Podcasts about mssp

Today’s headline news for Canadian IT solution providers: Dell PowerStore Elite and the reimagined data center: Yesterday at Dell Technologies World, Dell Technologiesintroduced Dell PowerStore Elite, a new enterprise storage platform delivering up to 3x performance over the prior generation and an industry-best 6:1 data reduction guarantee. The platform packs 5.8 petabytes into a single 3U chassis using standards-based E3 NVMe flash, and introduces Dell Cyber Detect, which identifies ransomware with 99.99% accuracy and pinpoints the last known clean copy for recovery. PowerStore Elite ships in July 2026; Cyber Detect for PowerStore follows in Q3. The broader Day 2 announcement also included 11 new PowerEdge servers, expanded Dell Private Cloud support for Broadcom, Microsoft, and Nutanix stacks, Dell PowerProtect One for simplified cyber resilience, and two new automation products: the Dell Automation Platform and Dell Automation Studio. Jeff Clarke’s tokenomics keynote: In Tuesday’s Day 2 keynote at DTW, Dell COO Jeff Clarke presented a set of ten fundamental shifts from the past year whose through-line is what he called tokenomics. The math: model prices fell 80% per token; token consumption is up 10x; GenAI software spend tripled. Net effect – AI is getting more expensive for most organizations, not less. Clarke illustrated the stakes with a concrete example: one developer running a single agentic use case on the public cloud can burn approximately $3,400 per day in token costs; the same workload runs at zero incremental cost on on-premises infrastructure. Clarke confirmed Dell moved its own operations to on-prem after internal token costs became untenable, and described work underway on what he called “token routing” – an orchestration layer that would automatically direct tasks to either a deskside AI workstation or data center hardware based on workload. He closed with three imperatives: know your token consumption, find your super users, and lead the operating model change or be disrupted by it. Intezer launches Amplify Partner Program: Intezer has officially launched its Intezer Amplify Partner Program, naming channel veteran Mark Daggett as vice president of global channels and alliances. The program formalizes Intezer’s channel investment as demand for AI-driven security operations grows and the talent gap in security operations continues to widen. According to Intezer, the program is designed to help MSSPs and solution providers step in where internal security teams lack the capacity to operationalize AI-powered alert triage and threat investigation, translating the company’s platform capabilities into managed and co-managed service offerings. Check Point agentic network security orchestration: Check Point announced an agentic network security orchestration platform on Monday designed to replace decades of rule-based complexity, reducing network policy management from months of manual effort to minutes of verified, automated action. The announcement is part of a broader Check Point push into agentic security capabilities across its Infinity platform. Zendesk unveils Autonomous Service Workforce: At its annual Relate conference, Zendesk announced the Autonomous Service Workforce, a product vision built around specialized AI agents priced per resolution rather than per seat. Key launches include a no-code Agent Builder, omnichannel coverage with shared context, and a real-time Quality Score applied to every interaction – human or AI. Riverbed extends Aternity AIOps: Riverbed has released new Aternity digital experience (DEX) capabilities positioning AIOps as proactive disruption prevention rather than reactive monitoring, giving IT teams predictive intelligence before end-user experience degrades. WinMagic brings zero trust to legacy OT: WinMagic has introduced Continuous Identity Assurance, a hardware-bound approach to endpoint identity that extends zero trust controls to air-gapped systems and legacy operational technology environments traditionally outside the reach of modern identity platforms. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Wednesday, May 20, 2026, and here’s what’s happening in the channel today. Continuing coverage from Dell Technologies World in Las Vegas, where yesterday’s Day 2 product announcements shifted the spotlight from the partner program to the infrastructure portfolio. The headline item was Dell PowerStore Elite, which Dell is positioning as a new class of enterprise storage platform built for what it calls an AI-era data center. According to the company, PowerStore Elite delivers up to three times the performance of the previous generation through software-driven improvements, and backs it all with what Dell describes as an industry-best 6:1 data reduction guarantee – up from 5:1 – a number it says carries real weight in today’s supply-constrained flash market. The platform packs up to 5.8 petabytes of effective capacity into a single 3U chassis using industry-standard E3 NVMe flash rather than proprietary drives, giving partners and their customers more flexibility on cost and sourcing. The cyber resilience angle is where it gets interesting for MSPs. Dell is introducing Dell Cyber Detect for PowerStore, which inspects data at the byte level and is positioned as being able to identify ransomware with 99.99% accuracy – surfacing the last known clean copy so organizations can recover fast. That capability will be available in Q3 2026. PowerStore Elite itself is set for global availability in July. The broader data center announcement also included 11 new PowerEdge servers spanning both air-cooled and liquid-cooled environments, expanded Dell Private Cloud support for Broadcom, Microsoft, and Nutanix software stacks, and two new automation products: the Dell Automation Platform, which pairs AI agents with a conversational interface for infrastructure deployment and management, and Dell Automation Studio for building custom, full-stack orchestration workflows. Nearly 20,000 customers already run PowerStore globally, and Dell is emphasizing that existing deployments can cluster with PowerStore Elite without disruption – a meaningful selling point for partners managing live customer environments. The second big story out of Las Vegas yesterday is one that deserves some unpacking. During his keynote, Dell’s chief operating officer Jeff Clarke laid out what he called ten fundamental changes in the past twelve months – and the thread running through the whole list is a single concept: tokenomics. The numbers Clarke presented tell a story that’s easy to miss if you only hear the headline. Model prices have fallen roughly 80% per token in the last year – sounds like great news. Except token consumption is simultaneously up ten times. And GenAI software spend has tripled in twelve months. The net effect is that AI is actually getting more expensive for most organizations, not less. Clarke made it concrete with a single example: one developer, one agentic use case, building a software tool. On the public cloud, that use case can run up roughly $3,400 a day in token costs. Running the equivalent workload on on-premises infrastructure with local models? Zero incremental dollars. Clarke went further and confirmed that Dell itself made the shift to on-premises AI after its own token costs became untenable – which is a different kind of endorsement than anything you hear from a keynote stage. He also flagged something worth watching: Dell is working on what he called token routing, an orchestration layer that would automatically determine whether a given task is better handled by a deskside AI workstation or by data center infrastructure. He was clear it’s still in development, but it signals where Dell sees the intersection of its PC and server businesses heading. Clarke closed his keynote with three actionable imperatives: know your token consumption, find your super users, and lead the operating model change or be disrupted by it. That first one is the real challenge for most organizations – and the one an MSP or trusted advisor can walk into and own. Away from Las Vegas now, and Intezer has officially launched its Intezer Amplify Partner Program, naming industry veteran Mark Daggett as vice president of global channels and alliances to lead the effort. The program formalizes the company’s channel investment at a moment when demand for AI-driven security operations is accelerating. Intezer’s pitch to the channel is essentially a gap-filling argument: internal security teams are drowning in alert volume while the talent required to triage and investigate those alerts remains in short supply. The Amplify program is designed to equip partners to step into that gap, delivering Intezer’s automated alert triage and threat investigation capabilities as a managed or co-managed offering. The appointment of a dedicated channel VP is the clearest signal yet that Intezer is treating the channel as a primary route to market, not a secondary one. Partners building out managed security or MSSP practices looking to differentiate around AI-augmented SOC capabilities have another option worth a closer look. In Brief –  Check Point launches an agentic network security orchestration platform it says collapses months of manual policy work into minutes of verified action.  Zendesk unveils its Autonomous Service Workforce at the Relate conference, introducing per-resolution AI agent pricing and a no-code Agent Builder.  Riverbed announces new Aternity digital experience capabilities designed to shift AIOps from reactive visibility to proactive disruption prevention.  WinMagic introduces Continuous Identity Assurance, anchoring identity verification in hardware to extend zero trust protocols to air-gapped and legacy OT environments.  Full details and links in the show notes or the blog post. Later today on In The Channel, still from the show floor at Dell Technologies World, I sit down with Rob Emsley, director of cyber resilience marketing at Dell Technologies, on why 97% of cyber attacks now specifically target the backup infrastructure – and what it actually means to build a resilience strategy around the concept of the minimum viable company. And if you haven’t heard yesterday’s episode yet, check out my conversation with Alan Ashby, Dell’s senior director of Americas data center presales and specialty sales, on the practical infrastructure realities of the AI boom – from a deskside AI workstation for an SMB to consolidating 13 legacy servers into one. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

