two new licensing models for MSSPs: a single pooled multi-tenant option and a federated subscription model. For partners building or scaling MSSP practices, it’s designed to offer more flexibility in packaging and pricing Exabeam’s SIEM and analytics platform. This week on In The Channel: Canadian MSPs plan the lowest pay increases of any region, and that might not be a bad thing (Tuesday) Most MSP contracts wouldn’t survive a courtroom — here’s where to start fixing that (Wednesday) Cisco Canada sees a “perfect storm” driving multi-year infrastructure refresh (Thursday) From NetSuite President’s Club to grain-to-bottle whisky in the Eastern Townships — our first Life After the Channel episode (Friday) Read Full Transcript Welcome to In Case You Missed It from ChannelBuzz.ca. I’m Robert Dutt, editor of ChannelBuzz.ca. Today is Monday, March 23rd, 2026. Let’s get your week started right. This week’s In Case You Missed It is brought to you by ESET Canada. ESET’s Women in Cybersecurity Scholarship is now open for 2026, with three $5,000 awards available to women pursuing careers in cybersecurity. Applications close April 8th. Learn more and apply at eset.com/ca. ESET – protecting progress. The biggest Canadian tech infrastructure story in a while landed last week, and it didn’t come from Toronto or Montreal or Vancouver. Bell Canada announced a partnership with SaskTel and SaskPower to build a 300-megawatt AI data center outside Regina, Saskatchewan. The facility is projected to generate up to $12 billion in economic value for the province, and it’s being positioned as Canada’s largest purpose-built data center. The anchor tenants tell you where this is headed: Cerebras Systems and CoreWeave, two of the biggest names in AI compute infrastructure, are signed on. This isn’t a general-purpose facility — it’s built for the kind of GPU-dense, power-hungry workloads that AI training and inference demand. For the Canadian channel, there are a few things to watch. Local IT providers in Saskatchewan and Western Canada could see downstream opportunities in connectivity, edge infrastructure, and professional services around AI deployments. The data sovereignty angle is real — keeping AI compute on Canadian soil is increasingly a selling point with public sector and regulated-industry customers. And the scale of this investment signals that Canada is becoming a serious destination for AI infrastructure, not just a market that consumes AI services built somewhere else. If you’re quoting hardware right now, you need to see WBM Technologies’ March procurement update. It’s the most useful thing a Canadian partner has published this month, and the message is blunt: They're telling customers to buy the RAM and storage you need to support your systems for the lifetime of that system. Every single vendor category WBM tracks is now listed as constrained. HPE has seen a 24 to 30 percent list price increase in March alone, with quote validity down to just 14 days. Fortinet is implementing monthly 10 percent price increases. Dell expects further adjustments on March 30th. And HP is coming with another minimum 10 percent increase on April 1st. WBM is linking to Nature magazine, which is calling this “RAMmageddon.” If you’ve been following our coverage of the component shortage over the past few weeks, this is the same story, but it’s accelerating. We’ll have a link to the full WBM update in the show notes. It’s worth bookmarking. Two weeks ago on this podcast, we talked about Ingram Micro’s AgenTeq platform and the push to bring agentic AI into the distribution workflow. Now AWS is doing something similar inside Partner Central. At its Global Partner Summit, AWS announced AI-powered sales agents built on Amazon Bedrock AgentCore. Partners can upload meeting notes and have opportunity records auto-updated. The agent flags whether a deal qualifies for AWS funding programs like MAP and can generate draft funding requests pre-filled with deal details. AWS says partners using its solution matching engine are seeing 15 percent higher win rates and 44 percent faster close times. The pattern is becoming clear: vendors are using AI to fix the messy middle of partner selling — the admin, the quoting, the funding applications, the administrivia. Worth watching how quickly this becomes table stakes. And finally, Exabeam launched a new commercial framework for MSSPs last week, offering two licensing models: a single pooled multi-tenant option and a federated subscription model. The idea is to give managed security service providers more flexibility in how they package and price Exabeam’s SIEM and analytics platform for their customers. For partners building or scaling MSSP practices, it’s worth a look. We’ll have a link in the show notes. Those are some of the things we were paying attention to last week.  Big week ahead on In The Channel.  Peter Kujawa from ConnectWise’s Service Leadership practice on why Canadian MSPs are planning the lowest pay increases of any region — and why that might not be a bad thing.  Rob Scott from Monjur on why most MSP contracts wouldn’t survive a courtroom.  Cisco Canada on the perfect storm driving a multi-year infrastructure refresh.  And our very first Life After the Channel episode, with Martin McNicoll, who went from NetSuite President’s Club to making grain-to-bottle whisky in the Eastern Townships.  For ChannelBuzz.ca, I’m Robert Dutt. Have a great week, and I’ll see you in the channel.

For as long as I’ve covered the channel, someone has been predicting the end of distribution. The models change — direct sales, e-commerce, cloud, marketplaces — but the argument stays remarkably consistent: a new, more efficient path to market has arrived, and intermediaries are no longer needed. It’s a compelling argument. It’s also been wrong every time — not because the new models failed, but because the predictions misunderstood what distribution actually does. They described a transaction. Distribution operates as an ecosystem. In this episode, I step back from the news cycle and think out loud about why distribution keeps surviving the predictions of its death, and what that tells us about how the channel actually works. Some of the threads I pull on: The recurring cycle of disintermediation predictions, and why they keep sounding convincing without ever quite landing. How the market consolidated from what many considered an over-distributed landscape into something closer to right-sized — through real churn, mergers, and the emergence of entirely new distribution models built around cloud and subscription commerce. The core scale functions that distribution provides (logistics, credit, enablement, and relationships) and why those become harder, not easier, to replicate as the market gets more complex. I also spend some time on why distribution’s role in Canada is amplified — the realities of geography, Canadian-dollar credit, bilingual support, and regulatory compliance make the aggregation function less optional than it might appear from south of the border. And I look at what’s next: distribution’s integration with hyperscaler marketplaces, its emerging role in AI enablement and governance, and why the platforms that were once supposed to replace distribution are increasingly working alongside it. Recent industry research from the GTDC suggests that distribution is now being positioned as a “digital force multiplier” — a framing that would have been unthinkable a decade ago. This is a solo essay episode — no guest, no interview, just me working through an idea I’ve been circling for a long time. I’d love to hear how you see it, especially if you’re a partner, vendor, or distributor who’s lived through a few of these cycles. Drop me a line or find me on LinkedIn. Related: Your Citrix relationship just changed: Inside the Arrow Electronics transition Read Full Transcript Hello and welcome to In the Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always your host for the show. Before we get started, a quick note on today’s episode. This one’s a little different from what I usually do here. There’s no interview, no guest — just me, thinking out loud about something I’ve been circling for a long time. It’s less about breaking news, and more about sense-making. And it starts with a thought I’ve had more times than I can count… I could have been writing that distribution was about to be disintermediated since the late 1990s. And if I’m honest, sometimes I probably should have — because every few years, there’s a new reason why this time feels different. E-commerce. The cloud. Marketplaces. Vendors going straight to partners. Vendors going straight to customers. Pick your era — the argument has always been there. And yet, here we are. Distribution didn’t disappear. It didn’t even really shrink in relevance. What it did instead was something quieter, and maybe more interesting: it evolved — repeatedly. So today I want to talk through why I never quite bought into the “this finally kills distribution” argument… even though, on the surface, it often sounded very convincing. If you’ve been around the channel long enough, you’ve heard this cycle before. A new model emerges that looks cleaner, faster, more efficient. Someone points out that vendors don’t need intermediaries anymore. Someone else argues that software margins can’t support the old model. And suddenly, distribution is framed as legacy — or worse, inertia. What makes these arguments compelling is that they’re not wrong in isolation. Yes, vendors can sell direct. Yes, marketplaces remove friction. Yes, partners want fewer hops between themselves and the vendor. But what these predictions often miss is that they’re describing a transaction, not an ecosystem. And distribution has never really been about a single transaction. So what actually happened? Distribution didn’t disappear — but it also didn’t stay the same. Over the last twenty-plus years, there’s been real churn. Companies have come and gone. The market consolidated dramatically. What many once grumbled was an over-distributed landscape gradually became something closer to right-sized. That’s important, because survival here didn’t mean freezing the model in time. It meant pruning, merging, specializing — and in some cases, starting over entirely. Broadline distributors gave way to value-added distributors. Value-added distributors made room for cloud-centric distributors. And you can trace this through specific inflection points. The largest merger in distribution history created the world’s biggest technology distributor — not as a retreat, but as consolidation at scale. Cloud-native distributors that barely existed fifteen years ago have grown into billion-dollar businesses by building entirely new models around subscription commerce and lifecycle management. And just in recent weeks, we’ve seen a major vendor shift more of its partner management to a distributor — not less. These aren’t the moves of a model in decline. They’re the moves of a model still being invested in. Through every major shift that was supposed to bury distribution, what actually emerged was a new version of it. The form changed. The function endured. And that function — at its core — has always been scale. Scale of logistics. Scale of credit. Scale of enablement. Scale of relationships. That last one is easy to underestimate. Over the last couple of decades, many distributors moved well beyond transactional relationships and invested in building partner communities — creating spaces for peer learning, business planning, and strategic engagement that had nothing to do with moving product. That shift quietly changed where distribution sits in the ecosystem. Even in a cloud world, someone still has to aggregate demand, mitigate complexity, and make it economically viable for thousands of partners to transact with hundreds of vendors — without every interaction becoming bespoke. That problem never went away. And for those of us in Canada, these dynamics are amplified. In a market this size, spread across this much geography, with a relatively small and diverse partner base, the aggregation function of distribution isn’t optional — it’s essential. Canadian-dollar credit facilities, in-country logistics, bilingual support, compliance with Canadian regulatory requirements — these aren’t things a vendor portal south of the border can easily replicate. Distribution in Canada has always had to earn its place a little more visibly, and arguably, that’s made it more resilient. Years ago, I heard many solution providers describe distribution as a “necessary evil.” Not evil in the moral sense — just unavoidable. Sometimes frustrating. Sometimes slow. Sometimes misaligned with how partners wanted to operate. I hear that sentiment less today. That’s not to say distribution is perfect now. It isn’t. And it’s not to say frustrations are gone. They aren’t. But I think the shift itself is telling. When parts of the model stopped working, they didn’t get defended forever. They got replaced. When value became unclear, it had to be re-articulated — or the model lost relevance. That evolution didn’t eliminate criticism, but it did change the tone of it. And tone is often a lagging indicator of whether an industry is adapting in the right direction. Here’s the thing about disintermediation narratives: they tend to assume that if you remove one layer, everything becomes simpler. In practice, complexity doesn’t vanish — it just moves. It expresses itself differently. Vendors still don’t want to manage thousands of small relationships directly. Partners still don’t want to onboard dozens of vendors one by one, each with unique billing, support, and enablement models. And customers still expect solutions to work together, reliably, at scale. Distribution absorbs a lot of that complexity — quietly — and that’s why it often looks invisible right up until the moment you try to remove it. And what’s striking is that distribution’s next chapter may be its most ambitious yet. The major cloud marketplaces — the very platforms that were once framed as distribution’s replacement — are becoming a space where distributors are actively carving out a role. Not competing with marketplaces, but integrating with them — helping partners navigate multi-cloud procurement, manage billing complexity across platforms, and make sense of an increasingly fragmented buying landscape. Industry research suggests the channel will handle the majority of enterprise marketplace transactions within the next few years. That’s not despite distribution — it’s increasingly through it. At the same time, distribution is stepping into AI enablement — not just listing AI-powered products in a catalogue, but helping partners evaluate what to trust, how to deploy responsibly, and how to build services practices around fast-moving technology. That’s a governance and advisory function. It’s a long way from moving boxes. None of that was in the job description twenty years ago. But it’s a natural extension of what distribution has always done: absorb complexity so the rest of the ecosystem doesn’t have to. Some distributors disappeared. Others merged. New ones emerged with radically different focuses. That’s not failure — that’s evolution doing its job. The broader lesson here isn’t really about distribution at all. It’s about ecosystems. Industries that survive disruption aren’t the ones that never change. They’re the ones willing to let old versions of themselves die so that new ones can emerge. Distribution didn’t survive by insisting it was always right. It survived by changing often enough — and decisively enough — that its role stayed relevant even as individual players did not. That’s a much harder path than simply defending the status quo. And it’s one that doesn’t always look graceful from the outside. So yes — I could have been writing that distribution was about to be disintermediated since the late ’90s. And every few years, the argument probably sounded stronger than the last. But the reason I didn’t is simple: the prediction never accounted for how adaptable the model actually was — or for the fact that the underlying problems distribution solves never really went away. If anything, they just changed shape. And as long as that’s true, the obituary for distribution is probably still a long way from being written. At least, that’s how I see it. But this is a space built on the experience of those who live with distribution day in and day out, not theory — and I’m very aware that my view is only one angle on a long and complicated story. If you’re an MSP, a VAR, a vendor, a distributor, or someone who’s lived through a few of these industry transitions yourself, I’d genuinely love to hear how you see it. What am I missing? What has distribution gotten right — or wrong — in your world, to allow it to survive? You can leave a comment, drop me an email, or find me on LinkedIn. I read it all, and it shapes where this conversation goes next. That’s it for me today. For ChannelBuzz.ca, I’m Robert Dutt, and I’ll see you in the channel.