Jeff Taylor, executive director of global partner ecosystem and operations for Lenovo There are not many conversations where you get both the global architect of a vendor’s partner program and the Canadian channel chief in the same room. In this episode of In The Channel, recorded the week after Lenovo 360 Acceleratewrapped up in Austin, we had both: Jeff Taylor, executive director of global partner ecosystem and programs at Lenovo, and Craig Taylor, senior director and Canada channel chief. The headlining number from the conversation is the dramatic simplification of Lenovo’s incentive structure. Jeff confirmed that Lenovo has reduced its active global incentives from 2,300 down to approximately 200 – a 92 per cent reduction – while maintaining the same total investment pool. The analogy he reached for: the same pizza, fewer slices, each one bigger. The earning power stays; the complexity goes. For Canadian partners, Craig noted that over 90 per cent either maintained or improved their tier status in the move to the new Lenovo 360 Authorized, Gold, and Platinum structure. Craig Taylor, senior director and Canada channel chief at Lenovo The conversation moved quickly into services. Lenovo is targeting a 15 to 20 per cent partner revenue mix from services and solutions within the next one to two years. Craig pointed to TruScale as the on-ramp, noting Canadian partner feedback has consistently positioned it as more flexible than competing offerings in market. On AI, Jeff described a “reimagination of enablement” – moving partner portals from static, backward-looking data tools into agentic AI-driven platforms that are intuitive and forward-looking. Craig pointed to Lenovo’s CIO Playbook as the practical tool helping Canadian partners move customers from proof of concept to proof of execution on their AI investments. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last sixteen years. I’m Robert Dutt, editor at ChannelBuzz.ca and your host for the show. You want to understand how a global technology vendor thinks about its partner program, not the press release version, but the actual mechanics of how design decisions get made and how they land in markets like Canada. Today’s conversation is a fairly rare opportunity. We have at the same time the global architect of the Lenovo partner ecosystem and the Canadian channel chief. Jeff Taylor is executive director of global partner ecosystem and operations for Lenovo, responsible for the Lenovo 360 framework that governs how the company works with partners worldwide and for the new consolidated partner ecosystems and program structure for the international markets that Lenovo unveiled earlier this year. Craig Taylor is senior director and Canada channel chief at Lenovo, a 2026 CRN channel chief and the person responsible for translating all that global framework into real outcomes for Canadian partners on the ground. We recorded this conversation just after Lenovo 360 Accelerate, the company’s annual North American partner event wrapped up in Austin, Texas. So this is about as fresh a read on the state of the Lenovo partner ecosystems you’re gonna get. We covered the dramatic simplification of Lenovo’s incentive structure, the push towards services-led selling and recurring revenue, how AI is reshaping both the partner conversation with customers and Lenovo’s own approach to enablement, and how Canadian partners should be thinking about a volatile period in hardware pricing. And yes, they’re both named Taylor. We had asked some questions. Let’s get right into it. My chat with Jeff Taylor and Craig Taylor. [Music] Gentlemen, thank you for taking the time. Jeff Taylor: Hey Robert, how are you? Robert Dutt: Very well, thank you. Craig Taylor: Excellent. Good afternoon, Robert. Robert Dutt: Interesting situation, one of those channel journalist dream situations, chatting with both the global architect of the partner program and the Canadian channel chief at the same time. And as fate would have it, you’re both just coming back from Austin. Jeff, for people who weren’t there in the room for Accelerate this year, the event was themed “unified as one” — pretty deliberate choice of words, I dare say. What were you trying to signal with that framing? Jeff Taylor: Yeah, well, I mean, obviously one with our partners is probably the first and foremost thing, but also to represent Lenovo holistically. From Motorola all the way through our devices, tablets, PCs, etc. and then into the data center. So we are one company and as an extension of that, one company includes our partners and the whole intent of the event was to bring everybody together and unify. Feedback has been really, really positive and it’s, you know, it’s only been a week, but lots of really good discourse and wonderful event. Robert Dutt: Craig, from a Canadian perspective, what did the Canadian attendance look like and what did Austin feel like compared to previous Accelerate events from a Canadian partner point of view? Craig Taylor: Yeah, our Canadian partners had very positive feedback to Jeff’s point. We’re always very well represented in these types of North American based events. We always punch above our weight class, I’d like to say. So all of the key strategic partners across our ecosystem were there in present and actively participating in our discussions as to how we’re going to strategize for our next fiscal year. Robert Dutt: Jeff, one thing that stood out for me from Austin was the choice of putting Jay McBain, Steve Brazier and Tiffany Bova on stage together, three analysts who ostensibly compete against each other in the market. Curious what the goal was in putting them together and what came out of that conversation that you think partners should take away. Jeff Taylor: Yeah, I think a couple of things. First of all, the moderator of that panel was with Alex Smith. So we had four great analysts all on the stage at the same time. I think if you take a step back and just look at the theme overall, what we’re trying to accomplish at Accelerate, it was really about industry topics. So we had representatives from the US Department of Energy as an example, talking about power and what’s happening at a governmental level. And part of that was to get these four analysts together who, as you say, they mix in a lot of the same circles, but they’d never been on the stage at the same time. And the idea was to propagate a little bit. And in some cases, they were aligned in a lot of their messages to the channel. In some cases, they differed. And it was a really lively and engaging conversation. And folks at Lenovo, we engage with these folks all the time, but having them all together, kind of representing their unique perspectives on the market right now was super valuable and engaging. Robert Dutt: So to dig into what you guys have been doing on the partner side of things, back in March, you announced the new consolidated partner ecosystem and programs, International Markets Organization. Now that Accelerate’s happened, partners have had a chance to hear it explained in person. What’s the clearest way to explain what operationally changed and what didn’t? Because from the outside, centralize where it makes sense can go a lot of different directions. Jeff Taylor: Yeah, look, I think the easiest way to explain it is we now have a single common framework across the globe. That framework is a guidepost, very intentionally set up as a framework, because execution has to remain local. And the input, the guidance, the feedback that we receive from our Canadian partners, from Craig, representing the viewpoints of those Canadian partners is absolutely critical to what we’re doing. And so by, you know, over time, as we had a lot of different markets and a lot of different geographies kind of expand over time as the company grew, there was similar objectives happening in multiple markets. And maybe the execution model was slightly different. And we thought by kind of bringing some of that together, we could simplify and we could gain efficiencies for our partners. But it’s really important to understand that the execution happens locally, sales happens locally, channel partners happen locally. And so it’s one really about standardizing the framework and not centralizing execution. Robert Dutt: How has that landed here in Canada, both with Canadian partners and in terms of how things operate for you, Craig? Craig Taylor: Yeah, the feedback has been really positive, Rob. You know, from a Canadian perspective, it’s all about leveraging our local teams and our local relationships, which haven’t changed. And feedback from our partner community is we are often best in class when it comes to how we represent our organization in front of the partner ecosystem. What I think is what more exciting for me now is we’re elevating those relationships to be consistent as to how we’re going to market with our partners. Consistency in the programs, consistency in the incentives, and also how quickly we can execute. What that means is our partner facing team can spend more time in market with our partners trying to win opportunities together with our mutual customers. Jeff Taylor: And if I could add, Rob, real quick, I mean, this was a very thoughtful process. This wasn’t something that happened kind of quick and without a lot of forethought. We have been working on this for years through the introduction of Lenovo 360 as that kind of framework itself. And then over time, as we’ve built some meat on the skeleton, the timing was just really right for us to go do this. But again, that premise of local execution is probably the most important thing. Robert Dutt: Well, I know that internally you guys have kind of had the mantra of “global might, local fight” internally for a while now, kind of being applied to the partner org, it seems here. I guess I’m still a little curious where there is a certain tension between global consistency and local relevance. You’ve kind of unpacked it, but where does that actually land in terms of which side takes the lead? Jeff Taylor: Yeah. So let me give you some real tangible numbers and examples. Three years ago in market across the globe, we had 2,300 active incentives in the market. I’m going to repeat that. We had 2,300 active incentives in the market. So if you think of your investment pool as a pizza, right, and you divide that 2,300 ways, the relative impact of those individual slices can be quite small. Now, what we found in talking to markets was that there was absolutely a consistency and intent. And maybe that intent was new customer acquisition, or maybe it was growth targets, or maybe it was something else. There was consistency in intent, but the execution was different, and that created operational complexity. It created our ability to report seamlessly and consistently over time more of a challenge than simplification. So in just the last two years, we’ve gone from that 2,300 partner incentives to about 200. So almost a 92% reduction without any change in investments, any negative change in investments, because the intent was still there, right? The intent was consistent across the globe. So that’s one where we centrally can look at the forest through the trees. We can see an opportunity for simplification. Then we can bring that to the markets while still driving that strategic intent that we want to accomplish with our partners. So that’s just one example. Craig Taylor: Yeah, well said. Just to add to that, Rob, one of the things that was very important was to make sure we had local input to the global framework that was being created at Jeff’s level. So we had many conversations as to what our market needs and demands were, and make sure that we shaped it to be properly represented within the framework. That worked out very, very well. We also are allowed to have some nuances in this organization as well. And so what we’re allowed to do is perhaps if a certain pathway doesn’t make sense to the Canadian market, for example, being more of an SMB-based market, we’re going to pivot and we’re going to make those changes to make sure that we service our partners the best that we should. And kind of beef up that SMB-facing side of things. Robert Dutt: Yeah, that makes sense. Jeff Taylor: It’s really interesting. It’s interesting, Robert. From day one, we called Lenovo 360 a framework and not a program from day one. And the whole idea was that we wanted to ask three basic questions like, how do you best engage with your partners? How do you best connect with your partners and how do you best grow with your partners? But depending on the conversation, the answers to those three questions might be different. So as an example, if you’re talking to a traditional hardware solution provider, you have answers for those three questions. If you’re talking to a GSI or an MSP or an MSSP, same questions may be very different answers. And so the whole idea with this framework was to be able to flex accordingly. And that went down all the way to the market level. So Craig mentioned that Canadian being more oriented towards an SMB type of approach, the framework has to flex to be able to support that. Whereas in other markets, it may flex a slightly different way, but it’s still all about engaging, connecting and growing. Robert Dutt: OK, back to your pizza point, Jeff, and one of my favorite, probably apocryphal Yogi Berra quotes, “cut my pizza in four slices, please, I can’t eat eight.” Curious, though, for a partner who looks at it and says, “all right, well, I used to have three incentives applied to my business and now there’s only really the one. The math doesn’t work for me.” What’s sort of the answer for them? Because the earning power says we didn’t take away the earning power. Jeff Taylor: So again, it’s the intent stays the same. The earning power stayed the same. The whole idea now is operationally, it should be easier for… the intent was that it would be easier for the partners to have a path towards that earning power. So instead of Jenga or a very complicated jigsaw puzzle, the intent here was to simplify that. So it’s a clear path to that earning potential with the same intent around growth, acquisition, those types of things. Craig Taylor: Yeah. And Robert, one of the things our partners have been asking us for is to provide more direction, focus as to where they want us to go win together in the market. And I think by simplifying these programs, it’s also allowed us to provide more focus to our partner community in the ecosystem to make sure that we’re winning together in the areas that we want to win. Jeff Taylor: And Robert, it goes beyond just traditional incentives programs, too. So we’ve simplified things like our certification programs. I’m going to get this number slightly wrong, but in the ballpark, in the last two years, we’ve driven 80,000 new certifications globally through some of the simplified changes that we’ve made. So all of these things, it’s look at the globe and then apply it locally. And again, with the full intent of making it as easy as possible for the partner. Robert Dutt: As with most partner programs slash framework changes, updates, you’ve acknowledged that some partners will land at a different tier under the new structure. How are you managing the transition and what should a partner do if they feel the new placement doesn’t reflect where they’re actually at in the relationship with Lenovo? Jeff Taylor: We’re very conscious about that. And I think, Robert, you know, any time there’s even a small change in some type of construct within the program, there’s some unfortunate circumstances associated with that. But we really tried to minimize it. And I’ll just give another example to hit a tier level. We have a volume requirement. OK, that’s the framework. But what that volume requirement is, it’s going to differ by market. So, you know, it might be very different in the U.S. than it is in France, than it is in Canada, than it is in Indonesia, as an example. And the whole intent there was through our analysis was to kind of minimize those impacts as much as possible while still creating the right type of incentive and the right value associated with each of those tier levels. Craig Taylor: And to that point, Robert, it was very thoughtful in Canada as to what the thresholds should be in order to properly reflect our market. And what’s happened as a result of that is over 90 percent of the partners have either maintained or actually improved their tier status as a result of the simplification and restructuring. What we’re doing with that remaining 10 or less than 10 percent is getting out in front of our foot, making sure that we have those discussions, working together through joint business plans to determine how we’re going to get them not only to the next threshold, but have a future plan to get us to the one after that and up-tier them as we continue our relationships with them. Robert Dutt: The services shift. Jeff, you put out a specific target there in recent interviews. 15 to 20 percent of partner revenue mix coming from services and solutions over the next year or two. The services business, as I understand it, has grown in the channel for the last five years or so with channel growth outpacing overall growth. That’s certainly real numbers and real growth. What’s driving customers towards the as-a-service and TruScale model specifically right now? Jeff Taylor: Yeah, I think it’s one word. It’s complementary. Our strategic approach is to have complementary services to those of our partners. We want to be able to ensure that our mutual end users are getting the best possible experience that they can get. In many cases, those services are provided 100 percent by the partner themselves. But in other cases where they don’t have those capabilities, our job is to complement those with the service capabilities that we have. The idea is that, first of all, I think you know Robert, the services space, like the TAM, is massive. There’s so much opportunity really for everybody to play in a meaningful way. You just have to be smart about it. I think that’s the first thing. The second thing is communicate. If there is an instance in which maybe there’s a perception of competing for services revenue, we’re going to communicate. We’re going to talk. We’re going to figure out what the best solution is for that end user and then move forward that way. Craig Taylor: Yeah, the other thing I would add and maybe another word for thought is flexibility as well. Feedback from our Canadian partners is that the Lenovo TruScale offering is much more flexible than other competitive offerings in market. Because we understand that not all customers look and feel the same. So this allows our partners to scale with us during their journey as they create more of a services-led go-to-market motion for their customers. Jeff Taylor: One of the conversations, Robert, that came out, you mentioned the Accelerate event last week in Austin. Obviously, a lot of discussions around AI and a lot of discussions around how do we best build an AI practice to go serve customers, whether they’re small businesses or large enterprises. And that’s a really scary thing for a lot of solution providers right now because they see that market exploding and they want to get it right. And this is a great example of where Lenovo can come in and partner with our partners on developing an AI practice that includes not just hardware and software, but also services. Robert Dutt: Craig, for a Canadian partner to whom Lenovo still means primarily ThinkPads and infrastructure hardware, what’s the first move usually looked like for a partner who wants to shift towards services with you guys and where are most partners sitting today against that 15-20% target? Craig Taylor: Yeah, great question. I think Jeff mentioned it earlier. It’s about communication. Often, it’s a miss when we don’t understand the partner services capabilities. We are a channel-led organization. We’ll continue to be with our services engagement in order to scale and address the Canadian customers. We need the channel and we will continue to work with the channel in order to win in services, but we have to understand what it is they can offer. So our team is working very closely with our partner community through this joint business partner plan in order to understand and make sure that we’re aligning their services capabilities with the needs of those customers. That’s first. Second of all is internally, we’re making sure that we have a motto of sell with, sell for, and sell through the channel. And so our Lenovo customer-facing sales teams understand the importance and the value that our partners are bringing to our mutual customers. And together, we’re winning more than we ever have before. Jeff Taylor: Hey Robert, there’s almost like a macroeconomic driver here as well. So partners are, and we’re seeing this globally, that there’s a realization that to maximize the value, to increase the multiple on their valuation, a move towards MRR or ARR models is extremely important, right? And those are services-led models. And so we are seeing a lot of these traditional partners who are very accustomed as us being a PC or an infrastructure provider, really needing our help in moving towards this recurring revenue model that’s going to increase their valuation and their multiples. So we’re seeing that trend everywhere right now, probably more so in North America than anywhere else, but it’s definitely happening globally. Robert Dutt: To that point where I wanted to go next was the MSP pathway. 3,000 partners signed up globally, 150 million or so last year for you guys, real proof point. You’re expanding to new geographies. What can you tell me about where that pathway is at in Canada? And as you’ve expanded geographically, are there any new developments on the Canadian front, either announced at Accelerate or along the way? Jeff Taylor: Why don’t I take kind of the big picture and then Craig can go deeper into Canada? Again, this move towards recurring revenue models is happening everywhere. And so not only has Lenovo’s growth in that space been even better than expected, dare I say, we’re seeing it, the growth of MSPs just in pure numbers globally is growing very, very rapidly. And again, I think it’s this financial macroeconomic driver that’s making that happen. To go back to our framework around engaging, connecting and growing, those answers are so different with an MSP than they are with maybe a traditional Lenovo partner. And so we spent the first year developing this program by listening, literally going to conferences, setting up a booth. We had MSPs coming up to us saying, “What are you doing here?” And we would be like, “We’re just listening. We just want to hear what motivates you and what is your business driver.” And so that was the genesis of creating this program because we wanted it to be bespoke specifically for those MSPs that are just operating in a kind of a different way than traditional VARs or traditional service providers. And now I’ll hand it over to Craig. Craig Taylor: Yeah, no well said. And you’ll see that the way that we’ve set up the Lenovo 360 for MSP pathway is the solutions hub within our online support and the way that we work with those partners looks different. The incentive stack is aligned to the needs, as per Jeff’s saying, and we have dedicated campaigns and road shows and community engagements in order to make sure that we’re addressing the needs of those MSP partners. What’s most exciting in Canada is it’s actually opened up a new route to market for us and new partner relationships where we haven’t had them before. You know, I would say that until this pathway was created, we were probably under penetrated from a Lenovo Canada perspective within the MSP community. Now the opportunity is vast. The partners, those MSP related partners are interested in working with Lenovo more than ever. And I think together we’re going to go win in the market. Robert Dutt: Are we still in the early innings of operationalizing that and realizing that or is that something that’s sort of matured with the program being out there? Craig Taylor: I think we already had a head start. And so, you know, some of the relationships with the key MSP partners in the Canadian ecosystem, those relationships already existed. I think this is now an opportunity just to extend our reach and better support the masses of MSP partners that are in the Canadian marketplace. So we’re well down the path, but no pun intended. But I think this framework actually allows us to go even deeper and have more intimate relationships with this set of partners. Jeff Taylor: I think globally, if I could interject here, we’re probably in the second inning of a nine inning game. There’s so much more we can and we’ll be doing with this MSP community. And at the same time, there’s tens of thousands of MSPs out there. So the opportunity is huge and our interest and our investment kind of matches that opportunity. But we still have many innings to play here. So we’re excited about it. Robert Dutt: I don’t know if you guys have noticed over the last few months, but memory costs have been a little bit volatile. You guys, you know, Ryan McCurdy was out in front of that publicly and the Top Choice Express model guidance for pricing some of the ISG deals. Real things that partners are navigating. How do you counsel a partner who’s trying to manage customer conversations when prices can shift before product ships? And what specific tools or protections do partners have inside Lenovo right now that they need to know about? Jeff Taylor: Yeah, again, I’ll just kind of take the big picture here. Lenovo culturally within our partner community has always been one based on trust and communication always. And we’ve navigated tough waters before, whether that was the pandemic or this situation that’s affecting the entire industry. And our approach is complete candor, open communication. We don’t hide behind any potential downside or any risk. We’re very communicative up front as we get information, we share that information. That can at times be frustrating for partners, but at the same time, if they, you know, at the end of the day, when they take a step back, they really appreciate Lenovo just being super transparent. It is a tricky deal right now. It is complicated and things are moving very quickly. I do not envy our sales folks and I don’t envy our partner sellers out there right now because there’s a lot of tricky, tough conversations that have to happen. You had mentioned Top Choice and Top Choice Express. We have invested in a model for Top Choice Express where we do have a supply. We can commit to an order to ship SLA that other vendors can’t right now. And again, I think that’s very well received by the partner community. It may be that the exact configuration is slightly different, but at a time like this, it’s a great way for us to service those customers collectively with our partners and with a high quality solution from Lenovo. Craig Taylor: Yeah, just to add to that as well, I would say resiliency and agility have always been built into our supply chain. We currently manufacture in over 30 locations in 10 different markets worldwide. That global footprint allows us to be more agile as we go to market during these challenging times. Recently, Gartner has rated us as the number eight most robust supply chain in the world. I think that’s going to work to our advantage as we go and continue through these challenging times. Robert Dutt: Switching to AI, you guys have posted 72% year-over-year growth in AI-related revenue. I want to unpack that a little bit. Jeff, where’s that coming from? Is that AI PC, infrastructure services, mix of all three through the hybrid AI advantage program and the Nvidia work? What does the enablement for a partner who wants to build an AI practice actually look like? Jeff Taylor: Lots of questions in there, so let me make sure I can get them all back. In terms of our mix, it really is cross portfolio. We are leading the way in AI PC, which is fantastic. I think we’ve just scratched the surface on that device side. I still think some consumers and users are wondering, what is the real AI value here? Those use cases will continue to come and we’ll continue to see that market expand. In terms of our infrastructure business, everywhere from being able to service the big hyperscalers all the way into the enterprise and the SMB space is a testament to the strength of our portfolio. That growth is represented from everywhere from the hyperscalers to enterprise to mid-market to SMB. Again, on the services side, we talked about that a little bit ago. It’s really about partnering to make that happen. We are very fortunate to have partners. You had mentioned Nvidia, also Intel, also AMD, all the silicon guys are very much working with us on making sure that, A, the solutions are there, and that, B, the way we’re enabling those solutions, which is also a little bit different, Robert. We have to be enabling around outcomes and not around feeds and speeds. You have to be talking to customers about what are they trying to accomplish. It’s not feeds and speeds anymore. How we’re enabling our partners, Craig had mentioned our Lenovo 360 Solution Hub as an example. It is an outcome-based platform where our partners can come in and learn what’s available from an outcome’s perspective. The solutions, the hardware and the software is really incidental to the conversation around the outcome itself. I think all of those things play together. Robert Dutt: Craig, where do you find Canadian partners are with AI at this point? There’s a spectrum with some building real AI practices, many still figuring out what the first customer conversation looks like. So I guess both acknowledging there’s a range of answers, where do you find partners are at? What’s the realistic, most common entry point for a mid-market focused Canadian partner? Craig Taylor: Yeah, to answer the first part of the question, it is a vast spectrum as to where each partner is on their AI journey. But rest assured, because of the Lenovo services portfolio, we can actually support each of those partners independently and complement their offerings as they scale their AI journey. I would suggest that many of them probably are moving from proof of concept with their customers to now proof of execution with their customers. More and more, there’s a demand on measuring an ROI on the AI investments that have been made. And I think that’s where partners and customers are looking for Lenovo for some direction. We recently created a CIO playbook, which actually helps our customers and partners be able to capture what that ROI is and what the financial returns are getting as a result of their AI investments. And feedback from that from our partner community has been very good. The other thing I would suggest is that because these AI workloads are now going from modeling into the cloud, now into being actually practically used within the customer sets, it creates a massive opportunity for our infrastructure solutions group business. And you heard Jeff mention that several times. One of the things we’re doing with our partner community is making sure that we’re over-investing with their technical architects and solution architects within the partner community to drive even more familiarity with the Lenovo solutions around AI playbook to make sure that we’re being suggested, recommended, and considered when customers are coming to them for advice. Robert Dutt: Jeff, Austin’s in the rearview mirror. You got the program changes out. New org is in place. What have you done for me lately? What does the rest of 2026 look like? And what would tell you by year end that this consolidation worked the way you wanted it to? Jeff Taylor: Yeah, first, I’m going to take a nap. I’m tired. There’s a lot that has to happen. I mean, the first thing is we have a commitment to our partners and to our partners like Craig, our internal partners, that everything continues to move from a local perspective, that we want to make sure that whatever changes we’re making, services our geographies, services our markets, and most importantly, services our partners. So that’s kind of the first priority in my mind to go do that. The second thing, and we briefly mentioned this before, is I think the world of enablement is changing quite a bit. And I think AI is driving that. And we throw around the word transformation quite a bit and things still aren’t really transformative. They’re more evolutionary. I actually think at this point, we’re at a transformative part in terms of channel management. So we are investing heavily in our digital platforms to move from just kind of basic LLM models into AI agents and eventually into agentic AI that’s going to completely change the way that we enable all of our partners, big and small. It’ll be more efficient. It’ll be more intuitive. It’ll be more timely. It’ll be more forward-looking than backwards-looking. I think, Robert, you know most portals are somewhat static and kind of represents yesterday and not tomorrow. I think all of that is going to change. And so a big focus for myself and working very closely with our IT and digital transformations organizations is this reimagination of enablement in this world of AI. And you’ll see more and more from Lenovo in that regard. Robert Dutt: I think that is going to be one of the most interesting things from a partner program structure point of view over the next couple of years is how you and your peers address those challenges and really potentially change the shape of what programs and enablement look like. It’s exciting. Jeff Taylor: It really is an exciting time for us channel nerds that have been around for forever. This is like, “Yes, we’re going to be able to rock the world. It’s going to be great.” Robert Dutt: Craig, for a Canadian partner listening to this, what’s the one thing that you want them to do differently or think differently in their relationship with Lenovo over the next little while? Craig Taylor: Yeah, I think we’ve talked about some of them already. We need to continue to protect and grow the core, which is our client computing and PC business. We have to grow at a premium to market. And I think we’re well positioned for that. I need the channel community to help us to continue to accelerate our ISG, our infrastructure solutions group business, around the data center to make sure we continue to drive relevance, focus on those technical relationships and leverage Top Choice Express, which will better service all of our customers by getting the right products in their hands quicker. We talked about helping our customers and our partners on this services-led selling journey. So we’re going to spend more time on that. But the last two, I think, are probably where a majority of my focus will be for the second half of the year. The one is continuing to make sure that we demonstrate ourselves as the easiest partner to do business with. So whether it be through our portfolio like Top Seller and Top Choice, whether it be the program optimization that Jeff and his team are doing fabulous work on, or whether it be the alignment of our portfolio coming together to represent one Lenovo, that’s going to be the key to our success and where our partners should continue to challenge us. Internally, I’m challenging my team to operate and act like an owner of your own business. And so we’re empowering our people to make decisions in market in front of their partners in order to have a more agile relationship with those customers. We’re enabling them with the right tools. And then finally, we’re educating them properly to make sure they represent this more complex portfolio of offerings that continues to be positioned in the marketplace and satisfy our customers’ business outcomes. So a lot for the second half of the year, but I’m very bullish that we’re positioned properly for success. Jeff Taylor: Robert, if you don’t mind, I would add just one quick thing there. And you had mentioned, like, we are in difficult times right now with memory and price increases and things like that. Partners are smart. They are going to lean on the partners that they trust, and they’re going to lean on the partners that have been there with them, or their partners that have been with them through these difficult times previously. And while nobody wants this situation, I think Lenovo is actually in a really good spot right now because we are that trusted advisor and have been for years. It’s not just words, right? It’s years and years and years of building relationships, the work that Craig and his team have done in Canada. You know, we have these relationships that allow us to navigate these waters maybe better than others. Robert Dutt: And my last super serious question to end this is, I’m basing this on an inference off a small sample size of two. But do you guys have any problems finding Taylors to run the channel orgs in all of the countries you operate in worldwide? Jeff Taylor: Go ahead, Craig. Say what you always say. Craig Taylor: Listen, I like to tease Jeff that he’s my dad, but our age delta is probably much more closer than makes that physically possible. But hey, listen, we’re going to take the best of the best. We happen to get two Taylors on this call with you, Robert. That’s what you’re getting today. And we’ll look for more next time we meet. Jeff Taylor: He’s definitely the better of the two. So it’s a funny thing. We were actually talking in Austin about how we might be able to mess with you a little bit, but we just don’t have to. Robert Dutt: Good to know. And Craig, I’ll send you the audio clip of him saying you’re the better one for your performance review. Craig Taylor: As long as that is your final edit, Rob, I’m happy. Robert Dutt: Gentlemen, thank you for taking the time. It’s been a fun conversation and we covered a lot of ground very well. Thank you. Jeff Taylor: Yeah, thank you, Robert. Craig Taylor: Yeah, look forward to seeing you soon, Robert. Thank you. Robert Dutt: There you have it. Jeff Taylor and Craig Taylor, both from Lenovo. I’d like to thank both Jeff and Craig for the time. It’s genuinely not that often you get the global and local perspective on the same conversation at the same time. And I thought the dynamic made for a richer discussion than either could have delivered on their own. A few things were taken away from this one. The incentive consolidation is real and it’s significant. Going from 2,300 active global incentives down to about 200, a 92% reduction, while keeping the total investment pool intact. Meaningful simplification. Jeff’s pizza framing is a good one. Same amount of pizza, fewer slices, each one bigger and more impactful. Earning power stays, operational complexity goes. If your business has been navigating a patchwork of overlapping incentives, the cleaner path to earning should be welcome. On the tier transition, Craig was direct that over 90% of Canadian partners either maintained or improved their status in the move to the new authorized gold and platinum structure. If you’re in the 10% that didn’t, the message was clear. Get in front of your Lenovo rep, build a joint business plan. There’s a path forward, but you have to start the conversation. The services shift didn’t seem like a someday conversation. Lenovo’s targeting 15 to 20% of its partner revenues from services and solutions over the next one to two years. TruScale is available and more flexible than a lot of partners probably realize. The partners who are going to win here are the ones who can articulate their own services capabilities clearly, so Lenovo can align around them rather than compete with them. On AI, I found Jeff’s forward-looking comments on agentic AI and the reimagination of enablement genuinely fascinating. Most partner portals are, as he said, static. They show you yesterday, not tomorrow. That is going to change. And how it changes will shape how partner programs actually function. Worth paying attention to across the industry. And for the hardware volatility piece, Top Choice Express is the practical answer right now for partners trying to manage customer conversations when prices are moving before product ships. If you’re not comfortable with it already, your first call tomorrow should be with your Lenovo rep. Oh, and yes, we did keep the clip of Jeff saying that Craig is the better Taylor. It’s in the edit. You’re welcome, Craig. If you enjoyed this episode, please follow or subscribe to the podcast wherever you get your podcasts. We’re on Apple Podcasts, Spotify, YouTube, most of the major directories. Ratings and reviews are always appreciated and genuinely do help the show find a wider audience in the Canadian channel community. Until next time, I’m Robert Dutt for ChannelBuzz.ca and I’ll see you in the channel.

Cameron Tousley, director of MSP channels for ESET North America For most MSPs, the quarterly client conversation looks something like this: here are the alerts we handled, here is your uptime number, here is a dashboard of things we blocked. Useful, certainly – but not exactly the stuff of trusted advisor relationships. Cameron Tousley, director of MSP channels for ESET North America, has a phrase for the upgrade: move from statistical talks to threat briefings. In this episode of In The Channel, he and Pedro Kertzman, threat intelligence specialist at ESET, join host Robert Dutt to explain what that actually looks like in practice – and why the window for MSPs to make that transition may be narrowing. Pedro Kertzman, threat intelligence specialist at ESET The occasion is ESET’s eCrime Reports, a threat intelligence offering that tracks cybercriminal activity at the affiliate level – the individuals buying malware-as-a-service and executing the actual attacks. Kertzman explains why that granularity matters: affiliates signal tactical shifts before attacks scale, giving security-forward MSPs a genuine early-warning advantage. Tousley adds the client conversation layer: knowing that a specific threat group is targeting your customer’s vertical via a specific attack method is a meaningfully different conversation than “we blocked 4,000 threats this month.” There’s also an uncomfortable wrinkle for MSPs specifically: as Pedro notes, affiliates increasingly exploit MSP tooling itself as a vector – compromising credentials to access managed environments quietly, hitting dozens of small clients while staying well below the radar of law enforcement attention focused on high-profile infrastructure targets. For the smaller MSP without a dedicated analyst, the entry point is more accessible than it sounds. Indicators of compromise can be automated directly into client firewalls without a full threat intelligence platform. WeLiveSecurity and the live threat feed built into ESET Protect offer a low-barrier starting point for shops that are earlier in their security maturity journey. Tousley’s closing frame is the one worth sitting with: the Canadian MSP market is being reshaped by consolidation at a pace that isn’t slowing. The independents that survive will be the ones having more sophisticated conversations with their clients. Evolve or sell. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. Cyber Threat Intelligence, CTI, has long been framed as an enterprise discipline. Dedicated team, security operations center, analysts who live in the data. But the threat landscape doesn’t really respect that boundary anymore. The tooling is getting more accessible, the attacks are getting more targeted at smaller organizations, and as we’ve talked about on the show before, the MSP stack itself has become a threat vector. So the question for the typical Canadian MSP isn’t really “Is threat intelligence relevant to me?” It’s “What do I actually do with it?” To dig into that, I sat down with two people from ESET. Cameron Tousley is director of MSP channels for ESET North America, and he lives squarely in the business conversation around what MSPs need to grow and differentiate. Pedro Kertzman is ESET’s resident CTI subject matter expert, and I’ll note that Pedro usually sits on the other side of the interview chair as the host of his own podcast on threat intelligence. So this was a bit of a role reversal for him. We talked about ESET’s eCrime reports, the idea of tracking cyber criminal activity at the affiliate level rather than just the group level, what proactive threat intelligence actually looks like for a 15-person MSP shop, and what Cameron described as the “evolve or sell” reality facing the MSP market right now. Let’s get right into it. Cameron, Pedro, thanks for joining us. I appreciate it. Cameron Tousley: Thanks for having us. Pedro Kertzman: Great to be here. Robert Dutt: Before we get into what ESET is specifically bringing to market, Cameron, can you give our listeners a sense for where the threat intelligence conversation is right now in the channel? Is this still primarily an enterprise kind of discussion or has something really shifted in terms of how MSPs and MSSPs are thinking about and talking about CTI? Cameron Tousley: I think that the market is evolving as a whole, no matter if you’re in the SMB segment or enterprise. I mean, it’s evolving everywhere. The beautiful thing is technology is getting cheaper, it’s getting more accessible. People are able with the advent of AI to kind of do more with less staff and things like that, and then allow their staff to kind of become more specialized. Enter in the topic of CTI. I just think that there’s an appetite from certain, and probably more evolving larger MSPs, to start incorporating more for their clients. I think they’ve always probably wanted to educate them, but it’s always that, “Hey man, just make sure I have uptime and the help desk is active when I need it.” And that’s the conversation. Fast forward to now and it’s becoming a little bit more relevant to want to consume CTI. So I’ll kind of start there and I’ll take a pause. I don’t know if Pedro’s got any other comments on that. Pedro Kertzman: No, I 100% agree. I think the threat landscape now with the maturity of the CTI offerings, MSPs can see that the things they’re trying to protect their customers against are more clearly explained and delivered in a way that they can see through CTI offerings now. So I think it’s just a natural evolution within the cybersecurity space to start leveraging that expertise as well. Robert Dutt: Without getting too far into pure positioning, how would you characterize what differentiates your approach to threat intelligence, sort of at the methodology level? What’s the philosophy behind how you’re researching and tracking threats and what you’re bringing to market with this CTI package? Cameron Tousley: Yeah, I’d say first off, our reach. We’re a global company. We have a product line, yeah, but we have 11 threat intel centers and those are also R&D centers too. So it’s a wealth of knowledge. Then we have researchers outside of that that are just remote, and so our tentacles are everywhere and that means something for somebody choosing a cybersecurity vendor or a platform because our researchers, they’re looking at a bunch of different avenues. They’re looking at the major threat acting groups. We have an offering we’ll talk about here in a few minutes, that centers on tracking affiliates because malicious activity, malware-as-a-service, is just like MSPs provide a service. So if I’m an affiliate—and I’ll define that real quick, an affiliate being the people that are buying the malware service and then going and distributing it and causing zero-day attacks—those are affiliates. So the real key part is what they do, not necessarily always the major malware-as-a-service group because that’s just one large avenue, but then you can’t predict what your customers are going to go and do on the black market. So yeah, I think we have a really exciting offering on our threat intelligence called eCrime and it comes in a feed and reports and it’s amazing. It really centers on the affiliate level and that is going to help get the conversations to be more quality with customers. It’s going to help an MSP who provides more, let’s call it reactive security at best, generalized services—which no knock against them, that’s just the model—and that’s going to help propel them into the more proactive security and having more quality cybersecurity-forward conversations with their customers of all sizes. Robert Dutt: Let’s delve a little bit more into that. Can you walk me through a scenario, even hypothetical or composite, where that affiliate-level insight would practically change the outcome for an MSP or one of their customers? How does this show up for an MSP basically? Pedro Kertzman: Yeah. So basically, I’ll take a step back a little bit just to explain how this threat ecosystem works. So the affiliates will be the ones really on the end of the line bringing that malware they got from a quote-unquote threat actor market or affiliate programs, more technically speaking per se, but they will be the ones delivering or sending that payload forward to whatever companies that they are trying to attack. So knowing how these guys work is basically going to give the companies, and the MSPs of course working for their security, the ability to stop the attack in the early stages, because the affiliates will be the ones trying to break in, acquire through whatever methods—credentials stolen or compromised credentials. So they are responsible, quote-unquote, within these affiliate programs to get the foot inside the door. So if you’re knowledgeable about how they act, what kind of techniques they use to get that foot in, you’re basically stopping the attacks before they actually become super massive, widespread attacks or super dangerous attacks. It’s kind of the proactive security instead of the reactive security. Cameron Tousley: Yeah, that’s a good comment. And then I’ll just throw one more little thing on that. I was talking about the conversations you can have with your clients, everything Pedro said, plus it’s like, you could have a specific conversation about, “Hey, this is what we blocked this month, but these are the threat acting groups, and here are the patterns, here’s the kind of malware that’s out there right now. By the way, you’re in the healthcare vertical, this threat acting group is targeting healthcare and doing this specific type of attack—happens to be phishing or fileless or whatever the complex attack is.” So they got to get really granular in the conversation. It can’t just be a super high-level one, because then your user’s not going to know what to do with that information. But if you coach them on the end-of-the-line issue and where it’s sourcing from, to Pedro’s point, you get ahead of that attack early, you might even prevent stuff that would have normally been a real headache. Robert Dutt: And you need to position yourself at least somewhat as the hero in so much as you’re saying, “Here’s the people who are attacking you, here’s what they’re doing, here’s what we’re doing proactively to counter that.” Cameron Tousley: Absolutely. Yeah, that’s a huge value to your end customer. The one that normally would have not cared about security and it’s more of an annoyance, now they’re paranoid about it, just like the MSP, just like the vendors, we’re all trying to get ahead of it. So I think that that provides a lot of value, and the average MSP is probably not going to do that. So you don’t necessarily have to go spend a ton of money, you just have to consume the information that’s out there maybe for free, and then maybe some of the paid services like the eCrime reports without buying our full threat intelligence platform, you can just do that. And that is like a huge value on its own to track exactly what we’re talking about right now. Robert Dutt: So taking a step back, I think some of this certainly informs and colors the question we go to ask, but I’m a 15-person MSP somewhere. I’ve got solid endpoint protection, an RMM stack I like, maybe managed SOC coverage, that kind of model. What’s the case, in addition to what we’ve already discussed, for why threat intelligence should be on my radar as a distinct capability I need to think about, bring to my customers and offer? Pedro Kertzman: Yeah, I think especially because again, talking specifically about the eCrime reports, we’re talking about the ones that are really perpetrating the attacks or executing the attacks. When you understand how your adversaries really act, you don’t need to always rely on the expertise of a super senior CTI analyst. There are ways that also, depending on your vendor, you can automate the expertise to just be pumping, let’s say, IOCs or IP addresses into your existing end users’ firewalls. If you manage a bunch of other firewalls for your end users, you can pump that eCrime knowledge into those firewalls in the form of IP addresses, domains, and things like that. But understanding that it’s going to be a proactive approach so they don’t get a foot in the door first, it’s kind of that decision beforehand that will give the MSPs, or MSSPs with 15 or so employees, that kind of extra leverage against those frontline attackers. Robert Dutt: I’m really interested in the idea of using intelligence and these eCrime reports as a client-facing tool, not just something that’s consumed internally, especially for that smaller MSP—something that you’re using in your QBR or whatever business review you have with customers to show your value. I’m curious, is that something you’re seeing happening today or is it a realistic use case, or is it a stretch for most MSPs right now? Cameron Tousley: I think it’s realistic. Now, let’s set the tone here. An MSP, they may not have the budget nor the expertise nor the staff to be buying a full-blown threat intelligence offering even like ours, but they can use certain parts of it like the eCrime reports. So that’s a good jumping-in point for the MSPs that are growing, or if you have 15 people on staff and there’s a good deal of them on the technical side, you may want to run your SOC in-house. Maybe that’s something you want to do. I think for them, the maturing MSP and definitely the MSSP, a threat intelligence offering is something that you will probably want to consume if you’re doing everything in-house. Now, I think there’s an argument for even if you’re going to go out-of-house and use the vendor, I still think there are free sources. We have customers that are using free platforms but running a paid feed through it. This is really dynamic. It’s flexible. It can fit to every different audience for the most part, except for the ones who are just not staffed for it and they’re probably outsourcing everything and they just don’t want to do it. They know that they are never going to be able to staff a 24×7 team and they’re also never going to be able to consume as much information as is coming in. But there are also other free resources, like I said, associated with our threat intelligence platform, like the eCrime reports, but there’s white papers that we produce. There are periodic threat reports. We do all kinds of analysis. And then on our welivesecurity.com blog, we publish all kinds of free information. And the really cool thing for existing ESET customers is through our ESET security platform, ESET Protect, we run a live feed through there and it shows you like, “Hey, here’s the latest news on WeLiveSecurity. Here is something you need to be aware of, there’s a vulnerability in the wild.” So we run some of the security stuff and this news right through a window inside of our platform, which I think is really big value added. Pedro Kertzman: Awesome. Yeah, I would add, if I can, Rob, we do have monthly digests as well on the CTI offerings, even for not super deep-down technical people. Let’s say more executives or CSMs, let’s say account managers on the MSSP or MSP side. It’s kind of an executive-ready type of report. So it’s more about the threat landscape overview. I think it helps them show that they are expanding their offerings on the security side and they’re knowledgeable about it as well. Again, doesn’t need to go in the nitty-gritty like in the weeds of IOCs and all that, but understanding, for example, that now the ecosystem on the other side is somebody providing the malware, somebody going and executing it. So just to show how they see these movements, I think it’s sometimes important enough to show that they are expanding their coverage for their end users. Robert Dutt: The reports, the eCrime reports, have been in the market about a month now, I guess. I’m curious what you’re actually hearing from MSPs and MSSPs as they’re digging into them. Are people using them the way you expected or are there surprises that you’re seeing in how they’re engaging, what they’re doing, how they’re thinking about this information? Pedro Kertzman: That’s a good question. I think because of the name, we got out of the gate with police forces reaching out to us, but in theory, it’s not the best kind of deep analysis that we’re going to give them, because they have a lot of expertise. So then we have the APT reports that would bring more detailed analysis for them. So it was interesting to see that people are kind of eager on the end-user side to see how the threat landscape, especially related to financial crimes or eCrime, are really, let’s say, hot right now. The MSPs are kind of following that trend, not as jumping on like the police forces were, but they are starting to inquire about the new eCrime reports for sure. Cameron Tousley: Yeah, I’d agree. I think the defender agencies, I’ll call them, the ones that are fighting the same battle we are, but maybe physically, but now they’re fighting the eCrime too. As they’re learning, this is a great tool for them. We find that they’re excited about it. It’s relatively new, so we’re going to see more and more adoption of it. But plenty of people who are in evaluation are like, “Hey, can I run a free month of this? I want to check it out and see what I’m going to get.” And we’re getting a lot of good feedback on it right now. I’d say on the MSSP/MSP side, again, it’s new for them too. And they do a lot of different things. So for them, they’re like, “I need to slice out some time to check this out as well because this is interesting. I don’t know if anybody else is really doing anything quite like this.” So for them to be able to check it out and add it to their offering, I think what’s going to happen is that they’ll get hooked on something like that and they’ll want more. And we’re already working on more. So our teams are hard at work. We’re adding new feeds, new reporting structures, new ways to consume it. And reasonably priced packages and things like that. Even ones where you have somebody on retainer where you can go to and get a very long deep dive on what you’re reading periodically throughout any given month. So I think with that, you’ll see a lot of internal IT large agencies adopt it. I think you’ll see some MSSPs adopt it. And you might even see some general MSPs who are evolving up that chain do the same thing. So it’s kind of a report and an offering for everybody there. Pedro Kertzman: Yeah, I think you mentioned something important, Cam. We do offer trials for the eCrime reports as well, right? If they want to test it out. Cameron Tousley: Yeah, try it before you buy it. Yeah. Robert Dutt: It sounds like you’re also thinking about ways that you can slice this, dice this, package it out to that smaller MSP or that MSP who’s not a pure-play security player going forward. I was going to ask, what do you see as coming next in CTI and in your eCrime reports? I think that’s certainly a hint. Anything else that you see sort of in the pipeline or where you’d like it to go, where partners would like to see it go? Cameron Tousley: Yeah, I’ll take a stab at this one because my heart’s near and dear to the MSP community. That’s what I’ve been working in. That’s a segment for quite a long time now for ESET. And so what I’m reading and what I’m theorizing on is that there’s other kinds of technologies that are pretty complex, have gotten more simple in the way that they’re still doing complex processes, like an EDR, right? It’s an investigative tool, and then you pair it with AI and then things become easier for the team managing it. I think it’s going to be the same thing here where you’re going to have an AI paired with it, which we have our own agentic AI agent in this offering now, which is very, very cool, and it’s built in our security platform. But for this, I think it’s going to make consuming information easier, generalizing it, summarizing it, and making sure you can spin it into a quick executive summary. My theory is click of a button, right? So I’m going to have a dashboard. I’m going to say, “Hey, I want an executive summary on this event.” So you’re basically just filtering, and then the end result is you hit that AI generate button and then it generates something that’s quality, and you can do it at various user levels, maybe various role levels. I’ll hit the CTO button or I’ll hit the CEO button and they’ll be a little bit different, obviously. So I think that it’s going to get simpler and managed intelligence as a service, that’s next. It’s already a term that’s being thrown out there a little bit if you look for it. So it’s just not mainstream yet. And I think it will be here in a short period of time. Pedro Kertzman: A hundred percent. And just to double down a little bit as well, Rob. I think especially for the smaller MSPs, let’s say you hit a critical infrastructure, you stop a pipeline or anything like that, you’re going to have federal agencies going after you, right? But then when you hit a mom-and-pop shop, nobody really cares. And those guys are often served through these smaller MSPs. So I think getting a better understanding of the threat landscape that especially targets those small businesses, I think it’s just a natural progression of the change in the threat landscape. Robert Dutt: Well, and you bring up a point that I kind of pulled on a little bit with your friend, Tony Anscombe, not too long ago. There’s so much data about how many attacks right now are taking advantage of the MSP tooling as a threat vector. And so I think that also speaks to a need for an MSP who wants to be mature and responsible about these kinds of things to have a better grip on who’s looking, what they’re looking at, and how that maps to what they’re doing. Pedro Kertzman: A hundred percent. And just to link this specifically about eCrime and affiliates, affiliates would be the ones exploiting those RMM tools, right? Because it’s something that is already deployed in the environment. If they get the credentials that got stolen for whatever reason, they have access to those tools and then they can deploy malware that they bought from those affiliate programs inside of the victim’s networks. Robert Dutt: And it’s funny, almost a reversal of back in the day, I can remember as a Mac user, there was a saying that Apple engaged in security through obscurity. What you describe is almost the opposite of that. It’s insecurity to a degree through obscurity. In that if I’m an attacker, I know that if I go after Colonial Pipeline to use your example, I’m all over the front page and there’s going to be a lot of government agencies who have a lot of serious, serious questions for me. If I take out an MSP tool that gives me access to a bunch of very small clients though, maybe I fly under the radar just a little bit more. Cameron Tousley: Oh yeah. Robert Dutt: This is my last question. If there’s one shift in thinking that you’d want a Canadian MSP to walk away with after this conversation, in terms of how they think about these reports, in terms of how they think about the role of threat intelligence in their business, you know, one thing they should reconsider about how they’re approaching their security practice, what would that be? Pedro Kertzman: So I think first, Rob, that’s kind of more of a mindset type of thing. CTI still sounds super complex to a lot of people. I would say there are two main flavors. One, if you really want to dig into techniques and all that, yes, you can get fairly technical and sophisticated, but there are really simple ways to ingest cyber threat intelligence into existing automated tools. You can, of course, do a POC with one, two, whatever vendors you want to do. Once you find that real value for your customers, your end users, then it’s automated. We’re talking about data feeds ingesting directly into a firewall. If you don’t have a CTI central brain kind of thing, which the market knows as a TIP (threat intel platform), you don’t need to go that route, the sophisticated route. There are simple ways to use threat intelligence. And honestly, it’s super valuable because it’s just, again, automated. You’re outsourcing the knowledge to the vendor directly who’s going to execute that, like a firewall, for example. Cameron Tousley: Yeah, I think that’s some really good commentary. And I have a lot of business conversations with MSP business owners and I follow the market, and the consolidation, there’s tons of it. And there has been for a few years, but it’s just insane right now. And I think that there’s this thing going around, it’s like, look, evolve or sell. Because you have the advent of AI and that’s speeding everything up tenfold. And just don’t be afraid. If you want to continue to run your business, don’t worry, you’re going to have clients out there in your locale that probably love you. But they’re also going to have people calling them as these other MSPs get bigger, and these national ones that swallow other little smaller companies and then their go-to market will be, “Well, let’s go down market, down market,” because we can’t always go up market, that’s pretty hard to do. But down market is like shooting fish in a barrel kind of thing. So that means it’s a risk for the smaller MSPs that are not going to sell out, that want to be in business another 10 or 15 years. So don’t be afraid, utilize AI to research it. They say don’t use AI as Google, I disagree a little bit, but you can use it for a lot of things. This can summarize: what is this offering? Can I use it? Ask it really basic questions to get acquainted, and then take the next step and call your vendor and just have a conversation with them and say, “What are all my options? I am in this locale, I serve these kind of verticals, here’s my sizing, here’s the tools I use.” You’ve got to throw everything out on the table because then your vendor, somebody like a technical or business contact, can jump in and say, “Look, I think that you should check out this part of this larger offering. And here’s what I’ll do for you. And here’s what you’re going to do. We’ll give you a game plan, right? You’re going to trial it in the following ways, we’re going to pair you up with a technical person to teach you a little bit and be your co-pilot—Microsoft gets enough press.” But really kind of jump in, try it out. Don’t be afraid. Because if you want to be around another 10 or 15 years, you have to make the leap. And you don’t have to do anything big, but you have to start adopting some of this security-forward thinking so that you can have threat briefings with your clients and not statistical talks. There was just that MSP summit and there was actually a panel on what the next gen of MSPs is doing. And it was funny to hear it because they’re like, “Well, we’re focused on outcomes.” And I totally agree, but I know some of the older MSPs are like, “Well, we’re focused on outcomes too.” But I think it’s the talk track. You’re all saying the same thing, but you need some more complex tools in some ways to be able to have these more outcome-based discussions. Like, “Hey, I not only blocked X amount of threats, I kept your uptime up in this way, and that allowed you to keep productivity up. So by my clock here, you were able to achieve all those things that you wanted to achieve in our initial meeting, we’re on track.” That’s the conversation you want to have in addition to that little bit of the threat briefings peppered in. Robert Dutt: All right. Some great advice there. Gentlemen, thank you both for taking the time. I appreciate it. Cameron Tousley: Thank you, Rob. Pedro Kertzman: Great to be here. Cameron Tousley: Absolutely. It was a pleasure. Thanks so much. Robert Dutt: There you have it, Cameron Tousley and Pedro Kertzman from ESET. I’d like to thank both Cameron and Pedro for their time. They did exactly what we set out to do with this conversation, kept it firmly in the strategy lane with technical depth in service of the business point rather than the other way around. A few things to leave you with. The framing that stuck with me most was Cameron’s distinction between statistics talk and threat briefings. The idea that your quarterly client review shifts from “here’s how many threats we blocked” to “here’s the specific group targeting your vertical right now. Here’s how their affiliate operates, and here’s what we’ve already done about it.” That’s a real upgrade in how an MSP demonstrates value. It moves you from uptime vendor to trusted advisor and that’s a conversation your competitors probably aren’t having yet. On the technical side, Pedro’s explanation of affiliate-level tracking is worth sitting with. The headline ransomware groups get the attention, but it’s the affiliates, the ones buying malware-as-a-service and doing the actual execution who determine the tactics on the ground. Tracking them is what gives you an early warning before the attack scales. And as I noted during the conversation, there’s a certain logic in how attackers exploit the MSP model specifically. Go after the tooling, stay under the radar, quietly compromise a hundred small clients instead of one high-profile target. Obscurity in that scenario is working against you. For the smaller MSP who’s heard all of this and thought, “I’m not staffed for this,” Pedro’s entry point is worth considering. You don’t need a full threat intelligence platform or a dedicated analyst to start. Automate the ingestion of indicators of compromise directly into your clients’ firewalls. Let the tooling do the work. It’s not glamorous, but it’s real, actionable and it’s a lot more than most of your competitors are doing. And Cameron’s closing thought, “evolve or sell,” is the frame I’d put around all of it. The consolidation wave hitting the MSP market right now is not slowing down. The shops that survive as independents will be the ones that have more sophisticated conversations with their customers. Threat intelligence is one of the things that helps you have those conversations. If you found this one useful, please follow or subscribe to the podcast wherever you listen. We’re on Apple Podcasts, Spotify, YouTube, all the major podcast directories. Ratings and reviews are always appreciated. Until next time, I’m Robert Dutt for ChannelBuzz.ca and I’ll see you in the channel.