Jeff Collins, CEO of WanAware The last time the channel faced a shift this fundamental was the rise of the hypervisor. That transition reshaped everything, but it happened inside the four walls of the data center. What’s different about the current moment, argues WanAware CEO Jeff Collins, is that AI workloads, inference nodes, IoT, and SCADA infrastructure are being bolted onto customer environments without the kind of formal network redesign that virtualization demanded. The result is a growing visibility gap that most MSPs don’t realize they have. Collins points to a striking finding from a WanAware survey conducted in late 2025: when business leaders were asked about their visibility gap, they rated it extremely high. When IT was asked the same question, they rated it low. Both were technically right. IT was measuring visibility against the machines in their purview – Active Directory, database servers, web front ends. The business was measuring it against everything else: Kubernetes workloads, cloud functions, agentic AI processes, and infrastructure that might not exist tomorrow. That disconnect is why MSPs can show perfect MTTR and SLA performance while the customer is saying you’re failing. The conversation covers where traditional monitoring breaks down, why 30% false positive rates persist even after major platform investments, and how ephemeral workloads designed to disappear create alerts that will never resolve. Collins makes a compelling case that MSPs need to push visibility up the OSI stack, from layers one through three into the application and business logic layers where margin is significantly higher. He shares a practical framework for how to start, using vertical industry knowledge – particularly in sectors like Canadian oil and gas, where SCADA networks and AWS IoT Core infrastructure represent opportunities to grow a $1,000-a-month customer into a $30,000-a-month engagement. Read Full Transcript Robert Dutt: Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and still your host for the show. Today we’re talking about a problem a lot of MSPs and channel partners are starting to feel, even if they don’t always have a name for it yet, and that’s visibility. As AI workloads, hybrid architectures and distributed endpoints become the norm, network traffic is changing faster than the tools that many partners rely on to understand what’s actually happening inside their customers’ environments. My guest today is Jeff Collins, CEO of WanAware. Jeff spends a lot of time with service providers and enterprise teams dealing with this shift, where accountability for performance, security and uptime is increasing, even as environments become harder to see and harder to diagnose when something goes wrong. WanAware operates in the network and infrastructure visibility space, but this conversation isn’t about the tools, the dashboards. It’s about how blind spots form in modern networks, why they’re easy to miss until there’s an outage, a security issue, or an SLA failure, and what partners need to understand as AI-driven infrastructure quietly reshapes traffic patterns and dependencies. In this discussion, we’re going to explore where traditional monitoring starts to fall apart, how partners can rethink what good visibility really means today, and why the ability to see what’s happening across distributed environments is quickly becoming both a risk issue and a business opportunity for MSPs. If you’re responsible for customer outcomes, but you don’t always feel confident you can see everything that matters, this conversation is for you. [MUSIC] Robert Dutt: Jeff, thanks for taking the time. I appreciate it. Jeff Collins: Thanks, Rob. Thanks for having me on. Robert Dutt: You’ve been advising partners, MSPs, VARs, these types of folks through a lot of change over time. Why does this moment with the rise of AI workloads and the continuing trend of hybrid networks feel like a real inflection point rather than sort of just the next evolution of the way things look? Jeff Collins: I think one of the biggest reasons why is because it’s so transformational to what MSPs and resellers and VARs and distributors have dealt with for, let’s say, the last 25 years. If we think about the last major inflection point that they dealt with was really kind of the realm of the hypervisor, this ecosystem where no longer did we have to have a server running an operating system, and that created kind of the whole ecosystem we deal with today. It created cloud, it created containers, all those things were built off this concept of a hypervisor. That was really the last major transformational thing that has happened. Now we fast forward to today and we’ve got this era of AI. We’ve got this era where we’re now taking agentic approaches, generative approaches, to things that our customers deal with every day. When I talk about our customers, those are the customers of the MSP, those are the customers of the reseller, the distributor. Not only are they dealing with that, they’re dealing with this massive evolution in the customer base, but they’re also having to do that same evolution in their own environments. If you’re an MSP and you’re focused on infrastructure, or you’re an MSP and you look more like an MSSP where you’re focused on security, now you’re starting to have to deal with, “Okay, I’ve got these tools, I’ve got these people, I’ve got these agents, I’ve got all these entities inside of my business that are doing something for my customer.” But now I have to think about how am I going to do that faster? How am I going to do that better? How am I going to do that more effectively? Because our customers are getting much more advanced. That’s really one of the biggest things that I see that we’re seeing a lot of, that “Where do I start?” from the channel partner community. When we think about the channel, we know all this stuff is going on, but it seems like such a Herculean lift that I think sometimes it’s hard to know where we make that first step. Robert Dutt: That makes sense. A lot of this, a lot of AI especially, and to a degree sort of the hybridization of the network, that complexity has come on without kind of a formal network redesign. Like you mentioned the transition to hypervisors and that necessitated rethinking how things were done because it was a physical change. Whereas a lot of, especially with AI, it’s kind of being bolted in, added on as you go. Why does that make the environment today harder to understand than maybe it was for past transitions when you’re sitting there watching it as an MSP or other partner? Jeff Collins: Well, I think one of the biggest reasons why this era is so much more difficult than the last transition is because we’re not bound by the four walls of our proverbial house. If we think about when we dealt with the last transition, every customer, their physical server sat inside of something they control. So we’ll refer to it as their house because that’s the easiest kind of comparison we can do. In today’s world, there’s certainly a lot that exists in our customers’ houses and in the houses that the MSP or the reseller or the channel partner or whomever it is are engaged in. But so much of that’s going outside of those walls. And when we think about AI, AI is certainly outside of those walls. I mean, we might be dealing with Anthropic, we might be dealing with ChatGPT or Gemini or the thousand other agentic or generative approaches that are out there. Those are all over the place. And now we’re asking these entities to take oftentimes a process-driven approach that they’ve had for 20, 25 years. And how do you change that process-driven approach when you don’t really know where those workloads, where those assets, where that data is going to reside either today or tomorrow, or even if that data that we’re looking at is even going to exist tomorrow. That’s this whole realm. I mean, we’ve been talking about ephemeral workloads for, you know, let’s call it 14 years, 15 years since really the rise of AWS. But now we’re starting to deal with these ephemeral workloads, not just in the realm of infrastructure, but also in data, in generative concepts, in agents. You know, historically, we had Bob Smith, who might have worked in the NOC. Well, tomorrow, Bob Smith is an agent. What does that look like? It’s AI. What did Bob Smith do yesterday? Did Bob Smith, the new agentic version of Bob Smith, did that person do the right thing, the wrong thing, the incorrect thing? How do we manage that? How do we deal with that? How do we process that? Those are all the things that are across the board, just happening at massive rapid scale. And so, you know, it’s a really difficult time right now to be an MSP or a channel partner, but it’s also an amazing time to be an MSP or channel partner. You know, our world, our capabilities are advancing so fast. You think about one of the simplest use cases that’s out there that all of us think is simple, that MSPs deal with every day, is a circuit outage. You know, a telecom circuit goes down and it’s connected to SD-WAN or it’s connected to a router or it’s connected to some type of device that’s out at the prem. And historically, every MSP on the planet’s dealt with it kind of in a similar way. We get an alert from a monitoring system that feeds a ticketing system. It pops up on a tier one agent’s dashboard. The tier one agent looks at it, they verify power, they verify if the router’s operational, and then they open a ticket with a carrier. And then they, and that’s the hurry up and wait type of world. Well, now in the era of AI, that changes that quite a bit, because every one of those things are very process driven. We don’t need people for that anymore. So now we can have a system take that process flow on, do that. Now, historically, we could use a system to do that. We could write automation and a lot of MSPs did that historically, but the problem with automation is automation is static. When we leverage AI, we can leverage enrichment that helps influence that agentic approach. And so now if there’s a nuance going on, let’s say an example is there’s a global power outage. So let’s say there’s a power outage in the entire Vancouver area. We know that. Well, historically, if we’re looking at that, we see all these customers that are down, we might through a tier one agent approach, a person-based approach that following a process, or even an automated approach, not really correlate that. Because if the MSP is in, let’s say, Montreal, they might not realize there’s a large scale power outage in Vancouver, which is thousands of kilometers away. And so when we think about that, that’s really where these things can change a lot from an agentic perspective. And then the MSP gets the joy of being able to repurpose that person to be much more valuable to their organization, that tier one person can become tier two, and that can really start changing that dynamic a lot. Robert Dutt: Most MSPs would have historically said we have good visibility across what our customers are doing. And probably I would say most believe they have good visibility today. Where does that confidence most often turn out to be misplaced or to start to break down as the model shifts? Jeff Collins: Yeah, so I would 100% agree that most MSPs, when workloads are static, have great visibility. The problem is that in today’s world, so many workloads are becoming dynamic. And we see that change happening consistently. You know, customers, you know, historically MSPs had problems monitoring services inside of a cloud provider. You have ephemeral workloads, you have workloads that aren’t necessarily a server, they’re much more like a service. So you have things that might be a Kubernetes instance, they might be a Kubernetes runtime instance, they might be a function. Those are all things that are crucial to the operation of a customer. They’ve taken those workloads that historically operated on a machine. And they’ve taken those workloads and now they’re in some type of small form factor instance that exists for a very short period of time. That’s been very difficult for MSPs to deal with across the board. But now we take that same concept and that same concept goes outside of the cloud providers. We now have that moving into inference nodes. We now have that moving into IoT and IIoT and OT, where we’re starting to deal with these ecosystems where these workloads are very ephemeral by nature. They might exist for a short period or components of those might exist for a short period, or the way that those are correlated and analyzed might exist. But if you think about inside of a customer from a business risk perspective, those actually carry the highest business risk. An individual Windows 2012 server has some level of business risk. If it’s running SAP, probably a higher level of business risk. But if it’s one Active Directory node and the customer has 100 machines in Active Directory, it doesn’t really matter in the scheme of the world. And so those are the realities of what happens as we kind of think through this stuff. And so for MSPs, this really drives that visibility gap. You know, we did a survey earlier this year, or actually late last year, sorry, in 2025. We did a survey across the board asking business leaders really what the visibility gap was and what they believed. And we asked business leaders and we also asked IT. It was really interesting to see kind of the dichotomy. When you ask the business what the visibility gap was, it was extremely high. When you ask technology what the visibility gap is, it was really low. Now they were both technically right. And here’s why. So IT was thinking about the visibility gap of the machines that they understand, the machines in their purview. So those might be, you know, an Active Directory server, a database server, maybe you have a web front end. Those are all there. And those are 100% being monitored to that IT team or to that MSP. The problem is, is the business itself is operating on a whole bunch of additional workloads that IT doesn’t necessarily have purview to. And so because of that, we start ending up with this difference of visibility. And that’s why oftentimes when you’ll go and you’ll talk to a customer or you’ll go and you’ll talk to the business itself. And the business is saying, why do we have this MSP who works for us? This MSP isn’t doing anything. And the MSP is coming back with these great reports that are showing MTTR is consistently dropping. You know, initial response time, triage time is consistently dropping. We’re blowing out every single metric that we provided you in an SLA or an SLO. And the business is coming back and saying, but you’re failing. And the MSP is saying, I don’t understand. We are not. And here’s all the metrics. And it’s because of this difference in resources that exist, that is what is happening. And so I think that’s one of the big areas that we always have to think through is, you know, as we’re looking at things and as MSPs look at things, they have to continue to be pushing upward inside of the business to understand all those areas that the business is driving that IT, who they’ve historically sold to, may not know about those resources, especially in a lot of these other spaces, AI, IoT, IIoT, OT, ephemeral workloads, cloud workloads, those types of things that are often outside of that scope. Robert Dutt: Yeah. I guess when you’re looking at sort of your visibility stopping basically at the edge of the organization, you’ve got all of this out there, pretty significant impacts on real world issues like latency, like security exposure, like the ability to meet those SLAs that you signed up for, those kinds of things. Jeff Collins: Yeah. Yeah. 100% agreed. And, you know, when you think about the core components that an MSP does, you know, MSPs generally deal with availability and they deal with performance. When you add in the MSSP, now we add in the security component. And some MSPs and MSSPs are more hybrid-based approaches. They may deal with all three. But as you kind of look at those, those core tenant areas have become much more difficult, especially in the last 10 years, certainly in the last year. I mean, the last year has been so disruptive for all that we do. And it’s because those pieces have become much less simple. You know, if I go back 25 years or even 20 years, customers by and large used MPLS networks, rather simple to monitor. You have guaranteed jitter, you have guaranteed latency, you have, you know, all these things that are very easily assumed by an MSP. So if latency exceeds 74 milliseconds between these two individual locations, that breaks the SLA that the provider provides and it’s an easy conversation. You need to go fix this. This is not okay. Well, in today’s world, most of our customers don’t have MPLS networks. Most of them have, you know, sometimes now it’s satellite. They might have Starlink for LEO. They might have 4G or 5G, depending on what portion of the world they’re in. They might have some type of broadband service, fiber broadband, or copper broadband, or some other type of realm. Well, those don’t necessarily have SLAs for that in any way, shape, or form. We may luck out and they have an availability SLA. Maybe it’s three nines or two nines, or maybe not even two nines, depending on what type of service that is. And then when we start moving inside of the network, outside of the service provider, outside of the circuit provider itself, we start moving into other arenas that look like this. You know, historically we had a Dell server, an HP server that had a mean time before failure. Well, that’s pretty easy to understand. If I have a server and it’s going to run for 25,000 hours, it’s easy to understand that life. But when now we’re starting to get services that have an expected failure, and that expected failure is generally measured in less than a year, because the assumption is that the software, the application, resolves that issue. If you’re an MSP and you’re not monitoring the application and you don’t understand the application, you’re now chasing outages that don’t matter. And that’s one of the other things that’s really hard. And we see this all the time. You know, I’ll talk to MSPs and they’re like, “Jeff,” and it goes back to that same conversation we had before of not knowing the business. “Jeff, we get, today we have 30% of our tickets that become false positives. What do we do about that? We’ve gone out and we’ve bought the newest monitoring platform. We’ve implemented AI. We’ve implemented all this automation. We spent $20 million doing that.” These are all real things that I have in conversations with MSPs. And at the end of the day, they still have 30% false positives that they’re working. And the reality is, is because it’s certainly an outage. There was 100% an outage that happened. But the reality is that outage was never going to get restored because the outage was designed. You know, that workload disappeared. A DevOps team or a DevSecOps team deployed a new environment and that workload is now gone. And there’s a brand new workload that you’re not monitoring right now. You know nothing about it. And those are the things that we all collectively have to continually evolve to. It’s that driving up the stack. You know, one of the things that I often see is, you know, we have this proverbial thing that we’ve all dealt with, the OSI model. You know, there’s seven layers to that OSI model. So often in MSPs, we focus on four of them. The problem is, and most MSPs only focus on the first three. They don’t even focus on the fourth one. The issue is, is there’s three more. And those three more are what get driven by the business. And so the more that we can focus on visibility within those three, understanding that, bringing that into our tools, that drives additional value. It also drives significantly larger margin. You know, if we think about margin contribution at monitoring a telecom circuit, that’s a pretty low margin at this point in time. There’s a lot of automation around that. Monitoring a server – that world used to be high-margin, but it’s compressing. Customers are increasingly doing more of this themselves. They’re doing automation directly into their CI/CD pipeline. So it becomes this knife fight. And there’s more and more MSPs that are out there that are also fighting for that same share of market. And so the key is, the more that MSPs can go up market, they can understand, you know, I hate to use this term digital transformation because it literally gets overused every day by every marketing team on the planet. But the reality is, is that if we go behind this marketing abomination of this term, and we actually look at what happens, there’s a ton of value that we can go after. And if we go after that value, and we go after what people are trying to do, we align with that, we can now take those same products, those same processes that we’ve historically had as MSPs, and we can really start evolving that. Moving upward, driving in significant value, taking our tool sets that we may have today, maybe those can evolve with us, maybe we have to make new changes in our tool sets. But the reality is we’re driving that margin upward. So we’re going from maybe our contribution margin to our business today is 30%, let’s say, we can start moving back up into 60, 70, 80% contribution margin from a managed services perspective, which is where we all want to be. We don’t want to be fighting knife fights for 30%. It’s just hard, it’s difficult. Our customer acquisition costs are still generally high. We have salespeople, we have marketing efforts, we have all those things that we’re burning through every day. And we need more and more market share, we need more and more assets that we’re monitoring. And as a result of that, we need better ways that can contribute higher margin and create stickier customers that we’re not in those knife fights with. Robert Dutt: The situation seems to be putting MSPs in a situation where they’re increasingly accountable for outcomes that they can’t fully see the contributing factors of. Before you move on, I just wanted to double click on that just a little bit and just ask, how does that change kind of the risk profile for an MSP when you’re accountable for those things that you don’t completely understand or have complete control over? Jeff Collins: Yeah, I would say a lot of that. And one of the things that MSPs have to think through is a lot of that starts at the sales cycle. If you don’t ask the right questions at the sales cycle stage, oftentimes you get pushed into that ecosystem. When you’re looking at the core functional plumbing behind what a customer is trying to do, and that’s the only thing you’re looking at, you often get siloed into that ecosystem. You’re looking at a server, you’re not looking at SAP. One server going down in SAP doesn’t necessarily mean SAP has a problem. But if that one server is the only HANA server in SAP, that’s catastrophic. You know, it’s this realm of contextual knowledge. Historically MSPs have that contextual knowledge, but it’s all the way at tier three and tier four. That contextual knowledge has to move to tier one. If MSPs want to get to the arena where that is no longer a problem, the contextual pieces have to move downward. You have to go from a hero-based MSP to a process-driven MSP. So many MSPs are built on heroes. It’s really hard to build a scalable business off heroes. You have to have heroes. Heroes are the people that when everything breaks and the world is on fire, they’re the ones who carry you through. And those heroes we want to have, we want to empower them, but they can’t be doing the stuff that should be done at tier one. So if we take that exact same question that you had, Rob, that question is, you know, how do we make, at the end of the day, how do we make MSPs more relevant to their clients and much more aligned with what the client’s trying to do? And that’s by taking the contextual knowledge of what the customer is trying to do, aligning that with the tactical approaches that the MSP is trying to do, and having a very crystal clear playbook of how this tactical component makes up this strategic initiative inside of the business. So we’ll take that, we’ll take that simple example. I shouldn’t say simple. SAP is far from simple. But the reality is, is that SAP is something that customers rely on. And when they rely on that, if SAP goes down the business goes down. And if you have an MSP that’s monitoring that, and at the same second of the same day, the MSP gets 36 tickets. We’ll just pick a random 36 number. 36 severity one tickets come in at that point in time. One of those severity one tickets is for SAP HANA. And the customer only has one instance of that. And that is taking down a large company. So that’s the first ticket. The next 35 tickets are for ephemeral workloads that the customer migrated off of, you got the alert, they migrated to a brand new ephemeral workload. And the 35 don’t matter. They’re false positives. But the one fully matters. In every single MSP on the planet, those 36 tickets are eligible for the same response interval. That’s a pretty tough average to be able to. Are you going to luck out and get the one? Or are you going to luck out, or not luck out, for lack of a better term, and work 35 false positives before you get to the one that matters? Now, most MSPs are going to tell me and they’re going to tell us that, well, we have more than one tier one path. That’s great. But the reality is you need to be responding to that one ticket right now. And you need to understand that that one ticket matters. And the only way you can do that is by starting at the beginning, starting with the sales cycle, understanding what customers are doing. If you’ve already gone down the path and the customer’s embedded, use your customer support teams. Understand what your customers are doing, start layering in that context, start enriching that data, knowing what that actually feeds, and understanding the dependencies and interdependencies inside of that. So if that server goes down, certainly you could by virtue say a database server going down is a SEV-1, but it may not be. If they have four database servers, they’re running in a high availability group, who cares? If one goes down, not the end of the world, go fix it tomorrow. That’s where context, that’s where understanding those dependencies is so crucial. And I mentioned at the beginning of this is how do you take that first step forward? We always take this first step forward and how I instruct MSPs is start doing things like this, take this step forward, break this down into simple programmatic approaches. And when we think about AI, it’s the exact same idea. We move steps forward, we have agentic, we have generative. Pick one, pick an area you want to focus on with your customers, understand the business outcome they’re trying to do. And if you have an inference engine, that’s going to be really crucially important here. So let’s understand that. Let’s monitor that. Let’s understand the intricacies related to how that customer is leveraging it, why it’s important. Are there latency constraints? Are there packet loss constraints? Those types of things. Let’s monitor to that and let’s understand how that happens. And if a customer has an application on the back end, you know, maybe they have New Relic or they have AppDynamics or they have some type of APM toolset, great. Let’s start bringing those into our monitoring. Let’s start bringing that intelligence in, understanding application flows, understanding dependencies, building that to be part of our story. And now we create so much more opportunity for us as an MSP driving that contribution margin northbound. Robert Dutt: So it sounds like we’re kind of defining good visibility in a modern environment and kind of setting up for looking forward as understanding what actually matters to the customer and understanding what kind of flows into it, what all results in that thing that’s important to the customer still being up, still being running, still being functional, and kind of work backwards from there as opposed to the more “this machine is working, this machine is not” kind of approach. Jeff Collins: Yep. Yeah. You want to go from tactical to transformational. That’s really the idea. Robert Dutt: And you shared kind of the idea of the first step to do towards that. I guess as you’re moving towards that first step, you know, is there any one question or kind of mindset that you find works for MSPs to have in mind or asking customers to surface those blind spots and really start to understand what that context is that they have to have? Jeff Collins: Yeah, that’s a really good question, Rob. And, you know, there’s some things that I do tell MSPs to start with before you ever ask that first question. One of them is kind of some of the simple, let’s call it research that you can do before you ever reach out to your customer. One of the easiest things you can do is start by what industry are they in. You know, in Canada, Canada has a lot of oil and gas, lots and lots of oil and gas companies exist in Canada. And so if you have an oil and gas company, we can start right off the bat with a lot of the things that oil and gas companies live and die with. And we’ll just pick on this one as an example. So oil and gas companies have SCADA networks. They have industrial IoT devices that are out there. They’re processing massive amounts of data. That data may be going into the cloud. It may be going into a data center. It may be going into some type of vault or something like that, depending on what they have. But each one of those are things that, as an MSP, you can start out before you ever ask your customer anything. You know that those are the things that exist in their environment. And you can quickly look and see, well, am I monitoring any of those? Well, no, I’m only monitoring Active Directory. Okay, Active Directory is probably important to the oil and gas company. But if it goes down, do they quit producing oil? The answer is probably no. And so if your answer is ever no, you know right off the bat that you’re not monitoring something that’s strategic to your customer. And so the first thing that you should always think about is, okay, if we have this industry, we should be monitoring the things that are strategic. Well, how do we do that? Well, we start with that one step forward. The first thing we talk to them about is just like when we went out and we sold that initial monitoring of Active Directory, they did it because they didn’t have time for it. There’s no oil and gas company on the planet that has time to be monitoring their SCADA networks. They just don’t. They may tell you that they do, but they don’t. So leverage your relationships, leverage your engagement with them and go after those pieces. Understand, you know, if they’re in AWS IoT Core, understand what that looks like. Understand who’s monitoring that. Understand how DevOps is working within that space. Maybe it’s DevSecOps inside of that environment. Understand that convergence of the teams and then start building a story around, you know, let’s take that on for you. Let’s start changing that. Let’s use the same paradigm that we’ve done, driving MTTR down, driving availability up, driving resolution times down, all those types of things. Let’s bring that into the era of SCADA networks, IoT, our core infrastructure. That’s where we start changing the value inside of our customer engagements. And that’s really where I see a huge opportunity for MSPs across Canada, where you can take that environment, you can take those opportunities you already have, and you can grow them from, you know, maybe you bill that customer $1,000 a month. You can grow it to billing them $20,000 or $30,000 a month, but it’s the most crucial $30,000 they spend. Because, you know, if that offshore environment or that, you know, oil sands environment or whatever it might be within the oil and gas space or in the energy sector, whatever it might be, those things are crucial to their business. And so the more that MSPs can kind of make that step forward, and then also start incorporating AI, every single one of those entities is incorporating AI. They’re incorporating it directly into their pipelines. They’re incorporating it directly into their data pipelines, not just the oil and gas pipelines, but each one of those, the more you can incorporate that, the more you can monitor, the more you can show value of everything that you do amazing as an MSP, that’s really where you start creating that intrinsic strategic value and you get out of that tactical approach. Robert Dutt: And the good news is for a lot of these folks in the MSP space, presumably they have some of these pieces already in place, just not necessarily connected up to the technical side, i.e. sales and marketing have been focused on a vertical. And even if they haven’t, because they have customers in this space, they’ve built some of that muscle memory, some of that knowledge of what really matters. Now it’s just a matter, hopefully, of connecting it into the services that they’re offering. Jeff Collins: Yep, totally agreed. Robert Dutt: All right. Well, it’s been a really interesting look at sort of where visibility is at. And I think a real interesting opportunity that you’ve surfaced in terms of how it can be turned into a value conversation. I appreciate your taking the time. Jeff Collins: Sounds great. Thanks so much for having me on, Rob. Robert Dutt: There you have it, my chat with Jeff Collins from WanAware. I’d like to thank Jeff for sharing his insights. The thing that stuck with me from this conversation is how much of what’s changed in the modern network hasn’t been designed in, it’s been bolted on. AI workloads, hybrid architectures, IoT, SCADA, all of it layered into environments without the kind of formal rethinking that happened when we moved to virtualization. And Jeff made a really compelling case that for MSPs, closing that visibility gap isn’t just a risk management play, it’s a revenue opportunity, and potentially a significant one, especially in verticals like energy and critical infrastructure where visibility is tied directly to uptime, safety, and compliance. We’ll be back on Monday with In Case You Missed It, your weekly news roundup. Thanks for listening. I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Merium Khalid, director of SOC offensive security at Barracuda Every year, security vendors publish threat reports. Most say variations of the same thing. But Barracuda’s Managed XDR Global Threat Report stands out for a reason that matters to MSPs: it’s built on operational data from a managed SOC that protects the kinds of organizations MSPs actually serve. More than two trillion IT events. Nearly 600,000 security alerts. Over 300,000 protected endpoints, firewalls, servers, and cloud assets. This isn’t a survey of sentiment. It’s a record of what actually happened. Merium Khalid, director of SOC offensive security at Barracuda, joins the podcast to walk through the findings. The headline stat — that 90 per cent of ransomware incidents exploited firewalls through unpatched vulnerabilities or compromised accounts — sets the tone, but the conversation goes deeper, including why the most commonly detected vulnerability dates back to 2013. Merium explains how attackers are abusing the same tools MSPs rely on every day — ScreenConnect, RDP, PowerShell, and in one case, Datto RMM — to move laterally while mimicking normal IT operations. As Help Net Security noted, attackers keep finding the same gaps, and Merium makes a compelling case that the 100 per cent rogue endpoint finding is fundamentally an asset management problem that doesn’t get the attention it deserves. We also cover the growing role of supply chain risk, with 66 per cent of incidents now involving a third party (up from 45 per cent the year before), and what that means for MSPs who are themselves the trusted third party for their clients. We close with Merium’s practical advice for resource-constrained security teams. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT solution provider community for the last 16 years now. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always, your host for the show. Last month, Barracuda released its Managed XDR Global Threat Report, drawing on more than 2 trillion IT events from 2025 to map how attackers are actually getting into networks and what’s making it easier for them. Some of the numbers were striking. 90% of ransomware incidents exploited firewalls. The fastest case went from breach to encryption in three hours. And every single incident the team responded to involved at least one unprotected or rogue device on the network. Today I’m sitting down with Merium Khalid, director of SOC Offensive Security at Barracuda, to dig into what the data actually means for MSPs and the customers they protect. We’re talking about why firewalls keep failing despite years of the same advice, what it looks like when attackers hide inside the legitimate tools MSPs use every day, and where the blind spots are that most organizations don’t even know they have. So let’s get right into it. My chat with Barracuda’s Merium Khalid. Robert Dutt: Merium, thanks for joining us. Merium Khalid: Thanks, Rob. Thanks for having me. Robert Dutt: The report’s been out there for about a month or so, I guess. From your vantage point, running offensive security and in the SOC at Barracuda, what conversations has it sparked with MSPs and with their customers? What’s resonating and what are people still not taking seriously enough? Merium Khalid: Yeah, great question, Rob. So in terms of the key findings, I think that’s really what the report is focusing on, and that is really what is resonating to our MSPs and our customers and our core customers, is that there is at least one rogue device involved in any of the security incidents that we’ve worked on. And what I mean by a rogue device, it’s basically a device that’s unprotected, unmonitored within your environment. So that kind of becomes like a home or a ground for the threat actor to kind of stay and go under the radar. And I think a lot of our MSPs are finding that interesting. And I think it was one of the most shocking findings as well for us too. It’s the asset management. I don’t think asset management and making sure you are aware of all the assets in your environment, I don’t think that is emphasized enough. And I think that this report kind of makes that in the forefront. Robert Dutt: A couple of things that can certainly shape customer conversations. Merium Khalid: Yeah, for sure. Robert Dutt: One of the headline stats is that 90% of ransomware incidents exploited firewalls, often through old vulnerabilities. The most common detected vulnerability in the report dates back more than a decade, 2013. So this isn’t new advice, but why does this keep happening? Is it a tooling problem? Is it a process problem? Is it a human prioritization problem? Why do we keep running up against these old flaws as current foes? Merium Khalid: I think it’s both. I think it is a human problem, resource problem, resource gap. It’s also not having proper policies in place. It’s also just the advancements with AI as well. Being able to, threat actors are using it, being able to exploit firewalls at a faster level. And essentially what’s happening here is firewall exploitation is very, very common because it is kind of the low hanging fruit in terms of it’s usually the first public-facing asset in a customer’s environment. So you have people working remotely, so they’re VPNing into their organization’s environment. They’re using some sort of SSL VPN. And SSL VPN, I found, is to be one of the biggest root causes for ransomware attacks because we don’t have the proper tools in place. So there’s no MFA in place, or maybe there is a leaked password out there on the dark web where the account is still active, so no, there isn’t proper account management. So I think it’s not one thing that you can point at like, hey, this is a root cause and this is causing all the problems. I think it’s a combination of people, process, and technology. Robert Dutt: So if I’m an MSP and I can’t patch everything overnight, especially in multiple customers and complex environments, where should I be triaging firewall risk more intelligently? Merium Khalid: Well, prioritizing. Prioritizing what are your critical vulnerabilities? If you have a FortiGate firewall, if you have a SonicWall firewall, and there is a zero-day out there, there’s a new vulnerability out there, that is something you want to prioritize right away. But again, you need visibility for that. You need to know that there is a vulnerability out there. So with XDR, what we do is we actually release advisories. So if there is something critical out there, we try to inform our customers as soon as possible. And we have also released a managed vulnerability service as well. So we will scan your environment for any critical or low-medium vulnerabilities and prioritize it in order and give you a report of what you need to patch and how you need to patch it. So having some sort of vulnerability scanning, quarterly, monthly, yearly is very, very important, but also having some sort of visibility as well. Robert Dutt: In the report, the fastest ransomware case went from breach to encryption in about three hours, if I recall correctly, and 96% of incidents involved lateral movement that ended up in ransomware deployment. What does that timeline say about how realistic it is for an MSP security team to detect, contain, mitigate an attack manually? Merium Khalid: Even the three hours, I would say, is sufficient time because you don’t want to detect a ransomware attack after the three hours. You want to detect a ransomware attack in the beginning of the attack life cycle. So in the initial act, if they’re trying to brute force your firewall or you’re seeing some sort of suspicious login within your SSL VPN, before they even start moving laterally, you want to detect that before it happens. But again, with XDR, what I think what stands out the most for us is that we have detections across each of the attack phases. So if there is lateral movement, we want to be able to detect that. If they are using some sort of remote code execution or some sort of PsExec tool or some sort of tool to move laterally across the network, we want to be able to detect that with our endpoint detection or our server monitoring. So the three hours may seem like a short time, but it’s actually not. I think most important is detecting early on. So prior to the three hours, detecting at the first phase of the attack rather than the threat actor being there and encrypting. Robert Dutt: And those things you talked about were the earliest reliable signals that something’s going wrong, but we aren’t to the encryption point yet. Or is there another, this is the thing you should watch for first? Merium Khalid: Yeah. I mean, again, you want to watch for early signs, right? You want to watch for any sort of privilege escalation that’s happening, any sort of logins from suspicious locations, any sort of spike in your baseline behavior, any sort of brute force activity. I think those are the early signs you want to watch for. But I think the main thing I would say is monitoring. Make sure all your assets, you have server monitoring, EDR monitoring in place. Because a lot of the times, this is actually very important to the data in the report, is these customers that did get hit with Akira or RansomHub or Cactus, they had some sort of gap in the monitoring. So they did not have the full XDR suite deployed. It’s just like protecting a house. You don’t want to just protect the front door. You want to protect the back door and the windows as well. So there was some sort of gap in the monitoring, which then led to the threat actor going undetected. So the first thing you want to do is actually make sure you are monitoring everything, that you have comprehensive monitoring across your environment. And that’ll make it a lot easier to detect the threat actor in the early phases. Robert Dutt: One of the themes that stood out to me and something that I feel like I’m hearing a lot more recently is the theme of attackers abusing legitimate tools. ScreenConnect, RDP, PowerShell, even to your monitoring point, RMM tools in some cases. And these are tools that MSPs are invested in and living in every day. How should MSPs be thinking about what normal IT behavior looks like in their own network and on their clients’ networks? Merium Khalid: Yeah, I think that’s a really, really good point. So when it comes to using legitimate tools, you always want to look at who is initiating the usage of a tool. Is it an admin account or is it a service account that’s dedicated to this sort of activity for their regular operations? Usually when it’s associated with some sort of admin account, that can be indicative of malicious activity, but also you want to look at activity before and after, right? So if you have brute force activity, you have privilege escalation, any sort of activity that’s not in the norm, and then you’re seeing the use of like PsExec, RMM tools, RDP, then that could indicate some sort of attack. So I think, yes, it is a kind of tricky area or a blurry area, but that’s where your intelligence and different tactics and techniques come into play, right? So threat actors are known for using these tools so they could go under the radar. But because of that, we’ve learned from all the incident response that we’ve done the different tactics and techniques that they use. So we know what to look for and we know what is suspicious and what is maybe normal business operations. Robert Dutt: And those are the kinds of things that they should see and kind of immediately see, okay, that’s a red flag. We should drop everything and deal with this urgently. Merium Khalid: Yeah. Yeah. And I think that’s where you want to make sure you have the right skillset and the right people in place looking at your environment, right? Maybe someone from IT might not have the knowledge or the skillset to identify something that’s malicious or normal. So it’s important to have like a 24/7 SOC in place. It’s important to have your security tools in place so you have people with the right knowledge or the right experience looking at your environment. Robert Dutt: We touched earlier on the number about basically every incident involving at least one unprotected rogue endpoint. And also this report talked a lot about the number of attacks that had third party involvement, that was two thirds or so, up from less than half a year ago. Along the same note as the tools, MSPs themselves are a trusted third party to their clients. How should they be thinking about the risk that they themselves are introducing into the equation and the risk their clients’ other vendors are introducing, especially in situations where it’s a complex network? Merium Khalid: Yeah. I think when you are using a vendor, or I mean, everyone is bound to use some sort of vendor or third party tool, right? I think when you are incorporating that in your environment, it’s very, very necessary to make sure you have the right legal and compliance process to make sure that they have, they are doing the best security practices. So making sure they’re SOC 2 audited, making sure they have the right policies in place. So when you’re picking a vendor, I would say, have your legal team involved, have your compliance team involved and do a very comprehensive security review before you kind of incorporate them in your environment. Because yes, like the risk is not just for your organization, the risk carries over to how well is your third party vendor actually practicing the best security practices. Robert Dutt: For the MSP listening to this and feeling like, okay, my tools are potentially compromised, I could be introducing risks, third parties could be introducing risks. What are two or three changes that an MSP can make in what they do or how they do what they do, that would meaningfully reduce risk without blowing up their own mode of operation basically? Merium Khalid: Yeah. Yeah. So I think when it comes to key recommendations from the report, of course, there’s a long list of things you could do, but I think what’s going to have the most impact on your environment is having an audit. So auditing all your active accounts, disabling those that are no longer in use, because as I said, that could become a home for threat actors to kind of make their ground and to move laterally. Also audit devices, right? Having a strong asset management policy is very, very important. This will reduce the number of rogue devices that you have. Also having a patch management policy. So as I mentioned before, 96% of incidents that happened with ransomware, it had some sort of vulnerability or exploitation. I think if you have a patch management policy in place, you can reduce that. And I’m not saying to wait for a vulnerability or a zero-day to then implement it. I think having some sort of patch management policy on a weekly or quarterly basis is really important. And someone who’s dedicated to that in your environment. And then also, I think one of the most important things is having a robust security program to prevent these complex threats. Essentially what that means is having that full coverage across your environment. So across endpoints, servers, cloud, network appliances, email appliances, all your Microsoft 365 environments. So the top three things is auditing accounts and devices, patch management, and having visibility and a security program in place to prevent this. Robert Dutt: The report covers a lot of territory. I think we’ve walked through a lot of the areas that I was kind of most taken by. Any other major takeaways especially for this audience that you’d like to surface in terms of what you found and what it means for the solution provider or MSP? Merium Khalid: Yeah, sure. So I think one of the things I want to talk about is the report is derived from real life data. So we actually, XDR in 2025 logged more than 2 trillion IT events. And this report is derived from real life data from our customers. So 600,000 security alerts issued to our customers. And then from the 600,000, we had 53,000 high severity alerts that led to an automated threat response. So what that means is we had 53,000 high alerts that led to either blocking a firewall, disabling an account, isolating a network. So we blocked 53,000 high severity incidents that could have led to a very high scale attack in their environment. I think that’s a really important thing to emphasize. And we also protected 230,000 endpoints in 2025. So I think just one of the main things here is the data, the report is derived from real life data and real life findings and from real life engineers and analysts that are right in the forefront of these attacks. Robert Dutt: It always blows me away when we talk about security metrics and you have these sample sizes of trillions of alerts, of occurrences. It certainly adds to my awareness of that sense of potential for alert fatigue and just the overwhelm of there is so much going on. One last question for me. If MSPs remember three things from this report, from this conversation, what should they be? Merium Khalid: So three main takeaways is understanding the severity of ransomware. How devastating it can be in your environment. It could literally take your business out if it is a severe enough ransomware. Second, the importance of patch management, making sure all your assets are patched, making sure if you do have public-facing assets in your environment, prioritize that, make that your number one priority. And third, have a security monitoring solution in place. I think that really makes or breaks having the right practices. Robert Dutt: All right. I appreciate that. Thanks again for taking the time to talk through this and go through some of these results as it relates to the channel community. Greatly appreciate it. Merium Khalid: Thanks, Rob. Thanks for having me. Robert Dutt: There you have it, my chat with Merium Khalid from Barracuda. I’d like to thank Merium for sharing the findings of the report and her insights from life in the SOC. If there’s a thread running through this conversation, it’s that the threats aren’t getting more exotic, they’re getting faster. Three hours from breach to encryption, 96% of lateral movement ending in ransomware, and every single incident the team responded to involved at least one device that nobody was watching. The basics still matter. And this report makes a pretty compelling case that audit, patch, and monitor is still where it all starts. Tomorrow on In The Channel, I’m talking to Jeff Collins, CEO of WanAware, about a related problem. The blind spots that form in modern networks as AI workloads and hybrid architectures quietly reshape how traffic moves. If you’ve ever felt that you can’t quite see everything that’s happening inside a customer’s environment, that’s probably a conversation for you. Thanks for listening. I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Adam Hofeler, vice president of go-to-market strategy at Zero Networks Microsegmentation has been on a lot of security roadmaps, but for many MSPs the category has felt like it belongs to the enterprise world – complex to deploy, hard to explain to customers, and unclear as a services opportunity. Zero Networks is making a case that it doesn’t have to be that way, and it’s betting on the channel to prove it. In this episode, Adam Hofeler, vice president of go-to-market strategy at Zero Networks, joins us to talk about the company’s shift from roughly 20 per cent partner-led to a fully channel-first model, built around its updated Zero to Sixty partner program. Adam shares details on new tiering, deal registration protections, enablement resources, and a structural commitment to never compete with partners on deals. The numbers back up the momentum: Zero Networks reported 45 per cent year-over-year revenue growth through MSP partnerships and says it’s targeting a doubling of that figure this year. The company also earned the only five-star rating in the 2026 Gartner Peer Insights Voice of the Customer for microsegmentation, with a 100 per cent willingness-to-recommend score. For Canadian listeners, there’s a specific angle worth noting: Zero Networks currently has no Canada-based staff and is actively looking to build its presence in major Canadian markets through new partnerships. Adam discusses what that early-mover opportunity looks like and how interested partners can get started. We also dig into the growing role of microsegmentation in cyber insurance conversations, how Zero Networks’ identity segmentation capabilities address lateral movement risks in Active Directory-heavy environments, and what “containment as a recurring service” actually looks like for an MSP in practice. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always your host for the show. Microsegmentation has been on a lot of security roadmaps for a while now, but for many MSPs and solution providers, it still felt like something that lives in the enterprise world. Complex to deploy, hard to explain to customers, not always clear where the recurring revenue opportunity is. Zero Networks is looking to change that, and they’re making a big bet on their channel to do it. The company recently went full channel first with an updated partner program called Zero to Sixty, reported 45% year-over-year revenue growth through MSP partners, and earned the only five-star rating in Gartner’s 2026 Peer Insights Voice of the Customer for microsegmentation. Joining me today to talk about all of this is Adam Hofeler, vice president of go-to-market strategy at Zero Networks. We’re going to dig into what the channel first shift really means in practice, where Canadian partners fit into Zero Networks’ plans, and why the conversation around containment and identity segmentation may be more relevant to your next customer meeting than you think. Adam, thanks for taking the time. I appreciate it. Adam Hofeler: Yeah, good to see you, Robert. Robert Dutt: Your team recently published research that analyzed three plus trillion activities across 400 enterprise environments, and the big finding was that most security risk comes from routine abuses of normal trusted access paths, and not from the zero-day exploits, the big attention getters. For MSPs and VARs that are listening, what does that actually mean about where the real risk is in customers’ environments right now? Adam Hofeler: Yeah, that’s a good question. I think when you look at it, we already know that most customers or end users, the bad guys are already in their organization in some form or fashion. They just don’t know it yet. So that if when you look at a security stack that might have detection and response capabilities and some other of those high valued propositions, because when we look at what we do, we’re one piece of the puzzle. But when you look at that, we know that exists. And we already, I think most people say, assume the breach is how fast you can kind of detect it. So when we look at what we do from a technology perspective, we help that blast radius, right? We help organizations prevent attacks, we minimize that blast radius, we maintain business continuity, even when attackers are already inside. So I tell our partners and MSPs to say, “Hey, look, we all agree that something is going to happen, but how do we control that? What does that look like?” And that’s really where Zero Networks comes in. Robert Dutt: And that’s, you know, you touch on sort of going from detect and respond to what I’ll call sort of contained by default as an approach there. How do you explain that shift to a partner who’s kind of built their practice around EDR, around a traditional SOC stack, that kind of thing? Adam Hofeler: Yeah. So our motion today is not like, “Hey, look, displace all these things that you’ve sold your customers today. That doesn’t make sense.” But most of our customers are being asked from a compliance standpoint or regulatory compliance standpoint to do, “Hey, I don’t love using the term, but the zero trust architecture or platform pieces of it, right? That’s a real thing.” And we’re one piece of that puzzle, although a very, very big piece. So when I talk to partners of like, “Hey, look, things that still matter to end users are protecting uptime, revenue, safety while meeting compliance requirements amid financial and operation cyber risks. It exists today.” And regulatory and compliance pieces are still coming down, even though they’ve sold multiple various technologies in cyber. So we’re really good at helping them solve that piece in parts. There are times where we talk about, “Hey, look, this is what an EDR does. This is what we do. This is why we work well together, and we’re not telling you not to have an EDR.” But we also look at it as if you look at all the breaches, and again, we’re not trying to scare anybody, but if you look at all the breaches, almost all of them had an EDR. They all had some kind of technology in that stack, but it didn’t prevent what had happened from a breaching perspective, and we really control that. Robert Dutt: Okay. On the partner program side of things, you’ve moved from, I think it was around 20% partner led to 100% channel first over the course of three years. To step back in time a little bit, what either broke or didn’t work about the old model that led you down that path? Adam Hofeler: Yeah. It was more of a people-type scenario when we started three years ago, we were a younger company, but didn’t have the people or process. We didn’t really have a programmatic approach, and we didn’t have relationships in the partner community. So I don’t view it as a fault of Zero Networks at all, but when I came in and the hiring that we’ve done with the team on the go-to-market side as well as our sales, we really just kind of dug our trenches in to say, “Hey, look, the partner community is where we want to be. They do a fantastic job. They’ve got great relationships. They’ve got technical resources. Let’s embrace it.” So it wasn’t that we were shying away from it. We were just a much, much smaller company. And so with the growth of the people that we brought on board, allowed us to say, “Okay, now we are ready to kind of really do this and focus and concentrate to making sure that the partners not only are happy, but focus on what will make them grow even further or faster with us.” Robert Dutt: A tale as old as time, I think, in the channel space, the sort of company starts to build up direct to some level, then realizes, “Okay, how do we multiply this?” And that’s when you bring in folks who understand the channel and start to build that out. Totally familiar. And that’s exactly it. Let’s talk about Zero to Sixty, the program update specifically. So if I’m a VAR or MSP that’s already working with you guys, what are the two or three changes that I’m going to feel most immediately in how I sell, how I deliver, and how I work with you? Adam Hofeler: You’ll get additional registration or partner protection, not only on the length of time, but the dollars in which you’re going to be protected. So there’s usually some money, financial pieces tied to it. So most individual partners like that. From a company perspective for those partners, we have set an alignment of marketing dollars affiliated with that. So there’s some good things that we can do based on marketing with our partners, having end user events or various things internally as well. Do we have that available to us? And the third thing is enablement, not only on the sales, but the technical side. So those partners that can really embrace our technology, learning it from a technical perspective, we’ll reap some benefits along those lines as well. Robert Dutt: Deal reg and pricing friction in general are perennial pain points or points of discussion in the industry. You’ve talked publicly about mandatory deal registration and no direct competition with partners. I guess the question is, as you scale that, how do you enforce that structurally and culturally? Adam Hofeler: Yeah. It’s a big thing for me and for our company. When we talk about it, in my time of doing something like this, partners really want a couple of things. They want trust. Trust not only from the company, but from the people that they do business with at the field level. They want to be profitable. They want to make money because there’s a lot of technologies that they don’t make as much money, but it’ll cost them just as much on their time, energy, and effort, the value of time. And they want to make sure the technology works. So they can go and sell something else and they can have happy customers. So there’s three things that play a part in that. So we’re really trying to solve those three things and make sure that it’s sustaining, not just for our first year of changing the Zero to Sixty model, but making it a long-lived solution for them that they had a good experience so they’ll keep coming back and back and tell their friends within the organization to say, “Great experience, treated us well, made some good money, and oh, by the way, I’ve got a happy customer.” Robert Dutt: You reported 45% year over year growth in MSP partnerships. Just to clarify there, is that growth in number of MSPs and revenue through MSPs both? What’s the point there? Adam Hofeler: Good question. Yeah, the 45% growth was in revenue from the MSPs, and we’re looking to actually double that this coming year in revenue. We are not looking to scale and grow to just be MSP-centric, but it is a big focus and attention for us. Our technology does lend itself to a great MSP practice. In this space, not a lot of MSPs have the chance and opportunity to leverage microsegmentation based on some other providers and their complexity of the way they can do it. For us, we’ve solved that issue, so we really want to get out in front of the MSP and MSP practice. For those companies that are interested from a partnering perspective, we’d love to talk to them and see where it goes. Making it profitable will have its own separate, unique process from a pricing perspective and procedure, let alone what the technology can do for their end users from a manageability perspective when they manage that. Robert Dutt: You’ve described the MSP opportunity as shifting from reactive incident response to a recurring resilience kind of position. Practically speaking, what does that service look like and what is the MSP actually delivering on an ongoing basis once the initial containment deployment is done? Adam Hofeler: Yeah, so we have the unique ability to produce a risk assessment report so an MSP can show their end users the value that this technology is bringing them from a security, from a compliance piece. Manageability is pretty light on the MSP piece. Our system has an automation approach to what we do and how we do it, so that it takes some hours away from our MSP to focus on maybe some other things while the technology really can help them deliver some of the other initiatives that they might have. While we continue to tag all the assets, which is a challenge in the microsegmentation world, as well as building rules and policies that the MSP would have to do, now our technology can take that burden off of them for the most part. So it’s really helping our MSPs hit a core, I guess, end user state for them, not leveraging maybe all the services that they might have had on another technology. So really a lot of big value added to an MSP and to end users. Robert Dutt: One angle that I think MSPs – MSPs anywhere – are interested in right now is cyber insurance. Insurers are increasingly requiring proof of segmentation and zero trust controls before issuing or renewing a policy. How are you seeing partners use that fact as sort of a door opener with customers who might not otherwise consider this a priority? Adam Hofeler: Yeah, great question. When we do see it, there are some times where cyber insurance comes and we’ve been able to reduce some of that cost for cyber insurance because they have our technology. So there’s a benefit for the end users, I don’t want to say quite immediately, but once they find out that they do have a zero trust or microsegmentation strategy, because at the end of the day, we reduce downtime and minimize serious incident costs. We lower incident severity and faster recovery, improve executive confidence from a governance posture perspective. So these are all things that cyber insurance agencies are looking at that we can accomplish with our technology. So one, I’m thankful that we have it, but two, we do see that question come up. I’ll say maybe 20% these days with that number probably only growing at an exorbitant amount based on the relevance of that cyber insurance question that you asked. Robert Dutt: Let’s zoom in on Canada a little bit. The press release announcing the Zero to Sixty developments mentions distribution partners in Europe, Australia, Japan, some major US-based enterprise partners. I didn’t see Canada specifically called out, but can you help me out with what the channel footprint actually looks like here in Canada today and especially where you need more help from Canadian partners, whether that’s geographically, whether that’s vertically, whether that’s whatever measure. Adam Hofeler: Yeah. If I say all over, would that be too much, Robert? When you’re a fast growing company, there’s different areas of focus that you have, right? And we don’t have anybody from a Zero Networks perspective based in Canada. So everything has been through the partners and the partner community. We’ve had interest there and we do have some partners today. It is a great market for us. And we are kind of diving in this year in 2026 more into the Canada market in the major markets. And my ask would be if there’s a partner that’s interested in a fast growing cybersecurity company unique in the market and industry, we’d love to talk to them. So that’s typically in the major markets, but we’re not excluding anyone that might have some great customers that are interested in the product or services that we offer. So the partners that we have today, there’s a few that are headquartered and based in Canada, but some of them are the national partners that cover all of North America that we have today. Robert Dutt: For Canadian partners who are evaluating the space, there are some established players – Illumio, Akamai Guardicore, those kinds of folks. You guys are combining network segmentation with identity segmentation, restricting admin and service account access, and not just network traffic. How do you explain that distinction to a partner who thinks, “All right, I’ve already got microsegmentation covered.” Adam Hofeler: Yeah, it’s not easy, by the way. I think sometimes we have a preconceived notion of, “Oh, I already have that already,” or, “I have this technology and they do that.” And we have to take a step back and say, “Well, they do parts of it and not completely.” So yeah, with our unique approach of having an identity-based access enforcement at the network layer with just-in-time access for administrative and lateral movement pathways, this allows us to kind of dive into deeper of what network segmentation is and identity segmentation is. By default, we close privileged ports or privileged access, and then only when the customer identifies themselves will we open to that. So I take the scenario as such of, “Hey, look, you have some of these other providers. That’s great.” There’s three superhero things that we do differently. One, we don’t have an agent, so you don’t have to worry about it from an agent approach and sending agents across the entire infrastructure. So right away, partners like that, “Oh, okay, now I don’t need an agent.” The second piece that’s one of our superpowers is we have an automation engine, and the automation engine tags all the assets and builds the rules and policies, which customers in the past have been a big, big challenge, and then I have that just-in-time MFA aspect of things. So I tell the partner that’s just learning about microsegmentation is you have a neighborhood, and if there’s bad guys who are trying to get into one of the houses, what do they look for? They look for an open garage or a window or a screen door, whatever the case might be. That doesn’t mean that the house doesn’t have some protection around it. It’s got a fence. It might have a dog. You might have a Ring camera. All of that helps. So what we do is we’re like, “Hey, look, if someone gets in because you left a screen door open or a window open, they walk into that room. They won’t be able to move, and if they want access to open the door, they’ll have to identify themselves with who they are.” So I try to put in some terms of those folks that may know what we do from a network and identity segmentation and kind of go a little bit deeper. Or if I’m just starting out from a partner and they’re looking for something in their portfolio, I use that house analogy because it usually lets them understand it just a little bit easier to say, “Hey, look, I’m in a neighborhood. Bad guys want to find the easiest way.” Once they find a way, we just prevent anything from happening anywhere else in the house. Robert Dutt: Identity segmentation feels particularly relevant, particularly in the sweet spot for MSPs that are in Active Directory heavy environments with lots of service accounts today. How quickly do you find partners can deploy that and start to show customers measurable risk reduction when they start with you? Adam Hofeler: In the identity aspect of things, within two weeks. Once we’re implemented, we’ll be able to gather most of the information that we need from a service or an admin accounts, which is a big challenge for most of these companies and organizations where they don’t know where anything is or where they sit or who might have access. Within two weeks, we’d be able to identify it. Now, it’d be easy for me to say right away or immediately, and that is the case. But for the identity piece of our platform, usually we say seven to 10 days. Robert Dutt: You guys earned a five-star rating in this year’s Gartner Peer Insights Voice of the Customer for the microsegmentation space. The only vendor to score a perfect 100 and 100% willingness to recommend, that’s a nice piece of business for you. What’s one piece of customer feedback from that process that surprised you or changed how you think about the product? Adam Hofeler: Man, I will go to my very first week of being at Zero Networks. I come meet our CEO, Benny, up in New York. I’m at a customer site. This is where I’m meeting him. I’m in the conference room, and the CIO says, “We love your product.” And I’m still new. I really don’t know exactly what we do, to be honest with you, Robert. I’m like, “Okay, I love hearing that. That’s good.” He absolutely gushed for five or 10 minutes about our product and who we are and what we do and how we’ve helped their organization. I’m like, “All right, this is great.” We go to a dinner that night, and there’s probably a room of 20 individuals, about 20% of the room is a customer of Zero Networks and the others are prospects. And they could not stop raving about our product. And I look to a colleague to the side of me, I’m like, “What’s happening here?” Really, where did I just go? Customers just sing our praises. And so that set the tone for me being here for almost three years of customers really love what we do. And it’s great that we have a technology that customers love it, but we’re actually solving a business challenge they have and they’ve had. And it became a reckoning to say, “Our technology really does it.” So we are growing very, very fast and it’s primarily because our customers are recommending us to other customers. They talk about their challenges that they might’ve had. They talked about how we solved it and how quickly we’ve had the ability to solve it. So to some degree, I thought I was in the Twilight Zone the very first day and it continues to grow and manifest itself as we continue to grow. And so when we talk about the five-star rating and how customers really sing our praises, it’s very much true. I haven’t had this in my sales career for quite some time that if I put a customer on the phone and I just hop off, I really feel that whoever they’re talking to is going to become a Zero Networks customer as well, just because it’s not just the technology works, but how do we support them? What is our sales engagement? How does our partner community embrace them? It’s great you have technology, but if we gouge them in some form or fashion or they felt uneasy about it, they wouldn’t recommend us. Robert Dutt: Two quick ones before we wrap up here. You’re talking about expanding in Canada, expanding the MSP business. It sounds like there’s opportunity there. If I’m a Canadian MSP listening and I wanted to start a conversation tomorrow, what’s the literal first step that you’d recommend they take to engage with you guys? Adam Hofeler: Yeah, they can reach us on our website that would go to our go-to-market team or an email at partners@zeronetworks.com would be the very, very first step. And again, if they’re just trying to learn about the technology or interested, let’s have a conversation and see if it’s the right mutual fit for not only Zero Networks, but for them to be brought into their portfolio. Robert Dutt: All right. And we have to ask this one. The partner program is called Zero to Sixty. I love that branding. It’s a cute little bit of marketing business, but here in Canada and other metric markets, Zero to Sixty just doesn’t have the same ring to it. It’s like a nice drive down a country road. Any chance we’ll see a Zero to 100 program for Canadian partners? Adam Hofeler: And if you like that, maybe we need to. I think I’m in. We would love to do nothing more but to gain more access to partners. And if it’s the naming convention that works, I’m in. Whatever works. Robert Dutt: Adam, I appreciate you taking the time. Thank you. Adam Hofeler: Thanks, Robert. Appreciate the time. Robert Dutt: There it is. My conversation with Adam Hofeler from Zero Networks. If there’s a line from this conversation that I think is worth sitting with, it’s that most security risk isn’t coming from exotic zero-day exploits. It’s coming from routine abuse of normal trusted access paths. That’s a finding from over 3 trillion activities across 400 enterprise environments. And it makes a pretty strong case for the shift from detect and respond to contained by default isn’t just marketing language. If microsegmentation is on your radar, whether as a security play or as a way to open cyber insurance conversations with your customers, maybe Zero to Sixty is worth a look for you. Tomorrow on In The Channel, I’m sitting down with Merium Khalid from Barracuda’s SOC to go through their managed XDR threat report, including the finding that 90% of ransomware incidents exploited firewalls, often through vulnerabilities more than a decade old. That’s tomorrow right here on ChannelBuzz.ca. Thanks for listening. I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