In this May 2026 episode, MSSP intern Saadhya Bahudodda interviews Greg Rapport, founder and Executive Director of Age Out Angels. Greg shares his journey from a writing services career to leading a nonprofit focused on helping youth in foster care transition to independence. He discusses the importance of mentorship, innovative educational programs, and trauma-informed care in supporting these young individuals. The conversation highlights the challenges faced by youth aging out of the foster care system and the organization's efforts to provide practical solutions for financial well-being and educational success. Greg also emphasizes the need for systemic improvements and the significance of Foster Care Awareness Month.

Support the D.A.W.G.Z. @ patreon.com/MSsecretpod Support Nate and the Bros @ https://www.patreon.com/pitm Go See Matt Live @ mattmccusker.com/dates Go See Shane Live @ shanemgillis.com Go See Lemaire Lee Live @ https://lemairelee.fun/ Go See Shawn Gardini Live if you want  @  https://www.shawngardini.com/live hello. Hope you're all having a good week. Shang is out Cali way for the netflix fest / roast (everyone tune in this wknd!!!!). We wish our brother luck on his journey. In his absence we got a solo-solar cast for you this week. Cusk talks RAH aka the sun. We talk Mercury and Venus on the paytch. Please enjoy. God Bless. Visit https://prizepicks.onelink.me/DRENCHED and use code DRENCHED and get $50 in lineups when you play your first $5 lineup! Exclusive $25-off Carver Mat at https://on.auraframes.com/MSSP. Promo Code MSSP Learn more about your ad choices. Visit podcastchoices.com/adchoices

Tim Coach, chief evangelist at Cynomi For most managed service providers, the security services story has followed a familiar arc: endpoint protection, email security, security awareness training. Each category added value, then became table stakes. Third-party risk management – TPRM – is what comes next, and according to Cynomi Chief Evangelist Tim Coach, it may be the stickiest revenue category yet. The case is straightforward. Every business relies on a web of vendors, software providers, and service partners. Each one is a potential vulnerability. And most SMBs have no formal process for knowing how well those third parties are managing their own security – or what happens to them downstream if one of those vendors gets breached. Research from Cynomi suggests 45 percent of organizations will face supply chain attacks, and 30 percent of data breaches already involve a third party. The attack surface has shifted to the things organizations trust most. For Canadian MSPs, the regulatory pressure is specific and near-term. OSFI’s Guideline E-21, with a September 2026 compliance deadline for federally regulated financial institutions, puts third-party oversight explicitly on the agenda. The cascade effect on their vendors – and the MSPs serving those vendors – is already in motion. Perhaps the sharpest signal in this conversation: cyber underwriters are now denying SMB coverage not because of anything the SMB did, but because they are connected to an MSP. The managed service provider, long positioned as the path to better insurance outcomes, has become a risk factor in its own right. Coach’s recommended first move for any MSP building into TPRM isn’t a vendor questionnaire – it’s a Business Impact Analysis. Understand how the client actually makes money, which vendors are critical to those revenue processes, and what an hour of downtime costs. That reframes the conversation from technical widgets to revenue, cost, and risk – the language every business owner speaks. – UPLOAD AUDIO Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, your host for the show. My guest today is Tim Coach, Chief Evangelist at Cynomi, a vCISO platform purpose-built for MSPs and MSSPs. Tim brings an unusually grounded perspective to the space. He’s an engineer by training who spent nearly two decades building, running, and consulting on managed service practices before landing at Cynomi after seeing the platform first-hand and recognizing it could have solved one of his biggest operational headaches as an MSP owner – the CISO bottleneck, the point at which growth stalls because the security function can’t scale without adding expensive headcount. That personal history shapes everything he thinks about TPRM, third-party risk management, which is increasingly being talked about as the next major revenue category for MSPs after human cyber risk. Today we’re talking about what building a TPRM practice actually looks like, why cyber insurance has quietly flipped the MSP value equation, and why the right starting point isn’t a vendor questionnaire at all. Let’s get right into it, my chat with Tim Coach. Tim, thanks for taking the time. I appreciate it. Tim Coach: I absolutely love to be on. Thanks so much for having me, and for having Cynomi on your webinars. We’re always happy to do these things and educate the community. Robert Dutt: You’ve spent a long time in and around the MSP community. How did you end up at Cynomi specifically, and what was it about the opportunity around TPRM that pulled you in? Tim Coach: TPRM was eventually in the process – let me back up. What got me into the community was my engineering background. I went to college for what was called network communications back in those days. Basically I’m a network guy – I always point at the front-end programming guy and say, “It’s your fault,” and the programming guy says, “No, no, it’s the network’s fault.” So I did that for a large-scale nationwide company for many years, and then I fired my MSP. The owner was like, “Well, if you’re so good, why don’t you come over here and run this?” And I said okay. It took me about 24 hours to realize I didn’t have a clue what was going on – the place was chaos. But through process and procedure, and a military background, I knew I could get it under control. I ended up with a business partner from that experience, and we spent about 20 years rebuilding and consulting with MSPs. About five years ago, I just needed something different. The kids were a little older. I started looking at what else was out there, talked to a couple of mentors in the space – I’m sure if I mentioned their names everyone would know them – and they said, “You should come over and do this.” So I jumped. I went to work for a Canadian company, grew them quite a bit in the first year, then moved to an Australian company, grew them, and then went back to consulting for a short time. David from Cynomi was recommended to me as a consulting connection. We were going back and forth and he said, “Why don’t you come on board?” And I said, “I’m not really interested in selling a widget” – and it’s a security widget, right? There are so many great widgets and great personalities in the security space already. Probably not my jam. But he said, “No, no – let’s look at it.” And he showed me what Cynomi did, and I was blown away. The reason I was blown away is that at my most successful MSP, we hit a stopping point in our growth. The reason was our CISO – and this was before CISO was even a cool term. He was our bottleneck. Not because he was inefficient as a person, but because of the way he had to work: 80 pages of Excel spreadsheets and hours and hours of questionnaires. When I first saw Cynomi, I thought, “Here’s a way I could have doubled the size of my company with the same staff, the same CISO.” That’s what really inspired me to come on board – seeing that dashboard and connecting it to the personal pain I’d experienced around the security bottleneck. Now with the addition of TPRM, that excites me even more, because back in my MSP days I had a lot of bank clients, and banks are SOC 2 all over the place. Part of SOC 2 is that you have to have TPRM – you have to be responsible for everybody in the chain. So now we’ve built out a platform that lets the MSP, MSSP, ITSP, or whatever SP you want to put in front of those letters, easily manage vendor relationships and understand where clients are in their security posture. Robert Dutt: You may not feel it’s cool, but it’s certainly foundational security. Tim Coach: And that’s the problem, right? That’s why we’re still talking about security – because nobody knows how to talk business. They all talk widgets, bits and bobs: here’s this cool firewall, MDR, XDR. But you know what your clients don’t care about? The widgets. They care about being secure. Until we can bridge that gap – until Cynomi brings something that says, here’s an easy way to get to the data and details you need, here’s CISO-level intelligence so the MSP can translate it into business terms for the doctor’s office, the manufacturing company, whatever vertical you want – we’re going to keep having this same conversation. Robert Dutt: Let’s do a little bit of that with TPRM itself. Let’s take a step back and look at it from the viewpoint of an MSP who’s heard the acronym but hasn’t really dug in yet. Third-party risk management – what are we actually talking about, and what problem does it solve? Tim Coach: What a lot of people need to understand – and I try to say this in a way that’s easy to grasp – is: manage security first, and compliance becomes a default. What I mean is that you need a baseline, whether it’s CIS Controls, Cyber Essentials Plus, CMMC 2.0, one of the financial frameworks, HIPAA, whatever applies. You need a baseline you’re actively managing your security against. In the process of meeting that baseline, compliance follows. What we’re increasingly seeing is that certification bodies, auditors, and insurance underwriters all want to see that your solutions and partners are just as secure as you are. I was at Canalys Barcelona last year and someone made a statement that blew me away: for the first time ever, we’re seeing insurance underwriters deny coverage to an SMB because they’re connected to an MSP – and the MSP is what they consider the risk. We went from being the most important people in the room, essential workers, to being the risk factor. And on top of that, helping clients with their insurance has been one of our foot-in-the-door conversations for the last decade. That’s where TPRM comes in. The frameworks and insurance underwriters now want to see not just that you’re secure, but that everyone you’re working with is secure. The problem has always been how you manage that. Back in my day, you had to call the vendor, find the right person, ask for evidence of their SOC 2 compliance, get bounced around, end up with legal, sign an NDA, and eventually get the report. Now people share that information a bit more freely, but you still need a central place to manage it – so when an auditor or insurance broker asks, you can point to it and say, “Here it is.” We do a community call every Wednesday at noon Eastern, and we’ve had a gentleman on a couple of times who has written books specifically on TPRM. He’s sounding the alarms – not bad alarms, just “it’s coming.” But like a lot of SMBs, MSPs are having to drag their clients toward where they need to be. Once you make it easy for the MSP, you make it easy for the SMB, and you finally have a way to prove you’re taking those measures. Robert Dutt: Supply chain attacks have certainly been a theme in the channel for a while – Kaseya, SolarWinds, MOVEit. But TPRM as a formal managed service element feels newer. The insurance side sounds like a big driver. What else changed to make it go from a theoretical concern to something MSPs can actually build a practice around? Tim Coach: I firmly believe you cannot be a business partner without knowing how your partner makes money and how you need to protect them. I can’t protect them if I don’t know what they’re using. It’s the old adage: if two people are managing something, nobody’s managing it. TPRM is really the next step for the ITSP to move from a transactional relationship to a true business partnership – ensuring that everyone your clients are using is also protected. Because what happens is what always happens: it doesn’t matter what you have hard-coded in the contract about not being responsible for X. When something goes wrong, the SMB comes back and says, “But I thought you were managing this.” We go over it in the contract reviews, sure, but the conversation still happens. When you’re genuinely talking business – saying, “I’m going to protect how you operate quarter after quarter, year after year” – you’re protecting their entire environment, not just your piece of it. That’s when you move to a real business relationship instead of a sales relationship where every conversation is an upsell or a cross-sell. We’ve done it to ourselves a little bit, honestly. It’s like an insurance agent in Oklahoma trying to sell hurricane insurance. That’s not what we should be doing as business partners. TPRM allows us to have a full understanding of the client’s environment and make sure everything is protected – or at minimum, that the gaps are known by everyone. Robert Dutt: Cynomi has described TPRM as the next major revenue category after human cyber risk. Can you walk me through what the recurring revenue model actually looks like, and what makes it sticky? Tim Coach: Everything leads to MRR – that’s business. But you have to start with a project. You need to understand where the client is in their security journey before you can manage them ongoing. SMBs don’t do things for free, and neither do our partners. This is a revenue generator. But it’s a revenue generator because it actively has to be managed. I always say: I can’t throw a server at security. I can’t throw a firewall at it and declare myself secure. The best analogy I’ve heard for security is a block of Swiss cheese. There are holes, and you can stick a fork through those holes quite a way. But if you slice that block and turn every slice 90 degrees, the holes are still there – they’re just not as deep or vulnerable. That’s TPRM. There is no set-it-and-forget-it. It has to be actively managed, and that active management is where the recurring revenue lives. Robert Dutt: What does a typical engagement look like early on, for an MSP starting from zero with a client? Where does the work begin, and what surprises people about the scope as they go deeper? Tim Coach: Everything begins with an assessment. With Cynomi’s tools, we can use Cyber Essentials Plus or CIS Controls as a self-regulating baseline and add a couple of hours to the initial assessment to incorporate the security piece. We all do assessments upfront to understand what we’re getting into – or what needs to be fixed before we really dig in. Once you’re in the security layer, the next step is TPRM. And TPRM brings with it something I think is critically important: the Business Impact Analysis. It’s not enough to ask, “What does your client do?” They make dog food – do they? Or is that just the end product? When I was an MSP, I had a metal manufacturer that cut and stamped metal. But if you asked their CFO what the business was, he’d say, “Making pallets – I make more on pallets than on the stamping work.” I used this example in a presentation just yesterday. Years ago I was walking through a manufacturer’s facility and asked about a machine: “What does that one do?” “That runs the software that completes our product.” “Why isn’t it plugged into the network?” “It’s a Windows 98 machine.” “Why are you still running that?” “Because it runs decade-old German software that costs ten million dollars to replace. And we only have that one machine.” If you’re not walking through and genuinely understanding how they make money, you don’t know where the risks are. And that’s what TPRM forces you to do. Ideally, I’d love to sell a project that includes a full security assessment, a BIA, TPRM, BCP, IR planning, all of it from day one. But it doesn’t happen that way. You have to phase it. Once you understand the BIA and what they’re actually doing, you understand where the software and systems that carry real business risk are, and you can start building that into their security posture. It’s the same principle: why hack an individual when you can hack the software that manages all the individuals? Why try to crack one account when you can compromise an MSP’s RMM tool and get access to everybody? If you go into a business without understanding their software environment and vendor posture, you at minimum need to be able to tell them where the risks are. Because the language they speak is revenue, cost, and risk. TPRM is a risk if it’s not being managed – and that’s why we’re seeing so much attention on it lately, even though some of us have been doing this for decades. We just used to call it vendor management. Robert Dutt: We’ve talked a lot on the show about MSP tools as an attack surface – RMM agents, remote access tools, backup platforms. The MSP is supposed to be managing the client’s vendor risk, but the MSP’s own toolchain is also someone else’s third-party risk. How should MSPs be thinking about that? Tim Coach: It comes back to the BIA again. What are they using? What’s creating the security gaps, and how do you build better overall management around it? There’s a project in there, but every project should lead to MRR – period. It still has to be managed. Remember when Exchange servers went away and everyone panicked about where the revenue was going to go? There was still an entire environment to manage. We always made some revenue on hardware, though that’s gotten harder – the real money is in managing the ongoing environment. TPRM is the same thing: it’s a significant security gap in the overall posture of your clients, and that gap has to be actively managed. Robert Dutt: Pushing on that a little further – TPRM platforms are pulling in a pretty comprehensive map of an organization’s vendor ecosystem: the gaps, what’s been remediated, basically a full picture of the landscape. If one of those platforms gets compromised, that’s not just a breach – that’s a pretty rich target list for an attacker. How do you think about that? Tim Coach: Think about a CNC factory. Their job is building molds to produce a specific part, and the software on their server has all the schematics fully built out. What happens if that software gets hacked? You lose all the schematics for the CNC machine – so suddenly you can’t produce anything. And if the attacker gets in early enough in the process, the downstream supply chain impact goes way beyond that one facility. That’s the risk. If you’ve got $200,000 five-axis CNC machines – and I may have a little experience with this – and you’re not protecting the software running them, and you don’t understand from a TPRM perspective what the vulnerabilities look like, that’s an ongoing, persistent risk. You always have to be managing it. Robert Dutt: Sitting where Cynomi is, how do you think about the security side of running a TPRM solution, and what should MSPs be asking vendors in this space about that? Tim Coach: Efficiency. How efficient can you make it? I’ll probably get in trouble for saying this, but we’ve essentially stupid-proofed the first few levels. We’ve built it out for you. And look – I know AI is a word we’ve managed to avoid for about the last half hour, but AI is meant to enhance the human. It’s a tool. What we’ve done at Cynomi is build AI agents and intelligence into the platform to make this work manageable at a lower labor level. If I can take work that previously required a CISO – an expensive asset – and bring it down to a tier-two technician, my margins go up because my labor costs go down. That said, we’re not replacing the CISO. I used to work with a company that built a component for Apache helicopters – no public-facing anything. If a tier-two tech runs a report showing no web security for that client and flags it as a critical gap, the CISO might be the only person who knows that client has no public-facing presence by design. That context matters. The CISO still needs to be the final approval layer. What Cynomi has done is open up bandwidth for other people to do the groundwork, so you can grow your company without adding another six-figure salary. When your staff becomes more efficient, the CISO is less of a bottleneck – which was the original problem we started with. Robert Dutt: For the Canadians listening, there are some very specific regulatory drivers on the table right now. OSFI’s Guideline E-21 has a September 2026 compliance deadline for federally regulated financial institutions. Can you talk about the role you see TPRM playing in responding to that kind of regulation? Tim Coach: What we’re seeing is that the insurance underwriters, auditors, and regulators are the ones setting the standard, and the industry has to meet it – but the industry isn’t yet at a point where it can easily meet a TPRM standard. So what will probably happen, whether it’s Canada, the US, the UK, or EMEA, is a pattern we’ve seen before: they’ll release a guideline, there’ll be a period of voluntary adoption, and then they’ll give it teeth. Like HIPAA – they threw it out there, and eventually it got enforcement. The thing I’ve always loved is watching the auditors, because they’re typically running a couple of years ahead of the regulation. If you stop treating auditors like your mortal enemy – “they’re here to expose everything I’m doing wrong” – and start paying attention to what they’re flagging, you can get ahead of the game. Auditors are a leading indicator. It’ll always come down to government forcing the policy, and then insurance trying to find a way out of paying claims when it’s not followed. But if you’re watching the auditors and TPRM is showing up in their reviews, you already know what’s coming. Robert Dutt: For an MSP listening to this and thinking, “I should be doing this” – what’s the realistic first move? Not the ideal end state, but the practical starting point? Tim Coach: Start with the BIA – the Business Impact Analysis. Research suggests every SMB has three to five critical processes that drive about 80% of their revenue. Do they actually know what those are? Probably not. They make dog food. They take care of kids. Whatever it is – they don’t actually know how they make money. I have an old client who’s also a friend – he works in retirement planning. If you asked how he makes money, you’d assume it’s from managing portfolios. It’s not. He makes money by selling the policy, and the insurance company pays him a commission on that. If you don’t start by understanding the BIA, you don’t really know what solutions your clients are dependent on. Start with: who is your critical software outside of us? Who maintains it? Do we have a relationship with them? Does it connect directly to how you make money? And tie it to cost of downtime. If a doctor’s office goes down for four hours – and in a medical practice you call them providers, not doctors, right? Speaking their language, not ours – what does that cost? If the pallet machine on an assembly line goes down, and that pallet machine is the only thing holding product so the rest of the line can keep moving, what’s the cost per hour? If you don’t know that, you don’t actually understand how to service your client. You’re still talking bits and bobs instead of revenue, cost, and risk. Robert Dutt: Future-looking question to wrap up: where do you see this category going over the next couple of years? Is TPRM a standalone practice, or does it fold into a broader vCISO or governance offering? Tim Coach: I think it’s going to be both. For more mature MSPs, it’ll be baked right into their silver, gold, and platinum packages – TPRM is just part of what you get at a certain tier. For others, especially those that aren’t at a full vCISO-as-a-service level yet, it’ll be available as a standalone – a meaningful piece of the security posture they can deliver to clients without committing to the full stack. Growth and maturity, right? As people build their practices, the more advanced will have it embedded. But there’s also a real path for someone starting out to say, “I need to at least get this piece right, because it’s critical to the overall security posture of my clients.” Robert Dutt: Fascinating. It’s an interesting area of technology and – to your greater point – business. I appreciate you taking the time to share some thoughts on how service providers can get involved. Tim Coach: Thanks for having me on. I always appreciate it. Robert Dutt: There you have it – Tim Coach from Cynomi. I’d like to thank Tim for taking the time today. He’s been around the MSP space long enough that when he points at something and says it’s the next thing, it’s worth listening. A few things I want to make sure land from this conversation. The first is the Business Impact Analysis as the true starting point. Before you think about vendor questionnaires or risk scoring tools, you need to understand how your client actually generates revenue – which processes drive the majority of the business, and which vendors are load-bearing in that equation. That’s not a security conversation. That’s a business conversation. And that’s the shift that moves an MSP from tool vendor to genuine business partner. The second is the insurance signal. When underwriters start denying SMB coverage not because of something the SMB did, but because they’re connected to an MSP – that’s a warning and an opportunity in the same breath. MSPs who can demonstrate they’re actively managing their clients’ third-party risk have a new and better story to tell. And the frame to carry with you: security first, compliance becomes a default. Build the practice to the right security baseline and the compliance checkboxes largely take care of themselves. In The Channel is available on Apple Podcasts, Spotify, YouTube, and most major podcast directories. If you’re finding value here, ratings and reviews are always appreciated – they help other people in the Canadian IT channel find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Today’s headline news for Canadian IT solution providers: Integris, a managed AI and IT services firm backed by OMERS Private Equity, has announced its intent to acquireFirst Focus, the largest managed service provider serving small and midsize businesses across Australia, New Zealand, and the Philippines. The deal, subject to regulatory approval, is designed to extend Integris’ geographic reach while accelerating delivery of AI-enabled managed services across regions. For the channel, the transaction is a clear expression of the platform MSP consolidation trend playing out globally through private equity – and for Canadian observers, the OMERS connection is notable: the Ontario Municipal Employees Retirement System is the PE backer driving this international build-out. Cybersecurity vendor NeuShield has announced a partnership with Ontario-based MSP Data Guards to deliver instant ransomware recovery services to clients. In a documented real-world use case, the companies reported restoring more than 6.2 terabytes of encrypted data in just fifteen minutes – a recovery window NeuShield says would have taken more than five days using traditional backup methods. By integrating NeuShield Data Sentinel into its managed security stack, Data Guards can offer one-click recovery of corrupted data and storage-layer protection against ransomware and file tampering, reflecting a broader market shift as solution providers move beyond prevention and detection to guarantee client data remains continuously recoverable without system rebuilds. ThreatLabs Europe, the research arm of ThreatDown, has discovered threat actors weaponizing AI agent skills to deliver the GachiLoader infostealer. Attackers are using a fake OpenClaw AI agent skill as a lure to inject the Rhadamanthys infostealer directly into memory, leveraging the Polygon blockchain for command and control to bypass traditional perimeter defenses. The malware harvests cryptocurrency wallets, browser credentials, Telegram messages, and password manager contents. The discovery is a direct warning for the channel: as non-human identities proliferate in client environments, identity and access management practices must now account for the vulnerabilities introduced by AI agents – not just human users. In brief: Sublime Security has launched its first formal channel partner program and announced a move to a 100 percent channel sales model, with dedicated reseller and MSSP tracks. The agentic email security platform uses a rules-plus-AI approach it says catches attacks that signature-based tools and generic AI products miss. Konica Minolta has announced the spring 2026 launch of the AccurioPress C5080 Series, a new line of digital production presses designed for high-volume commercial printing environments. Forescout has launched Mission:Possible, the company’s biggest channel partner tour in 25 years, spanning more than 90 cities globally between May and September. The immersive events are built around hands-on IT, OT, IoT, and industrial security challenges, with the goal of sharpening partner positioning around zero trust and continuous threat exposure management. Microsoft 365 E7 goes generally available today at $99 per user per month, bundling Microsoft 365 Copilot, the Entra Suite, and advanced compliance capabilities in a single commercial tier. Microsoft’s Q3 earnings this week confirmed Copilot has crossed 20 million paid seats – E7’s launch signals the next phase of the AI licensing conversation for solution providers. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Friday, May 1, 2026, and here’s what’s happening in the channel today. Integris, a managed AI and IT services firm backed by OMERS Private Equity, has announced its intent to acquire First Focus, the largest managed service provider serving small and midsize businesses across Australia, New Zealand, and the Philippines. The deal is subject to regulatory approval and is designed to extend Integris’ geographic footprint while accelerating delivery of secure, scalable AI capabilities across regions. For the channel, it’s a clear example of the platform MSP consolidation trend playing out globally – and for Canadian observers specifically, it’s worth noting that OMERS, the Ontario Municipal Employees Retirement System, is the private equity backer driving this international build-out. Cybersecurity vendor NeuShield has announced a partnership with Canadian MSP Data Guards to deliver instant ransomware recovery services to clients. In a real-world use case that highlights the collaboration, the companies reported successfully restoring more than 6.2 terabytes of encrypted data in just fifteen minutes. According to NeuShield, this compares to more than five days that would have been required using traditional backup methods. By integrating NeuShield Data Sentinel into its managed security stack, Data Guards can offer one-click recovery of corrupted data and protection at the storage layer against ransomware and file tampering. The partnership underscores a broader trend in the market, as solution providers increasingly move beyond prevention and detection to ensure client data remains continuously recoverable without the need to rebuild systems from scratch. ThreatLabs Europe, the research arm of ThreatDown, has discovered that threat actors are now weaponizing AI agent skills to deliver the GachiLoader infostealer. According to the company, attackers are using a fake OpenClaw AI agent skill as a lure to inject the Rhadamanthys infostealer directly into memory. The attack utilizes the Polygon blockchain for command and control instructions, allowing it to bypass many traditional perimeter defenses to harvest cryptocurrency wallets, browser credentials, Telegram messages, and password managers. As malicious actors increasingly exploit the expanding footprint of non-human identities, the discovery serves as a clear warning to the channel. IT professionals must ensure comprehensive identity and access management practices account for the vulnerabilities introduced by AI agents operating within client environments. In Brief –  Sublime Security plans to go 100 percent channel Konica Minolta has announced the spring 2026 launch of its AccurioPress C5080 Series for digital production environments.  Forescout goes on Mission:Possible partner tour And finally, today's the day for the launch of Microsoft 365 E7  Full details and links in the show notes or the blog post. Later today on In The Channel, we continue our coverage from SAS Innovate 2026, as we talk to SAS global channel chief John Carey about four years building out the channel program for the analytics company, the increasing role of MSPs, and how his own goals for the partner portion of the company's revenues are evolving. And if you haven’t heard it yet, yesterday’s episode featured my chat with SAS Canada leader Ryan MacDonald on the state of the AI opportunity in Canada, the role of partners, and why the value of SAS may be hidden to some customers. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

Michael Crean, senior vice president and general manager of managed security services at SonicWall SonicWall published its 2026 Cyber Protect Report in March with a deliberate reframe: rather than threat intelligence for its own sake, the report is built around actionable content for solution providers. The centrepiece is the seven deadly sins of SMB cybersecurity – seven predictable, preventable failure patterns drawn from real breach data. The headline numbers are sobering: 88 percent of SMB breaches involve ransomware, more than double the enterprise rate, average dwell time sits at 181 days, and 85 percent of actionable alerts trace back to identity and credential compromise. Michael Crean, senior vice president and general manager of managed security services at SonicWall, came to the company through the acquisition of Solutions Granted, the MSSP he built – one of the early pioneers of SOC-as-a-service for the MSP market. He’s direct about what the data means for partners: the seven sins aren’t just an SMB customer problem. They’re an MSP problem too. His core argument is that mastering fundamentals – MFA, patching, privilege management – is non-negotiable, and owning the right tools doesn’t change that. You can have the same toolbox as your mechanic; that doesn’t make you a mechanic. On the MSP-to-MSSP question, his answer channels Yoda: do or do not, there is no try. A month after the report’s release, Crean says partners have already been using the sins framework directly in customer conversations – which he describes as the whole point. One postscript: his personal favourite of the seven sins is number five, cost-driven security decisions. His test – ask a room of MSPs how many bought the cheapest car on the lot. Nobody raises their hand. But too many of their customers are doing exactly that with cybersecurity. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last sixteen years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. SonicWall has published annual threat research for years, but this year they did something different. They stopped calling it a threat report. The 2026 Cyber Protect Report reframes the conversation away from data for its own sake towards something MSPs can actually use – a set of tools and talking points for strategic conversations with customers. The hook they chose? The seven deadly sins of SMB cybersecurity. Seven predictable, preventable failures that show up in breach after breach. My guest is Michael Crean, senior vice president and general manager of managed security services at SonicWall. Michael came to SonicWall through the acquisition of Solutions Granted, the MSSP he built and one of the early pioneers of SOC-as-a-service for the MSP market. Before that, nine years in the military. So when he talks about what MSPs are getting wrong on security, he’s speaking from a fairly unusual vantage point – inside the SOC, inside the vendor, inside the partner community itself. The report had been out about a month when we sat down and I was curious what the actual conversation had looked like since launch. We got into that, the sins themselves, the 181-day dwell time that should make many MSPs uncomfortable, and what it really means to be or partner with a true MSSP. Let’s get right into it. My chat with Michael Crean. Michael, thanks for taking the time. I appreciate it. Michael Crean: Absolutely, sir. Robert Dutt: You called this report the Cyber Protect Report, not the threat report that you guys have been publishing for years. That seems like a deliberate choice. What are you trying to signal with that shift and who are you really talking to with this report? Michael Crean: I think every other threat report just looks the same. It’s got some different colors, it’s got some different logos, but everybody talks about the same exact thing and it felt boring. It felt like, “Why do we have to fit into the same role as everyone else? Why can’t we do something different that’s purposeful and should be meaningful to people?” It actually gives them something to talk about – not just with themselves internally, but also to their customers. That was the reason we went down this path and decided to call it the Protect Report. Robert Dutt: I’m guessing that also sets up why you went with the framing of those seven deadly sins – the seven predictable, preventable failures. I thought that was a really neat hook for it. When you look at that list, which one do you think most MSPs would be surprised to see themselves in? Not so much their customers, but themselves as MSPs? Michael Crean: Number one – ignoring the fundamentals. I mean, it’s incredible the amount of times – because of the work that we do at the SonicWall Security Operations Centers and the amount of compromises that we’re brought in to participate in, investigate, help people with – that you just find it’s this overwhelming amount of: you had the right tools, you had the right tech, and you didn’t know what to do with it. Or you did and you just didn’t take the time to really learn how to ride the bike well. We had a compromise today where a customer of ours got hit with Akira [verify], a ransomware, and we thought we probably knew that the penetration point was the firewall, but we had to do some more investigation. And when we did the investigation, the amount of misconfiguration was staggering [verify]. You pay for all these security services, and they weren’t even enabled – IPS, IDS disabled – and they paid for them. So it’s just unfortunate. These are just, again, what we call ignoring the fundamentals. Robert Dutt: Do you have any thoughts on what’s driving that? Is it a matter of, this is up and running, moving on to the next shiny thing, moving on to the next opportunity? What’s behind that? Michael Crean: I think some of it is that MSPs have found themselves in this place of challenge where they have so much responsibility and customers are looking at them. And I heard this a long time ago when I was a child – the smart person is the person that says what they don’t know. I think a lot of people are fearful to show that side of, “I don’t know something.” But saying “I don’t know” doesn’t mean you don’t know and you’ll never know. It just means, “Hey, I don’t know that, but I’m going to go here and ask this person, or I’m going to go to this vendor and get more information, or I’m going to do some more research and come back to you with a really solid answer.” Instead, there’s this constant – I hate to use the word – but it feels like there’s this constant necessity of yes that we have to keep giving our customers. I prefer somebody to tell me, “Nope, I don’t know how to do that, but I’m going to give you a great contact so that you can get it done right.” So I think that’s part of it. And then we, as manufacturers, we keep telling people all along the way, “Hey, buy my stuff, it fixes your problems. Just buy my stuff.” Well, I can go buy the same box of tools that my mechanic has, but that doesn’t mean I’m a mechanic and it obviously does not mean that my car is going to get fixed just because I’ve got the tools. Robert Dutt: Can attest to that. Fortunately, not with great experience, but there’s a reason I do take my car to someone else to get looked at. Michael Crean: Oh my goodness, you and me both. I want it done right. And as hard as I tend to drive my cars – because I have a thing for speed and adrenaline – I would actually like them to be as proper as they can be. Robert Dutt: Well, especially given that it’s important, when you’re testing the limits shall we say, that the thing stays together while you’re doing so. Michael Crean: Absolutely. Robert Dutt: And back to that point, I think there’s also the factor of when you are presenting yourself – and most MSPs do – as the trusted advisor, the expert on this, who’s going to take care of all this, that creates an even greater disincentive to admitting, “You know what? I need to check on that. Let me find out more,” rather than saying, “Yeah, I got this.” Michael Crean: I think it’s human nature, just in general. Because the moment you admit you don’t know something or you’re not certain, at that very moment in time, we just assume that to be a point of weakness. I believe through the military – I served for nine years – and being a CEO and founder for 22 years, what I really realized, and even when it came to my kids, sometimes when you just don’t know, it’s okay to say you don’t know, but I’m going to find out, or I’m going to figure it out, or we’re going to do it together and we’re both going to be better for it than we were when we started with the question. Robert Dutt: Funny, that came up early in my journalism career too. My editor at the time would say, “Your job is not to know. Your job is to find the person who does.” Along the same lines, a little bit of a different lens. You said something that I quoted in the news piece we did on the release of the report: that the danger isn’t that AI isn’t working – it’s that we’re using it as an excuse not to do the things we already know we should. That’s a remarkably direct thing for a security vendor to say, and it touches on that eating-your-vegetables kind of advice. What are you seeing that made you include that line? Michael Crean: It’s not what I’m seeing today. It’s what I’ve seen for the last 20 years in this industry. I mean, we went from deep packet inspection firewalls to next-generation firewalls. We got all of these extra added capabilities in the firewall, but then we got lazy on doing proper firewalling – controlling ports both inbound and outbound the way we used to do it – because we felt that we were overcompensating because we had so much power and capabilities. Then we went from signature-based AV to next-gen AV where we had these mathematical algorithms doing predictive analysis to understand whether a file is good or bad. Then we got EDR technologies helping us with the behaviour behind it. We just keep adding and adding and adding. I see AI as nothing more than just another tool. But how good can a tool be when you’re not performing the fundamentals? It helps, but it just can’t – I don’t know if you’re a sports guy or not, but think about it. When you look at the best of the best, whoever that may be – I’m a hockey guy – I’ll call Alex Ovechkin today. The best of the best, the all-time goal scorer. He beat Wayne Gretzky, he took that last year. That man works hard and he works on the fundamentals. I love what AI can do for us – to help get rid of some of the tasks that we don’t want to do, that we hate to do, that we can use for automation and make things faster, help us find bugs in our code, and in a security operations center, get through just mounds of data quicker. But you still have to do the fundamentals and you have to do the right things. Because when you do the right things and then you add something like AI to it, the world becomes a much different place. Robert Dutt: 88% of the SMB breaches you’re reporting on involved ransomware. That’s more than double the enterprise rate, if I’m remembering correctly. That’s a striking gap. What’s causing that? Do you see it as primarily resources, primarily end-user training, or something structural about how SMBs get attacked that’s different from enterprise? Michael Crean: I think it’s a little bit of everything that you mentioned, but mostly what it is, is this perception of, “I’m too little. I don’t have anything valuable. Why would somebody want to attack me?” When these large threat actors are going after huge enterprises – Colonial Pipeline, JBS, some massive organization – those organizations have better tools, better resources, better people, and they probably have more maturity to respond when they start to notice an attack taking place. When you think nobody’s ever going to break into your house, you may not lock your doors. You may not care about having the 70-pound German shepherd on watch when you’re not there. Because, I don’t have anything in my house of perceived value. But when you take that shotgun approach and you can knock down a hundred SMBs and get $10,000 out of each one, that’s a hell of a payday. It’s logical what we’re seeing right now. What it requires is that we all understand we have responsibility for the data that’s been entrusted to us – whether it’s customer data or supply chain data you’re responsible for because you’re supporting another vendor. The data we have is far more valuable than we give it credit for. Robert Dutt: And I guess there might also be an element of the ability to fly under the radar – the opposite of security through obscurity – in that you make that hit on Colonial Pipeline and it’s front-page news everywhere. You hit a bunch of small businesses for ten grand each, it gets a lot less attention from media. Michael Crean: I mean – I’m sure you’ve heard this, you’ve been doing this long enough – the idea around news and media: if it bleeds, it leads. And it’s not really sexy when you talk about a two-chair dental practice that gets hit with ransomware. And the two-chair dental practice doesn’t really want to talk about it either, because they’re a small community-based organization and it’s really damaging to how people potentially look at them. Whereas a Target, a Home Depot, a Lowe’s, whoever gets hit with ransomware – they’ve got the marketing machine, the attorneys, the dollars, the insurance. And at the end of the day, they’ll be as profitable, if not more profitable, a few quarters later. Robert Dutt: The report surfaces the number of 181 days of dwell time. For an MSP who’s running monthly security reports, quarterly reviews, thinks they have things in order – that number has to sting. What does it require of an MSP’s operating model to address that? Michael Crean: One, making sure that the investments you’ve made and the technologies you’ve decided to procure – the tools you’re going to use – make sure you’re well-trained on them and well-versed on the best practices so that you can get optimal outcomes. Patch management, man – I can’t tell you the amount of times we’ve seen… you talk about this 181 days, it comes down so many times to pure patch management. And the vast majority of manufacturers give you the patches for free. But we don’t think about it, we get distracted, we don’t see it as valuable as it really is. And it’s the really simple things. Again, it’s that number one – ignoring the fundamentals. Patching has been a fundamental thing we’ve talked about for so long. And I also think that for an MSP that just magically adds the additional S and starts calling themselves an MSSP – don’t dabble in security. Either do or do not. Do not try. We’re going to throw a little Yoda in here for the day. And if you’re not going to be a real MSSP, partner with one. There are so many great organizations out there – I’ll say we’re a great organization to partner with, that’s how we go to market – but there are lots of others out there who are purpose-built for this. It’s like being the best doctor in the world but you’re not a surgeon. So you refer somebody to a surgeon to get that surgery done. Robert Dutt: Your own background includes Solutions Granted – building out one of the first SOC-as-a-service models for MSPs before SonicWall acquired you. I’m curious, when you look back at your time on the other side, when you were the MSP – are there any of those sins you look at and go, “Hmm, that sounds awfully familiar”? Michael Crean: Oh, absolutely. I will say I went through that transition – 22 years of being a VAR, to being a government contractor, to being an MSP – realizing I was a really crappy MSP. Not going to lie. My bedside manner wasn’t great. I wasn’t passionate about what I was doing. And I think that’s something that gets lost sometimes. I was super passionate about security – getting out of the military, transitioning away from that, getting into IT and the tech space. And when I found my way into this SOC-as-a-service MSP space, it’s where I found my passion and love again. And I think that means a lot. Don’t do it for the sake of doing it. I think we all have to keep the lights on and put food on the table and clothe our kids and find a way to retirement one day, but find some happiness in that too and be really passionate about what you’re doing. And you’ll probably find a lot of these seven deadly sins aren’t as deadly for you. Robert Dutt: That’s one way of mitigating it, that’s for sure. The report is framed around protection outcomes and it’s explicitly aimed at giving MSPs the language to have strategic conversations with SMB decision-makers. But there’s a responsibility question underneath that. If the MSP is the last line of defense for most SMBs – and I think we’ve talked about this a little bit already – what does good actually look like? What’s the bar you have to reach before you either back off from security and/or partner with someone else who’s much more committed? Michael Crean: I think, one, it’s a team effort. It isn’t just the MSP’s responsibility. The business owners, the decision-makers, the board, whoever you’re dealing with that’s making these decisions – they have to buy in. And if they don’t, well, then you’re at a disconnect. You’re bringing in a subject matter expert – the MSP – to help make them more secure, for survivability, for all the things they’re asking for to make sure they can operate at the highest levels possible, and then you don’t allow them to do their job. That’s a huge risk. What I will say – and this is a hard lesson to learn, but one of the most valuable lessons to learn – is when you fire your first customer. Not get fired, but you actually fire your first customer because it wasn’t the right fit and the financial impact was going to hurt. It didn’t feel good. Nobody ever really wants to get fired or be fired. But when you do that, you start to mature. And inevitably, you also help that customer mature – because if they hear the same message from multiple people: “We’ve got to do patch management. Don’t tell me we can’t. We’re going to use MFA. We’re going to have a SOC monitoring this 24 hours a day, seven days a week, 365 days a year. We’re going to take away administrative privileges. We’re going to do the fundamentals. We’re going to make investments in tools and put the right people, process, and technology in place.” The outcomes really start to matter. But it is a team sport. I can’t tell you – and I’m sure you’ve heard this – MSPs talking about, “I can’t get my customer to use MFA, so I got them to sign this indemnification clause.” How many MSPs are getting sued, and these indemnification clauses aren’t holding up? Because you’re the expert. If you believe it’s 100% the right thing to do, then if they don’t follow – you fire them. Robert Dutt: It’s funny how often it comes down to that. I’ve heard that same sentiment from MSPs in the move towards, “This is what you have to take. It is not negotiable. It is the cost, as it were, of doing business with us.” I think that’s sage advice. Michael Crean: We accept it from our surgeons, right? If I’ve got a bum knee and I need it fixed and I’m a little overweight and he knows I’m drinking a little too much bourbon or eating a little too much red meat and he wants me to lose ten pounds so that he can be successful – if I’m not doing my part, well, why does he want to do surgery on me? Robert Dutt: Point taken. The report’s been out for a few weeks now. Curious – what’s the question you’re getting most from partners that you didn’t expect as they sit with this? What’s hit differently than you thought it might? Michael Crean: I thought we were going to get more pushback on why we called it a Protect Report instead of a Threat Report. That really isn’t the question we’ve been getting. What’s been surprising to me is the commentary. The unsolicited emails, the LinkedIn requests, the comments – people have really enjoyed receiving a report that just wasn’t like everything else. There’s been a lot of commentary along the lines of, “I’m going to have this discussion and use these analogies and use these seven deadly sins to have conversations with my customers.” That’s what we were hoping for, but you never know when you go against the grain how well it’s going to hit. I think we got lucky. Robert Dutt: It sounds very much like mission accomplished. I know it’s something that caught my attention and that I’ve heard out there as well. I look forward to seeing what comes next as you continue to reinvent what these kinds of reports do and what they look like. Michael, I thank you for taking the time to talk through this and to offer some advice. Michael Crean: I appreciate your time as well, sir. Thanks a lot. Robert Dutt: There you have it – Michael Crean from SonicWall. I’d like to thank Michael for his time, and for a conversation that felt a little different from the usual vendor security briefing. His background – building Solutions Granted from scratch, running a real MSSP, operating inside a SOC, and now sitting on the vendor side – gives him a perspective that’s harder to find than you’d think among people who are now in vendor roles. A few things will stay with me. The mechanic analogy – you can own the same box of tools, but that doesn’t make you a mechanic, and it doesn’t mean your car is going to get fixed. The surgeon line – if the patient won’t follow the pre-op advice, why are you doing the surgery? His answer on when an MSP reaches maturity – it’s the moment you fire your first customer who won’t implement MFA or basic patch management, even when it hurts. And the Ovechkin riff – even the greatest goal scorer in NHL history never stopped working on the fundamentals. Now, after we stopped recording, Michael mentioned something he wished he’d worked into the interview, and I promised I’d pass it along. Of the seven deadly sins in the report, I asked which one is most personally interesting to him and he landed on sin number five – cost-driven security decisions. He illustrated it this way: he’d been speaking at a conference recently and asked how many in the room had bought a car in the last eighteen months. A lot of hands. Then he asked how many of them had bought the cheapest car on the lot. Not one hand went down. Because we think about safety ratings, about the features, about whether the thing will hold together when we need it to. But when it comes to cybersecurity, too many businesses just reach for the cheapest option. As Michael said himself, it’s a little strange to have a personal favourite deadly sin. But there you have it. The 2026 Cyber Protect Report is well worth a look for any MSP or solution provider thinking about how to have a more strategic security conversation with their customers. Links in the show notes. If you found this useful, follow or subscribe to In The Channel from ChannelBuzz.ca wherever you get your podcasts – you’ll find us on Apple Podcasts, Spotify, YouTube, and all the major directories. Ratings and reviews are always appreciated and genuinely help other people in the channel find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

In this April 2026 episode, MSSP intern Saadhya Bahudodda interviews Lee Marshall, founder and CEO of Kids to Love, a nonprofit dedicated to addressing the immediate needs of youth in foster care while creating long-term pathways to stability. Drawing on her lived experience of being born into foster care and her career in television journalism, Lee shares how both her personal and professional journeys led her to this work. She highlights programming including scholarships, workforce preparation through the K-Tech Initiative, trauma-informed mental health services, and transitional housing. For this invaluable work, the organization won the 2025 Aging Out Award for the Mid-Large Organization Category. Throughout the conversation, Lee emphasizes the need for community collaboration and innovative, wraparound programming to ensure that youth aging out of foster care have the resources and stability needed to thrive.