This episode of In Case You Missed It is brought to you by ESET Canada. ESET’s Women in Cybersecurity Scholarship is now open for 2026, with three $5,000 awards available to women pursuing careers in cybersecurity. Applications close April 8. Learn more and apply. On this episode: Channel profits in freefall. A new global survey from Omdia found that nearly 60% of channel partners expect Q1 profits to decline by double digits. Revenue is slightly more encouraging, but costs are rising faster than partners can pass them through. Hardware vendors are refusing to hold pricing until shipment and in some cases cancelling orders after POs have been received. If you haven’t stress-tested your quoting and procurement processes, that conversation needs to happen now. Check Point plants a data sovereignty flag in Canada. Check Point Software launched a dedicated Canada data region for its CloudGuard Web Application Firewall, ensuring all configurations, logs, and security data remain within Canadian borders. For partners navigating data residency and CLOUD Act conversations, this removes a common objection and adds another signal that global vendors are recognizing the Canadian market demands more than just a sales office. Canadian partners on the CRN MSP 500. CRN’s 2026 MSP 500 list included several Canadian companies: WBM Technologies out of Saskatoon on the Elite 150, Bulletproof (a GLI company) on the Security 100, Nucleus Networks on the Pioneer 250, plus appearances from Arctiq, Converge, and Premier Cloud. ESET Women in Cybersecurity Scholarship. ESET’s Women in Cybersecurity Scholarship is open for 2026, with three $5,000 awards for women in Canada pursuing cybersecurity careers. Now in its 11th year, the program has supported 14 women in Canada with more than $50,000 in funding since expanding here in 2021. Last year’s Trailblazer Award recipient, Constance Prevot, is now a working SOC analyst while finishing her degree at Concordia. Deadline to apply: April 8, 2026. Remembering Rob Megaw and honouring Fawn Annan. The Canadian channel lost Rob Megaw, president of Compu-SOLVE Technologies in Midland, Ontario, who led the company for more than 30 years — from its beginnings as a local ISP and PC repair shop through its evolution into a managed services provider. Our condolences to his family and the Compu-SOLVE team. And CIOCAN announced the CanadianCIO Fawn Annan Memorial Award, recognizing women in IT leadership whose work reflects Fawn’s enormous contribution to Canada’s technology community. Nominations are open. Read Full Transcript Welcome to In Case You Missed It from ChannelBuzz.ca. I’m Robert Dutt, editor of ChannelBuzz.ca. Today is Monday, March 16th, 2026. Let’s get your week started right. This week’s In Case You Missed It is brought to you by ESET Canada. ESET’s Women in Cybersecurity Scholarship is now open for 2026, with three $5,000 awards available to women pursuing careers in cybersecurity. Applications close April 8th. Learn more and apply at eset dot come slash ca. ESET – protecting progress. If you needed a single data point to explain the mood in the channel right now, Omdia may have just provided it. A new global survey from the analyst firm found that close to 60 percent of channel partners expect their Q1 profits to decline by double digits compared to last year. Less than a third predict that profits will grow at all. The revenue picture is slightly more encouraging – 45 percent expect Q1 revenues to increase year over year, and about a third are forecasting double-digit revenue growth. But there’s a dangerous disconnect between topline and bottom line, and the reason is straightforward: costs are rising faster than partners can pass them through. Hardware vendors are increasingly refusing to hold pricing until the point of shipment, and in some cases are cancelling orders even after a purchase order has been received. If you’re locked into contractual pricing with a customer, you quoted a price, the vendor changed theirs, and you’re absorbing the difference. Layer in Middle East conflict pushing oil prices higher, component shortages showing no signs of easing for at least another 12 months, and the downstream effects on cloud providers, MSPs, and SaaS companies all being forced to raise their own prices – and Omdia’s Alastair Edwards warns the risk of channel bankruptcies is set to increase dramatically. If you haven’t stress-tested your quoting and procurement processes for a world where vendor pricing is no longer reliable, that conversation needs to happen now. Check Point Software launched a dedicated Canada data region last week for its CloudGuard Web Application Firewall. All configurations, logs, and security data generated by Canadian customers using CloudGuard WAF will now stay within Canadian borders. This is a data sovereignty play, and the timing isn’t accidental. Data residency is becoming a real differentiator in how Canadian organizations evaluate security vendors. Whether it’s regulatory pressure, customer demand, or the reality that storing data with U.S.-headquartered cloud providers carries CLOUD Act risk, the partners who can have an honest conversation about where data lives are the ones winning deals. For Check Point partners, it removes one of the more common objections. And in a broader sense, it’s another signal that global security vendors are recognizing that having a data region in Canada actually matters to this market. CRN published its annual MSP 500 list last week, and several Canadian companies made the cut. WBM Technologies out of Saskatoon landed on the Elite 150 – now in its 75th year and still reinventing itself. Bulletproof, a GLI company based in New Brunswick, made the Security 100. Nucleus Networks, which has expanded from Vancouver to five cities across Western Canada, appeared on the Pioneer 250. Arctiq, Converge, and Premier Cloud also showed up across the three categories. We don’t dwell on awards lists on this podcast, but the MSP 500 is one of the few that gives Canadian partners real visibility alongside the larger U.S. players. If you’re building your practice and wondering whether you’re on the right track, it’s worth looking at who made it and asking what they’re doing that you could learn from. Since our friends at ESET Canada are sponsoring this episode, it’s worth flagging something they’re doing that goes beyond product. The ESET Women in Cybersecurity Scholarship is now open for 2026, with three $5,000 awards available to women in Canada pursuing careers in cybersecurity. The deadline to apply is April 8th. This is the 11th year of the program.  Since 2021, ESET has supported 14 women in Canada with more than $50,000 in scholarship funding. Last year’s Trailblazer recipient, Constance Prevot, is now a working SOC analyst while finishing her degree at Concordia. If you know someone who should apply, point them to eset.com/ca. Link’s in the show notes. Finally, two moments from the past week that remind us this industry is built by people, not just products. The Canadian channel lost Rob Megaw last week. Rob was the president of Compu-SOLVE Technologies in Midland, Ontario, and had led the company for more than 30 years – from its early days as a local ISP and PC repair shop through its evolution into a managed services provider. That’s the Canadian channel story in miniature, and our condolences go out to his family and the Compu-SOLVE team. On a more hopeful note, CIOCAN announced the CanadianCIO Fawn Annan Memorial Award, recognizing women in IT leadership whose work reflects Fawn’s enormous contribution to Canada’s technology community. Fawn founded the CanadianCIO of the Year Awards and the CIO Hall of Fame. Nominations are open, and we’ll have a link in the show notes. Those are some of the things we were paying attention to last week.  This week on In The Channel: Zero Networks goes all-in on the channel and why Canadian partners should pay attention. Barracuda’s Merium Khalid walks us through their latest threat report. And Jeff Collins from WanAware makes the case that you’re hitting every SLA metric and your customer still thinks you’re failing.  For ChannelBuzz.ca, I’m Robert Dutt. Have a great week, and I’ll see you in the channel.