At RSAC Conference 2026, the expo floor runs on one word: AI. But Lisa Liu, Corporate Marketing and Communications Manager at Stellar Cyber, has been watching the confusion this creates in real time. Visitors at the Stellar Cyber booth are asking the same question: does AI in cybersecurity mean a tool that fights AI-powered attackers, a tool that is AI-based, or something else entirely? Lisa Liu's take is direct -- if your messaging can't answer that question, the noise is winning. Stellar Cyber has been building toward a human-augmented, autonomous SOC for years -- long before "agentic" became the conference password. The logic driving that mission is not about market positioning. It is about what happens when AI makes a mistake at scale. One error in judgment can echo a thousandfold. Human oversight is not a limitation on the platform -- it is the architecture. The goal is not to put a human on the sidelines as a safety check. The goal is to make every analyst perform at a higher level, so a junior analyst works at the capability of a senior analyst. Lisa Liu draws on the Waymo analogy familiar to anyone walking the streets of San Francisco this week: autonomous vehicles went from having a safety driver present to running solo. But when a power outage knocked out every Waymo unit simultaneously, the city needed humans to step in immediately. The same principle applies to security operations. Agentic AI is changing the analyst's role -- replacing alert fatigue and log chasing with higher-order problem solving -- but human involvement in the process is not going away. For SOC teams asking how to get there, Lisa Liu is clear: success is not a rip-and-replace project. Success is minimal personnel disruption and maximum operational efficiency -- repositioning existing tools to work smarter without exposing the organization to weeks of vulnerability during a rebuild. Stellar Cyber's platform integrates with existing SIEMs and tools, adds coverage across network, endpoint, identity, and cloud environments, and offers hundreds of pre-built integrations with more being added continuously. For managed security service providers serving clients across different industries and risk profiles, that kind of unified visibility is what makes the business model scale. The outcomes are specific. One Stellar Cyber customer reported that analysts were 83% more accurate in their threat environment analysis. Lisa Liu frames that number carefully: analysts are not measured by what they catch -- they are measured by what they miss. Any meaningful improvement in accuracy is not just a business metric. It changes how people feel about their work. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Lisa Liu, Corporate Marketing and Communications Manager, Stellar Cyberhttps://www.linkedin.com/in/lisaaliu/ RESOURCES Stellar Cyber: https://stellarcyber.ai Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Lisa Liu, Stellar Cyber, Sean Martin, RSAC Conference 2026, human-augmented SOC, autonomous SOC, AI-native security operations, Multi-Layer AI, MSSP security platform, SOC analyst efficiency, alert triage, agentic AI cybersecurity, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

31% of businesses that had backup solutions still failed to restore their data during a ransomware attack according to At-Bay's analysis of 186 real insurance claims. And if you think your business is safe because someone "set up backups," you need to watch this. Meanwhile, there are 4.8 million unfilled cybersecurity jobs globally right now and 61% of midsize businesses have zero dedicated security staff on payroll. Bryan Hornung and Reginald Andre break down exactly how bad the staffing gap has gotten (ISC2's 2025 Cybersecurity Workforce Study shows the pipeline shrank from 31% growth in 2022 to just 12% in 2024), why your IT person is being set up to fail, and how much a single mid-level security analyst actually costs vs. what an MSSP can deliver at the same price. Then they go straight at the backup crisis: the 25-point confidence gap between what IT teams believe about recovery and what At-Bay, Sophos, and Spiceworks data actually show. Ransomware attackers are targeting your backup repositories first before they trigger the main attack. The average business is down 24 days after a ransomware hit, with average recovery costs of $1.53 million. For a business under 500 employees, that can be existential. This episode is for every business owner who has ever said "we have backups" or "IT handles security" and hasn't verified either of those statements. Support the show: buymeacoffee.com/securitysquawk

Today is Monday, March 23, 2026. Welcome to In Case You Missed It, our weekly five-minute rundown of important channel news stories that might have flown under the radar last week. This episode of In Case You Missed It is brought to you by ESET Canada. ESET's Women in Cybersecurity Scholarship is now open for 2026, with three $5,000 awards available to women pursuing careers in cybersecurity. Applications close April 8. Learn more and apply. On this episode: Bell Canada bets big on AI in Saskatchewan. Bell Canada and the Government of Saskatchewan announced a 300-megawatt AI data center outside Regina — Canada’s largest purpose-built facility, projected to generate up to $12 billion in economic value for the province. Cerebras Systems and CoreWeave are signed on as anchor tenants. For the Canadian channel, the downstream opportunities in connectivity, edge infrastructure, and AI professional services are worth watching, as is the data sovereignty angle of keeping AI compute on Canadian soil. The Globe and Mail’s take on what this signals about Bell’s broader AI strategy. WBM Technologies says buy your RAM now. WBM’s March IT Procurement Update is the most useful thing a Canadian partner has published this month. Every vendor category is listed as constrained. HPE has seen a 24-30% list price increase in March alone. Fortinet is implementing monthly 10% price increases. HP is coming with another 10%+ increase April 1. WBM’s recommendation: buy the RAM and storage you need for the lifetime of the system. Nature magazine is calling it “RAMmageddon.” AWS brings AI agents to partner selling. At its Global Partner Summit, AWS announced AI-powered sales agents in Partner Central, built on Amazon Bedrock AgentCore. Partners can upload meeting notes, auto-update opportunity records, check funding eligibility, and generate draft MAP funding requests. AWS reports 15% higher win rates and 44% faster close times from its solution matching engine. Another signal that vendors are using AI to fix the administrivia of partner selling. Exabeam launches new MSSP commercial framework. Exabeam expanded its APEX Partner Program with two new licensing models for MSSPs: a single pooled multi-tenant option and a federated subscription model. For partners building or scaling MSSP practices, it’s designed to offer more flexibility in packaging and pricing Exabeam’s SIEM and analytics platform. This week on In The Channel: Canadian MSPs plan the lowest pay increases of any region, and that might not be a bad thing (Tuesday) Most MSP contracts wouldn’t survive a courtroom — here’s where to start fixing that (Wednesday) Cisco Canada sees a “perfect storm” driving multi-year infrastructure refresh (Thursday) From NetSuite President’s Club to grain-to-bottle whisky in the Eastern Townships — our first Life After the Channel episode (Friday) Read Full Transcript Welcome to In Case You Missed It from ChannelBuzz.ca. I’m Robert Dutt, editor of ChannelBuzz.ca. Today is Monday, March 23rd, 2026. Let’s get your week started right. This week’s In Case You Missed It is brought to you by ESET Canada. ESET’s Women in Cybersecurity Scholarship is now open for 2026, with three $5,000 awards available to women pursuing careers in cybersecurity. Applications close April 8th. Learn more and apply at eset.com/ca. ESET – protecting progress. The biggest Canadian tech infrastructure story in a while landed last week, and it didn’t come from Toronto or Montreal or Vancouver. Bell Canada announced a partnership with SaskTel and SaskPower to build a 300-megawatt AI data center outside Regina, Saskatchewan. The facility is projected to generate up to $12 billion in economic value for the province, and it’s being positioned as Canada’s largest purpose-built data center. The anchor tenants tell you where this is headed: Cerebras Systems and CoreWeave, two of the biggest names in AI compute infrastructure, are signed on. This isn’t a general-purpose facility — it’s built for the kind of GPU-dense, power-hungry workloads that AI training and inference demand. For the Canadian channel, there are a few things to watch. Local IT providers in Saskatchewan and Western Canada could see downstream opportunities in connectivity, edge infrastructure, and professional services around AI deployments. The data sovereignty angle is real — keeping AI compute on Canadian soil is increasingly a selling point with public sector and regulated-industry customers. And the scale of this investment signals that Canada is becoming a serious destination for AI infrastructure, not just a market that consumes AI services built somewhere else. If you’re quoting hardware right now, you need to see WBM Technologies’ March procurement update. It’s the most useful thing a Canadian partner has published this month, and the message is blunt: They're telling customers to buy the RAM and storage you need to support your systems for the lifetime of that system. Every single vendor category WBM tracks is now listed as constrained. HPE has seen a 24 to 30 percent list price increase in March alone, with quote validity down to just 14 days. Fortinet is implementing monthly 10 percent price increases. Dell expects further adjustments on March 30th. And HP is coming with another minimum 10 percent increase on April 1st. WBM is linking to Nature magazine, which is calling this “RAMmageddon.” If you’ve been following our coverage of the component shortage over the past few weeks, this is the same story, but it’s accelerating. We’ll have a link to the full WBM update in the show notes. It’s worth bookmarking. Two weeks ago on this podcast, we talked about Ingram Micro’s AgenTeq platform and the push to bring agentic AI into the distribution workflow. Now AWS is doing something similar inside Partner Central. At its Global Partner Summit, AWS announced AI-powered sales agents built on Amazon Bedrock AgentCore. Partners can upload meeting notes and have opportunity records auto-updated. The agent flags whether a deal qualifies for AWS funding programs like MAP and can generate draft funding requests pre-filled with deal details. AWS says partners using its solution matching engine are seeing 15 percent higher win rates and 44 percent faster close times. The pattern is becoming clear: vendors are using AI to fix the messy middle of partner selling — the admin, the quoting, the funding applications, the administrivia. Worth watching how quickly this becomes table stakes. And finally, Exabeam launched a new commercial framework for MSSPs last week, offering two licensing models: a single pooled multi-tenant option and a federated subscription model. The idea is to give managed security service providers more flexibility in how they package and price Exabeam’s SIEM and analytics platform for their customers. For partners building or scaling MSSP practices, it’s worth a look. We’ll have a link in the show notes. Those are some of the things we were paying attention to last week.  Big week ahead on In The Channel.  Peter Kujawa from ConnectWise’s Service Leadership practice on why Canadian MSPs are planning the lowest pay increases of any region — and why that might not be a bad thing.  Rob Scott from Monjur on why most MSP contracts wouldn’t survive a courtroom.  Cisco Canada on the perfect storm driving a multi-year infrastructure refresh.  And our very first Life After the Channel episode, with Martin McNicoll, who went from NetSuite President’s Club to making grain-to-bottle whisky in the Eastern Townships.  For ChannelBuzz.ca, I’m Robert Dutt. Have a great week, and I’ll see you in the channel.