Eric Gales, president of AWS Canada On March 14, 2006, Amazon Web Services launched S3, its first generally available cloud service. Twenty years later, AWS is a $100-billion-plus business, and the cloud has fundamentally reshaped how technology gets to market in Canada and everywhere else. To mark the occasion, we sat down with Eric Gales, president of AWS Canada, for a conversation about what those two decades have meant for Canadian partners – and where things are headed. Eric has been at the centre of the Canadian tech channel through every major platform shift. Before joining AWS in 2015, he served as president of Microsoft Canada during the company’s push to the cloud and as country manager for VMware Canada. Few people in the industry have watched the Canadian channel evolve from as many vantage points. In this conversation, Eric talks about the early skepticism partners had about buying cloud services from “a bookseller,” the moment it became clear that cloud wasn’t a passing trend, and what separated the partners who made the transition successfully from those who struggled. He also discusses how the launch of AWS regions in Montreal and Calgary changed the data sovereignty conversation for Canadian customers, and how that conversation is evolving again as AI enters the picture. Looking ahead, Eric shares his perspective on what Canadian MSPs and resellers should be focusing on right now, why he believes AI represents a generational opportunity for the channel, and what the latest AWS partner program updates mean in practice. He also offers a candid reflection on what he’d tell the channel if he could go back to 2006. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca. I’m Robert Dutt, editor of ChannelBuzz.ca, joining you for a special Friday episode. Thanks for pressing play. On March 14, 2006 – Pi Day, for those keeping track – Amazon Web Services launched S3, its first generally available cloud service. Tomorrow marks 20 years since that moment, and whether you were paying attention to AWS back then or not, it’s hard to argue that any single technology shift has reshaped the channel more than cloud. To mark the occasion, I sat down with someone I’ve known for close to 20 years in this industry – Eric Gales, the president of AWS Canada. Eric’s been at the center of pretty much every major platform shift in the channel. He ran Microsoft Canada during the cloud push, led VMware Canada, and has been heading up AWS Canada since 2015. So there aren’t many people better positioned to reflect on what the last two decades of cloud have meant for Canadian partners, and where AI is taking things next. This one’s a conversation, not an interrogation. I hope you enjoy it. Here’s Eric Gales from AWS Canada. Eric, thanks for taking the time. I appreciate it. Eric Gales: My pleasure, Rob. Great to talk to you. Robert Dutt: We’ve known each other for quite a while, going back to your Microsoft Canada days, and it’s been close to 20 years now. Before we get into AWS at 20, when you look over the arc of your career in Canada – Microsoft, VMware, AWS – you’ve been fortunate enough to be with and to lead some really transformative companies. What’s the single biggest thing that you’ve seen that’s changed about how technology gets to market here in Canada over those two decades? Eric Gales: Yeah, you know what, as you indicated, it’s been fascinating. It’s been super fun to be in the tech sector. I’ll take a few things. One is, I think about it as eras of computing. I actually started at the dawn of the PC era, the end of that mid-range era. The PC changed everything, and then local area networking, and the internet, and mobile computing. Then my time in Canada – when I first came to Canada I worked for Microsoft, and I worked for Compaq before I came to Microsoft. In this era, technology has only become more important to more customers. That’s one storyline, is that it’s become more and more important. One thing I think is the most profound change in recent times is, it was always just the domain of technologists. I was working for technology companies, selling to technologists. Now, because the impact of technology is so profound, it’s a lot more about businesses, and business leaders, and lines of business understanding what the technology can do. I think that’s been the biggest evolution, and certainly in the last decade, is the importance that everybody within an organization appreciates the importance of technology, and what it can do, and how to apply it. Robert Dutt: That has been pretty transformative for the channel, hasn’t it? Selling into line of business, selling into the C-suite rather than going to the CIO. That’s a good point. For all the technology changes, that’s kind of been the thing, right? Not a technology, but rather the “who cares about it” part of it. Eric Gales: Exactly. I think, just like as someone in this business myself, if I look out to that partner ecosystem, they’ve been on that same transformation that creates new challenges for every partner, as well as new opportunities. Those that have been most successful have of course been the ones that continue to evolve their businesses to meet the needs of, ultimately, the end customer. Robert Dutt: When AWS launched S3 back on Pi Day 2006, I don’t think many folks in the Canadian channel were paying attention on that day in particular. As you moved through your career path, when did you first realize, “Okay, cloud isn’t a buzzword. This is a fundamental change both in technology, and it’s going to rewire the channel”? Eric Gales: Yeah, I think there were two things back then. One was, at the time, of course, Amazon was not synonymous with being a technology provider. It was a consumer of technology. So point one was, “Amazon’s launched something.” I didn’t work for them then, and I would be in that community that says, “Why would you buy those services from a bookseller?” So that was one dimension of it. And then the second thing was, there had been managed services before, but I think the thing that a lot of people missed for a while was, a few things had changed. The internet was ubiquitous. People were using the internet for lots of different things. And so it was that new transport that the internet gave you that enabled a company like Amazon to come along with AWS and offer a service that was available to everybody. And then it also changed the way that people thought about consumption. Because up until that point, most software and consumption of services was a long-term contract or a license. And this was pay as you go, use on demand. It was a whole new construct. And I think it took a while for people to realize that AWS had changed a whole set of characteristics about how technology was going to be consumed. And the rest is history. That whole idea took off because it just made so much sense to customers, and many partners got behind that very quickly in terms of seeing the opportunity to transform how they interacted with their own customers. Robert Dutt: You’ve said, and I don’t think this is too much of a secret to the industry, to anyone who’s observed the Canadian business and technology scene, that Canadian businesses are slower to adopt new technology than especially the US, but also European counterparts. There’s that kind of tendency to let someone else see where the mines are in the minefield before you go walking. Looking back over 20 years of cloud in Canada, do you think that gap has closed, or has that sort of conservative approach to technology shifted forward to a new frontier? Are we going to see the same thing with AI now? Eric Gales: I think, you know what, when I first started working over here with the cloud 10 years ago, a lot of my conversations were about why cloud and why it was important, both with partners and end customers. And at that time, I had felt this sort of theme that Canada was slower to adopt technology. And I felt there was a real opportunity there because everyone was at the beginning. And so here’s an opportunity for us to take these capabilities to our customers and help them to play catch up with other jurisdictions. And I learned back then – I’d already learned by then – that it was important to point to Canadian customers to make it okay. To avoid the sort of “first to be second” thing. “Canadian customers are doing this.” And so we went out of our way early on to get key brands on our platform in every industry so we could make it okay. But I’d say in aggregate, yes, we’ve made a huge amount of progress, but the Canadian landscape moved a little bit more slowly than other jurisdictions. I see the same opportunity now, but the landscape has changed, the circumstances have changed. I think politically, geopolitically, there’s a new opportunity, particularly with AI. And I think there’s a great opportunity for Canada, for Canadian firms, for Canadian government, and for Canadian partners to take this opportunity to really see if we can accelerate the consumption and the application of this technology to real business problems and productivity challenges. And again, once again, the world is all at the same starting point. So I think there’s a great opportunity here to accelerate the Canadian adoption of these kind of capabilities in this next era. Robert Dutt: One of the things that certainly arguably helped close that gap, helped make cloud much more de rigueur here in Canada, is that we kind of eliminated the “okay, so my data is going to live where?” question. For you guys, rolling out Montreal in 2016, I think it was, and Calgary a couple years ago – not just data center announcements, these were things that unlocked data residency and sovereignty conversations that Canadian partners and their customers really needed. As those conversations shift from “where does my data live” to “who controls my AI models and my training data,” how does that change the work that partners do and how they frame that to customers? Eric Gales: Yeah, I think it’s interesting again, but go back to the history of it here. Many things have changed that have stayed the same. The importance of security – that hasn’t changed. Arguably, it’s more important. The management and the financial controls of technology they might be using – those haven’t changed. They’ve changed the application of those, but there are some key themes. This question of sovereignty and control of one’s data and the policies around it – those things are very important. They were very important to us. One of the reasons that we built our infrastructure here is the control of this for our customers. That’s why in this AI era, the same things apply. And so we’re super focused on maintaining the same principles that allow customers to use these models with their data in a secure way. That means that their IP doesn’t leak out somewhere. We don’t use their data for anything else. And so to us, the same philosophical approach and the same technical approaches to making sure that customers can be confident that there’s a way of taking advantage of all of these capabilities without compromising the security, the privacy, and their own intellectual property. That is a key feature of our value proposition to our customers – we help you get all of the benefits of these capabilities without the risks associated with using models which sort of live on the internet somewhere. Robert Dutt: For Canadian VARs, MSPs, folks who’ve been around since the early days of cloud, the ones who made that transition from selling boxes to selling services – what did the ones who succeeded have in common? And sort of the flip side of that as well, what did the ones who struggled to make that transition miss? Eric Gales: Yeah, I mean, I think – you’ve heard me say this before, Rob – but I’m a maniacal believer that the only sustainable competitive advantage is innovation. And whatever business you’re in, if you’re not innovating, if you’re not willing to change, then you’re losing. It’s just at what rate. And that’s not a new problem. I’d put it out there that, think of any company that you knew that was top of its game and then it wasn’t. In whatever industry, I would posit that you could trace it to a lack of innovation on product, customer service, supply chain, whatever. And that’s the case with the IT sector and with partners. If you think that you’re going to be able to hold the tide back in a world that’s changing, that’s going to come to a stop. And I’d say the characteristic of those partners that were able to most benefit from these eras of computing were those that were prepared to transform how they were going to make money, where they were going to make money, what they were going to contribute to their customers. And those that didn’t do that are the ones that typically end up in a position where their business isn’t sustainable anymore because that market went away. When I started in the industry, my first job, I was an installation engineer, and there’ll be some people out there – maybe you’re one of them – that remember, we used to put Harvard graphics cards into PCs. People paid money for us, for me, to do that work. And then, you know, graphics cards came in the PC. And so that business went away. And that’s the case. Where the money can be made, where you can build a profitable business, it’s been evolving. But the actual surface area to build businesses and be partners that help customers translate this technology into value for them – that opportunity has only got bigger. And that’s the case today. If you think about the potential for AI and AI services, there’s just a tremendous opportunity out there for partners to help customers translate these capabilities into value for their businesses. Robert Dutt: You guys have talked about partners being the lifeblood of AWS, I think the language that the leadership team has used. The fact that partners are generating $7 for every dollar of AWS service sold. That’s a great number. But for a Canadian MSP who’s in that long tail of the channel, that isn’t a Deloitte or an Accenture – maybe they’re a 15-person shop in the GTA or Calgary or wherever they may be – what does that $7 actually look like for them, and where is that value being created? Eric Gales: Yeah, I’d say there’s a few different areas. So if you think about the continuum, there are many customers out there who have yet to move their on-premises infrastructure to the cloud. And so there is a whole decade’s worth of work or more in helping customers to transform what they’re doing on-prem into the cloud. And there’s a necessity to do that, because the opportunity to leverage these new sets of capabilities like AI, for example – they have a dependency on having proximity of your data to these cloud services. And so at one end of the spectrum you’ve got migrations and modernizations of legacy technologies and architectures to the cloud. And at the other end of the spectrum, there’s building new capabilities, using the features of the cloud, using these new capabilities with AI. And we see three big categories there: helping businesses generate more employee productivity, helping streamline business processes and doing new processes in new ways, and then also thinking about new business models. And so there’s a continuum. The technology itself is a set of tools that can be applied to every business. But the services around that, the people and process part – that’s where that $7 is. That $7 is the people and process, largely, around helping customers to adopt and deploy and take advantage of these capabilities. And then there’s both the SI partners and then ISVs that live on the AWS platform. And we’ve tried to create new opportunities for those too, with things like Marketplace, to help our customers be able to consume software from our partners that build software that runs on AWS too. Robert Dutt: You guys rolled out some pretty significant program changes for 2026 – growth incentives, different benefits, changes to deal registration. For a partner who’s been doing this for a while, what’s sort of the biggest practical change they’ll feel day to day this year in terms of being an AWS partner? Eric Gales: Yeah, I think a lot of those changes are built in sympathy to what we were hearing from our partners and from our customers, to allow us to streamline the way that we’re working with our partners, to allow us to focus more explicitly in solution areas as well as specific industries. Think back to some of my opening comments at the beginning there – it’s more important than ever to be able to translate these capabilities into the language of the customer. And so we have a lot of focus on industry, for example, to help our customers put this technology into context. And so thematically, we’re trying to translate everything we’re learning from our partners and our customers into programming that allows us to jointly focus on the right things. And for us to make sure we’re getting the right support to the right partners in the right places to help them to scale their business. We think this next era of compute, particularly led by AI, provides a tremendous new opportunity for our partners to translate this technology into value for our customers. And so we’re trying to line up our execution and programming in a way that is much clearer, simpler to engage with, more transparent about what we think is important, and allows us to get the right support to the right people at the right time. Robert Dutt: You talked about the idea of AI kind of resetting that starting line, creating a new starting point where everyone’s on a more even footing because, like we were with cloud, it’s a new start. A lot of MSPs that I talk to are still figuring out the basics of it – the where to start, what’s real, what’s hype, how do I find value for my customers? I think you touched on that a little bit in the last answer. But if you were advising a Canadian MSP right now on their first meaningful AI conversation with a customer, what would you tell them to focus on? Eric Gales: I think it’s all about business value. Whenever you have a new era of technology like this, there are a bunch of people just trying to sell stuff. And customers want this stuff to be translated into value for them. And so I think really looking for where is the business value of the application of this technology, and being the translator of that for customers. Because there are tremendous opportunities for AI and generative AI and symbolic AI and machine learning to be applied in whole new ways with our customers. And what we’re finding is our customers need help to translate that into value for them. And so the real opportunity is to identify where are the sweet spots today that you can take a value proposition to a customer that is all about real business value and the “how” part. How do they get that value? And so I think at this stage, that is most important. There’s a high noise-to-signal ratio right now in this world because it’s moving so quickly. And customers are looking for people that can help to translate all of this noise into signal that’s valuable to them. And so that’s my general advice: find the opportunities where you can translate all of this stuff into real business value, whether that’s a particular use case, a particular portfolio of customers. And at the same time, every partner needs to have a business model here, a business that supports scaling and growing into the future, to translate this opportunity into business value for themselves. Robert Dutt: And sort of the flip side of that, what’s the biggest risk for a Canadian partner who looks at it and says, “Okay, still early in the game, going to wait for clarity”? Eric Gales: Yeah, I’d say that there can be no waiting. What we’re finding is that every customer, every partner needs to get moving. There’s a huge amount to be learned by doing here, and every era of compute that you and I have been involved in and the IT sector, it has gone at a faster rate than the previous one. And this one is going at a rate that we’ve never seen before. I think last year, 160,000 customers volunteered that they are adopting some form of AI. And that’s the highest rate of adoption we’ve ever seen of any technology, including internet and mobile phones. So this is happening. One needs to be moving. And there is a certain amount here, I think, for partners, of moving the train whilst laying the track. Those two things are important. I think the folks that wait will find themselves at a disadvantage just because it’s moving too quickly. And in fact, you have to build a business model, just like we’re doing here from my own organization, that is dynamically learning and evolving, because the rate of change here and the applicability – I mean, if you think about two years ago, 18 months ago even, you and I were talking about LLMs. But now we’re talking about agentic workflows. We’re past the LLM. It’s really about the application of this technology with agents. And so even in that very short period, the applicability of this technology and how people consume it has changed pretty profoundly. And so I think it’s super important every partner starts moving, because there’s a lot to learn and a lot to keep up with as this thing continues to accelerate. Robert Dutt: All right, I’m going to ask this one just a little bit tongue in cheek, maybe. 2006, you arrived in Canada and AWS launched. 20 years later, you’re running AWS Canada. If the next 20 years of cloud and AI are as transformative as the last 20 years have been to this business, to this business model, what does the Canadian IT channel look like in 2046? Are there still resellers and MSPs, or has everything been reinvented? Just crystal ball for me. Eric Gales: I think a lot is going to change. There’s no doubt about that. A lot is going to change. We very much see that, just as has been the case to date – if you think about it, IT has been about augmenting and working with humans and human processes and business processes. It’s created new business models. It’s allowed us to do things in new ways and to live, work, and play in all different ways. This next era of the application of AI, in particular at scale, follows the same themes but creates incredible new opportunities. So I think we’re going to see a tremendous amount of change in terms of how we live, work, and play with this technology. But within the context of that, tremendous opportunities to be part of the solution versus part of the problem. Part of helping people to embrace and use and deploy all of these capabilities in ways that are value-added and respecting the things that we know are important – security and privacy and intellectual property protection. There is a tremendous opportunity, I think, ahead. But I would not underestimate how profound the change is going to be over the course of, if you take that 20-year horizon, tremendous change. I think even over the course of the next few years, we’re going to see a lot of change in terms of how we work and how we live and how we interact with each other. Robert Dutt: All right, a more sane final question for you, especially since it is the 20th birthday of AWS. If you could go back to 2006 and tell the Canadian channel one thing about where the cloud was going to take them, 20 years on to 2026, what would it be? Eric Gales: I think, drafting off what we just talked about, it’s: don’t underestimate the opportunity here. When you have a new set of capabilities, back then with the birth of the cloud, there were people that embraced it very early on and were real beneficiaries of it. There are some partners I can think back to at the beginning, when I first came here to Canada, that really embraced that opportunity. And those that waited – those that waited missed out on a tremendous opportunity. So I think I would go back, if I could, and just try and do a better job of helping people to appreciate what the opportunity was here and why the people that were early adopters of it had the most to gain. And I think we’re in that moment now with AI. So the same again – I think tremendous opportunity here for Canada, for Canadian companies, Canadian partners to be the leaders in how these capabilities get applied to businesses and governments and how we work and live together. And so I’d say, lean in. Now is the time to lean in and work out how you can leverage this stuff to build a business and help businesses. Robert Dutt: All right. A very happy 20th birthday to AWS. And Eric, thanks so much for taking the time. Eric Gales: Thanks, Robert. Great to talk to you. Robert Dutt: There you have it. Eric Gales, president of AWS Canada, on 20 years of AWS. Again, the official anniversary is tomorrow, March 14th. I thought Eric’s point about the Harvard graphics card was a great one. The work disappears, but the opportunity doesn’t. It just changes shape. That’s been the story of the channel for as long as I’ve been covering it. And that’s the story again right now with AI. Thanks to Eric for joining us. And thank you for listening. The podcast will be back on Monday with In Case You Missed It, our weekly roundup of some of the headlines that might have flown under the radar this week. And next week on In The Channel, expect to hear about microsegmentation and why “contained by default” is replacing “detect and respond,” what Barracuda’s latest threat data says about how fast ransomware actually moves, and why the network visibility your business relies on might have more blind spots than you think. Between now and then, we’d invite you to subscribe to or follow the podcast in your podcast app of choice. And if it allows you to, please leave a rating and review. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Lee Caswell, senior vice president of product and solutions marketing at Nutanix Nutanix has published the 8th annual Enterprise Cloud Index, its flagship survey tracking how organizations are building and managing infrastructure. This year’s findings hit three themes that matter for the channel: the rapid spread of unmanaged AI tools, the growing weight of data sovereignty, and the accelerating shift toward containers. Lee Caswell, Nutanix’s senior vice president of product and solutions marketing, joins us to dig into the data. Lee spent years at VMware before joining Nutanix, giving him an unusual perspective on how the infrastructure market is reshaping itself – particularly as organizations navigate Broadcom’s changes to VMware alongside the push to build AI-ready environments. The numbers are striking: 79 per cent of respondents encounter AI tools deployed outside IT’s oversight, 80 per cent consider data sovereignty a top infrastructure priority, and 87 per cent expect containerization to increase. But Lee’s read goes beyond the headlines. On shadow AI, he argues most of this is rational behaviour by teams testing in the cloud before committing on-prem – the real challenge is providing a structured path, not clamping down. On sovereignty, he draws a memorable distinction between a “noisy neighbor” and a “nosy neighbor” in multi-tenant environments – a framing that matters for how MSPs position managed services around compliance. Lee, who recently wrote about what he calls the “sovereign edge”, goes deep on what sovereignty means in practice when AI workloads need to stay local. The conversation also explores the MSP opportunity. While 65 per cent of respondents say their AI runs via managed service providers, Lee candidly notes that figure includes SaaS-delivered AI. The bigger play, he argues, is MSPs becoming the “governed alternative” to shadow AI – a sanctioned service layer offering sovereignty compliance, optimal application placement, and predictable costs. His closing advice: be “AI smart,” not just “AI fast.” Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to Canadian IT solution providers for 16 years now. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always your host for the show. If you’re an MSP, there’s a good chance your customers are already using AI tools that your team doesn’t know about. Nutanix recently released the 8th annual Enterprise Cloud Index, their big annual survey of how organizations are building and managing infrastructure. And this year, the data paints a picture that would be uncomfortable for anyone who thinks they’ve got a handle on where AI is running in their environment. Nearly 80% of respondents say they’ve encountered AI tools or agents deployed outside IT’s control. Data sovereignty has become a top priority, and containers are quietly becoming the default for new applications. My guest today is Lee Caswell, Nutanix’s senior vice president of product and solutions marketing. Lee came to Nutanix from VMware, so he’s been watching the infrastructure market reshape itself from a vantage point that very few people have. We dig into what the survey data actually says, where the contradictions are, and what it means for MSPs and solution providers. Here’s our conversation. Robert Dutt: Lee, thanks for taking the time. Lee Caswell: Well, Robert, thank you. Robert Dutt: You come to Nutanix from VMware, and your CEO now, Rajiv Ramaswami, he was the COO over there. Now you’re running this survey while the virtualization market is being reshaped by Broadcom’s changes. How does sitting where you sit now, having been kind of on both sides of that fence, shape how you look at this year’s data? Lee Caswell: Well, I think it’s fascinating that for years, maybe 20 years, people just assumed that the underlying virtualization layer was fixed. That vSphere was well established, super product, exciting. A lot of people built their careers, frankly, on learning the ins and outs of vSphere. And to a lesser extent, some of the later add-on products. But the idea that the underlying virtualization layer has changed has, for the first time in years, had people reconsidering how they will build out their IT infrastructure for the next 10 years. Robert Dutt: And we’ll circle back to that theme and that infrastructure theme a little later. But I wanted to dive in off the top into shadow AI, because it’s something that we’ve been talking about a fair bit on the podcast, and it’s something that a lot of partners are thinking about and trying to get their heads around how to deal with it. According to the survey, 79% of your respondents say they’re encountering AI tools or agents that are deployed outside the purview of IT. That’s a striking number. I’m curious, though, about the quality of the problem. Is this mostly folks who are using ChatGPT carelessly or without permission, or are we talking about the worst-case scenario of actual AI agents making business decisions willy-nilly without oversight? Lee Caswell: Well, we’ve certainly seen some of those later examples, but I think the majority of this is rational decision-making on IT and developer teams. Thinking about the fact that AI infrastructure itself can be relatively expensive. GPUs, new servers, new hardware. You’re generally bringing new hardware into the mix to start with. And what customers have been doing is before they go and make their investment strategy, and particularly in on-prem environments, they’ve been trying things out in the cloud where you can rent infrastructure, you can basically start something up, spin it down. That’s kind of a classic test-dev model, by the way, not different from what we’ve experienced in the past. And yet, when you look at how you’re going to deploy AI long-term with considerations around sovereignty and privacy, and particularly around predictable and lower costs, you start thinking about how you can take your on-prem infrastructure skills, which could include a data center but might also include the edge, and start thinking about how do you bring your already-strapped IT teams into this? And from a channel perspective, it’s how do you leverage some of the skills where people have been trained, particularly on virtualization. We’ll come back to this in just a minute. And basically apply this now into the new world of AI LLMs, AI hardware, and containerized infrastructure running on VMs. Robert Dutt: So if I’m an MSP supporting that kind of mid-market client, the 200 to 1,000 seat kind of space, what does a practical response to shadow AI look like at this moment in time? Because, you know, “implement an AI governance framework,” that’s great in concept, but that’s the kind of consulting engagement that’s a little hard for a lot of MSPs to deliver. Lee Caswell: Well, first off, you want to start thinking about what are the risks you’re trying to address. One is you want to look carefully at what LLMs your user base is actually using. One of the things that we’ve been able to do, for example, is have an audit trail, so you can look at who’s using DeepSeek, for example. Who’s using OpenAI? Who’s using some of the Llama 2, Llama 3 models, for example, or NVIDIA models? So the ability to go and look into the user base and get an assessment of that. Secondly, you’re looking at how do you make sure you don’t have a runaway cost model? This was one of the risks in the early cloud days, you remember. You had users getting shocked with the amount of unplanned, unmanaged cloud costs. And so you’ve got this opportunity now to look at how do you manage a brand new metric of consumption, by the way, called a token. I defy you to find somebody who knows exactly how tokens are created and the like. That’s a very difficult challenge. If you can provide a predictable way to manage, monitor, and control the usage of tokens, we do that as a way to basically protect against runaway costs. And then finally, the idea of sovereignty. So where is your data? Specifically, as you look at geopolitical considerations, we have, I think, a stunning finding that showed that 57% of our respondents said that they wanted their AI workloads to be within a sovereign country. Now, that doesn’t mean a single location necessarily, but it does show the concerns around where’s my data? Who can subpoena my data? Who’s got access to my data? And it may be, Robert, that the data model is more sensitive than the data itself, because the data model shows how you’re interpreting the data. And that’s actually a really interesting finding, I think, for a lot of folks, as AI takes hold so quickly. Robert Dutt: And data sovereignty is an area that we want to drill down on. It’s an area that’s of key interest to our audience, obviously. You touch on the 57% number in terms of how customers want infrastructure in a single country. 80% say it’s a high priority. You wrote recently about what you called the “sovereign edge,” the idea that AI is forcing compute closer to data within sovereign boundaries. For a Canadian audience that’s been navigating this between different regulation at different levels, the US hyperscalers and the CLOUD Act, for years, what’s new here? Is this kind of validation that what they’re seeing is real, or is the ground really shifting here? Lee Caswell: I think the sensitivity is a continuation of the trends that we’ve seen in the past. What’s changed is the understanding that in an AI world, data will be more distributed than it is today. And so imagine if you’re a hydro company, let’s say. And you’ve got different dams and facilities and hydro control points. These are distributed. They need to be able to run in a disconnected manner. You want to have AI applied locally. If you’re doing things around video processing, you don’t want to send all that data back to a central location. And so the ability to have a distributed model where your data and apps are more distributed and yet be connected so that you can do patching, for example, day-two operations, security updates, and push those out to a distributed environment. Now the realization is sovereignty has grown in importance, and at the same time, my data and applications will be more distributed. That’s a double stressor for IT teams looking at how to maintain that control and let the agility of distributed operations continue on. Robert Dutt: So are you seeing organizations redefine sovereignty in terms of operational control rather than just “the data lives here”? Because I think that distinction can matter pretty significantly for how MSPs ultimately architect their solutions and try to address this challenge. Lee Caswell: Yeah, I think for MSPs, there’s a few important areas to think through. One is that customers who were looking for, let’s say, an infrastructure link are now looking for an AI dial tone. They’re expecting to have AI available, always on, no matter where they are, accessing it for their users. Because AI is quickly, as you can see from the data here, becoming a top corporate priority. So that’s one thing. The second one is that the sovereignty means you need to make sure you’re controlling where is your data replicated to? Where does DR happen? How do you fail back within sovereign boundaries? Being able to establish that, something where the data services, something that you can establish or set as a differentiated capability, has been extremely important. And then lastly, you start thinking about what about within the MSP? There’s a noisy neighbor issue, but there’s a nosy neighbor issue, which is how do I make sure that someone inside can’t cross boundaries internally in an MSP and look at your data being hosted in a common location? This is an area that you’re going to want to look carefully at multi-tenancy and how the infrastructure protects your data even when some of the infrastructure is shared across users. Robert Dutt: So let’s shift and talk about containers, because I think that’s one of the areas that’s impactful but kind of hard for the audience to act on immediately. You have 87% increasing their containerization, 83% building new apps in containers. For MSPs who are still living in a virtual machine-centered world, which is probably a lot of them at this point in time, what’s the practical on-ramp? And honestly, how urgent is this? Do they have years to kind of figure this out and re-strategize, or is this a situation where if you’re not there, you’re already behind? Lee Caswell: I think for many customers who are running traditional applications and let’s say they move from an owned data center into a service provider model, the idea is that the applications may not be changing as fast as the container world might have them think. However, what you’re seeing is that new applications are built with containers because developers benefit from running in containers. What we’re finding though is most customers, the far majority of containers, are running in VMs. And they run in VMs because you’re able to now get the benefits of software agility – develop apps faster, eliminate testing dependencies, be able to run in distributed environments more quickly. Those benefits are married or matched with the resiliency of the underlying infrastructure so that individual components can fail. You can have day-two operations intact, and you’ve got integrated privacy and security and sovereignty. The idea that you’re going to run these both – it turns out we allow customers to run containers depending on their use case. If they were going to run on a bare metal instance, they can. If they want to run in the public cloud on EKS, for example, they can run our container Kubernetes stack, take advantage of our orchestration capabilities, but they don’t have to. For many customers, the fastest path to adopting containers will be to run containers in VMs, very familiar to our users and to the service provider base. What we’re encouraging them to get ready for is that even if they weren’t considering containers for traditional workloads, the fast adoption of AI workloads will bring a requirement for supporting containers. Think carefully around how do you leverage the training you already have, resilient infrastructure, all the things that our teams have been able to protect their downside, and still get access to the upside of new AI applications. We think running containers in VMs actually makes that the fastest path to container adoption. Robert Dutt: On AI agents, the survey shows a great deal of optimism around them. The productivity gains, the new revenue streams, all of that. But you also note that, as we talked about before, 79% of organizations can’t quite figure out how to manage the tools their employees are already using. Can you walk me through that disconnect? How do you go from “we can’t govern what we have” to “let’s deploy autonomous agents”? Lee Caswell: Yeah. Well, as you start thinking about what people have realized about AI, first, most customers have figured out that AI training will happen in the public cloud and that training requires huge investments, large power outlays that can only be taken on by the development of the models by the largest hyperscalers and some sovereign nations themselves. And so customers have been looking at, “I’m going to take models,” but then they quickly realize that the ability to have these models be useful in a particular company environment is dependent on having access to proprietary data. Think of support. If you want to support a product, it’s not interesting to have support in a general sense. You want to have support for your products, things that you may not want to expose, internal documents that are proprietary and private to your specific company. So now what you’re doing is basically taking these models, giving them access to your private data. And now the idea is, “I’m going to be able to take that inferencing model,” which is what this is called. Taking inferencing means you can take advantage of a software platform that abstracts the new hardware that’s required, GPUs, and abstracts the different types of models that you may choose over time. And so this is where you have these different LLMs. The ability to access those – we certify and validate the leading models so that they will run on the GPUs that are certified by our OEM partners. And so what we’re doing is taking out the risks. Effectively, what you do is leverage all the expertise you have for building an enterprise-level application today, and now be able to assimilate GPUs at the hardware layer and new LLMs at the software layer. And we’ll make it operate exactly the same as what you have today. Robert Dutt: 65% say that their AI applications are running today via managed service providers. That’s a pretty validating number for our audience, except for maybe the few who are going to say, “Well, what about the other 35%?” But, you know, can’t please everyone every time. I want to push though on what running AI via MSP actually means in practice. Are we talking about infrastructure hosting, model development and management, governance and compliance? What’s the service that MSPs are actually delivering today versus what they should be thinking about building towards for the future as this evolves? Lee Caswell: Yeah, I think the numbers overstate a little bit about how much training and skill building has actually happened already, because this would include things like SaaS-delivered services. And as you think of SaaS-delivered services like Copilot or ServiceNow or Salesforce, you’ll have AI-enhanced SaaS services that can be delivered by a service provider. What we’re anticipating and preparing service providers for is the idea that customers will, as they have private data to run their private models, be requiring dedicated equipment or provided services that give access to GPUs and LLMs that are beyond a SaaS-level model and now are actually specific applications for specific customer use case models. Robert Dutt: We talked about shadow AI a little earlier. I’m curious, speaking of future states for MSPs, is there a world where the MSP becomes kind of the governed alternative to shadow AI? Essentially the sanctioned AI service layer? Because that seems like a bigger play and a little bit harder to get your head around, but a bigger opportunity than just, “Hey, we host applications on GPUs now as well as CPUs.” Lee Caswell: I think so. And I think there’s a terrific both revenue and profit opportunity for service providers around this. First, there’s a services aspect of thinking about where do these applications run? Do they run in one location? Do they run across the hybrid cloud? So for anyone who’s working with cloud providers, how do I bridge this world out to this sovereign edge as we talked about? So that idea of how do I optimally locate applications, AI applications, and their associated data – that’s a very interesting workflow model to start with. And then next up, I think, is the idea of, well, where and how do I maintain sovereignty within this model? Service providers have a terrific opportunity to say, “Here are the limits within which your data and applications can move. And I’m going to provide that and give you some audit capabilities to manage any compliance risks that you have.” So terrific opportunity, I think, for service providers to become, as you mentioned, that governed alternative. And then finally, the idea that you would have a predictable cost model with tokens that allow you to share GPU resources means not just predictable, but lower cost than having an unpredictable model from the hyperscalers. We think this is actually a really compelling opportunity for service providers going forward. Robert Dutt: Can’t let you go without asking this one directly. A lot of our audience is in the middle of evaluating their virtualization platforms because of what’s happened with Broadcom and VMware. Within the survey data, is there anything about how those infrastructure decisions intersect with AI and sovereignty, the things we’ve been talking about, that you’d like to share? Are organizations treating this transition and the AI buildout as separate projects, or do things start to connect in an overall infrastructure refresh rethink? Lee Caswell: Well, I think some of the excitement from a service provider standpoint should be based on modeling or following what’s happening with the largest hyperscalers. I mean, you’re watching hyperscalers build out tens of billions of dollars of capital per month. We’ve never seen anything like this happen. And so that model, at a hyperscaler level, now what you’re thinking about is 82% from the survey of our respondents felt that their infrastructure was not fully ready for AI. And so building this out – I called this an AI dial tone earlier. The idea that similar to how you remember, Robert, how when you went to hotels, when Wi-Fi came along, all of a sudden Wi-Fi became de rigueur. You had to have it. If it wasn’t fast enough, people knew right away and responded very quickly. My view is we’re going to have exactly the same response to having fast, secure, and managed AI dial tones, if you will, for AI workloads, where you can apply your custom data or your private data and do that quickly using skills that you already have. For me, that means using a platform based on servers, based on certified GPUs, getting access to a changing set and world of LLMs. And being able to abstract both the hardware elements and the software elements means that you’re going to have customers be able to take all of the fast-changing AI world and bring it to their business problems more quickly. Robert Dutt: Before we wrap, a couple of lightning round questions, if you will. If a Canadian MSP is listening to this and thinking, “Okay, I need to do something differently,” what’s kind of the one thing based on what this data is showing that you’d tell them to prioritize in the next 12 months in terms of transforming their business? Lee Caswell: Yeah, I’d say number one is AI is coming. So prepare yourself. If you think you can get started nicely with small clusters, for example – one of the nice things about the Nutanix model is you can start small and grow from there. So start small, get a usable cluster ready for customers so they can try out how they can assimilate new GPU hardware, new AI LLMs. I think that’s essential. Also, in the process, what will happen is they’ll get experience with this new world of containers without giving up their virtualization expertise. That’s an extremely important step. If you try and do everything at once, it can be a lot. There are competitive solutions that force you to go to a Kubernetes-oriented management model. That’s a step too far for most service providers. If you think now what you could do instead is leverage your familiar virtualization skills, bring in the containerization, and allow customers to get started on shared infrastructure with a predictable cost. That’s a winning strategy for providing an on-ramp to AI with the lowest risk and a fast uptake. Robert Dutt: All right. And finally, so that the MSP audience can kind of keep an eye on what they need to keep in mind on the customer side, what’s the most dangerous assumption that you see IT leaders making right now about AI infrastructure? Lee Caswell: I think the most concerning thing I see is customers who are racing to be AI fast without being AI smart. And we saw some of this in the early days of the cloud. We remember “cloud first” versus “cloud smart.” And what happened was you had blown-up costs, you had programs that weren’t successful. But I’d say the most important thing actually has nothing to do with the infrastructure itself. It has to do with corporate management making sure that the application of AI is tied to a specific business problem. That’s the most important element. This is the thing I look for first. If you’re trying to solve an important business problem where you can ideally show that you can save money, generate more revenue, or do things more efficiently, those are the areas where you say AI is going to help here. Don’t just apply AI because it’s cool. Apply it because it’s going to solve a business problem, and you’ll find that you can actually move any infrastructure. We’ll bring that and make that work for you. Robert Dutt: Once again, it all kind of flows back to business outcomes. That’s great advice. I love that. Lee, thanks so much for taking the time. I appreciate it. Lee Caswell: Robert, I really appreciate it. Thank you. Robert Dutt: There you have it. Lee Caswell from Nutanix on their 8th annual Enterprise Cloud Index. A couple of things I’d like to flag from that conversation. Lee’s distinction between a noisy neighbor and a nosy neighbor when it comes to multi-tenant environments and data sovereignty – that’s a framing worth sitting with if you’re thinking about how to position managed services around compliance. And his point about organizations racing to be AI fast without being AI smart – that’s one you can take directly to client conversations. We’ll have a link to the full Enterprise Cloud Index report in the show notes, as well as a full transcript of the conversation. Tomorrow on the show, AWS Canada celebrates 20 years of the cloud. I sat down with Eric Gales to talk about what that milestone looks like from a Canadian perspective, and we’ll be back next Monday to catch you up on the headlines with In Case You Missed It. Between now and then, we’d invite you to subscribe to or follow the podcast in your podcast app of choice. And if it lets you, please do leave a review. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Tony Anscombe, chief security evangelist at ESET Tony Anscombe, chief security evangelist at ESET, returns to the podcast for a wide-ranging conversation about the cybersecurity landscape in early 2026. From the emergence of AI-powered malware to familiar weak points that keep showing up in breach after breach, Tony shares practical insights for MSPs advising their customers on security strategy this year. The conversation opens with a look at major incidents from the past year, including the Jaguar Land Rover cyberattackthat disrupted thousands of supply chain businesses and led to a £1.5 billion UK government loan guarantee, the Ingram Micro ransomware incident, and breaches affecting Salesforce and Oracle. Tony shares a striking insight from a cyber insurer: open VPN servers without MFA have overtaken RDP as the leading driver of claims. The discussion moves to shadow AI risks, with real-world examples of what goes wrong when companies deploy AI tools without security guardrails, and why MSPs have an opportunity to embed themselves as trusted advisors by being the security voice in the room. Tony also walks through the emergence of AI-powered malware, including ESET’s research on PromptLock, the first documented AI-powered ransomware – originally a proof of concept from NYU researchers that ended up in the wild – and PromptSpy, the first Android malware to use generative AI at runtime. The conversation closes with Tony’s advice for MSPs to stop talking about “cyber risk” and start talking about “business risk” – framing security in terms of downtime, continuity, and financial impact rather than technical threat statistics. Read Full Transcript Robert Dutt: Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, still editor at ChannelBuzz.ca, and your host for the show. Cybersecurity is one of those areas where the threats never stand still, and lately the pace of change seems to be even faster. As we head further into 2026, factors like artificial intelligence, global geopolitical tensions, and increasingly organised cybercrime are reshaping what risk looks like for businesses of all sizes. Today we’re stepping back from the day-to-day headlines to talk about what’s coming next, what really matters beneath the noise, and what IT service providers and resellers should be paying attention to as they advise their customers. My guest is Tony Anscombe, chief security evangelist at ESET, and a frequent flyer on the podcast. Tony spends his time analysing emerging threats, talking with security teams around the world, and translating complex security trends into practical guidance. This conversation is focused on thought leadership and the big picture trends shaping cybersecurity this year, from AI-driven attacks and mobile threats to ransomware and the impact of global events on the digital world Canadians rely on every day. It’s a great conversation, so let’s get right into it. My chat with ESET’s Tony Anscombe. Tony, thanks once again for taking the time. Tony Anscombe: Oh, it’s always a pleasure to chat with you, Rob. Robert Dutt: I just wanted to take this opportunity to kind of take a look at where we’re at in cybersecurity in the early part of 2026 and get your thoughts on what to expect this year, sort of help our listeners, the VARs and MSPs of the world, get an overall feeling for where things are at, where they’re going. I guess to throw things open, when you look ahead at this year, what feels genuinely different about the threat landscape compared to, say, a year ago? I was going to say a year or two, but I think even a year in this rapidly changing place is plenty. Tony Anscombe: Well, I think you’ve seen some pretty big incidents last year. None of them, I would say, are a catastrophic incident, whereas the year before we saw the likes of Change Healthcare and there was the CrowdStrike update and things that affect hundreds of millions of people all at the same time. But you had Jaguar Land Rover with a significant issue. You saw the Salesforce ransomware, the Oracle zero day that was exploited in their systems. Ingram Micro ransomware incident took down a lot of the distribution channel. So I think there were incidents that are interesting. I think to an element, I’d kind of say that you’re going to see more of the same, but the same is becoming more sophisticated and is starting to change. Now, if you go back four or five years, we’d have told you that cybercriminals at some stage will start using AI technologies in there as we go. Then I meet people frequently that turn and say, “I’m being attacked by AI.” The answer to that is, no, you’re not. Stop watching Terminator at weekends. That’s my recommendation. You’re getting paranoid. I say that, but the use of AI within cybercrime is making it more sophisticated. It’s making it more challenging to detect in certain instances and it’s becoming more challenging from a social engineering perspective. The sophistication and the likelihood of you clicking on something is unfortunately increasing. I think if you look at cyber insurance reports that talk about claims and stuff like that, still 40% of people are paying. A lot of the things are business as usual. In fact, I spoke to a cyber insurer a couple of weeks ago, Rob, who gave me a snippet of information that I thought was fascinating. We talked about RDP a couple of years ago, you and I, about the issue of… and he said the majority of their claims are open VPN servers, where people have got a login page, ID and password to log into the VPN and they haven’t put MFA on it. VPNs have now taken the place of where RDP was, so that one seems to be moving down the chain a bit. I took a look, I went on Shodan. I took a look on Shodan and sure enough, you can find lots of open VPN servers. Robert Dutt: Just goes to show how some tools which are at least adjacent to security can be flaws as well. There’s no shortage of that. You already touched on a couple of them. You mentioned AI and obviously that’s the big subject of the industry and of business in general in 2025 and 2026. It seems like we’re at a place where right now, in many cases, it’s coming out in front of security, in front of management and in front of IT control, the whole shadow AI thing. I guess, what are your thoughts on where organizations are most exposed because of that gap that exists? Tony Anscombe: Well, that’s a good point. The boardroom or the management teams in companies are going, “We need AI, we need AI,” because that’s what they’re hearing. Sure, it’s a great tool. If you look at a company like us at ESET, we’ve used AI in our products for two and a half decades or so. It’s not that new to us. But if you look at the latest iterations where a customer can get natural language help and stuff like that, you can sort through our threat intelligence easier. Those type of tools are where companies are at, isn’t it? It’s the customer interaction or it’s the knowledge base searching or it’s being able to get reasonable information quickly and meaningfully and in a nice way. The problem is, a company takes all its data, throws it into an AI model and says, “Hey, AI, can you start helping my customers?” There’s likely to be personal information in there. They’re likely to leave APIs open and such like that then get abused. Before you do this, you need to have a cybersecurity person in the room. Now, that doesn’t mean you don’t do it. What that means is you do it in the right way. The cybersecurity person might turn and sit there and be the doomsday person and say, “Oh, no, we don’t want to do this.” But it’s then about explaining to the people that want it in the business about the risk and understanding where the level of risk lies and whether you’re comfortable and accepting of that risk. We’ve seen some great examples of it, haven’t we? What was it, somebody bought a car from one of the car companies for a dollar or something, they managed to trick the AI chatbot into it. That’s the type of thing you want to be protecting against, making sure that you’ve got those guardrails in place. Also making sure it’s not going to surface some customer’s phone number or customer data inadvertently. Some customer in a previous call may have turned around and said, “Here’s my email address,” or “Here’s my phone number.” Of course, if that’s in your knowledge base somewhere or stacked in your support tickets, the right teasing of that information might bring it out and suddenly, in effect, you’ve got a customer data breach, which your AI told somebody. I’m just saying you don’t want that. You need to do it with security in mind. Make sure the agents are tied down correctly. Now I saw there was an incident last year. I can’t remember which vendor it was with, Rob, but they had an API. It was an AI tool. They had an API for their customers to use. I think it was about 30 different customers were using it, or using the same ID and password. The password, by the way, I think was “default.” Robert Dutt: Perfect. Tony Anscombe: Right? So there you go. That’s just somebody doing it without too much thought. Put a cybersecurity person in the room, every customer would have had their own ID. There would have been stronger authentication, maybe certificate-based, and you wouldn’t have had that issue. It’s about having the cybersecurity people in the room with the business at the time you discuss it. Robert Dutt: That’s an interesting place for MSPs because especially in the smaller end of enterprise and into SMB, when those discussions are taking place, often that MSP is going to be serving as the security person for an organization. It speaks to, I think, the need for you, even if you’re a third party to the company, you’ve got to have a strong seat to be able to say, “Hey, customer, this is all sounding great as far as innovation goes, but there’s stuff you need to think about here too.” Tony Anscombe: Yeah, absolutely. But it’s also somewhere where the MSP actually shows up and provides the real value because if you can show that you’re reducing the company’s business risk, then that’s what you’re there to protect, isn’t it? I would have thought it actually cements you further into the company because the more projects you get involved in, the more you understand their business, the harder it is for that company to actually change MSP. You embed that customer relationship, which is kind of the holy grail, isn’t it? That’s what you want as a service provider. Robert Dutt: Absolutely. Your research talks about smartphones as an increasingly attractive target. No argument there, it makes sense. It’s where a lot of people are doing their computing, right? It’s an interesting space in that sometimes it’s under IT control. Sometimes it’s not. Sometimes it’s a little bit of both. I guess what’s changed about mobile threats that MSPs and businesses should be paying more attention to right now? Tony Anscombe: Well, I’m smiling, Rob, sat here listening to you say that because I’ve got two phones on my desk. One of them is very controlled and one of them is mine. Robert Dutt: Wild West. Tony Anscombe: Yeah, well, it’s not the Wild West. Mine is controlled by me, not the company. But it’s a good point because if you look at people’s phones, they need to be under some sort of MDM service. If you’re allowing somebody to use their own device, then you need the ability to delete data. You need the ability to track the phone if it’s lost, delete the data and control the apps. Potentially have some sort of compliance on the security settings that are on the phone. If the person hasn’t got biometric unlock on the phone, then maybe you don’t want to install your stuff on there at all. It’s not just about having that container for the company data that you control, but it’s also having a minimum set of security standards on the phone, that the phone itself is secure. Bear in mind, you’re helping actually your employees secure their phone in that scenario as well. But yeah, the more and more devices you see, the more and more I think compliance you need to do on them. I don’t think that will change anytime soon. Robert Dutt: Ransomware, obviously the constant presence, the constant scourge. It keeps evolving, but the pattern keeps repeating in that a lot of the successful attacks are relying on maybe not the same weak points, but familiar weak points. I guess, why do we still see these same mistakes playing out? And what, if anything, can I do about that as an MSP? Tony Anscombe: Well, certainly one of the things MSPs need to do is make sure the customer is being trained, but also make sure your own staff are being trained as well. If you look at… and I wouldn’t want to put a percentage on it, but it’s a big number. If you look at the number that involve some form of social engineering, unfortunately – social engineering, you know, phishing, text messaging, physical phone calls – it’s never-ending. The elements of social engineering are huge there. I mean, I can’t remember whether we spoke about ClickFix last year. ClickFix was an interesting malware family. They used, one of the variants used the screen that says, “Are you a robot?” We all click the box, don’t we? And they’re very creative. Then it says, “Can you press these three keys on your keyboard to verify you’re human?” And what actually the three keys do is they invoke a PowerShell script. And there you go, you’re now breached. But it’s those sophisticated mechanisms such as that, that you need to make sure your employees understand, and your staff and your customer staff. So within the MSP, that you’re doing regular training, regular, even for your technical people. I worked for a company, Rob, when I first started my career in finance. It was a credit card company. And they used to run a program where a fictitious fake card member would sit there ringing numbers in the company each day, internal numbers. And your phone would ring and you’d pick the phone up and it would be a fake card member. And you had to own the call. Everybody in the company had to own the card member, regardless of whatever your job was. I’d love to see tech companies doing something similar. Robert Dutt: Yeah. Tony Anscombe: MSPs could be doing something like this with their customers. Can I randomly phone up your staff and see if I can socially engineer a password out of them? Not because I want to embarrass them, but because I want to be able to show that it can be done and then improve things beyond it. Wouldn’t that be a great service? It’s like phishing simulation, but with a person. Robert Dutt: Interesting idea. Tony Anscombe: Yeah. But if I ran an MSP myself, I think I’d be doing that on my own staff because I wouldn’t want to be, unfortunately, the supply chain into my customer that gets breached, that ends up seeing my customers breached. And there were a few of those, unfortunately, I think last year. I think Marks & Spencer were that way. And I think Jaguar Land Rover may have been through a third party as well. So I think there are some really interesting examples where third parties were unfortunately responsible. Robert Dutt: Well, yeah. It speaks to kind of that trend too, where a lot of times those who are doing the attacks are looking at that as an increasingly viable way in because there’s potential for there to be a gap between organizations that no one’s really… everyone assumes that everyone else is kind of looking at it, maybe. Tony Anscombe: Yeah, absolutely. There are other things I think MSPs… MSPs need to show their customers that they’re 100% secure, that they’ve gone through the same programs that actually customers do as well. One thing I think, if an MSP doesn’t go through what I define as regular cyber insurance type requirements, to me that would be a good thing for them to do, because cyber insurers kind of push that whole reduction in risk. Robert Dutt: That is rapidly becoming table stakes, isn’t it? That’s an expectation. Continuing along that line, for MSPs who are kind of planning out their security strategy, their security approach for the rest of the year, I guess what’s one assumption or one thing they’re doing that they should probably challenge or change at this moment in time? Tony Anscombe: One thing to change, that’s a big question. Only take on customers that are secure. Robert Dutt: Problem solved. Tony Anscombe: Yeah. Don’t allow your customers to have any connectivity. No. It’s to make sure that you’re keeping pace with the advanced technologies that are out there. For example, we’ve seen EDR become MDR and XDR, but are you now plugging in good, accurate threat intelligence feeds into that EDR? Whoever’s EDR you’re using, obviously, I’d love everybody to use ESET’s, by the way. But if they’re offering that as a managed service from an MSP, I’d also couple that with threat intelligence feeds and APT reports. If you’ve got government customers, actually start taking it to the next level so that it’s not just about relying on the monitoring and detection of an issue, but also that you’re intelligently looking beyond where other issues might come through other industries or what’s happening elsewhere. Robert Dutt: And taking that same kind of idea, but turning it around from a customer-facing perception. If you were advising an MSP on how to talk to clients about cyber risk this year and what they should be thinking about going forward, how does that conversation need to change in light of the changing threatscape? Tony Anscombe: Well, firstly, now that’s an interesting term. I’m guilty of using the term cyber risk. If I was in the MSP shoes today, I would not be talking about cyber risk. I’d be talking about business risk. I think cyber is becoming a risk just like any other risk to a business, i.e. theft, fire, building collapsing, earthquakes, whatever it might be that we tend to have risk. And cyber now needs to be treated as that risk. You’ve got to talk to a business in the terms of it being a business risk. There are some really good examples in the market now. I mentioned Jaguar Land Rover just a moment ago. Think about that entire incident. A third party to them gets breached and Jaguar Land Rover gets taken down through it. It affected 5,000 businesses. The UK government stepped in and bailed them out with PS1.6 billion. That’s a huge amount of money. If you and I had a little company, we’re making screws for gearboxes. It’s all very well somebody coming to me and turning around and saying, “Cyber risk.” But what I really want to know is the business risk. How much is it going to cost my business if I have this incident? What is my downtime going to be? Talk to them in the business language and put it in real terms. It self-justifies, by the way, then the expenditure on cybersecurity because you’re talking to them about the finance of the business. I kind of stopped talking about, you know, “70% of ransomware attacks start as phishing.” Great, those are supplemental, but talk to them about actually how they keep their business running. Robert Dutt: I think it speaks to a broader trend in the channel of over time, moving from speaking about technology to speaking about solutions to increasingly speaking about outcomes. I think we’re talking about now the business outcomes of security investment. Tony Anscombe: Yeah, absolutely. To a lot of this, this is the decision of the CFO of where is the acceptable business risk. Then it’s about putting the right cyber plan in place to meet the line of business risk. And by the way, we all have risk in different… our line will all be in different places. If 10 of us stand in a casino in Las Vegas and we’ve all got $200, we’re all going to behave completely differently when we walk up to the roulette table. Robert Dutt: Yeah, absolutely. And depending on where we’re at, we may have additional oversight, which colours our risk decision-making and depending on what… in this case, in what industry you’re in, for example. Tony Anscombe: Well, exactly. Every CFO and every business will have a different line in the sand of where their business risk is. Robert Dutt: You obviously get to spend a whole lot of time looking at what’s there and what’s coming in terms of security. I’m curious, is there anything that’s surprising you about the current security scene? Tony Anscombe: Well, the one thing that we’ve seen in the last six months… we’re being attacked, but let’s come back full circle here. We’re being attacked by AI. We have seen a couple of examples of malware. At this stage, they appear to be proof of concepts of AI-based malware. What that means is it’s actually dynamically using AI within the malware to generate the attack. It’s looking at the environment and then using the environment, asking AI to then generate scripts and code on the fly in real time. They’re using public AI models to do this. It will create the script and then they attack with that script. Now, in theory, that means you’re using a never-before-seen piece of code within the attack, which obviously makes it very challenging to detect. The two instances we’ve seen, one was PromptLock. The other one, we published details in the last few weeks, PromptSpy. One was on a Windows, macOS and Linux platform. The other one, a few weeks ago, was on an Android platform. We’re seeing the emergence of that type of code. So lower barrier to entry. Now that code’s out there in the marketplace. Difficult-to-detect attacks. I think you’re going to see that expand over this next year. Now, interestingly, one of those examples I just used, PromptLock, was a project by a university student. That’s what it transpired to be, but they put it in the public domain. Need I say more? Please don’t do this. [Laughter] Robert Dutt: I guess it was a matter of time that once the idea of vibe coding became kind of mainstream, that it was going to get turned back around and used in some sort of malicious way. That is one true trend across security over time. They will take advantage of the tools that are available. Tony Anscombe: They will. But I expect to see more of that AI-generated code out there over this next year. The challenge then is making sure the technologies that are in place, those advanced technologies, are picking up those advanced attacks because it will become more challenging as it goes. Robert Dutt: Tony, as always, so much going on in the security space, but you’ve given us some good things to think about. I think most importantly, some actionable things to think about as you’re running the security practice of an MSP. Appreciate your taking the time, as always. Tony Anscombe: Hey, always a pleasure, as I said, Rob. Robert Dutt: There it is, my conversation with Tony Anscombe, chief security evangelist at ESET. Whether it’s the rise of AI-powered malware, open VPN servers quietly becoming the new weak link, or simply learning to talk about security in business terms, there’s a lot here for MSPs to think about as we move through 2026. I’d like to thank Tony for joining us once again. Thank ESET Canada for their ongoing support of the site. And of course, thank you for listening today. We’ll be back in your feed tomorrow as we’re joined by Lee Caswell from Nutanix to discuss the company’s 8th Annual Enterprise Cloud Index Report, and with a special episode on Friday as we discuss Amazon Web Services at 20 with AWS Canada chief Eric Gales. You’ll want to be sure you catch those, so please do subscribe to or follow the podcast in your podcast app of choice. And if it allows you to do so, please consider leaving a review or rating of the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Roi Karo, chief strategy officer at Check Point Check Point Software has been on an acquisition tear. Under new CEO Nadav Zafrir, the company has picked up five startups since early 2025, with three announced simultaneously in February: Cyclops, Cyata, and Rotate. But these aren’t opportunistic bolt-ons. They map directly to a four-pillar strategy that Check Point says defines the future of its security platform: Hybrid Mesh Network Security, Workspace Security, Exposure Management, and AI Security. In this episode, we sit down with Roi Karo, Check Point’s Chief Strategy Officer, and Angelo Valentini, head of channel sales for Canada, to dig into the thinking behind the acquisitions and what they mean for the channel. Roi brings an unusual perspective to the table, shaped by 25 years in Israeli defense intelligence and a stint as Chief Risk and Strategy Officer at blockchain infrastructure company Fireblocks before joining Check Point. Angelo Valentini, head of channel sales for Canada at Check Point The conversation covers how each acquisition fits into the broader strategy: Rotate brings MSP-native expertise to the Workspace Security pillar, where Check Point is consolidating endpoint, email, browser, and mobile security under a single management layer. Cyclops completes a full Continuous Threat Exposure Management cycle by adding internal asset scanning alongside CyberInt’s external scanning and Veriti’s automated remediation. And Cyata addresses the emerging challenge of governing autonomous AI agents operating on user endpoints, a category that barely existed a year ago but is evolving fast. We also explore what Check Point means by an “open garden” platform, including how its tools integrate with and remediate across competitors’ products, and how that philosophy plays out in practice for MSPs managing multi-vendor security stacks. Angelo adds a Canadian lens, touching on the opportunity in Canada’s SMB-dominant market and the compliance implications of Bill C-26. Check Point’s MSSP Partner Program offers consumption-based pricing and multi-tenant management for solution providers looking to explore the opportunity. Roi closes with a pointed message for partners: the assumption that there’s still time to learn and prepare is “terribly wrong.” The threat landscape is accelerating, and the window to adapt is narrower than most people think. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always your host for the show. Check Point Software has been making some big moves. Under new CEO Nadav Zafrir, the company has acquired five companies since early 2025, including three announced simultaneously in February: Cyclops, Cyata, and Rotate. And these aren’t random bolt-ons. They map to a deliberate four-pillar strategy that Check Point says defines the future of the platform. Those four pillars are: Hybrid Mesh Network Security, covering data centers, cloud, SASE, and SD-WAN. Workspace Security, protecting endpoints, email, browsers, and SaaS applications. Exposure Management, giving organizations visibility into their full attack surface. And AI Security, governing the new wave of autonomous AI agents operating inside enterprise environments. For solution providers, the most interesting piece here might be the Rotate acquisition. It’s an acqui-hire that brings in a team with deep roots in the MSP ecosystem, including veterans of Datto and Kaseya. Cyclops adds a data lake with over 150 integrations for attack surface management. And Cyata tackles a category that barely existed a year ago: identity management for AI agents. To unpack the strategy and what it means for the channel, I sat down with Roi Karo, Check Point’s chief strategy officer, and Angelo Valentini, who leads Check Point’s Canadian partner business. Roi brings an unusual perspective – 25 years in Israeli defense intelligence and a stint as chief risk and strategy officer at blockchain infrastructure company Fireblocks before joining Check Point. Here’s our conversation. Gentlemen, thank you for taking the time. I appreciate it. Roi Karo: Thank you very much. Angelo Valentini: Thanks for having us. Robert Dutt: Roi, before we dive into strategy itself, you come to Check Point from Fireblocks, and before that, 25 years in the IDF and on that side of the world. Pretty unique lens. I’m just curious, how does that shape how you think about security strategy versus someone who’s grown up and spent that kind of time inside the cybersecurity vendor world? Roi Karo: Yeah, that’s interesting. I think it gives a unique perspective, being part of the Israeli intelligence security, and it gives, I think, a wide view of how things are shaping. And it’s part of what we’re trying to answer today. The biggest hurdle I’m trying to uncover is what is going on. What’s going on in the world, what is going on in the market, and of course, how should we react as a security company. And I think my background gives an interesting perspective for that. And stating what is obvious, in Israel, many people in the cybersecurity industry are veterans of the Israeli defense forces. So it’s an interesting background and a very useful background to be part of the security ecosystem in Israel. Robert Dutt: You guys announced three acquisitions simultaneously, and that’s following last year, which saw Lakera and Veriti. That’s an aggressive pace. I guess, what do you see as the strategic urgency driving the acquisitions? Is it about AI creating new categories of risk, or is it about the competitive landscape forcing your hand? Is it a little bit of both? What’s driving this? Roi Karo: Yeah, I think both and maybe some more. Stating the obvious, things are changing faster than before. Everybody’s talking about how AI is changing the world. Something that everybody says in their first sentence: everything is faster. Things that before took years now take weeks and even days. So we can’t just wait. We need to move fast, faster than we moved before. So acquisition is a great way to move faster. When we find a very strong team that has a very good product that can help our portfolio and give us good products that we can suggest or offer to our customers, this is something that we’re very interested in. And I think, as you mentioned, the competitive landscape – competitors are also moving faster. So we need to keep pace. And the last thing I would add, Check Point as a large company offers a wide variety of solutions. We’re very known for our firewalls and network security, but if we’ll have more time, we can talk about the other pillars. And actually all three new acquisitions are supporting and accelerating our other product pillars. So offering a consolidated solution to our customers is one of our biggest strategic moves, and all of those acquisitions are helping us to get faster through this target. Robert Dutt: You kind of presage where I was going next, which is, in your blog post, you frame four pillars of where Check Point is going, what you want to be locking down. And as you rightly point out, Check Point has that history, that strength in network security. The newer bets, especially both exposure management and AI security, which is obviously nascent – it seems like they require different muscles, different skill sets, different approaches from Check Point and from partners alike. Where are the real capability gaps that needed filling? Roi Karo: Yeah, so I think when talking about gaps, there are different types of gaps. One type of gap is mostly on the AI front. Everything is new. So to be very honest, I think that the security industry is still learning how to secure AI. So we have gaps. Everybody has gaps because it’s so new. We’re inventing new things. We’re building new kinds of security solutions. And that’s one type of a gap. A different type of a gap is that we have products for many years and we want to have better solutions, acquiring features or products that can help us accelerate closing those types of gaps. But I think the first type is more interesting because those are purpose-built solutions that did not exist before. This is where the true innovation is happening. And without that, nobody will be able to secure the new types of attacks that we’re seeing in the wild. Angelo Valentini: Robert, if I could just add – on the partner side, I think some of the gaps and concerns are really about visibility, governance, and also about operational efficiency. I think that’s one of the things that we’re trying to help partners with in terms of what their concerns are relative to AI, relative to exposure management, all these areas. Robert Dutt: You describe this whole scenario as an open garden platform, which is a nice framing versus the walled garden approach. For MSPs who are running multi-vendor security stacks and representing multiple security vendors, which, let’s be honest, is the vast majority – what does that open garden mean in practice for them? Roi Karo: Yeah, so I think a couple of things. Our philosophy is openness. We’re not trying to create any kind of vendor lock. We play with all vendors. You mentioned the acquisition from last year of Veriti. That’s a great example because what Veriti offers is the ability to patch or virtually patch all of your security vendors. If you have a threat that you discovered, now you want to make sure that you’re actually being defended against it. So what Veriti does is go over all of those exposures and close them. And when they say close them, they close it using a Check Point security product, but also all other vendors. So we have integration even with our competitors, other types of vendors. So that’s one example of how we try to build our solutions in a way that supports all the other players, because we acknowledge what you said. Most vendors and even most companies, they don’t want vendor lock. They want to use several vendors. They want all of them to play together. So we design our solutions in an open way. It can be used with APIs, it can call to other types of solutions and help MSPs or customers, other types of customers, to build their full stack of solutions. Robert Dutt: That kind of maps, I think, with things that I’ve been hearing more and more from partners. Back in the day, you’d hear a lot of, “I want to work with fewer security vendors.” Still, no one’s saying, “Hey, I want to sign up 400 security vendors and try to understand the nuance of what all of them are doing.” That’s operationally impossible. What I hear more, I think, is the idea of, “I want to have a few strategic security vendors and I want them, where possible, to play nicely together in my environment.” Roi Karo: Absolutely, I can’t agree more. I think consolidation is important. Nobody wants 400. Nobody wants even 40 vendors. It’s hard. But nobody wants one vendor. I think that in a way, we’re trying to figure out this balancing, this sweet spot between having hundreds of vendors and having one vendor. And what we do is – the reason we picked those four pillars is because we truly believe that we’re leaders in each one of them and we have the best solution in each one of them. And anywhere that we don’t have a solution, we partner. So a good example is CNAPP. We have a strategic partnership with and other CNAPP vendors. So we don’t have our own CNAPP solution. We integrate it with another vendor. And everywhere we don’t have the best solution, we’ll integrate with the best vendors that are out there. Robert Dutt: Okay, let’s talk a little bit about the acquisitions that were made that start to build out this platform, or continue to build out this platform. And I wanted to start with Rotate specifically, because I think it’s really interesting for this audience. You acquired them, it seems, primarily for the team. And that team includes key people who come from a background in Datto, in Kaseya – companies that really built up the foundations of the MSP ecosystem of today. What does that signal about how you guys are looking at the MSP market and the MSP opportunity for Check Point? Roi Karo: Yeah, so I will zoom out a bit and then focus specifically. When we announced the workspace pillar, we realized among other things that companies want to manage the whole end user security through one vendor, through one unified management, and not point solutions. So we took our endpoint solution, our email solution, browser, mobile – all the solutions we have around the end user – bundled them together, and are offering a way to manage all of them from a unified management. That is something that is unique and I think is very compelling to all types of customers and mostly MSPs, for obvious reasons. They want to manage all of this end user security from one vendor, from one management. And doubling down on MSPs, we understand their needs. We have many MSPs as customers and we want to provide an easy way to manage all their tenants, all their end users in one single pane of glass. And that’s what we’re building, and this is what we want to accelerate with the team of experts coming from Rotate. Angelo Valentini: So Robert, in Canada, as you know, 90% of the businesses are SMB. So this is a huge opportunity for partners as we go and develop this and enhance that solution for our partners. It’s a huge opportunity. Robert Dutt: And speaking of huge opportunity, the email security business that’s already – I think I saw 160 million is the figure for Check Point’s revenue line there – as well as being one of the most foundational tools that MSPs bring to market and have fueled that business. I’m curious to get your thoughts on how you build from that beachhead that you’ve got established in email security and into that broader workspace security story that Rotate is facilitating. Roi Karo: I think email security, as you said, it’s so fundamental. And when we try to explain to people how AI is changing the hackers, this is the easiest example because it’s most common and easy to explain and imagine. Phishing attacks look different now with AI-based attacks. We all did this training that you need to find spelling mistakes and grammar mistakes to identify phishing. As you can imagine, there are no spelling and grammar mistakes anymore when phishing emails are being built or crafted with AI. So email security is being changed and being reinvented. And we are building new types of email security to make sure that we’re securing also for the most advanced AI-based phishing attacks. Our email security is something that we take a lot of pride in and we can prove that it is better than many others. So that’s, as you said, a great beach entry through many of what we’re doing with our customers. And adding the other capabilities on top of the email is super important. Because again, using a very simple example: someone got a link, they pressed it because it wasn’t blocked. And now they have malware on their computer. You want that endpoint security to be connected to the email security and have one platform that can see everything and can actually prevent attacks before they happen. So we integrated our endpoint solution, our browser extension, our mobile solution, and the email together into one threat intelligence layer that provides data to all of those solutions. Robert Dutt: Cyata is about governing AI agents, which as well as being the buzzword of the day is also a category that didn’t exist a few years ago, because AI agents themselves did not exist a few years ago. For an MSP today, is security around AI agents something that their customers are asking about? Or is this one of those things that’s in a “be ready for this now so you can sell it tomorrow” kind of space? Roi Karo: Yeah, I think that this will grow very fast because, as I’ve mentioned, AI is moving faster than we imagined. When we say agents, I think there are two separate use cases, and one of them is very relevant to the MSP. One that is less relevant is building AI applications that use agents. This is for bigger organizations and more sophisticated organizations that have engineers and are building their own software. But all of us are using agents. ChatGPT and Claude today, you just press a button and you’re running an agent from your endpoint. That is something that is happening. It’s the more advanced user today, but tomorrow it will be all of us using agents running on their endpoints. And one of the things that Cyata built, and we’re now adding to our products, is a capability running on the laptop of the end user, identifying agents that are running there on behalf of the users. It can identify and, first of all, give visibility into all the agents that are running from the end user’s computer, but also provide governance and policy that make sure that they’re doing only things that they’re allowed, that they’re using the right identities, that they have access only to things that they are supposed to have access to. And this is something that I believe will be very relevant to MSPs in the near future, sooner rather than later, because it’s related to all the end users, all the people that are using AI. Angelo Valentini: Robert, this also plays nicely with some of the government compliance developments with the Canadian government. So Bill C-26, for example, is all about governance and compliance. This is a great way in which this acquisition plays right into the government legislation. Insurance is another big thing where we’re seeing a lot of compliance requirements, and also financial institutions. So this is just another way that this plays into that compliance as well. Robert Dutt: Last but not least on the acquisitions, can you give me a bit of a feel for how Cyclops fits in, what they bring to the table, and the opportunity you see there for your partners? Roi Karo: Yeah, absolutely. And again, zooming out and zooming back into Cyclops. We just announced our Exposure Management pillar. We acquired, I think almost two years ago, CyberInt. They’re doing external risk management – they’re scanning the organization from the outside and providing all the data you can achieve from looking at the organization, the company, from the outside. Dark web and the organization itself. Six months ago, we acquired Veriti, that takes all of the data, all of the exposures, all of the threats, and mitigates them automatically. So you have automatic remediation. And now with Cyclops, we completed the full cycle, because they are scanning the organization internally. This is an asset management capability that actually connects to hundreds of vendors that provide data. And then you have the full picture of what’s going on inside your organization. So CyberInt’s capabilities are scanning from the outside, Cyclops’ capabilities are scanning from the inside, and Veriti’s capabilities take all of this intelligence – and all the intelligence we acquired in decades of building our capabilities – and make sure that all of this is being remediated. In this way, we accomplished the full cycle of what Gartner calls CTEM, Continuous Threat Exposure Management, and provide a very unique value proposition to our customers of having the full cycle of understanding what is happening across your attack surface, identifying the threats, and remediating the threats. Cyclops provided a very important piece of the puzzle that we were missing, and we’ll integrate them very quickly into our value proposition and offer a full cycle of CTEM. Robert Dutt: How quickly do these acquisitions – you mentioned the plan for Cyclops there – but how quickly do these become native Check Point experiences rather than adjacent tools that are also on the Check Point line card? Roi Karo: Very quickly in those three cases, because they’re part of a wider value proposition. It’s not a standalone – all of them started as a startup with a standalone capability, but the real magic and the real value will come when we integrate them. That will happen very quickly because all of those solutions are very modern in design, which makes it easier. And part of the due diligence we did around all of them is how quickly we can integrate. So this will be integrated very quickly. And of course, now – as I say, everything is happening faster – we are using AI to build products and integrate products. So that will happen very fast, and this will be offered to our customers immediately. Robert Dutt: Zooming back out to the strategy level, if I’m a Canadian MSP with managed seats numbered in the hundreds – typical SMB-focused MSP – today I’m running Check Point email security, maybe firewalls. When I look at this strategy, what is this going to change about what I sell and how I operate over the next 12 months? Roi Karo: I think CTEM and exposure management becomes even more important than before. Maybe we need to take one step back with your permission. I think that the threat landscape is changing, and that’s something that we all need to acknowledge. Just imagining how the attackers are using AI in order to accelerate their attacks – things that before took attackers months or years to build, to find new vulnerabilities, we’re seeing right now happening much faster. The scale, the sophistication of attacks is changing. And we all need to prepare. Vendors, MSPs, and other types of organizations need to make sure that they are prepared for a new wave of attacks. And for that, you need to have everything that can help you understand. We talked about my background – intelligence is super important to understand what is going on. And exposure management is exactly that: understanding what is going on. Are you attacked? Where are you exposed? Who is attacking you? You can’t fly blind. So the first thing I would add to my portfolio if I’m an MSP is offering threat intelligence, offering exposure management, scanning all of my customers and making sure that they’re not exposed, finding servers they have that are exposed, finding PII that is related to them on the dark web, and making sure that I’m warning them. Many kinds of solutions we have as part of our exposure management value proposition I think will be very interesting for MSPs. So that’s one thing I would explore with Check Point. The second thing is AI, of course. We talked about agents, but even the basic LLM use of end users, that’s something that needs to be governed. Angelo mentioned compliance, it will become part of it. Even if you’re a small law firm and you want to make sure that your lawyers are obeying the rules that you decided – can they use ChatGPT in order to write a legal document? If it’s a small medical company, can they consult ChatGPT on medical issues? What is the PII guidance you give them? Can they put PII in ChatGPT or not? All of this needs to be governed, and our products enable that. They run on the endpoints, they make sure that you’re aware of what all of your employees, all of the people in the company are doing with AI, and they can enforce governance on what you want to allow and what you want to block. Do you allow DeepSeek in your organization? Do you allow other types of LLMs or GPTs? All of this, as part of AI security, is something that MSPs will need to adopt and educate themselves on, and educate their end users very quickly. And what we’re building is a full suite of AI security. We’ll have offerings for small companies, offerings for large enterprises, and everything in between. Angelo Valentini: You touch on AI governance, we talked about exposure management. These are ideas that sound consultative and complex, which is great because channel 101: where there’s mystery, there’s margin, and there is ample mystery here. But again, through the lens of that SMB-focused MSP, how do I get to it? So I guess what I’m getting at is, how are you helping partners productize those conversations they need to have without requiring them to go super deep themselves as AI specialists? I think that’s the bread and butter of partners today, is the service offering. When they see acquisitions like this, we play in all their wheelhouse in terms of all the areas: visibility, governance, and also operational efficiency. So that’s the number one thing. It’s our job to enable our partners as well as part of it. Me in the partner community, we go and enable our partners to understand the technology and understand the opportunity. And there are consulting opportunities here, there’s increased revenue opportunity here. That’s one of the things that we focus on, is really to get awareness to the partners so they understand: hey, there’s an opportunity here for incremental revenue, for increased opportunity in consulting and implementation. And then from there, there’s ancillary AI solution revenue that follows. So it’s up to the partner to decide, but it’s really something that they should consider. Robert Dutt: Just to wrap things up before we go, do you have time to do two quick lightning round questions, quick answers? First of all, what’s one assumption about cybersecurity that you think partners need to stop making right now, or at least over the course of this year? Roi Karo: I think that the basic assumption is that we have time, that sophisticated attacks are not here yet, and we have time to learn, we have time to adjust, and everything will be okay. I think that’s terribly wrong. I think that the attackers, they don’t have the governance and legal obligations that we have as companies. So they’re running very fast. It’s happening now. So I think a wrong assumption that many people have, MSPs included, is: okay, it’s still early, we can learn, we can take our time. I think we need to move fast and we need to move faster than we’re moving. Robert Dutt: And taking that similar lens but turning it inside this time, what’s the hardest internal debate that you’re having at Check Point right now about AI and security, and why isn’t it settled yet? Roi Karo: We understand that we need to offer AI as a part of – we talked about many angles of AI, one that we did not mention, and I will use your question to address it – is using AI for security. We talked about AI for the attackers, we talked about AI that everybody’s using and we need to secure. Part of what we’re building in a very innovative way is autonomous security – AI agents that are running security. And this of course is the biggest promise. And many people feel that we need to move much faster on this front. It’s not easy. And we’re building it in many parallel lanes, because it’s hard to predict what will win. But we understand that the future of security – you need to fight AI with AI, you need to adopt AI. And this is maybe the biggest promise of our industry, when the industry will be able to adopt AI and leverage the power of AI in order to provide better security. And in many ways, in bigger organizations, the department that needs to adopt AI the fastest is the security department. Because for all the other departments, this is a force multiplier, it changes everything, but in a way it’s a nice to have. For security, because the attackers are using AI, if security people won’t adopt AI for themselves and use AI to secure their organization, they will lose. So we’re trying to do our best in offering our customers AI-based security. We have today in all of our pillars co-pilots and MCP servers and agentic capabilities. But we aspire much higher. We want to build real autonomous security, real AI employees – AI security employees that will be part of the team. We have very exciting, innovative teams that are building those kinds of things. And answering your question, the debate is: can we, or how can we, move faster on this front, offering our customers fully autonomous, fully AI-based security. Robert Dutt: That’s a pretty good overview and view of the strategy and of where you think things are at. Good luck with the acquisitions and rolling them in and continuing to broaden out the strategy. And thank you very much for taking the time for this conversation. Roi Karo: Thank you for hosting us. It was a pleasure. We’ll be in touch. Angelo Valentini: Great to be here. Robert Dutt: There you have it, a look at Check Point’s push to reshape its platform around AI security, exposure management, and the MSP workspace, with Roi Karo and Angelo Valentini. The takeaway I keep coming back to: Check Point isn’t just buying technology here. They’re making a deliberate bet on the MSP market, and hiring a team from Datto and Kaseya to build it out is the strongest signal of that intent. Whether you’re already in the Check Point ecosystem or not, the open garden approach they’re describing is worth paying attention to. And Roi’s point about urgency is one that I’d take seriously. The window to learn and prepare is shorter than a lot of people think. Thanks to Roi and Angelo for a great conversation. And thank you as always for listening. Also this week on ChannelBuzz.ca: on Wednesday, ESET’s Tony Anscombe joins me to walk through the security trends and threats solution providers should be watching this year. On Thursday, I sit down with Nutanix SVP Lee Caswell to dig into their latest Enterprise Cloud Index research, including what the data says about shadow AI, data sovereignty, and where infrastructure decisions are heading. And on Friday, a bonus episode – AWS Canada’s Eric Gales joins me for a look back at 20 years of AWS and what it means for partners going forward. If you’re enjoying the show, please take a moment to subscribe or follow in your podcast app of choice. And if you’re feeling generous, a rating or review goes a long way to helping other solution providers find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Today is Monday, March 9, 2026. Welcome to In Case You Missed It, our weekly five-minute rundown of important channel news stories that might have flown under the radar last week. In this edition: Ingram Micro Q4 and full year 2025 results: Ingram Micro reported fourth quarter net sales of $14.9 billion (up 11.5%) and full year net sales of $52.6 billion (up 9.5%), with its Xvantage platform now driving “billions” in transacted revenue. The company debuted the “AgenTeq” brand for its agentic AI capabilities, including a Sales Brief Agent initially piloted in Canada. Memory pricing crisis update: Dell is “compressing discounting” and shortening quote windows. HP says memory costs doubled in one quarter to 35% of PC production costs. Intel’s CEO says there’s no relief until 2028. The message to partners: quote fast, communicate pricing risk early, and plan for volatility. MSP Well launches as the channel’s first mental health community: Co-founded by Joe Ussia (Infinite IT Solutions), James Mignacca (Cavelo), and Miguel Ribeiro (VBS IT Services), MSP Well is a free peer-support network for IT and MSP professionals dealing with burnout, stress, and the mental health impact of cybersecurity work. Launched at XChange March 2026 in Orlando. ServiceNow claims AI bot resolves 90% of its own help desk tickets: The “Autonomous Workforce” agent handles Level 1 IT issues end-to-end, including password resets, VPN issues, and software access, with 99%+ resolution rates in targeted categories. GA expected in the second half of this year. Read Full Transcript Hello and welcome to In Case You Missed It from ChannelBuzz.ca. Your Monday morning recap where we catch you up on some of the channel news and trend headlines you may have missed in the last week. I’m Robert Dutt, editor of ChannelBuzz.ca. Today is Monday, March 9, 2026. Let’s get your week started right. Ingram Micro closed out fiscal 2025 with some pretty strong numbers. The distributor reported fourth quarter net sales of just under $14.9 billion, up 11.5% year over year and above the high end of its guidance range. For the full year, net sales came in at $52.6 billion, up nearly 10%. The company attributed the growth to strong demand across its core distribution business, an uptick in cloud marketplace revenue, and continued traction from its Xvantage digital platform, which management now says drives “billions of dollars” in transacted revenue. But the detail that caught my attention is a word, not a figure. During the earnings call, Ingram introduced the name AgenTeq – T-E-Q, by the way – as its branding for its agentic AI capabilities within the Xvantage platform. AgenTeq encompasses over 400 AI and ML models that Ingram’s been building, including a tool called the Sales Brief Agent, which gives Ingram sales teams real-time AI-generated intelligence on partner and customer accounts to help uncover growth opportunities. And in a detail worth noting for this audience, the Sales Brief Agent was initially piloted here in Canada before its planned global rollout in the first half of this year. We’re still learning what AgenTeq means in practical terms for channel partners and it’s early days for the branding, but the combination of its financial results and the platform investment suggests Ingram is placing a very deliberate bet on AI-driven distribution. A story we’ll be following up very soon here on In The Channel. If you listened last week, you heard us lead with the component shortage story. Cisco rewriting partner contract terms, Lenovo warning of March price hikes, Western Digital’s entire 2026 production already spoken for. The situation has not gotten better. In fact, it’s getting worse and faster than most of us expected. Dell COO Jeff Clarke told analysts last week the company’s compressing discounting and that quotes are now valid for “the shortest period of time they’ve ever been.” HP’s CFO disclosed that memory costs have doubled in a single quarter and now represent about 35% of PC production costs, up from 15 to 18% a few months ago. And Intel CEO Lip-Bu Tan says there’s no relief coming until 2028, a timeline backed by both SK Hynix and Micron. The takeaway for partners hasn’t changed from last week, but it’s more urgent now. Shorten your quote windows, have the pricing conversation with customers early, and assume that anything you quote today can and will cost more by the time it ships. Grab your helmet. Switching gears to something that doesn’t come up nearly enough. A new community initiative called MSP Well was formally launched this week at The Channel Company’s XChange conference in Orlando. MSP Well is a peer-support community dedicated to mental health and resilience among IT, MSP, and MSSP professionals. It was co-founded by Joe Ussia, CEO of Infinite IT Solutions, James Mignacca, CEO of Canadian vendor Cavelo, and Miguel Ribeiro of VBS IT Services. As Ussia put it, “the channel talks constantly about tools, threats, and uptime, but rarely about the human cost to the people doing the work.” MSP Well aims to change that, offering peer support, a Discord community, an anonymous call line, and partnerships with certified counsellors. It’s a meaningful initiative, and it’s something we’re looking forward to following up on here on In The Channel. And finally, ServiceNow says it has built an AI agent that’s now resolving 90% of inbound IT tickets on its own internal employee help desk. The system handles high-volume Level 1 issues like password resets, software access, VPN connectivity, and hardware troubleshooting, with resolution rates above 99% in those categories. When it gets stuck, it escalates rather than guessing. It’s an internal deployment for now, with general availability scheduled for the second half of the year. ServiceNow’s annual Knowledge conference takes place in May, and I’d expect we’ll hear a lot more about it there. Those are some of the things we were paying attention to last week. This week on In The Channel, we take a look at Check Point’s recent acquisition spree and how it all comes together with their chief strategy officer, Roi Karo. Sit down with frequent guest Tony Anscombe from ESET to talk about the current threat landscape. And break down the most meaningful findings of the Nutanix Enterprise Cloud Index report. I’m Robert Dutt for ChannelBuzz.ca. Have a great week!

Pinar Ormeci, CEO of Lexful For MSPs, documentation is essential. But it's also one of the hardest parts of running a service business. Inaccurate, outdated, or inaccessible documentation slows teams down, increases onboarding time for new technicians, and can even put service quality at risk. That's the problem Lexful is aiming to solve with a new approach. In this episode, we sit down with Pinar Ormeci, CEO of Lexful, to discuss the company's new AI-native platform built specifically for managed service providers. Pinar explains how Lexful uses artificial intelligence to capture and organize MSP best practices in real time, making documentation not just a compliance task, but a practical tool that drives efficiency and reduces errors. We also dive into some of the challenges MSPs face when adopting AI tools — like ensuring sensitive client data stays secure and meets regulatory or geographic requirements — and how Lexful addresses these concerns with flexible data residency options. Plus, Pinar shares her thoughts on global expansion, including the Canadian MSP market, and what makes Lexful different from traditional IT documentation tools. Whether you're looking for ways to improve operational efficiency, reduce technician burnout, or future-proof your MSP business with AI, this conversation offers practical insights and a glimpse at where documentation technology is heading. Tune in to hear Pinar Ormeci explain how AI can transform the way MSPs capture, store, and use the knowledge that keeps their businesses running. Read Full Transcript Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always your host for the show. If you’re an MSP, you know that documentation is both critical and, let’s be honest, often a pain. From onboarding new technologies to keeping client procedures up to date, maintaining clean, accurate and accessible documentation can feel like a full-time job and even then it’s rarely perfect. That’s where Lexful comes in. Founded by Pinar Ormeci, Lexful is a new AI-native platform designed specifically for managed service providers. The goal is to make documentation smarter, faster and more useful, not just for the teams doing the work today, but for future technicians, clients and partners. Think of it as giving your organization a digital brain that learns your processes, organizes your best practices and helps your team actually use the documentation you spent so long building. In today’s conversation, Pinar walks us through what makes Lexful different from traditional IT documentation tools, how the platform’s AI assistant Ask Lex works, and how MSPs can balance the need for actionable insights with security and control over sensitive client data. We also talk about global expansion, including Canada, of course, and what it takes to bring AI-powered documentation to MSPs operating in regulated markets or multiple geographies. Whether you’re curious about AI in the MSP workflow, looking for ways to improve operational efficiency, or just interested in the next wave of tools that may be shaping the channel, this episode’s full of insights from someone who’s building a platform designed for exactly that. Grab your headphones and let’s jump into a conversation with Pinar Ormeci, CEO of Lexful. Robert Dutt: Thanks for taking the time. I appreciate you’re joining us to talk a little bit about what’s going on over at Lexful. Pinar Ormeci: Thank you so much for having me, Robert. Robert Dutt: You’re entering a market that MSPs already know well in terms of documentation tools. What was it that was broken enough about the status quo, the situation, that you felt like, “Oh, it’s time to start from scratch with something brand new.” Pinar Ormeci: Yeah, as you can imagine, everything changed with AI, with the advent of AI and the pace of doing things and how MSPs must react and are reacting to an AI-first world even today, and it’s even accelerating as we continue. So as such, we fundamentally believe that the things that worked yesterday will not work today and definitely not tomorrow, right, for the workforce that contains humans and AI agents. So we are the response to a long-standing pain point that the MSPs have when it comes to documenting what they have, finding answers and context when they need, and also having the ability to update that documentation as needed, right? So MSPs, when they’re operating, they’re going 100 miles an hour across clients, across tabs, across tools, and the last thing they need is wasting time trying to find the right answer, right network diagram, trying to see if that’s actually the latest and greatest. And usually that doesn’t happen. There’s a lot of tribal knowledge that lives in the MSPs because they honestly, at some point, stop trusting the data that they have and things start living in their minds. And that’s the reason why we exist. So yes, we are an IT documentation solution, but we are an AI-native platform that is starting with documentation and our goal is to really help MSPs move into knowledge operations, an AI operating layer, where the knowledge becomes autonomous, the outcomes become autonomous, and really the knowledge becomes a living thing. Robert Dutt: Well, let’s start with where you’re at in that regard. From your perspective and from what you were hearing as you were building up Lexful and planning it out, what’s the real cost of bad, outdated, unfindable documentation inside an MSP’s operation? Both in terms of operational stuff for the organization, but also in terms of ability to grow, margins of the business, the experience that technicians have, those kinds of things that are not peripheral, but not right at the center of operations. Pinar Ormeci: Excellent question. And what we say is that MSP documentation as it stands today is really broken. And ultimately, this is an economic problem. This is not a technical problem in the sense that it costs MSPs real margin. And how does that happen? So today, documents become stale as soon as they are written. Technicians waste hours collectively trying to find the right information, and manual updates really don’t scale. So what this ends up resulting in is missed signals, right? So you don’t act when you should be acting. You don’t find answers as fast as you could. Your technicians get burned out because literally after five, ten minutes of searching and not being able to find what they need, technicians go to other technicians. So everybody’s pinging each other, disrupting. So there’s also a lot of context switching. And this results in errors where you’re trying to solve different clients’ problems. And ultimately and fundamentally, this really results in eroding client trust and churn, right? So we see this documentation problem not as a technical problem, but fundamentally an economic problem that has real impact on the bottom line of the MSPs. And also their top line, because knowledge is also critical, Robert, for AI agents, for workflows. Your AI workflow or your agentic workforce is only as strong as the data that they rely on. So if you have a bunch of unstructured data lying around across different tools and you have no clue how stale or up to date they are, your agents won’t be as useful as they could be. So we are approaching the problem on both sides, both reducing your costs and increasing your margins, but also really preparing you for the agentic workflow and also AI-driven new revenue streams. Robert Dutt: You’ve positioned Lexful as an AI-native platform rather than a traditional documentation tool with AI built in, strapped on, however you want to phrase that. What does that mean in practice for an MSP that’s using Lexful on a day-to-day basis as opposed to using traditional documentation tools or methodologies? Pinar Ormeci: Sure. Legacy documentation tools were built in a different era, right? Before AI existed, they really depended on manual entry, keyword search, and they’re optimized for storage really, not to be an operational workhorse. Not for knowledge operations, where you’re able to put data to work for you 24/7. So our goal with Lexful is to move from this world of scattered docs and tribal knowledge to a unified AI-native platform that delivers the right solution to the right technician, anchored to the right context, to the right client, instantly. So this is how this looks in real life. Let’s say that you’re using a legacy documentation tool and you say, “Hey, I’m going to give Lexful a go. I want to try it.” By the way, you can have a completely free trial where you get to use the full functionality of Lexful in parallel to your existing tool. So there’s no risk. We call it migration without mayhem. So if you don’t like it, no feelings hurt. You can always continue with your existing platform. But this is how it looks. The first thing that we do is we migrate all your existing documentation. That means including your SOPs, onboarding guidelines, runbooks, what have you, your MSP-specific documentation, plus all your client assets and passwords and their documents into the Lexful schema. And while we are doing that, we transform that data into context, relationships, assets. So everything becomes structured so that AI can operate seamlessly and securely, very fast, within the guardrails that we put. So that’s fundamentally different than bolting AI into the scattered docs that are unstructured and expecting much from that AI agent. Before we even migrate the documents, Robert, what we’ve done is we completely context-engineered an LLM model to live in the MSP space. So you have this, let’s say, AI technician now that has access to all your data. And the things that you can do with this are really amazing. So we have AI as UI, as entry point to Lexful. And what that means is you can ask natural query questions in plain English. For example, a technician can easily ask, “Hey, what’s the admin password for this client?” Or they can ask, “Hey, what devices need patching for the clients that are in the Ohio area?” Or “What should I do about it?” Or you can say, “Hey, give me a project plan for me to patch these devices and make sure you’re prioritizing them based on urgency.” Or an L1 tech who you just hired and you’re trying to onboard, instead of pinging the senior technicians all the time, they can literally go to Ask Lex, which is our AI-powered knowledge assistant, and say, “Hey, how does my MSP do onboarding? What’s the best way for me to increase my learning curve immediately? What would you propose?” Because this is an LLM now that has access to all your knowledge and is context-engineered, as I mentioned, in the MSP and all things IT. Robert Dutt: And you mentioned data throughout that. And clearly, for Ask Lex, for the AI infrastructure to have the value that it potentially has, it has to have access to both an MSP’s most valuable data, the best practices, the procedures, the stuff that folks have developed over the however many years the business has been in place, and customer data, network diagrams and passwords, et cetera. How are you balancing getting the most out of that and getting the most value out of Lexful with trust, security, control, all those kinds of things that MSPs and rightly customers are going to be asking about? Pinar Ormeci: Yeah, 100%. And that’s why vibe coding is not going to work for any production-grade solution, but also definitely for MSPs, where you have multi-tenancy, security is of utmost importance. You have all these compliances and regulations and all of that, right? So you have to have a real MSP-grade solution. So in our case, obviously, we are handling really sensitive data, the client’s data, and also passwords, right? As a documentation tool, we have password management as part of that, a rich document creator and asset management. So it’s as sensitive as it gets. What we do is zero-trust security from day one. So Robert, I was the CEO of another MSP-first vendor before I joined Lexful, and what we did was Secure Access Service Edge, which is a SASE solution, right? So I’m so security-first because I’ve seen firsthand all the horrible consequences when security is optional. Security is a must-have. It has to belong in an MSP stack, and MSPs actually shouldn’t even deal with clients if the client says, “Oh, security is optional for me.” So I am very, very security-first. So from day one, what we’ve done at Lexful is we said that we’re going to be SOC 2 Type 2 compliant. So the whole thing that we’re building is built in that framework. We are already in SOC 2 audit, by the way, so hopefully we’ll get the SOC 2 Type 2 compliance. That’s the earliest you can get, by the way, as a young company, by the end of this half. Yeah, so we have a never trust, always verify framework, and we do take it very seriously. Robert Dutt: And similar issue, but from a different point of view, many MSPs, especially those outside the US, care about where data lives or even is in transit, or are required by regulation to care about where data lives or is in transit, whether that’s in-country, region-specific, or even locked down to the level of on-prem. I guess, how are you guys thinking about data residency and deployment flexibility as you scale and as your customer base scales? Pinar Ormeci: Oh, yeah, 100%. So as part of the SOC 2 Type 2, we are GDPR compliant. We are California CCPA compliant. So from a data residency perspective, similarly, we use AWS because we’re a global cloud-native platform. So we have data centers in the US, but also in Europe, in Canada, in Australia. So based on need, we have no problems having data centers locally in the region the MSP resides. Robert Dutt: You touched on this a little bit earlier, but I think for a lot of MSPs who are changing something like a documentation system that’s core to the business, it feels like there’s a risk there. Even if you see potential benefits, there’s also the challenge of leaving familiar systems, even if they aren’t your favorite things in the world. Can you elaborate a little bit on how you guys approach migration and early adoption so that partners can evaluate Lexful and still keep the business running at the same time? You touched on kind of having that parallel migration path. How exactly does that look for an MSP? Pinar Ormeci: Oh, yeah. As an operational tool, you cannot disrupt the MSP operations. That’s fundamental. So that’s why we say migration without mayhem, and it’s actually one of our core features. The other thing is we are very API-first, meaning even the product that we built is built on APIs. Our front end and back end are decoupled. Everything we do is via APIs. We have a RESTful API already out there for the MSPs to utilize. And for the migration as well, we have an API that automates the migration from an existing tool into the Lexful schema. But while we do that, we also have the MSP continue to use their existing tool while we bring that knowledge into Lexful. And then in that two-week trial, the MSP can use both platforms at the same time, really make sure all that data is there. They can validate that everything is to their liking and all of that. And at the end of that trial, if they continue to move with Lexful, then they can let go of their existing tool. So yeah, migration is very important. And like I say, we automate the migration to the extent possible using the API. Of course, migration is not trivial in any tool, let alone a documentation tool, especially if the MSP has so much documentation. So we always suggest, do this after Friday. Your workday is over, or during the weekend. So just don’t do it Monday 9 AM, just in case, because it might take one hour, two hours or whatever. But having said that, hopefully the migration is the easiest part of switching to Lexful. Robert Dutt: You’re working with AWS. I think you’re thinking on sort of a global scale, and why wouldn’t you, since it’s all online, it’s all technology. But as you think about global expansion, and I’m going to be biased here and say Canada in particular since that’s where this audience lives, how are you thinking about global focus? And also, I’m curious, as you’re talking to MSPs, what differences do you see in how MSPs think about and approach documentation, compliance, AI across the various regions that you’re talking to partners in? Pinar Ormeci: I think Canadian MSPs are pretty amazing and very innovation-forward. They’re definitely thinking about AI, their clients. They’re not that different from the North American ones, obviously. So we have very mature MSPs in Canada. And I don’t see massive differences when it comes to Canadian MSPs versus American MSPs, honestly, because the level of maturity in both countries is similar. So from a distribution perspective, we want to go wherever the pain points exist today when it comes to knowledge and documentation. And that is literally everywhere, right, Robert? So we are a global player and we also want to make it easy for the MSPs to get access to Lexful. We are working with Sherweb, we are working with Pax8. So the hope is that we will be part of those marketplaces definitely within this year. So by the way, a lot of our developers are in Vancouver. So we have great ties to Canada. I’m actually flying on Sunday to Vancouver for some internal meetings next week. So from our perspective, everything we do, everything we envision, our vision, we are a global player. We want to be the de facto central intelligence layer the MSPs trust for years to come. Robert Dutt: And along those lines, kind of looking forward, for an MSP who comes on board early days, as you guys are launching, how do you hope their business looks different a year from now after they’ve fully realized what you guys are doing and what you guys will do with Lexful over the course of that year? Pinar Ormeci: Yeah, excellent question. So we are a paradigm shift. I really see us, remember those days, for people who are old enough, like we used to have no internet, man. Like we used to have encyclopedias and the books, and like, my background is in engineering, I’m an electrical engineer. If I didn’t know something, I had to go open a book and like, it was these weird times without the internet. And then suddenly there was the internet, where this collective information and you can search for anything and, you know, then Google and so on. So that’s the paradigm shift that we are trying to bring the MSPs into. Instead of manual keyword-based search, manual updates and so on, now you live in that knowledge. Knowledge is always up to date. You do in-context troubleshooting. The technicians, they can be in co-pilot, they can be in their PSA, they can be in their Teams and they can just ask Lex to get the right answer contextually. The next steps, and then whatever is new discovered in that discussion is automatically detected if there is a gap and then trickled down to the right SOP, right KB. So this is the paradigm shift that we are talking about, so that MSPs can focus on not the mundane, like, “Hey, we need to update this document,” try to incentivize technicians on actually what makes the money, what delights their customers. They can be so much more strategic with their clients because just imagine now all the insights you can bubble up utilizing an AI and LLM that knows all your clients, that knows all the trends, that knows all the compliance needs. It is just a different game. So we’re really trying to bring the MSPs into an AI-first world because otherwise people will get left behind, right? The old ways don’t scale. Robert Dutt: And finally, probably the most important question we’re going to ask today, and that’s good journalistic practice, right, to wait till the very end to ask the most important question. I do have to ask though, is it true that your AI is also your channel chief? And if so, how sure are you that Lex isn’t coming for your job? Pinar Ormeci: Yeah, so I was like, you know, if you’re an AI-native company, we need to have some teammates that are not just human, but humanoid, let’s say. So we have as our channel chief a humanoid robot that has an LLM, has an NVIDIA chip. We have trained him on all the right things. Although at Right of Boom, people told me, “Oh, we thought he was a female,” but so yeah, Lex is amazing. And he is very clumsy though, so I don’t know that he’s coming after our jobs that fast. But yeah, we’re living in some amazing times. It’s just really fascinating as a technical person myself who’s been in the tech industry for 20-plus years. It’s fascinating to be living in these times where everything is moving exponentially. And yeah, so we do have a channel chief that is not a human. And he is with us at all the events that we go to. You can come to our booth and say hello, and then you can converse with him as well, right? Ask him like, “Hey dude, what do you think the MSP’s pain points are? Is Lex doing a good job? Is Pinar a good boss?” So he’ll have an opinion for you. Robert Dutt: All right, so flesh-and-bone channel chiefs have been put on notice. They are in fact on the list of roles that can be replaced. But jokes aside, no matter how good Lex and his AI pals get, what’s kind of the one role in all of this that you think humans will always play no matter where the technology goes? Pinar Ormeci: I think the judgment layer, at least for the, let’s say, near term, right? I honestly don’t know, 20 years… the thing is moving so fast. I keep reading Anthropic’s CEO and it’s just, things are changing a lot. But in the near term, the human judgment is still paramount. Human in the loop is paramount. And with AI, you have to always trust, but verify. So at Lexful, we make it such that we give all the reasoning the AI is doing to reach that conclusion, all the links where it’s going. So we make sure that the hallucinations, if there are any, are minimized and the humans can verify everything. So the human in the loop is ultimately critical and they are the judgment factor. And especially in the MSP channel, relationships are key. One of the things I love about the MSPs and this ecosystem is the community aspect, people helping each other. Then there’s MSPs being like, “Hey, we’re all on the same team” attitude. So I don’t think you can replace that for small, medium businesses. Ultimately, the best we can be is human. We are not AI, we are not robots. Humans, we’ve evolved to be social animals and community is such an important part of the MSP ecosystem. I don’t think that’s going anywhere soon. So we are here, as we say at Lexful, not to replace expertise. We’re just here to expose it to more people so that the technicians can do more important jobs other than just wasting hours documenting or finding the right information. Robert Dutt: I appreciate your taking the time. Good luck on rolling out and evolving Lexful. It will be exciting to see where things go from here. Thank you very much. Pinar Ormeci: Thank you so much. Thanks for having me. There you have it, a look at how AI may change your documentation system and maybe even provide a new business platform for your managed services business in the long run, courtesy of Lexful’s Pinar Ormeci. I’d like to thank Pinar for joining us and thank you for listening. That wraps up this week on the podcast. We’ll be back on Monday with In Case You Missed It, our weekly roundup of channel news and trends that you need to know about. And next week and into the near future, we’ll be taking a look at why modern IT environments are increasingly hard to monitor and have a chat with our frequent guest, Tony Anscombe, about the security forces you need to know about. Between now and then, please do subscribe to or follow the podcast in your podcast app of choice. And if it allows you to do so, please consider leaving a review or rating for the show. Have a great weekend. I’m Robert Dutt for ChannelBuzz.ca and I’ll see you around the channel.