Jeff Collins, CEO of WanAware The last time the channel faced a shift this fundamental was the rise of the hypervisor. That transition reshaped everything, but it happened inside the four walls of the data center. What’s different about the current moment, argues WanAware CEO Jeff Collins, is that AI workloads, inference nodes, IoT, and SCADA infrastructure are being bolted onto customer environments without the kind of formal network redesign that virtualization demanded. The result is a growing visibility gap that most MSPs don’t realize they have. Collins points to a striking finding from a WanAware survey conducted in late 2025: when business leaders were asked about their visibility gap, they rated it extremely high. When IT was asked the same question, they rated it low. Both were technically right. IT was measuring visibility against the machines in their purview – Active Directory, database servers, web front ends. The business was measuring it against everything else: Kubernetes workloads, cloud functions, agentic AI processes, and infrastructure that might not exist tomorrow. That disconnect is why MSPs can show perfect MTTR and SLA performance while the customer is saying you’re failing. The conversation covers where traditional monitoring breaks down, why 30% false positive rates persist even after major platform investments, and how ephemeral workloads designed to disappear create alerts that will never resolve. Collins makes a compelling case that MSPs need to push visibility up the OSI stack, from layers one through three into the application and business logic layers where margin is significantly higher. He shares a practical framework for how to start, using vertical industry knowledge – particularly in sectors like Canadian oil and gas, where SCADA networks and AWS IoT Core infrastructure represent opportunities to grow a $1,000-a-month customer into a $30,000-a-month engagement. Read Full Transcript Robert Dutt: Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and still your host for the show. Today we’re talking about a problem a lot of MSPs and channel partners are starting to feel, even if they don’t always have a name for it yet, and that’s visibility. As AI workloads, hybrid architectures and distributed endpoints become the norm, network traffic is changing faster than the tools that many partners rely on to understand what’s actually happening inside their customers’ environments. My guest today is Jeff Collins, CEO of WanAware. Jeff spends a lot of time with service providers and enterprise teams dealing with this shift, where accountability for performance, security and uptime is increasing, even as environments become harder to see and harder to diagnose when something goes wrong. WanAware operates in the network and infrastructure visibility space, but this conversation isn’t about the tools, the dashboards. It’s about how blind spots form in modern networks, why they’re easy to miss until there’s an outage, a security issue, or an SLA failure, and what partners need to understand as AI-driven infrastructure quietly reshapes traffic patterns and dependencies. In this discussion, we’re going to explore where traditional monitoring starts to fall apart, how partners can rethink what good visibility really means today, and why the ability to see what’s happening across distributed environments is quickly becoming both a risk issue and a business opportunity for MSPs. If you’re responsible for customer outcomes, but you don’t always feel confident you can see everything that matters, this conversation is for you. [MUSIC] Robert Dutt: Jeff, thanks for taking the time. I appreciate it. Jeff Collins: Thanks, Rob. Thanks for having me on. Robert Dutt: You’ve been advising partners, MSPs, VARs, these types of folks through a lot of change over time. Why does this moment with the rise of AI workloads and the continuing trend of hybrid networks feel like a real inflection point rather than sort of just the next evolution of the way things look? Jeff Collins: I think one of the biggest reasons why is because it’s so transformational to what MSPs and resellers and VARs and distributors have dealt with for, let’s say, the last 25 years. If we think about the last major inflection point that they dealt with was really kind of the realm of the hypervisor, this ecosystem where no longer did we have to have a server running an operating system, and that created kind of the whole ecosystem we deal with today. It created cloud, it created containers, all those things were built off this concept of a hypervisor. That was really the last major transformational thing that has happened. Now we fast forward to today and we’ve got this era of AI. We’ve got this era where we’re now taking agentic approaches, generative approaches, to things that our customers deal with every day. When I talk about our customers, those are the customers of the MSP, those are the customers of the reseller, the distributor. Not only are they dealing with that, they’re dealing with this massive evolution in the customer base, but they’re also having to do that same evolution in their own environments. If you’re an MSP and you’re focused on infrastructure, or you’re an MSP and you look more like an MSSP where you’re focused on security, now you’re starting to have to deal with, “Okay, I’ve got these tools, I’ve got these people, I’ve got these agents, I’ve got all these entities inside of my business that are doing something for my customer.” But now I have to think about how am I going to do that faster? How am I going to do that better? How am I going to do that more effectively? Because our customers are getting much more advanced. That’s really one of the biggest things that I see that we’re seeing a lot of, that “Where do I start?” from the channel partner community. When we think about the channel, we know all this stuff is going on, but it seems like such a Herculean lift that I think sometimes it’s hard to know where we make that first step. Robert Dutt: That makes sense. A lot of this, a lot of AI especially, and to a degree sort of the hybridization of the network, that complexity has come on without kind of a formal network redesign. Like you mentioned the transition to hypervisors and that necessitated rethinking how things were done because it was a physical change. Whereas a lot of, especially with AI, it’s kind of being bolted in, added on as you go. Why does that make the environment today harder to understand than maybe it was for past transitions when you’re sitting there watching it as an MSP or other partner? Jeff Collins: Well, I think one of the biggest reasons why this era is so much more difficult than the last transition is because we’re not bound by the four walls of our proverbial house. If we think about when we dealt with the last transition, every customer, their physical server sat inside of something they control. So we’ll refer to it as their house because that’s the easiest kind of comparison we can do. In today’s world, there’s certainly a lot that exists in our customers’ houses and in the houses that the MSP or the reseller or the channel partner or whomever it is are engaged in. But so much of that’s going outside of those walls. And when we think about AI, AI is certainly outside of those walls. I mean, we might be dealing with Anthropic, we might be dealing with ChatGPT or Gemini or the thousand other agentic or generative approaches that are out there. Those are all over the place. And now we’re asking these entities to take oftentimes a process-driven approach that they’ve had for 20, 25 years. And how do you change that process-driven approach when you don’t really know where those workloads, where those assets, where that data is going to reside either today or tomorrow, or even if that data that we’re looking at is even going to exist tomorrow. That’s this whole realm. I mean, we’ve been talking about ephemeral workloads for, you know, let’s call it 14 years, 15 years since really the rise of AWS. But now we’re starting to deal with these ephemeral workloads, not just in the realm of infrastructure, but also in data, in generative concepts, in agents. You know, historically, we had Bob Smith, who might have worked in the NOC. Well, tomorrow, Bob Smith is an agent. What does that look like? It’s AI. What did Bob Smith do yesterday? Did Bob Smith, the new agentic version of Bob Smith, did that person do the right thing, the wrong thing, the incorrect thing? How do we manage that? How do we deal with that? How do we process that? Those are all the things that are across the board, just happening at massive rapid scale. And so, you know, it’s a really difficult time right now to be an MSP or a channel partner, but it’s also an amazing time to be an MSP or channel partner. You know, our world, our capabilities are advancing so fast. You think about one of the simplest use cases that’s out there that all of us think is simple, that MSPs deal with every day, is a circuit outage. You know, a telecom circuit goes down and it’s connected to SD-WAN or it’s connected to a router or it’s connected to some type of device that’s out at the prem. And historically, every MSP on the planet’s dealt with it kind of in a similar way. We get an alert from a monitoring system that feeds a ticketing system. It pops up on a tier one agent’s dashboard. The tier one agent looks at it, they verify power, they verify if the router’s operational, and then they open a ticket with a carrier. And then they, and that’s the hurry up and wait type of world. Well, now in the era of AI, that changes that quite a bit, because every one of those things are very process driven. We don’t need people for that anymore. So now we can have a system take that process flow on, do that. Now, historically, we could use a system to do that. We could write automation and a lot of MSPs did that historically, but the problem with automation is automation is static. When we leverage AI, we can leverage enrichment that helps influence that agentic approach. And so now if there’s a nuance going on, let’s say an example is there’s a global power outage. So let’s say there’s a power outage in the entire Vancouver area. We know that. Well, historically, if we’re looking at that, we see all these customers that are down, we might through a tier one agent approach, a person-based approach that following a process, or even an automated approach, not really correlate that. Because if the MSP is in, let’s say, Montreal, they might not realize there’s a large scale power outage in Vancouver, which is thousands of kilometers away. And so when we think about that, that’s really where these things can change a lot from an agentic perspective. And then the MSP gets the joy of being able to repurpose that person to be much more valuable to their organization, that tier one person can become tier two, and that can really start changing that dynamic a lot. Robert Dutt: Most MSPs would have historically said we have good visibility across what our customers are doing. And probably I would say most believe they have good visibility today. Where does that confidence most often turn out to be misplaced or to start to break down as the model shifts? Jeff Collins: Yeah, so I would 100% agree that most MSPs, when workloads are static, have great visibility. The problem is that in today’s world, so many workloads are becoming dynamic. And we see that change happening consistently. You know, customers, you know, historically MSPs had problems monitoring services inside of a cloud provider. You have ephemeral workloads, you have workloads that aren’t necessarily a server, they’re much more like a service. So you have things that might be a Kubernetes instance, they might be a Kubernetes runtime instance, they might be a function. Those are all things that are crucial to the operation of a customer. They’ve taken those workloads that historically operated on a machine. And they’ve taken those workloads and now they’re in some type of small form factor instance that exists for a very short period of time. That’s been very difficult for MSPs to deal with across the board. But now we take that same concept and that same concept goes outside of the cloud providers. We now have that moving into inference nodes. We now have that moving into IoT and IIoT and OT, where we’re starting to deal with these ecosystems where these workloads are very ephemeral by nature. They might exist for a short period or components of those might exist for a short period, or the way that those are correlated and analyzed might exist. But if you think about inside of a customer from a business risk perspective, those actually carry the highest business risk. An individual Windows 2012 server has some level of business risk. If it’s running SAP, probably a higher level of business risk. But if it’s one Active Directory node and the customer has 100 machines in Active Directory, it doesn’t really matter in the scheme of the world. And so those are the realities of what happens as we kind of think through this stuff. And so for MSPs, this really drives that visibility gap. You know, we did a survey earlier this year, or actually late last year, sorry, in 2025. We did a survey across the board asking business leaders really what the visibility gap was and what they believed. And we asked business leaders and we also asked IT. It was really interesting to see kind of the dichotomy. When you ask the business what the visibility gap was, it was extremely high. When you ask technology what the visibility gap is, it was really low. Now they were both technically right. And here’s why. So IT was thinking about the visibility gap of the machines that they understand, the machines in their purview. So those might be, you know, an Active Directory server, a database server, maybe you have a web front end. Those are all there. And those are 100% being monitored to that IT team or to that MSP. The problem is, is the business itself is operating on a whole bunch of additional workloads that IT doesn’t necessarily have purview to. And so because of that, we start ending up with this difference of visibility. And that’s why oftentimes when you’ll go and you’ll talk to a customer or you’ll go and you’ll talk to the business itself. And the business is saying, why do we have this MSP who works for us? This MSP isn’t doing anything. And the MSP is coming back with these great reports that are showing MTTR is consistently dropping. You know, initial response time, triage time is consistently dropping. We’re blowing out every single metric that we provided you in an SLA or an SLO. And the business is coming back and saying, but you’re failing. And the MSP is saying, I don’t understand. We are not. And here’s all the metrics. And it’s because of this difference in resources that exist, that is what is happening. And so I think that’s one of the big areas that we always have to think through is, you know, as we’re looking at things and as MSPs look at things, they have to continue to be pushing upward inside of the business to understand all those areas that the business is driving that IT, who they’ve historically sold to, may not know about those resources, especially in a lot of these other spaces, AI, IoT, IIoT, OT, ephemeral workloads, cloud workloads, those types of things that are often outside of that scope. Robert Dutt: Yeah. I guess when you’re looking at sort of your visibility stopping basically at the edge of the organization, you’ve got all of this out there, pretty significant impacts on real world issues like latency, like security exposure, like the ability to meet those SLAs that you signed up for, those kinds of things. Jeff Collins: Yeah. Yeah. 100% agreed. And, you know, when you think about the core components that an MSP does, you know, MSPs generally deal with availability and they deal with performance. When you add in the MSSP, now we add in the security component. And some MSPs and MSSPs are more hybrid-based approaches. They may deal with all three. But as you kind of look at those, those core tenant areas have become much more difficult, especially in the last 10 years, certainly in the last year. I mean, the last year has been so disruptive for all that we do. And it’s because those pieces have become much less simple. You know, if I go back 25 years or even 20 years, customers by and large used MPLS networks, rather simple to monitor. You have guaranteed jitter, you have guaranteed latency, you have, you know, all these things that are very easily assumed by an MSP. So if latency exceeds 74 milliseconds between these two individual locations, that breaks the SLA that the provider provides and it’s an easy conversation. You need to go fix this. This is not okay. Well, in today’s world, most of our customers don’t have MPLS networks. Most of them have, you know, sometimes now it’s satellite. They might have Starlink for LEO. They might have 4G or 5G, depending on what portion of the world they’re in. They might have some type of broadband service, fiber broadband, or copper broadband, or some other type of realm. Well, those don’t necessarily have SLAs for that in any way, shape, or form. We may luck out and they have an availability SLA. Maybe it’s three nines or two nines, or maybe not even two nines, depending on what type of service that is. And then when we start moving inside of the network, outside of the service provider, outside of the circuit provider itself, we start moving into other arenas that look like this. You know, historically we had a Dell server, an HP server that had a mean time before failure. Well, that’s pretty easy to understand. If I have a server and it’s going to run for 25,000 hours, it’s easy to understand that life. But when now we’re starting to get services that have an expected failure, and that expected failure is generally measured in less than a year, because the assumption is that the software, the application, resolves that issue. If you’re an MSP and you’re not monitoring the application and you don’t understand the application, you’re now chasing outages that don’t matter. And that’s one of the other things that’s really hard. And we see this all the time. You know, I’ll talk to MSPs and they’re like, “Jeff,” and it goes back to that same conversation we had before of not knowing the business. “Jeff, we get, today we have 30% of our tickets that become false positives. What do we do about that? We’ve gone out and we’ve bought the newest monitoring platform. We’ve implemented AI. We’ve implemented all this automation. We spent $20 million doing that.” These are all real things that I have in conversations with MSPs. And at the end of the day, they still have 30% false positives that they’re working. And the reality is, is because it’s certainly an outage. There was 100% an outage that happened. But the reality is that outage was never going to get restored because the outage was designed. You know, that workload disappeared. A DevOps team or a DevSecOps team deployed a new environment and that workload is now gone. And there’s a brand new workload that you’re not monitoring right now. You know nothing about it. And those are the things that we all collectively have to continually evolve to. It’s that driving up the stack. You know, one of the things that I often see is, you know, we have this proverbial thing that we’ve all dealt with, the OSI model. You know, there’s seven layers to that OSI model. So often in MSPs, we focus on four of them. The problem is, and most MSPs only focus on the first three. They don’t even focus on the fourth one. The issue is, is there’s three more. And those three more are what get driven by the business. And so the more that we can focus on visibility within those three, understanding that, bringing that into our tools, that drives additional value. It also drives significantly larger margin. You know, if we think about margin contribution at monitoring a telecom circuit, that’s a pretty low margin at this point in time. There’s a lot of automation around that. Monitoring a server – that world used to be high-margin, but it’s compressing. Customers are increasingly doing more of this themselves. They’re doing automation directly into their CI/CD pipeline. So it becomes this knife fight. And there’s more and more MSPs that are out there that are also fighting for that same share of market. And so the key is, the more that MSPs can go up market, they can understand, you know, I hate to use this term digital transformation because it literally gets overused every day by every marketing team on the planet. But the reality is, is that if we go behind this marketing abomination of this term, and we actually look at what happens, there’s a ton of value that we can go after. And if we go after that value, and we go after what people are trying to do, we align with that, we can now take those same products, those same processes that we’ve historically had as MSPs, and we can really start evolving that. Moving upward, driving in significant value, taking our tool sets that we may have today, maybe those can evolve with us, maybe we have to make new changes in our tool sets. But the reality is we’re driving that margin upward. So we’re going from maybe our contribution margin to our business today is 30%, let’s say, we can start moving back up into 60, 70, 80% contribution margin from a managed services perspective, which is where we all want to be. We don’t want to be fighting knife fights for 30%. It’s just hard, it’s difficult. Our customer acquisition costs are still generally high. We have salespeople, we have marketing efforts, we have all those things that we’re burning through every day. And we need more and more market share, we need more and more assets that we’re monitoring. And as a result of that, we need better ways that can contribute higher margin and create stickier customers that we’re not in those knife fights with. Robert Dutt: The situation seems to be putting MSPs in a situation where they’re increasingly accountable for outcomes that they can’t fully see the contributing factors of. Before you move on, I just wanted to double click on that just a little bit and just ask, how does that change kind of the risk profile for an MSP when you’re accountable for those things that you don’t completely understand or have complete control over? Jeff Collins: Yeah, I would say a lot of that. And one of the things that MSPs have to think through is a lot of that starts at the sales cycle. If you don’t ask the right questions at the sales cycle stage, oftentimes you get pushed into that ecosystem. When you’re looking at the core functional plumbing behind what a customer is trying to do, and that’s the only thing you’re looking at, you often get siloed into that ecosystem. You’re looking at a server, you’re not looking at SAP. One server going down in SAP doesn’t necessarily mean SAP has a problem. But if that one server is the only HANA server in SAP, that’s catastrophic. You know, it’s this realm of contextual knowledge. Historically MSPs have that contextual knowledge, but it’s all the way at tier three and tier four. That contextual knowledge has to move to tier one. If MSPs want to get to the arena where that is no longer a problem, the contextual pieces have to move downward. You have to go from a hero-based MSP to a process-driven MSP. So many MSPs are built on heroes. It’s really hard to build a scalable business off heroes. You have to have heroes. Heroes are the people that when everything breaks and the world is on fire, they’re the ones who carry you through. And those heroes we want to have, we want to empower them, but they can’t be doing the stuff that should be done at tier one. So if we take that exact same question that you had, Rob, that question is, you know, how do we make, at the end of the day, how do we make MSPs more relevant to their clients and much more aligned with what the client’s trying to do? And that’s by taking the contextual knowledge of what the customer is trying to do, aligning that with the tactical approaches that the MSP is trying to do, and having a very crystal clear playbook of how this tactical component makes up this strategic initiative inside of the business. So we’ll take that, we’ll take that simple example. I shouldn’t say simple. SAP is far from simple. But the reality is, is that SAP is something that customers rely on. And when they rely on that, if SAP goes down the business goes down. And if you have an MSP that’s monitoring that, and at the same second of the same day, the MSP gets 36 tickets. We’ll just pick a random 36 number. 36 severity one tickets come in at that point in time. One of those severity one tickets is for SAP HANA. And the customer only has one instance of that. And that is taking down a large company. So that’s the first ticket. The next 35 tickets are for ephemeral workloads that the customer migrated off of, you got the alert, they migrated to a brand new ephemeral workload. And the 35 don’t matter. They’re false positives. But the one fully matters. In every single MSP on the planet, those 36 tickets are eligible for the same response interval. That’s a pretty tough average to be able to. Are you going to luck out and get the one? Or are you going to luck out, or not luck out, for lack of a better term, and work 35 false positives before you get to the one that matters? Now, most MSPs are going to tell me and they’re going to tell us that, well, we have more than one tier one path. That’s great. But the reality is you need to be responding to that one ticket right now. And you need to understand that that one ticket matters. And the only way you can do that is by starting at the beginning, starting with the sales cycle, understanding what customers are doing. If you’ve already gone down the path and the customer’s embedded, use your customer support teams. Understand what your customers are doing, start layering in that context, start enriching that data, knowing what that actually feeds, and understanding the dependencies and interdependencies inside of that. So if that server goes down, certainly you could by virtue say a database server going down is a SEV-1, but it may not be. If they have four database servers, they’re running in a high availability group, who cares? If one goes down, not the end of the world, go fix it tomorrow. That’s where context, that’s where understanding those dependencies is so crucial. And I mentioned at the beginning of this is how do you take that first step forward? We always take this first step forward and how I instruct MSPs is start doing things like this, take this step forward, break this down into simple programmatic approaches. And when we think about AI, it’s the exact same idea. We move steps forward, we have agentic, we have generative. Pick one, pick an area you want to focus on with your customers, understand the business outcome they’re trying to do. And if you have an inference engine, that’s going to be really crucially important here. So let’s understand that. Let’s monitor that. Let’s understand the intricacies related to how that customer is leveraging it, why it’s important. Are there latency constraints? Are there packet loss constraints? Those types of things. Let’s monitor to that and let’s understand how that happens. And if a customer has an application on the back end, you know, maybe they have New Relic or they have AppDynamics or they have some type of APM toolset, great. Let’s start bringing those into our monitoring. Let’s start bringing that intelligence in, understanding application flows, understanding dependencies, building that to be part of our story. And now we create so much more opportunity for us as an MSP driving that contribution margin northbound. Robert Dutt: So it sounds like we’re kind of defining good visibility in a modern environment and kind of setting up for looking forward as understanding what actually matters to the customer and understanding what kind of flows into it, what all results in that thing that’s important to the customer still being up, still being running, still being functional, and kind of work backwards from there as opposed to the more “this machine is working, this machine is not” kind of approach. Jeff Collins: Yep. Yeah. You want to go from tactical to transformational. That’s really the idea. Robert Dutt: And you shared kind of the idea of the first step to do towards that. I guess as you’re moving towards that first step, you know, is there any one question or kind of mindset that you find works for MSPs to have in mind or asking customers to surface those blind spots and really start to understand what that context is that they have to have? Jeff Collins: Yeah, that’s a really good question, Rob. And, you know, there’s some things that I do tell MSPs to start with before you ever ask that first question. One of them is kind of some of the simple, let’s call it research that you can do before you ever reach out to your customer. One of the easiest things you can do is start by what industry are they in. You know, in Canada, Canada has a lot of oil and gas, lots and lots of oil and gas companies exist in Canada. And so if you have an oil and gas company, we can start right off the bat with a lot of the things that oil and gas companies live and die with. And we’ll just pick on this one as an example. So oil and gas companies have SCADA networks. They have industrial IoT devices that are out there. They’re processing massive amounts of data. That data may be going into the cloud. It may be going into a data center. It may be going into some type of vault or something like that, depending on what they have. But each one of those are things that, as an MSP, you can start out before you ever ask your customer anything. You know that those are the things that exist in their environment. And you can quickly look and see, well, am I monitoring any of those? Well, no, I’m only monitoring Active Directory. Okay, Active Directory is probably important to the oil and gas company. But if it goes down, do they quit producing oil? The answer is probably no. And so if your answer is ever no, you know right off the bat that you’re not monitoring something that’s strategic to your customer. And so the first thing that you should always think about is, okay, if we have this industry, we should be monitoring the things that are strategic. Well, how do we do that? Well, we start with that one step forward. The first thing we talk to them about is just like when we went out and we sold that initial monitoring of Active Directory, they did it because they didn’t have time for it. There’s no oil and gas company on the planet that has time to be monitoring their SCADA networks. They just don’t. They may tell you that they do, but they don’t. So leverage your relationships, leverage your engagement with them and go after those pieces. Understand, you know, if they’re in AWS IoT Core, understand what that looks like. Understand who’s monitoring that. Understand how DevOps is working within that space. Maybe it’s DevSecOps inside of that environment. Understand that convergence of the teams and then start building a story around, you know, let’s take that on for you. Let’s start changing that. Let’s use the same paradigm that we’ve done, driving MTTR down, driving availability up, driving resolution times down, all those types of things. Let’s bring that into the era of SCADA networks, IoT, our core infrastructure. That’s where we start changing the value inside of our customer engagements. And that’s really where I see a huge opportunity for MSPs across Canada, where you can take that environment, you can take those opportunities you already have, and you can grow them from, you know, maybe you bill that customer $1,000 a month. You can grow it to billing them $20,000 or $30,000 a month, but it’s the most crucial $30,000 they spend. Because, you know, if that offshore environment or that, you know, oil sands environment or whatever it might be within the oil and gas space or in the energy sector, whatever it might be, those things are crucial to their business. And so the more that MSPs can kind of make that step forward, and then also start incorporating AI, every single one of those entities is incorporating AI. They’re incorporating it directly into their pipelines. They’re incorporating it directly into their data pipelines, not just the oil and gas pipelines, but each one of those, the more you can incorporate that, the more you can monitor, the more you can show value of everything that you do amazing as an MSP, that’s really where you start creating that intrinsic strategic value and you get out of that tactical approach. Robert Dutt: And the good news is for a lot of these folks in the MSP space, presumably they have some of these pieces already in place, just not necessarily connected up to the technical side, i.e. sales and marketing have been focused on a vertical. And even if they haven’t, because they have customers in this space, they’ve built some of that muscle memory, some of that knowledge of what really matters. Now it’s just a matter, hopefully, of connecting it into the services that they’re offering. Jeff Collins: Yep, totally agreed. Robert Dutt: All right. Well, it’s been a really interesting look at sort of where visibility is at. And I think a real interesting opportunity that you’ve surfaced in terms of how it can be turned into a value conversation. I appreciate your taking the time. Jeff Collins: Sounds great. Thanks so much for having me on, Rob. Robert Dutt: There you have it, my chat with Jeff Collins from WanAware. I’d like to thank Jeff for sharing his insights. The thing that stuck with me from this conversation is how much of what’s changed in the modern network hasn’t been designed in, it’s been bolted on. AI workloads, hybrid architectures, IoT, SCADA, all of it layered into environments without the kind of formal rethinking that happened when we moved to virtualization. And Jeff made a really compelling case that for MSPs, closing that visibility gap isn’t just a risk management play, it’s a revenue opportunity, and potentially a significant one, especially in verticals like energy and critical infrastructure where visibility is tied directly to uptime, safety, and compliance. We’ll be back on Monday with In Case You Missed It, your weekly news roundup. Thanks for listening. I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Every vendor at RSAC Conference 2026 will have an autonomous SOC story. Subo Guha, Senior Vice President of Product Management at Stellar Cyber, has been building the real thing for over a decade -- and he has one question every buyer should ask at every booth: can your platform explain why it reached its verdict? Stellar Cyber's autonomous SOC provides a full case summary for every true positive, showing the forensic evidence chain, threat intelligence correlations, and specific observables that led to the conclusion. SOC analysts can review, challenge, or override -- and that feedback loop is how the system improves. The threat landscape has shifted in ways that validate Stellar Cyber's original architecture. LLM-generated attacks have collapsed the time to launch a sophisticated phishing campaign from weeks to minutes. Stellar Cyber was built to serve the mid-market and the MSSPs that protect it -- organizations that face identical threats to enterprises but without enterprise resources. A unified, multi-tenant platform means MSSPs onboard new customers in minutes. An open data ingestion engine works with whatever tools are already in place -- no EDR lock-in, no rip-and-replace. At the center of the platform is a correlation engine that transforms thousands of individual alerts into a manageable set of high-confidence cases. An identity compromise driving lateral movement across dozens of alerts becomes one case with a clear recommended action. Subo describes this as the difference between drowning in noise and focusing on decisions that actually require human judgment -- and it is the foundation the autonomous SOC layer is built on. Subo is direct about what the hype gets wrong: the claim that organizations can dramatically cut SOC headcount because AI has it covered is not happening. The realistic version of autonomous SOC is a force multiplier -- digital agents handle the continuous, high-volume triage work that consumes analyst hours, freeing humans for the cases that require context and institutional knowledge. A system that automates without explainability does not reduce risk. It relocates it. Stellar Cyber will be at booth S327 in the South Hall at RSAC Conference 2026, right at the bottom of the escalator. Live autonomous SOC demonstrations will be running throughout the event, with real-world results from customers already in production. The team also has a barista on site -- a detail Subo was particularly keen to mention for Marco Ciappelli. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Subo Guha, Senior Vice President of Product Management, Stellar Cyberhttps://www.linkedin.com/in/suboguha/ RESOURCES Learn more about Stellar Cyber: https://stellarcyber.ai RSAC Conference 2026 Coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Subo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, autonomous SOC, Open XDR, MSSP security platform, AI-driven security operations, agentic AI cybersecurity, threat detection and response, RSAC Conference 2026, SOC analyst tools, multi-tenant security platform, LLM-generated attacks, security operations center, SIEM NDR unified platform Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Are attackers really using AI to run end-to-end cyber campaigns? In this episode, Edward Wu (Founder and CEO, DropzoneAI) joins Ashish to separate the hype from reality when it comes to AI-driven attacks .Edward explains how attackers are currently using open-source LLMs for reconnaissance and spear-phishing , and why the major commercial models now explicitly prohibit users from generating exploits without vetting . On the defense side, Edward shares how AI agents have successfully automated over 160 years' worth of alert investigations in the real world proving that 100% software-delivered SOC triage is already here .We also debunk the myth of AI "hallucinations," explaining why most errors are actually just poor context management . If you're building a security operations center or working with an MSSP, this episode will teach you how to shift from manual alert fatigue to leveraging AI for threat hunting.Guest Socials -⁠ ⁠⁠⁠⁠⁠⁠Edward's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Security, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security Podcast⁠Questions asked:(00:00) Introduction(02:50) Who is Edward Wu? (Founder of Dropzone AI) (04:50) The Reality of AI Cyber Attacks Today (Recon vs. End-to-End) (07:20) Why Commercial LLMs Are Blocking Exploit Generation (11:50) How MSSPs are Evolving with AI Triage (18:20) The Asymmetric Capacity Gap: Why Humans Can't Keep Up (22:30) Automating 160 Years of Alert Investigations (23:50) Why AI Hallucinations are Actually Context Management Failures (26:00) Build vs. Buy: The Data Network Effect for AI Agents (29:20) The New Workflow for SOC Analysts & Threat Hunters(31:30) Defining "Threategy": Scope, Authorization, and Context (35:50) How to Detect Prompt Injection (Treat it like an Insider Threat) (38:30) Dropzone AI Announcements at RSACResources spoken about during the episode:- Dropzone Diner RSAC 2026- If you want to learn more about Dropzone- you can do that here!