Jack Hirsch, vice president of product at Okta The rise of AI in the workplace is creating a new kind of risk for organizations: shadow AI. Employees can now spin up AI agents that connect directly to emails, files, and business systems—often without IT oversight. These agents can access sensitive data, and without proper controls, they become prime targets for cyberattacks. In this episode of the podcast, we're joined by Jack Hirsch, vice president of product at Okta, to explore what shadow AI is, why it matters for Canadian organizations, and how IT partners can help their customers manage it. Jack discusses Okta's latest tools, which provide real-time visibility into AI agents and their permissions. These capabilities make it easier for security teams to discover unmanaged agents, understand their access, and quickly bring them under identity-based controls. We also touch on regulatory implications, including Canada's proposed Bill C-8, which heightens expectations around cyber risk accountability, access controls, and transparency. As legislation moves forward, organizations will need to prove they understand not just who has access to sensitive systems—but which AI agents do as well. For MSPs and IT resellers, this emerging landscape represents both a challenge and an opportunity. Jack shares insights into how partners can position themselves as trusted advisors for clients navigating AI risk, turning a potentially complex problem into a service opportunity. Tune in to hear why identity management is becoming central to securing the agentic enterprise—and what your customers will need to stay ahead of shadow AI risks. Read Full Transcript Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always, your host for the show. Okta has announced a new set of capabilities designed to help organizations uncover and manage a fast-growing risk: shadow AI. As AI tools become easier to use, employees are increasingly creating their own AI agents, connecting them to emails, files, SaaS apps, and internal systems to get work done faster. The problem is that many of these agents are created without security oversight, governance, or clear ownership. Once they’re connected to sensitive systems, they can quietly gain broad access to data, making them attractive targets for attackers and a potential liability for organizations. Okta’s new solution is designed to address that gap. It gives security teams real-time visibility into AI agents across the enterprise, showing which agents exist, what they can access, and what permissions they’ve been granted. Just as importantly, it allows organizations to quickly bring unmanaged or risky agents under identity controls, treating them more like digital employees than anonymous tools. That visibility matters even more in Canada, where proposed legislation like Bill C-8 is raising expectations around cyber risk accountability, access controls, and transparency. As AI becomes embedded into everyday workflows, organizations will be expected to know not just who has access to what sensitive data, but what machines and agents do as well. To unpack what shadow AI really means, why identity has become central to managing AI risk, and what all this creates in terms of opportunity for Canadian IT partners, I’m joined today by Jack Hirsch, Vice President of Product at Okta. Let’s dive in. Robert Dutt: Jack, thanks for taking the time. I appreciate it. Jack Hirsch: My pleasure. Thank you for having me. Robert Dutt: It feels like this is a topic that a lot of folks in the channel have been through with different flavors in the past. When you say “shadow X,” it certainly brings up memories of transitions past, but just to level set and set the parameters here, can you give me a quick definition on shadow AI? I almost said shadow IT. Can you give me a quick definition on shadow AI, and why it’s becoming both a security and governance issue? Jack Hirsch: Sure. Well, look, it’s no secret now that AI is changing the shape of how work gets done in the modern era. You have these non-deterministic entities running around, and fundamentally, they’re exciting, they’re interesting on their own, but where they really light up in value, where you start to see efficiency and effectiveness gains from your carbon-based workforces, is when you start connecting them to tools. They need resource access to be truly productive. So AI agents need resource access, and that’s when it can start to get scary, and that’s when shadow AI starts to create a ton of risk for modern organizations. We know that the point of authentication is now much stronger with phishing-resistant auth. However, post-auth security is the primary breach vector for the vast majority of cybersecurity incidents now, meaning the session token’s been cut. There’s access out in the ecosystem, and that’s why shadow AI is terrifying. Unfortunately, the options available to the ecosystem to secure AI and to build it quickly have been not good enough, to put it bluntly. This leaves security leaders with this very, very difficult challenge of moving fast and potentially breaking things and giving away the keys to the kingdom to OpenClaw, or whatever it is that you want to do, or potentially stifling innovation. That’s a really, really difficult spot for security leaders to be in. So yeah, shadow AI is everywhere. The challenges are greater. The stakes have never been higher. Robert Dutt: Yeah, so that’s sort of the problem space. So when employees spin up AI agents and connect them to emails, to files, to internal data, to systems, whatever it may be, I presume most of the problems emerge from unintended consequences, as is so often the case in technology. But what are some of the common ways that sensitive data ends up exposed without anyone really necessarily realizing it, or is that the nature of the problem? Jack Hirsch: Well, look, I think there’s sort of the naive answer, and not to say that it’s easy or trivial. I don’t want to trivialize this, but the naive answer is, “Oh, prompt injection, data leakage, data poisoning. Oh yeah, who knows what the LLM will spit out?” But the actual scarier risk is around inadvertent access and the standing credentials that need to be given to AI agents for them to be productive. If Rob, you and I work at Acme Corp, and we’re working on a project together and we want to spin up an AI agent, whose permissions do we give it? Most of the time now, a security leader is not going to be able to jump in front of every single moving train and slow them. They’ll just say, “Oh yeah, give it a set of static credentials. Give it an API key, but don’t give it Rob’s access. Don’t give it Jack’s access. Give it super user access, and we’ll trust it to do the right thing.” And so you’re giving this untrained, very influenceable, non-deterministic entity the keys to the kingdom. And that’s really the primary risk vector here. And so it’s all an identity and access management problem. Fundamentally, these are identities that need to be discovered. They need to be controlled. They need to be governed. And their access needs to be managed in the same way that their carbon-based peers, us as humans, need to be governed as well. Robert Dutt: So with that framing, it sounds like maybe identity is more important than traditional network or endpoint controls in terms of security in this world, where there are all these agents running around and doing whatever it is, hopefully, we want them to do and potentially what we don’t want them to do. Jack Hirsch: I think this is where the traditional model of endpoint or network or identity-based detection and response falls flat. You can’t keep up with the incredible volume of AI agent activity out in the ecosystem to detect it all. Every single, even approved platforms are now starting to put AI sprinkles throughout their products. And so it’s sort of fighting an uphill battle there. And so the reason this is truly an identity-centric problem is because, again, all those agents need access to resources inside of organizations. And the way that AI grew, and we saw this with how OpenAI and Anthropic and even Google with Gemini, their sort of growth paths were primarily consumer driven. And in a consumer world, it’s really easy. I’m spinning up, I’m literally sitting next to a machine that has a Claude bot spun up in a fully isolated environment, but I’m an individual user in that scenario. And so if I want to give it access, I can just OAuth myself. It’s super easy. And so the authorization mechanism wasn’t really thought about in an enterprise context. And then when you get into an enterprise context, you have individuals that want to do exactly the same thing and access corporate resources. So it really is a new type of identity. We can talk about some of the differences between human and AI agent, but it’s fundamentally an identity and access management problem. These are digital identities, non-human identities that need access to resources within an organization. And you actually see this being recognized by broader standards bodies. So for example, Cross App Access was something that we’ve been working on. It’s a new standard, it’s an extension of the OAuth protocol. And it’s something that we’ve been working on for years, two, three years now at this point. And we reintroduced it to the ecosystem this past summer, summer of 2025. And we introduced it first to ISVs and the people that were sort of around the Okta ecosystem had heard about it before. But then the rest of the ecosystem, the adoption was wild because MCP had become a thing and people were trying to deploy MCP servers and AI agents into their enterprises. And no one, not at the time Anthropic or OpenAI or any of the big model providers, had taken on the challenge of enterprise authorization for AI agents. And so this standard that had been sort of latent and sitting somewhere in an IETF draft for a while got picked up and started gaining a ton of steam. And just in November, right before Anthropic split off MCP and gave it away to the open ecosystem, it got merged into the MCP repo as the new default enterprise authorization mechanism for MCP. And so this isn’t something that’s Okta owned, it’s just a standard that we developed because we are independent. And as such, we are the sort of standard-bearer for the open security ecosystem. We believe that we need to be the rising tide that lifts all ships. And that’s why we develop open standards like Cross App Access. So now, really excited, we’ve taken our own engineers and pushed this authorization code out into the open ecosystem so that many applications start picking up this capability, this new OAuth extension. Robert Dutt: So at a high level, when you talk about the products that you guys are bringing to market, the solutions to address this, at a high level, what kind of new visibility or new insights are you giving organizations that are using these tools that they simply didn’t have before when it comes to discovering AI agents, the privileges they have, and what they’re up to? Jack Hirsch: Yeah. So, I mean, maybe if I can even blow it up further and say, let’s talk about maybe three steps: discovery, then control, and governance. So on the discovery side, there are many ways to discover, let’s date ourselves, shadow IT. There are many ways to discover, right? You can have a browser extension, you can have some sort of endpoint monitoring, you can have network monitoring. You can also check the resources themselves for access. And so we took a, initially, we’re taking a multi-pronged approach to doing the discovery, but we’re doing what we do best, which is integrating into over 8,000 ISVs and checking for resource access. And so who’s accessing these resources? Are they carbon-based? Are they digital-based? And so the first phase of discovery with our ISPM product is being able to see who’s accessing these resources and why. And so that extended very, very nicely to AI agents. And it doesn’t really matter where the AI agents exist, right? It doesn’t matter if they’re part of a larger platform with something like Salesforce and Agentforce, or whether they’re homegrown, built off in some skunkworks team off to the side. Ultimately, when they get access to the resource, we see it. And then you get into the control plane. So that’s just the discovery. Within the control plane, we want to meet our customers where they are. And we know that the vast majority of these things are going to be granted access via static credentials, just the god-mode tokens. And for those, we can harden them. We can effectively bring them under management. We can bring those credentials under management. We can observe them. We can rotate them. We can observe for anomalous behavior, et cetera. And so that’s like what you would consider a traditional PAM use case or maybe a modern IGA use case. But then also with control, we give Cross App Access, which is a new mechanism that extends the amazing innovation that was OAuth and OAuth scopes, basically extending that to say, instead of checking with the end user for access to this resource, we can set policy. Now the IDP can set policy to control access to those resources. And then to close the loop, there’s governance. And so standard governance flow, and actually I don’t even want to say standard governance flow because governance historically has this GRC compliance lens, but it’s very much a security-forward technology here. When you get to the state where you need to govern these identities and their access, we can run access certs in the exact same way based on whether or not they’re human or non-human. And so every one of those agentic identities gets pulled into Okta’s Universal Directory. All of their access is controlled. All of it is governed. We still gather the same risk signal and risk pattern behavior from the Identity Threat Protection product. And that’s, I wish I could say that 10 years ago, we knew we were building an identity security fabric, this new category of product that’s going to cover every identity use case, every resource type, and every user type. However, that was the strategy, not knowing that AI agents were going to be born in the 2020s. And it just makes it so that we are really well positioned to capitalize on this opportunity. And it gives us a very novel approach to how we secure AI in a way that, it’s because we have this unified identity security fabric. A basket of tools that don’t talk to each other, if you have a disparate IAM and IGA and PAM set of tools, in theory, you could stitch it all together, but you end up with higher costs and worse security outcomes. And so we actually took a much harder approach to market. And this is many years ago. Again, this predates the rise of AI agents, but we decided that we were not going to take an acquisitive strategy where we just bolt on a bunch of things and call them a “platform” in air quotes. And your order form would look like a drugstore receipt. And so you’re not buying a list of products that happen to be on the same order form because we want to satisfy a CFO. We’re taking an approach that we want to drive end-to-end identity security outcomes for CISOs and IT leaders. So we’re doing the hard work deeply integrating these products across the fabric so that we can truly secure every identity, every use case, and every resource type. Robert Dutt: Close to home here in Canada, we have a proposed Bill C-8 on the table. It’s raising expectations around visibility, around access control, accountability, risk, all of these things. I know there are similar ideas out there in terms of government around the world. How does legislation along these lines change the conversation for IT leaders, especially around the topic of shadow AI? Jack Hirsch: So look, I am such a fan of this type of regulation because it pushes… When we enter highly regulated markets, regardless of where they are, and we can talk about C-8, I think it really does align with our identity security fabric narrative and what we’re angling for. But fundamentally, what we’re talking about is trust. If I’m not mistaken, C-8 talks about resilience and reliability. Okta has industry leading availability and resilience. We proudly espouse our four nines of availability, but in reality, it’s much higher. And we target much higher. With the launch of our cell in Canada, and we can talk about the nature of that launch, but with the launch of our cell in Canada, we not only get multi-region disaster recovery, but we get Enhanced Disaster Recovery, which is a product that I really wanted to call Instant DR, because it’s a DNS flip, but the lawyers didn’t like that. So it’s Enhanced Disaster Recovery. And so when you’re talking about resilience and reliability and running critical infrastructure, fundamentally, identity is critical infrastructure. We support governments, financial services, militaries, supply chain logistics with organizations like FedEx, healthcare. And so maybe bringing it back to C-8, data residency, check, highly invested, especially with de-globalization pressures around the world. Supply chain governance, super, super important for us to maintain our independent posture here and to say, look, it doesn’t matter whether you’re buying from a monolithic platform or an independent provider of identity security. We are invested in making sure that your entire enterprise is secure. And so just the same way FedRAMP was a standard-bearer and STIGs in the US were standard-bearers, or IRAP was pushing us in the right direction in Australia, or ISMAP in Japan, I think C-8 is a very, very welcome change. I think it highlights the need for robust identity security and it should put identity at the foundation of every security leader’s agenda this year. Robert Dutt: Well, these pieces of legislation are still in the process and we can look forward. This is likely to see the light of day in some shape or another, but there’s still that sort of sense of maybe we should wait and see. I guess what I’m getting at is what’s the danger or the risk involved in waiting until regulations are finalized, on the books and in place, before starting to take action? Jack Hirsch: So let’s just say at a personal level, I am not into promoting scare tactics. I know that it is very common in the security space for colors to be red. Our colors are blue. That’s not our vibe at Okta. And so look, every organization has their own risk barometer. What I can say is the vast majority of breaches stem from some form of attack on identity. The vast majority of breaches, the implications of having a data breach, oftentimes they go, I think the average time to detection for a data breach is somewhere just shy of 300 days. And so you’re talking about millions of dollars in damages, huge reputational hit. And there are scenarios, and I will not point to any recent security incidents that might have impacted large swaths of the industry, but not Okta. But I’ll just say the reason is because we believe strongly that having a lower risk profile should be easier, should be more elegant. People come to Okta not because of the, “Oh, you get it all done by the CLI.” Yeah, you can, but it’s elegant. It’s intuitive. It’s easier to use. It de-complexifies the world of identity security. I’m sitting in front of my notepad here to take notes, and one of our product principles is productizing best practices. And so we want to make it easier for organizations to reduce their risk profile and make the end user experience elegant and memorable when it needs to be, and disappear into the background when it shouldn’t be memorable. And so with that, look, I would advise everyone go down the rabbit hole. Just look at recent breaches. Look at how widely pervasive these breaches are. Look how easy it is to go after a phish, to buy a phishing kit on the dark web, and see the types of organizations that get hit by these and it’s everyone. And so whether you’re waiting for legislation to be imposed to drive the standards or you are just looking to have an appropriate barometer of risk for your organization, you shouldn’t have to choose between ease of use and cost and lower risk and greater security. And so I would just say everyone’s going to be on their own journey. I’m not a salesperson. I’m on the product team. But I fundamentally think that identity is one of the pillars of Zero Trust. I believe that it should be. It’s foundational. It is the foundation. If I had nothing else to do, if I were starting my own company today and I wanted to build a security practice for my company to manage our organizational risk, it would start with identity, 110%. Robert Dutt: We’ve taken sort of a general market-wide view of the technology problem and now of the regulatory side of things. This is a podcast for IT solution providers. So sort of going with that “if I were starting a business today” line that you just started there, for MSPs and resellers, where do you see the biggest opportunity to help customers get ahead of shadow AI, both in terms of reducing customer risk and in terms of new services, new types of services that they can bring to market? Jack Hirsch: I’ll take it in two parts. One is just you can’t control what you don’t see. And so for VARs and MSPs and sort of operators in the technology ecosystem, I would say look at Okta’s ISPM product. It is amazing what you learn by wiring it. And it’s not just for Okta as an IDP. It’ll wire into any IDP. It will wire into multiple IDPs. It’ll wire into over 300 SCIM-based apps because it’s wired into the Okta Integration Network, and there’s a large set of SCIM apps that work natively with ISPM. And just see what you can find. I optimized my life, my product world for hugs and high fives. And I’ll never forget, I’m sure this person knows exactly who they are. It was a security leader in Australia, ran out of their office after trying ISPM during a merger and they used it to reduce risk during the merger as they were establishing a trust relationship between their organizations. And it basically made this person look like a superstar in front of their C-suite and board because it was like the entire risk burndown chart for their entire M&A transaction to establish the technical risk barometer. So I would just say ISPM is an incredible starting point. A+, highly recommend. You can’t control what you can’t see. And then I think on the second part, of course ISPM will discover AI as well. And then the second part is just, I wouldn’t lose sight of the experience. And so making sure that you’re creating an elegant experience by your choice of products, not only for the admins that you might work directly with or the leadership that might be engaging with you, but also for the end users. And knowing when tools should be elegant, easy to use, easy to configure, and when they should just sort of fade into the background. That’s ultimately what we work on at Okta. It’s our strong conviction from a product standpoint, that it needs to be an absolutely elegant, unmatched user experience for partners, for admins, for end users, and for customers. Robert Dutt: I think we’ve gone over a lot of the territory that I wanted to go over, but just to kind of bring things home, looking ahead over the balance of 2026 or into the first half of next year, what do you think are going to be the biggest mistakes that organizations might make when it comes to agents and identity? And what can solution providers be doing now to make sure their customers don’t make those mistakes? Jack Hirsch: This is an easy one. I think there’s sort of two categories of mistakes. One is getting worried because everything is moving so fast, getting that sort of analysis paralysis to say, “I’m going to see where it shakes out. How important is this AI thing?” Or even if you’re an AI bull, waiting to see who the winners and losers are before you establish any sort of program around it. That’s, I think, one big category of things not to do. I would say, go after it immediately. The capabilities you need are already out there. They might be newer. They might feel a little bit less familiar. But again, ultimately, these are identities that need access to your corporate resources. So I think that is one big category. The other big category is, I would not look at point solutions for this. Anyone that is saying, “We’re going to secure your AI.” That’s great. But what is an AI? It’s an identity. It can be a resource in some scenarios, right? With agent-to-agent, agents acting as resources, but ultimately they’re just identities. That’s for the identity nerds. Sorry. Just as a caveat for the identity nerds out there like myself. But fundamentally, you need a unified platform that gives you that unified view of core access management, core governance, core privileged access, brings all of those identities, whether it be human or non-human, into a single directory and can discover them, can control them, can govern them. And it shouldn’t matter whether they were built by your users, by third parties, by partners, by your supply chain contractors. That unified identity security fabric will deliver comprehensive security and it should be deeply orchestrated into any technology stack. And those products already exist, and it just so happens that Okta is building a reference implementation. Robert Dutt: Works out well for you then, doesn’t it? Jack Hirsch: It does. Robert Dutt: I appreciate your taking the time, Jack. It’s been an interesting conversation and it’s a fascinating and ever-evolving area. Jack Hirsch: Thank you very much. All right. Thanks, Rob. And thanks everyone. Appreciate the time. There you have it, a look at shadow AI through an identity lens with Jack Hirsch from Okta. I’d like to thank Jack for joining us for the show and thank you for listening today. The podcast will be back in your feed tomorrow as we take a look at the launch of Lexful, an AI-first documentation tool for MSPs that boasts, if you can believe it, a robotic channel chief. We’ll find out all about that tomorrow. You’ll want to be sure to catch that, so please subscribe to or follow the podcast in your podcast app of choice. And if it allows you to do so, please consider leaving a rating or review of the show. Until tomorrow, I’m Robert Dutt for ChannelBuzz.ca and I’ll see you in the channel.

Mark Sweeney, senior vice president of mid‑market growth and global commercial strategy at Citrix As of this week, MSPs and resellers working with Citrix may notice their partner relationship looks a little different. On March 1, Citrix officially expanded its long-standing partnership with Arrow Electronics, shifting more of the day-to-day management of its Service Provider partners in North America and Europe to the distributor. The move builds on an existing relationship between the two companies, but goes further — touching partner engagement, transactions, and how partners interact with the Citrix ecosystem overall. For MSPs and resellers, especially in Canada, changes like this tend to raise practical questions. What's actually changing in the partner experience? Why make this move now? What responsibilities remain with Citrix, and which ones move to Arrow? And what does this mean for quoting, renewals, incentives, and support escalation? In this episode of the podcast, we're joined by Mark Sweeney to help unpack the announcement. We talk through what Citrix had already handed over to Arrow, what's new as of March 1, and how the company sees this shift fitting into its broader channel strategy. The conversation also takes a Canada-specific lens, exploring what this transition means for Canadian MSPs and resellers, and what partners should be thinking about as the new model settles in. We wrap with a look ahead at what comes next — and how partners can position themselves to get the most value from the change. Read Full Transcript Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always, your host for the show. If you’re an MSP or a reseller working with Citrix, as of this week, your relationship with the vendor may look a little different. Earlier this year, Citrix announced it’s expanding its partnership with distributor Arrow Electronics, handing over more of the day-to-day management of its service provider partners in North America and Europe. That change officially took place March 1st. Citrix and Arrow have already been working together for some time, but this move goes further, affecting things like partner engagement, transactions, incentives, and how partners interact with the Citrix ecosystem overall. For MSPs and resellers here in Canada, it naturally raises questions. What’s actually changing? Why now? What stays with Citrix? What shifts to Arrow? And most importantly, what does it all mean to your day-to-day business? To help unpack all of that, I’m joined by Mark Sweeney from Citrix. Mark’s been deeply involved in the company’s channel strategy and is here to walk us through not just what is changing, but why Citrix believes it’s the right move and how partners can get the most out of the transition. So let’s dive right in. Robert Dutt: Mark, thanks for taking the time. I appreciate it. Mark Sweeney: No, thanks for having me, Robert. Robert Dutt: I guess let’s start with a little bit of context first. You guys have been working with Arrow Electronics for a long time as a distribution partner and more recently, over the past little while, have handed over a little bit more responsibility and management to Arrow. I guess to level set it, can you walk me through before this March 1 announcement, what part of the relationships had already been managed by Arrow and what parts did Citrix still manage or handle directly? Mark Sweeney: Sure. Thanks for that. You’re right. Over the past numerous years, we’ve had a long and outstanding relationship with our friends at Arrow and it historically was a distribution-related arrangement that we had with them. Over the past two years, I would say that that relationship has started to change and evolve into where we see it today. Specifically, I would say it was probably about 18 months ago where we started to extend more of our business over to Arrow. That specific piece was around our CSP business. That was below a certain threshold. The threshold being about 2,000 users. Any of our CSP, MSP partners that were providing services to end users, we actually shifted those over to Arrow about 18 months ago to start supporting that business. The initial approach that we saw was very healthy and very good. One of the things that we wanted to do was actually extend that a little bit further. We looked at some of our mid-market customers and any of our mid-market customers that we didn’t manage with our enterprise team. We started to have Arrow actually manage them from a go-to-market perspective as well. The first idea there was to start to remove friction between the CSP business that was managing the same type of customers that were existing in our mid-market space. That happened probably about 12 months ago. During that period of time, our enterprise team continued to manage enterprise customers and larger MSPs that were above that 2,000 user threshold. If you thought about it and you just drew a line into our business, anyone that was below that 2,000 threshold was probably being managed by Arrow and anyone above was being managed by our enterprise team. Robert Dutt: We look forward to March 1 as that goes live, as that has gone live. What actually changes for a Citrix service provider or MSP partner of yours with this further transition to Arrow? Mark Sweeney: If there were MSP partners that were being managed by named account executives as part of Citrix, those MSP customers are also being moved over to Arrow as of March 1. Now, we’ve already communicated that to them. If not all of the MSPs should have received communication from us and from Arrow on this. I’ve also posted myself on LinkedIn about this. Anyone who was an MSP before, they are now also going to be managed by Arrow. Robert Dutt: Why make the move now? Was this something that partners were asking for? Is it sort of about where you’re at and where you want to take the channel? Mark Sweeney: I like to say, “Why not now?” The reason why I say that is because we saw some very good success with Arrow in our mid-market space and then also in our MSP business. What we also saw was a little bit of friction, as I mentioned earlier, in the smaller CSPs but then also in the mid-market space because we’re selling into the same market. What we wanted to do was we wanted to remove that friction entirely so that all MSPs now could be worked and can be functioning as a single entity that’s being managed by Arrow. What that allows us to do is really begin to focus on our innovation of our technology but then also allow us to give further support to our product development teams or product engineering teams, all of our support teams. I think for us, it wasn’t necessarily that it had to be done on March 1st, but I think it was just more of a natural time for us to do it as it was occurring 12 months after the mid-market space, 18 months after the initial CSP space. That’s why I think now is probably the best time. Robert Dutt: Continue to pull on that thread that you just introduced there. As this transition is complete, in terms of the partner business, where does Citrix stay very hands-on and where does Arrow kind of fully take the wheel? Mark Sweeney: I would say that Arrow is fully taking the wheel on all the business that is mid-market business. Anything where our enterprise account executives aren’t managing the team, they’re going to be there. Any of our service providers, any of our managed service providers, Arrow is taking the full reins too. But we still have a channel team and our channel team is still going to be managed by Kerry Saunders in the US from an enterprise perspective. For the enterprise CSA channel partners out there, they’re still going to be managed. We’re still going to be building this team. We’re still going to be managing that team. I’m working very closely with Kerry and her team. My counterparts on Arrow are actually working very closely with Kerry and her team as well. I’ll also say that I’m fully supporting the Arrow business right now and I have a team that’s supporting the Arrow business as well. We have Citrix representation that is going to be supporting all of our partners across the business. Robert Dutt: Most of our listeners are Canadian MSPs and resellers, folks who’ve been working with you or with Arrow historically. But as this transition happens, what can they expect to feel different in Canada compared to the rest of North America, if anything? Mark Sweeney: This business, what we’re doing is not just happening in North America as well. This is also happening in Europe. I’m based out of London, England, as I’m sure you hear the accent, originally American. I’ve actually spent a couple of years in Canada and in the Mississauga-Etobicoke area when we had our office there. I have had the opportunity to meet a number of your partners and your customers in the region. I don’t think anything is going to change based on geography. Anything that we’re going to see in the US is likely what we’re going to see in Canada. Similar things that we’re going to see in Europe. I would say immediate changes, there really aren’t going to be any. I think a lot of the business that we’ve already worked on with the channel partners in Canada as well as the other regions is going to be an extension. Any of the contracts that you have in place with us, those are being assigned out to the Arrow team. You’re not going to see anything change there. I did have the opportunity to spend a few days with Arrow and their leadership last week in Spain talking about strategies. One thing that it’s not a change, but I would think of it more as an opportunity. There are a lot of technologies that Arrow is exploring outside of Citrix. If I were to give one recommendation to the Canadian team, it is to work with your Arrow counterparts to see what other technologies that they have inside of their portfolio that could potentially play into what you’re doing as an MSP or in the mid-market. Given what they’re doing, there are some areas of synergy in terms of being able to potentially expand the portfolio that some of the managed service providers are actually providing to their customers. Robert Dutt: Along those same lines, what can partners do to make sure this is as smooth a transition as possible for them, to make things as simple as possible? What are you doing to make sure this is as simple a process as possible? This hopefully simplifies things for partners. I don’t think any channel chief ever sets out to make things more complex. Mark Sweeney: Two answers to that. I think the first is what I’m doing. In North America, I’m establishing a team that’s going to be dedicated to supporting the MSP business and our MSP partners, and then also a team that’s going to be supporting our mid-market team too. The reason why I’ve kept them separate is specifically what you just said, to provide this as seamless as possible so that we have subject matter experts on the MSP business and then subject matter experts on the mid-market business. I think that’s probably the first thing. Keep in mind that these are overlays from a Citrix standpoint, so there are going to be direct counterparts for Arrow that will be able to work with your partners in Canada. I think the first thing that I would recommend to any of the MSPs in Canada is to identify who your account executive is going to be from an Arrow standpoint and reach out to that person as quickly as you can. Don’t wait for a renewal to happen. Don’t wait for an expansion need to happen. Really understand what your business looks like today. Understand if you have customers, if you are looking to expand what that looks like, reach out to your account team. In the FAQ that should be shared, you should be able to find it. In North America, there’s a gentleman by the name of John Heller who is available for you to reach. He’s based in the US. Then you’ve also got myself, Mark Sweeney, that you could reach out to if you’re having any challenges identifying who your account executive is. I would say, again, two things just to summarize. I’m building a team to help support. Then from your perspective, just go ahead and reach out to your account executive as quickly as you can. Robert Dutt: Any time a vendor shifts responsibilities like this, I think there’s a natural tendency for partners to worry about support and escalation, those sorts of things, about being a step further away from the vendor in abstraction and potentially worst case scenario becoming that proverbial pop fly that drops harmlessly between two fielders who both presume the other guy’s got the ball. What are you guys doing to make sure that that doesn’t happen? What safeguards are in place? You discussed a little bit having that overlap already, but what else are you doing to make sure partners’ fears around that may be assuaged if they’re out there? Mark Sweeney: Sure. To play on your reference a little bit, because I don’t get to talk about baseball too often and it’s always cricket related, I will say that it’s important for us to call the ball. If I’m in center field and the ball’s coming my way and I’ve got my left fielder over there, I want to make sure I know who has what. I think the first thing we’re doing is creating rules of engagement between our two partners so we understand who’s doing what. From a support perspective, that support is still being handled by Citrix. Anything that’s tier one related or tier two related, you’re still calling or you’re still working into the Citrix support teams. You still have contact information from Citrix support people that you can work with, but from a go-to-market perspective, that’s where you’re going to be working with the Arrow team. I think we’ve drawn very clear lines in terms of who’s doing what. We have our support team that’s being managed, the support still being managed by Citrix. All the go-to-market functions are going to be managed by Arrow. So I think that’s the first thing to keep in mind. The second thing is to think holistically, why are we even doing this? We’re doing this because we want to dedicate more resource to our innovation. We want to dedicate more resource to our supportability of our products. We want to dedicate more of our resource just to the overall adoption and consumption of everything that we’re trying to do from a technology perspective. I understand that and I’ve heard that before and I’ve had conversations with partners and customers on this, but I think when you actually dive into it to say, “Why are we doing it?” I think the answer to that “why” is what should actually make you feel better. The reason why is because we’re trying to invest more in innovation and support engineering and product development and product management. We’re actually seeing quick execution and quick successes from a lot of that as we continue to expand on our technology and our platform and our portfolio. Then again, on the support perspective, we’re still managing that and then the go-to-market functions are going to be managed by Arrow. Robert Dutt: Zooming out a bit from that, how does this Arrow partnership and this new structure fit into the overall picture of where you guys want to take your channel community over the next year or two? Mark Sweeney: I think our channel community is incredibly important to us as a whole. When we look at who our channel partners are, the ones that have been working with us for the past dozen years, they know who we are as an organization. They know what we’ve been doing from a technology perspective. If you look at where we are building our channel program right now, more on Kerry Saunders’ team, a lot of it right now is identifying the partners that are providing value-added services into our product community and into our customer community. I think where I start to think about what’s going to happen in the future is a lot of this is like, what more can we be providing to our customers and how can we do that with our channel? This allows us to help enable our channel even further, start to enable our channel around some of the concepts that we’re thinking specifically around persona-based selling, persona-based consumption. One of the things that we’re working with our consulting teams and our technical teams right now is around the concepts that we really want our customers to think about us as a company that secures the work. The way we do that is by looking at various personas across our customer base. We want our channel partners to really understand that concept and work with customers to identify them as a persona that is focused on the modern worker, somebody who’s using SaaS-based applications on a regular basis, personas that are task-based workers, think about call centers, things like that, knowledge-based workers, maybe somebody that needs more access to more specialized applications. Then you may have power users. I think working with our channel to build that out, build that strategy out so that we could go more wall-to-wall with customers is where I see our business going towards in the next few years. Robert Dutt: Before we wrap up, I’m sure you’ve been talking to a lot of partners about this change as you formulated it and since it was announced and out there, and channel partners are not a notoriously shy bunch in terms of sharing opinions. I’m curious if you had one misconception that you’ve heard from partners or otherwise in the market about this announcement that you’d like to clear up. Mark Sweeney: I haven’t heard a misconception yet. I think that’s a good thing. I did have some conversations with a few of the partners already. For the most part, and I’ll say for the whole part, it’s actually been very positive. I think the piece about removing the friction is one of the critical pieces. I think our channel partners and our managed service providers are very excited about the fact that we’ve removed that friction and we’re allowing that ability to really sell into all of the spaces out there. I’ll double back on one of the points that you raised and it’s that point of what’s going to happen. Is there going to be any miss or any like missing the fly ball? I think that’s not a misconception I’ve heard yet. That’s a misconception I heard last year. That’s probably still out there a little bit. I mean, you’ve asked the question and I think where I want your partners in Canada to think about is we have done this for a specific reason and that specific reason is because we saw significant growth in the relationship in the business over the past 18 months. We saw that also give us the ability to really focus on our innovation and our technology and our support and product management capabilities. The reason why we’re extending it is because we’ve seen success early on and we want to continue that success and we want to build on that momentum. I would say that’s probably, even though I haven’t heard something yet, that would be the reason why I think it could be out there. Robert Dutt: Mark, I appreciate your taking the time. Good luck on this transition and look forward to seeing how the relationship evolves. Mark Sweeney: That’s great. Thanks very much for your time, Robert. Thank you to the folks listening to me in Canada. There you have it, a look at the expanding Citrix-Arrow relationship, courtesy of Citrix’s Mark Sweeney. I’d like to thank Mark for joining us for the show and thank you for listening today. The podcast will be back in your feed tomorrow as we tackle shadow AI from an identity point of view and Thursday as we take a look at the launch of Lexful, an AI-first documentation tool that boasts, if you can believe it, a robotic channel chief. You’ll want to catch both of those, so please subscribe to the show or follow it in your podcast app of choice and if it allows you to do so, please consider leaving a rating or review of the show. Until tomorrow, I’m Robert for ChannelBuzz.ca and I’ll see you in the channel.

Today is Monday, March 2, 2026. Welcome to In Case You Missed It, our weekly five-minute rundown of important channel news stories that might have flown under the radar last week. In this edition: Component shortages start hitting the channel: Rising memory and storage costs are prompting vendors to revisit pricing and deal protections, highlighted by a letter from Cisco to partners and reinforced by warnings from other vendors, distributors, and suppliers as availability tightens across servers, storage, and PCs. Pure Storage rebrands as Everpure: Pure Storage has rebranded to Everpure, signaling a shift toward AI-ready data management and rolling out partner program changes aimed at supporting subscription services and platform-led growth. WatchGuard targets MSPs with enterprise-grade security: WatchGuard says new platform enhancements allow MSPs to deliver enterprise-level security outcomes — including zero trust, MDR, and unified management — without enterprise-level complexity. AWS threat research highlights AI-driven attacks: New findings from Amazon Web Services show attackers using AI-assisted techniques to accelerate exploitation of perimeter devices, including firewalls, underscoring how rapidly the threat landscape is evolving. Read Full Transcript Hello and welcome to In Case You Missed It from ChannelBuzz.ca, your Monday morning recap where we catch you up on some of the channel news and trend headlines you may have missed in the last week. I’m Robert Dutt, editor of ChannelBuzz.ca. Today is Monday, March 2, 2026. Let’s get your week started right. This week, the IT channel is being forced to confront an uncomfortable reality. Global components shortages and memory price spikes are fundamentally reshaping how hardware deals are negotiated and fulfilled, and vendors are already updating partner policies as they try to cope. At the center of the storm is a note from Cisco Systems to partners, which was obtained by CRN, in which Cisco says it’ll adjust partner contract terms in response to rapidly rising memory costs and supply volatility. The company now reserves the right to cancel compute orders up to 45 days prior to shipment and to adjust pricing between order and shipment date if component costs, tariffs, or other external factors shift dramatically. That’s a significant departure from the traditional price protection norms. And this isn’t isolated. Executives from major distributors told CRN that memory and storage shortages, particularly DRAM and SSDs, are pushing prices up and tightening supplies across servers, storage, and PC portfolios. Memory prices are reported to have doubled year over year in early 2026, and are expected to continue rising, leading many distributors to shorten their own validities and revisit backlog pricing with vendors. Vendors themselves are directly advising partners of pricing shifts too. Lenovo has warned partners that select PC and server products will see price hikes in March unless orders are placed and shipped promptly, reflecting those costs. And hardware availability is also tightening in real terms. For example, Western Digital says its entire 2026 hard drive production capacity is already spoken for, with most allocations locked up in long-term agreements with hyperscale cloud and AI customers, a trend that could push prices higher and leave less inventory for channel projects. As memory, storage, and other components become harder to source and pricier to procure, partners may face shortened quote windows, less pricing certainty, and project timing risk, compelling MSPs and VARs to rethink their own quoting strategies, accelerate their sales cycles, and build supply chain agility into their roadmaps. Good luck out there. Also worth noting, Everpure, the company formerly known as Pure Storage, has completed a major strategic evolution, rebranding itself to signal a transition from traditional storage vendor to a broader AI-ready data management platform and announcing changes that partners should really pay attention to. The name change, which takes effect on the New York Stock Exchange March 5, reflects the company’s push into enterprise data orchestration and intelligence beyond simply shipping storage hardware and arrays. Central to this transformation is Everpure’s planned acquisition of data intelligence firm 1touch, a move designed to bring automated data discovery, classification, and semantic enrichment capabilities into its portfolio. This expands the enterprise data cloud vision, equipping enterprises to make data inherently AI-ready and more valuable across hybrid environments. Alongside that rebrand, Everpure has updated its partner engagement model with a new tiering structure that gives MSPs, resellers, and distributors clearer pathways to profitability and growth, reflecting the broader mission of the company going forward. Recent results show that the demand for data management and subscription services are driving double-digit growth, the company says, underscoring why partners should lean into Everpure’s evolving platform play. For channel pros, the message is that Everpure sees partners as critical to selling data-centric solutions in the AI era and is aligning its incentives and program structure accordingly. Up next, WatchGuard is positioning its latest platform updates as a way for MSPs to deliver what it calls enterprise-grade security to small and mid-sized customers, without the complexity typically associated with large enterprise tools. The company says the enhancements are focused on unifying endpoint, network, identity, and MDR capabilities into a single manageable platform designed for service providers. Key to the message is simplification. WatchGuard is emphasizing centralized management, automated threat response, and bundled security services that allow MSPs to deploy advanced protection like zero-trust network access, AI-driven threat detection, and 24/7 monitoring at scale and under predictable pricing models. For MSPs, the pitch is that this closes a long-standing gap, giving smaller customers access to security capabilities that more rival enterprise deployments, while still fitting MSP operational and margin requirements. WatchGuard argues that as threats become more sophisticated, the ability to offer enterprise-grade outcomes without enterprise-grade overhead is becoming a baseline expectation rather than a premium add-on. And speaking of more sophisticated threats to bring this week’s roundup home, new threat research from Amazon Web Services adding to the evidence that AI is actively changing how attacks are carried out, not just how they’re defended against. AWS researchers report seeing threat actors use AI-assisted techniques to more quickly identify and exploit vulnerabilities in perimeter devices, including Fortinet FortiGate firewalls, reducing the time between disclosure and real-world exploitation. The finding reinforces a growing concern for solution providers. Attackers are using AI to scale reconnaissance, speed up exploit development, and adapt attacks faster than traditional defenses expect. For MSPs and VARs, the implication is clear. Staying ahead now requires faster patching cycles, continuous monitoring, and security platforms that assume AI-accelerated threats are the norm and not an edge case. Those are some of the things we were paying attention to last week. This week on the podcast, expect to hear how Citrix is thinking of partners as it hands off more of its channel management to Arrow Electronics, a look at the role of identity in taming shadow AI, and how startup Lexful is aiming to redefine how MSPs think about documentation. I’m Robert Dutt for ChannelBuzz.ca. Have a great week!

Mike DePalma, vice president of business development for cybersecurity at OpenText AI has quickly moved from an abstract talking point to a real strategic priority for managed service providers. But while enthusiasm is high, readiness — and results — are far more uneven. In this episode, I'm joined by Mike DePalma, vice president of business development for cybersecurity at OpenText, for a candid conversation about how MSPs are actually navigating the AI transition. We dig into why many partners are excited about AI, yet still unprepared to deliver it in a scalable, customer-facing way, and why that's starting to change. As MSPs gain a clearer understanding of where AI can be profitable, pricing models are evolving, and old assumptions about margins and service delivery are being challenged. Mike explains why the channel has made faster progress using AI internally than deploying it for customers, and how concepts like AI-as-a-Service are pushing providers to focus less on tools and more on business outcomes. We also talk about the return of consulting and custom project work, and why quarterly business reviews are becoming a key lever for expanding the scope of AI services. The conversation goes beyond technology to look at ecosystem dynamics: why partners want openness more than consolidation, what MSPs are asking vendors for right now, and how shifting feedback has forced OpenText to slow down changes to its partner program. Finally, Mike shares his view on what the AI opportunity will look like a year from now—and why deeper engagement with MSP communities may be more important than ever during this transition. If you're trying to separate real AI opportunity from hype, this is a grounded, practical discussion you won't want to miss.

Peter DiMarco, general manager of D&H Canada Things change fast in the IT channel, but for D&H Canada, the tagline continues to be BFG or built for growth. But what does that growth look like in 2026, and where is it coming from? In this edition of the podcast, we talk to Peter DiMarco, who has been leading D&H Canada for about a year, about how the company is supporting partners, investing in growth, and navigating the changing landscape. From the rise of AI and other emerging technologies to the unique challenges of running a Canadian operation with a U.S.-based parent, Peter shares insights on where partners can focus their efforts, what initiatives D&H is prioritizing, and what to expect from the distributor in 2026. This episode offers practical takeaways for anyone looking to stay ahead in the channel. We discuss:  how D&H Canada is helping partners navigate growth opportunities in the current market; the impact of operating a Canadian distributor with a U.S.-based parent in today's geopolitical and economic environment; how partners can leverage AI and other emerging technologies to drive business forward; key areas where D&H Canada is investing to support partner success; practical advice for resellers and MSPs planning for 2026; and what partners can expect from D&H Canada in terms of programs, support, and new opportunities. All that and more in this edition of the ChannelBuzz.ca Podcast.

Today is Monday, February 23, 2026. Welcome to In Case You Missed It, our weekly five-minute rundown of important channel news stories that might have flown under the radar last week. In this edition: Microsoft AI Cloud Partner benefits expanded: Microsoft has updated its AI Cloud Partner Program with new Copilot-related benefits, enhanced security and Azure credits, and additional go-to-market resources to help partners accelerate AI-enabled solutions. Palo Alto Networks NextWave Program: Palo Alto Networks has revamped its NextWave Partner Program to reward platform-based security delivery, emphasize recurring revenue, and recognize partners with specialized AI and cloud security expertise. monday.com Partner Program update: monday.com has introduced structured reseller and distributor tracks, an AI-powered Go-To-Partners marketplace, and a new AI Genius tier to support partners selling and implementing AI-enabled workflow solutions. Rocket Software IT leader survey: A new Rocket Software study shows 69% of IT leaders cite data security as their top concern and highlights the opportunity for partners to help customers modernize hybrid environments for AI readiness.

Chandreshkar LSP, managing director of Zoho Canada Zoho Canada's efforts to offer a comprehensive suite of online applications it calls a “business operating system” got a boost with the recent launch of new Payroll and Point of Sales modules designed for all of Canada's regions and regulations. In this edition of the podcast, we're joined by Chandrasekhar LSP, managing director for Zoho Canada, to discuss the company's new offerings and how Zoho views local investments as a global company. We also chat about the growth of the company's Canadian organization and the role of its in-country data centre.  But it could be the launch of a mobile-first package for solopreneurs that's the surprise star of this group of releases for both the web-based business app vendor and its partners. LSP explains the partner opportunity around Zoho Solo.

Stan de Boisset, senior vice president of global channels at Proofpoint Proofpoint is launching a major update to its global channel strategy with the debut of the Proofpoint Partner Network, a new partner program designed to improve partner profitability, predictability, and long-term growth. Replacing the Element program, the new framework introduces a three-tier structure — Select, Elite, and Elite+ — along with stronger incentives, clearer deal and renewal protections, expanded marketplace routes to market, and a greater emphasis on services and data security. In this episode, Stan de Boisset, senior vice president of global channels at Proofpoint, joins us to break down what's changing, why Proofpoint made these updates now, and what partners need to know as the program goes live. We discuss how the company is thinking about partner trust, lifecycle economics, and the role of services in building durable, scalable partner businesses.

Today is Monday, February 16, 2026. Welcome to In Case You Missed It, our weekly five-minute rundown of important channel news stories that might have flown under the radar last week. In this edition: Cisco CEO Chuck Robbins says we're in the early stage of a multi-year, multi-billion dollar campus refresh opportunity as customers look to redesign their networks for growing AI tasks. Palo Alto Networks completes its deal to purchase CyberArk for $25 billion, adding crucial identity management capabilities to its security stack. Global sovereign cloud technology spend will jump by more than 30% this year according to Gartner as geopolitical tensions stoke a desire for companies and regulators to insist that data stays close to home. Emerging networking service vendor Meter introduces former Meraki channel leader Pete Atkins as its global partner leader.

Andy Marsee, general manager for the Intel Partner Alliance Late last year, Intel announced the latest revisions to its Intel Partner Alliance program, reducing the number of partner tiers and roles and aiming to make things a bit more simple. In this edition of the podcast, we're joined by Andy Marsee, general manager for the Intel Partner Alliance, to talk about what's going on in the chipmaker's partner programs.  We discuss: the background of the unified Intel Partner Alliance program and the feedback the company has received from partners over recent years; the main goals of revamping the Partner Alliance; simplifying the number of partner tiers and roles in the program and designing the transition; the expanded role of distribution in the new partner program; maximizing partner profitability under the new program; how Intel has updated its Partner Showcase so more partners can run storefronts; how the company is looking to improve the number of leads it delivers to partners; changes to MDF in ease of use and both benefits and requirements; new types of partners Intel is working with; a shift to outcomes-based messaging and marketing at Intel; the role of software development across the Intel channel community; and where Marsee sees the next steps for Intel Partner Alliance. All that and more in this edition of the ChannelBuzz.ca Podcast.

Bob Bonneau, country manager for ESET Canada ESET Canada recently celebrated a decade since the company formally opened up shop in this country, ten years that have been filled with growth in the channel and evolution in both the cybersecurity threatscape and how businesses defend themselves. Bob Bonneau, country manager for ESET Canada, joins us on this edition of the podcast to take a look back at the company's run in this country and where he sees things heading. We discuss: the theme of the first decade in Canada for ESET; the evolution of the Canadian cybersecurity landscape over the last ten years; the big milestones of ESET's first decade in Canada; how the organizational structure in Canada has changed over the years; how ESET addresses both the under-representation of women in technology and the skills gap in cybersecurity; ESET's partnership with the Calgary Flames and its role in the company's growth in the west; the rise of managed service providers in the ESET channel; being a Europe-based company and operating in North America;  whether Canadian businesses are in better shape or worse when it comes to cybersecurity a decade later; and what the channel can expect from ESET over the near future All that and more in this edition of the ChannelBuzz.ca Podcast.

Asma Aziz, country manager for Intel Canada Everybody's talking about AI, but is anyone doing it? How about doing it well? Those are among the questions that Intel of  Canada set out toanswer with a recent survey of business leaders in Canada and througout the region. And while it's not the best possible results, the good news is there's a lot of interest, and the building blocks are there for Canada to be successful in the next big thing. In this edition of the podcast, we're joined by Asma Aziz, country manager for Intel Canada, to discuss the findings of the study and of course, the opportunity for Canadian solution providers. We discuss: how ready Canadian organizations are for AI; how Canada is leading in AI without talking too much about it; how business leaders are prioritizing and maximizing their AI approaches; why Intel sees an opportunity to turn “opportunity into scaled outcomes;” the biggest challenges and the biggest opportunities for solution providers to help solve them; the resources Intel is providing solution providers to sharpen their value creation around AI; why “the margin is in making AI both trustworthy and practical;” key steps for Canada to make right now to make the most of the AI opportunity; and AI and Canadian SMBs. All this and much more in this edition of the ChannelBuzz.ca Podcast.    

Edgar Zacharjev, general manager of RMM for Kaseya On many levels, AI is a natural evolution for managed service providers, who have long been focused on automating as much as possible en route to scale and profitability. But the artificial intelligence era also presents new challenges to MSPs, and is generally changing the nature of the market in which MSPs compete. What should MSPs be looking for, and how should they be preparing for an uncertain future state today? In this edition of the podcast, we talk to Edgar Zacharjev, general manager of RMM for Kaseya, to discuss how he sees aritifical intelligence playing out in the managed services space. We discuss: the future of AI in managed services; the most immediate benefits of moving towards AI for MSPs; the challenges MSP face around issues like data privacy and compliance; how AI is going to redefine the competitive landscape for MSPs; and practical steps MSPs can take to be start building AI into their technology and operations today. All this and much more in this edition of the ChannelBuzz.ca Podcast.    

The new threat group appears to be offering as-a-service attacks on companies from Latin American and Asia, but often those hosted on North American infrastructure. What can MSPs learn from this kind of attack? [...]

In this edition of the podcast, ESET's Michal Jankech discusses the opportunity for MSPs around MDR, sales models for the technology, and what makes for a good MDR partner.

SaaS and cloud-based apps are key to businesses of any size, and the proliferation of apps outside of the data centre presents unique challenges to MSPs managing their clients' infrastructures. In this edition of the podcast, we take a look at the threatscape for SaaS apps, as defined by SaaS Alerts' annual SASI Report.

In this edition of the podcast, we look at the continued rise of ransomware, the mainstreaming of managed security services, and how MSSPs can stand out as we're joined by Datto's Austin O'Saben.