Episode 502 features Stacey's conversation with Brian Machut (Alliant Health) on how widespread Medicare fee-for-service fraud is inflating costs and undermining ACO shared savings in MSSP and ACO REACH. ACOs uncovered major urinary catheter fraud in 2023 tied to codes A4352/A4353, totaling about $3.5B, with some beneficiaries billed for items never received (including a case shared by Dr. Tara Lagu).  CMS created a "SAHS" (significant, anomalous, highly suspect) process to remove certain suspect costs, but benchmark effects can unevenly impact ACOs; catheter fraud is still projected at $3–$3.5B in 2025. The episode also highlights rapidly growing "skin substitute" spending projected at $13–$15B in 2025; CMS did not classify 2024 skin substitute costs as SAHS, leaving them in ACO performance calculations.  Machut explains this fraud and missed CMS trend projections can reduce provider earnings, discourage participation in value-based care, and potentially drive cost shifting into higher commercial rates—affecting plan sponsors such as self-insured employers. === LINKS ===

Ekco, one of Europe's leading security-first managed security service providers (MSSP), has announced the acquisition of Cork-based Datalogix. Ekco, founded and headquartered in Dublin, is continuing its ambitious acquisition trail, following a busy year in 2025 with three strategic acquisitions. Datalogix is a Cork-headquartered operational technology (OT) business with over 20 years' experience delivering proactive OT services to enterprise customers across Ireland, the UK, and the US. It provides secure OT infrastructure design, implementation, and support services that automate industrial processes for companies in the life sciences, pharmaceutical, general manufacturing, and critical national infrastructure sectors. The company's team will join Ekco's workforce of more than 1,000 people globally across Ireland, UK, the Netherlands, Malaysia, and South Africa. Datalogix will form part of Ekco's security division, bringing the division's revenues to a €100 million share of Ekco's overall group revenues of €200 million. The acquisition will significantly expand Ekco's OT capabilities in the Irish, UK, and US markets, under the leadership of Ekco Ireland CEO Steve MacNicholas. It will enable Ekco to increasingly secure IT and OT convergence for customers amidst a growing OT threat landscape and a complex regulatory backdrop. As part of Ekco's rapid growth strategy, Datalogix marks the eighth company to be acquired by Ekco in the last two years. The acquisition follows the 2025 purchases of cybersecurity consultancy Predatech, and managed service providers (MSP) Solsoft and Adapt IT. It signifies another milestone in Ekco's ambition to build a security-first unified MSP platform across Europe. Datalogix is led by Managing Director Der Cremen and Chief Technical Officer Damian White, who will bring over 50 years' combined industry experience to Ekco. Steve MacNicholas, CEO of Ekco Ireland, said: "Having known Datalogix well for many years, we have always admired their highly specialised and client focused capabilities as trusted OT advisors in the life sciences, pharmaceutical, and critical national infrastructure markets. With Ekco's world class expertise in security-first managed services and cutting-edge technology, this partnership is a perfect match – and we are looking forward to growing and learning together." Der Cremen, Managing Director of Datalogix, added: "Joining Ekco enables us to increasingly invest in and develop our OT capabilities to bring enhanced resources and resilience to our customers, backed by Ekco's scale—while maintaining the responsiveness they value." Ronan Murray, EY M&A Partner, said: "EY were delighted to provide sell side M&A lead advisory and tax services to the shareholders of Datalogix on the company's sale to Ekco. Congratulations to the combined team." See more stories here. More about Irish Tech News Irish Tech News are Ireland's No. 1 Online Tech Publication and often Ireland's No.1 Tech Podcast too. You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news If you'd like to be featured in an upcoming Podcast email us at Simon@IrishTechNews.ie now to discuss. Irish Tech News have a range of services available to help promote your business. Why not drop us a line at Info@IrishTechNews.ie now to find out more about how we can help you reach our audience. You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio.How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation.Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTSubo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedInRESOURCESLearn more about Stellar Cyber: https://stellarcyber.aiAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSSubo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio.How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation.Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTSubo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedInRESOURCESLearn more about Stellar Cyber: https://stellarcyber.aiAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSSubo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this special episode of The Cybersecurity Defenders Podcast, a panel of cybersecurity experts discuss the irreversible changes AI has brought to the industry. This panel originally aired on January 20th, 2026.The panel attendees include:Christopher Luft (host) - Co-Founder / CCO, LimaCharlieMaxime Lamothe-Brassard - Founder / CEO, LimaCharlieEric Capuano - Co-Founder, Digital Defense InstituteJoshua Neil - Co-Founder, Alpha LevelKris Merritt - AdvisorDaniel Lees - Sr Staff Cloud Security Architect, GoogleLimaCharlie has watched the AI SOC conversation unfold and stayed quiet. Until now.Security vendors are racing to attach chatbots to legacy platforms and call it innovation. AI SOC startups have raised hundreds of millions to build better alert triage. Both approaches solve the same narrow problem: helping analysts click faster.Service providers managing hundreds or thousands of tenants face a different reality. Alert triage matters, but so does deployment, configuration, detection engineering, reporting, and onboarding. The tedious work that eats margin and slows growth spans the entire operation.What if AI could operate your entire security infrastructure with the same access as your best analyst?We built LimaCharlie for complete programmatic access from day one. we were building for AI operators before AI operators existed. On January 20th, we'll show you what happens when AI agents can do everything in a security platform, across every tenant, through natural language.No marketing theater. Just real conversations and a demonstration of AI-driven security operations where you stay in control.Learn more at https://limacharlie.io/

Send us a textIn this high-energy and entertaining episode, Joey Pinz sits down with cybersecurity founder and unabashed Italian-American storyteller Tony Pietrocola. From stomping grapes as a child to running an AI-driven security operations platform, Tony brings a rare blend of toughness, humor, and entrepreneurial clarity.They jump from wine, cooking, and massive NFL bodies to college football, concussions, and how elite athletes are built differently. Tony shares what makes college football the real American spectacle—and why private equity is about to reshape the sport.On the cybersecurity front, Tony breaks down the challenges MSPs face, why most still struggle with security, and how AgileBlue helps them build profitable, white-label practices without the overhead of running a SOC. He explains the three questions every MSP should ask a vendor, the rise of AI-assisted attacks, and why consolidation and greenfield opportunities are the biggest missed revenue streams.The conversation ends with health, habit, and personal transformation—discussing Joey's 130-lb weight loss, Tony's daily 5 a.m. workouts, and the childhood structure that forged their work ethic.

Send us a textIn this energizing and uplifting conversation, Joey Pinz sits down with cybersecurity rising star ChiChi Ubah, whose passion for learning, adventure, and personal growth lights up every moment of the dialogue. ChiChi shares her love for adrenaline-filled activities, her ambitions to learn to fly a small aircraft, and the mindset that fuels her ongoing pursuit of new experiences—including her PhD focused on AI-driven cybersecurity curriculum development.A dedicated advocate for women in cybersecurity, ChiChi discusses the life-changing support she's received from WiCyS, where mentorship, training, and certifications helped guide her path into cloud security. She reflects on the role of representation, allies, and community in creating opportunities for women in a male-dominated industry.The conversation also explores breaking old beliefs, embracing intentionality, and the everyday practice of consistency—whether pursuing certifications, maintaining health, or building a TikTok channel from 0 to 5,000 followers. ChiChi also opens up about motivation, legacy, and redefining success through freedom, impact, and personal evolution.This episode is packed with insight, heart, humor, and the fearless drive of someone committed to becoming better every day.

Send us a textIn this powerful and deeply insightful conversation, Joey Pinz sits down with national security leader Valerie Cofield to explore the past, present, and future of cybersecurity across government, critical infrastructure, and everyday life. With 26 years at the FBI, senior leadership at CISA, and her current mission at ICIT, Valerie brings unmatched clarity to the threats shaping our world—from nation-state attacks on rural water systems to AI-enabled scams targeting vulnerable populations.Valerie reflects on why critical infrastructure is now a primary battleground, how bipartisan policy work shaped U.S. cyber readiness, and why the private sector—not government—will be on the front lines of future conflicts. She also shares her personal journey as the daughter of South Korean immigrants, the gratitude that shaped her service, and the emotional weight of protecting the country that gave her family a second chance.Beyond cyber, Joey and Valerie discuss reading habits, mental health, misinformation, and the dangers social media poses to young people. Valerie also offers a heartfelt perspective on leadership, longevity, habits, exercise, and earning success through consistency—not perfection.

Send us a textIn this captivating and wide-ranging conversation, Joey Pinz welcomes cybersecurity executive, author, and Brazilian jiu-jitsu enthusiast Caroline Wong. What begins with jiu-jitsu quickly expands into a profound dialogue about humility, body awareness, emotional regulation, and the unexpected personal growth that comes from combat sports—especially as an adult beginner.Caroline opens up about her upcoming book on AI and cybersecurity, explaining how AI isn't just another shift—it's redefining the entire security landscape. She outlines how to evaluate real AI solutions, why transparency matters, and how LLMs make modern social engineering nearly indistinguishable from authentic communication.She also reflects on tech's wobbly job market, why global talent has reshaped the industry, and which cybersecurity markets AI will completely replace in the years ahead. The conversation deepens as Caroline shares her journey through sobriety, the discipline instilled by her Chinese immigrant parents, the challenges of raising resilient kids in a privileged world, and why joy, peace, and positive impact—not titles—define success.

Send us a textIn this heartfelt and globally enriched conversation, Joey Pinz sits down with storyteller, journalist, and events leader Kris Tanaka, whose life has been shaped by language, culture, and a deep commitment to human connection. Kris shares her remarkable journey studying Japanese from childhood, living a decade in Japan, and learning how language influences behavior, relationships, and even emotional expression.Together, they explore the nuances of communication, the cultural layers behind expressions that don't translate, and how travel expands empathy and perspective. Kris also speaks about her Hawaiian roots, the concept of ohana, and how growing up in a cultural melting pot shaped her worldview.In her role at CyberRisk Alliance, Kris explains why MSSP Alert Live succeeds: participation, purposeful networking, and the magic of spontaneous connections. She discusses what makes events thrive, how to maximize value from industry conferences, and why cybersecurity professionals inspire her daily.The conversation also dives into personal growth—pivoting careers, overcoming fear of change, redefining success, finding inspiration in everyday “magic,” and the emotional impact of helping others shine.

Send us a textIn this insightful episode of Joey Pinz Disciple Conversations, Joey sits down with industry veteran Raffaele Mautone, the visionary CEO behind Judy Security. With more than 25 years in cybersecurity, Raffaele reveals why traditional security models no longer work for MSPs—and how a simpler, partner-led approach is reshaping the future.Raffaele shares how the shift from point products to unified visibility is transforming how MSPs protect clients, reduce noise, and deliver measurable value. He explains Judy's “Blue Team” approach, instant provisioning, and real-time OpenXDR visibility—allowing MSPs to win more business without rip-and-replace tactics.They also explore AI's rapid acceleration, the fragmentation of global cyber standards, and why customers are desperate for clarity, not more tools. Raffaele's passion for reading, family, and his beloved Bernedoodles also highlight the human side of leadership in an increasingly complex world.The episode ends with a powerful reflection on personal focus, consistency, and showing up daily—no matter what the challenge brings.

Send us a textIn this powerful conversation, Joey Pinz sits down with cybersecurity leader and former Naval cryptologic specialist Wilfredo “Will” Santiago to explore the hidden world of modern cyber defense. From growing up in Washington State obsessed with Pokémon cards to serving in Naval intelligence and supporting special operations teams, Will shares how his early experiences, curiosity, and service shaped a career protecting organizations from today's most advanced digital threats.Will breaks down how signals intelligence, network analysis, and cryptology evolved into cybersecurity as we know it—and why the field feels like a high-stakes video game where the challenges never stop. He also dives into how AI is transforming both defense and cybercrime, why quantum compute will accelerate everything, and how MSPs can choose partners they can truly trust.Finally, Joey and Will explore the mindset required to thrive in high-pressure environments: routine, focus, and the ability to act even when you don't feel like it. This episode is packed with insight, humanity, and real-world wisdom.⭐ Top 3 Highlights•

Send us a textIn this thoughtful and deeply human conversation, Joey Pinz sits down with Sharon Florentine, Editorial Director at CyberRisk Alliance, to explore the intersection of creativity, leadership, community, and the ever-changing MSP landscape. Sharon shares her roots as a rhythm guitarist, her love of knitting, and the creative habits that keep her grounded before diving into the bigger questions facing today's MSPs.Sharon breaks down the three biggest challenges MSPs face—security, human capital, and sustainable growth—and explains how media, community, and honest storytelling can help leaders navigate them. She discusses how CyberRisk Alliance supports MSPs with trusted reporting, events, education, and authentic industry insight.The conversation also explores the evolution of publishing, the role of AI in editing, the importance of company values, and the subtle but powerful impact of workplace culture. Sharon also opens up about her personal journey quitting smoking and how consistency, clarity, and self-awareness shape both personal and professional success.This episode blends heart, humor, and hard-won wisdom—perfect for anyone building a business, a team, or a better version of themselves.

Send us a textIn this inspiring conversation, Joey Pinz speaks with cybersecurity advocate Brianna Steele, who brings a refreshing and deeply human perspective to one of the world's most technical professions. With a background in psychology and a passion for understanding human behavior, Brianna explains why attacker motivations, intentions, and emotional drivers are just as important as the tools they use.Brianna shares her journey from Arizona to the Washington, D.C. area, her involvement with Women in CyberSecurity (WiCyS), and why representation and mentorship are pivotal for bringing more women into the field. She breaks down how behavioral analysis shapes her interest in SOC work and why understanding “why people hack” matters as much as how they do it.The conversation expands into AI as a study companion, fasting and lifestyle discipline, motivation rooted in love, and the importance of self-awareness when entering a high-pressure industry. Brianna's warmth and clarity make this an energizing episode for anyone exploring cybersecurity, career transition, or personal growth.

The year of 2025 was as historic as it gets for the world of comedy. From comics reaching new career heights to worldwide controversy and national headlines, it was a crazy year for comedy news.... and this video is a full recap of everything that happened. From Shane Gillis hosting the ESPYS to Tim Dillon on CNN and all the comedians in Riyhad, this is the Joke WRLD Comedy News year in review.Watch the full episode here: https://youtu.be/WOBdXTz0glY Please Subscribe & Follow Joke WRLD On:Patreon - https://www.patreon.com/jokewrld Instagram - https://www.instagram.com/joke.wrld/Tik Tok - https://vm.tiktok.com/ZMdMus6EG

Support the D.A.W.G.Z. @ patreon.com/MSsecretpod Go See Matt Live @ mattmccusker.com/dates Go See Shane Live @ shanemgillis.com Go See Lemaire Lee Live @ https://lemairelee.fun/ hello0o0o0o0. Hope you've all had a good week. The D.A.W.G.Z. have reunited ... on Shang's bday no less. yayyyy. Hot cast ensued. What did you expect. TGIF. Please enjoy. God Bless. $35 off Carver Mat https://on.auraframes.com/MSSP Visit https://prizepicks.onelink.me/DRENCHED and use code DRENCHED and get $50 in lineups when you play your first $5 lineup! Visit dosedaily.co/MSSP and use code MSSP to get 41% off Learn more about your ad choices. Visit podcastchoices.com/adchoices

In this December 2025 episode, MSSP intern Saadhya Bahudodda interviews Alyssa Dennison-Glasgow, regional program director at Olive Crest in Las Vegas. Alyssa discusses how her early experiences working in juvenile justice and child advocacy shaped her commitment to supporting youth and families and ultimately led her to Olive Crest. She highlights the organization's Teen and Young Adult Independent Living Program, which won the 2024 Aging Out Institute's Small Program award. This unique program provides housing, life-skills coaching, and savings-building opportunities for young people aging out of foster care. Throughout the conversation, Alyssa emphasizes the importance of external mentorship, consistent community partnerships, and individualized support, demonstrating that effective aging-out programs rely on strong, collaborative networks to help young people thrive.

Eric spent 30 years in cybersecurity. Built and sold an MSSP to private equity for hundreds of millions. Then he started Tenex and hit $43 million in revenue in ONE YEAR. This isn't theory. This is a founder who's done it multiple times breaking down exactly how AI-native companies are about to eat every services industry alive. If you're building anything that touches AI, services, or enterprise sales, this is the episode.Why You Should ListenWhy selling outcomes beats selling products every timeHow to close enterprise deals in 60 days instead of 12 monthsThe difference between AI-native and AI-bolted-on companiesWhy founder-led sales is non-negotiable in the early daysHow to build for IPO from day one without slowing downKeywordsstartup podcast, startup podcast for founders, AI startup growth, founder-led sales, zero to one startup, enterprise sales strategy, AI native company, managed services startup, cybersecurity startup, product market fit00:00:00 Intro00:10:29 Selling His Last Company for $100Ms00:15:10 The Origin Story of TENEX00:36:47 How They Hit $43M ARR in Year One00:43:27 The 30 Second Demo That Closes Enterprise Deals00:47:10 Why Selling Outcomes Beats Selling Products00:51:29 The Mechanics of Going From Zero to $40M ARR01:01:09 Go to Market and Founder Led Sales01:05:32 When He Knew He Had Product Market FitRetrySend me a message to let me know what you think!

Support the D.A.W.G.Z. @ patreon.com/MSsecretpod Support Kiss @ https://www.patreon.com/stuffisland WATCH 'Tires' on NETFLIX Go See Matt Live @ mattmccusker.com/dates Go See Shane Live @ shanemgillis.com Yes. Phil. Fambly cast at Casa de Gillis haha. Happy Thanksgiving everybody. We're thankful for all of you - Love you all very much. Please enjoy. God Bless. Visit dosedaily.co/MSSP and use code MSSP to get 41% off Visit https://prizepicks.onelink.me/DRENCHED and use code DRENCHED and get $50 in lineups when you play your first $5 lineup! $45 off Carver Mat https://on.auraframes.com/MSSP p.s. I think it's OK but sorry if it's a little choppy I was rushing to get it up before the holiday:) Learn more about your ad choices. Visit podcastchoices.com/adchoices

Jim McDonald and Jeff Steadman sit down with Mike Reiring of RSM at InfoSec World 2025 to explore how managed service providers are reshaping IT and identity operations. They dig into the differences between MSPs and MSSPs, how to choose the right partner, and how AI is transforming help desks, problem management, and security monitoring. The conversation closes with a fun dive into Mike's passion for photography and how creativity ties into continuous learning in tech.Connect with Mike: https://www.linkedin.com/in/mreiring/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapters00:00 Intro – Live from InfoSec World 202502:00 Meet Mike Reiring of RSM04:30 Evolution of Managed Service Providers06:30 Shared Accounts, Identity, and Security Maturity09:00 Vendor Gaps and Federated Access Challenges11:30 What Makes a Good MSP Partner13:00 The Cost and Effort of Changing Providers16:30 MSP vs MSSP – Key Differences18:30 Coordination Between Managed Providers21:30 Top 3 Questions to Ask Your MSP25:00 Identity Ownership: IT or Security?27:30 Licensing, Active Directory, and Hidden Accounts30:00 RFP Challenges and Procurement Pitfalls32:00 Measuring Risk and Reducing Identity Exposure34:30 Vendor Management and Shadow IT Risks35:00 How AI Is Transforming MSP and MSSP Operations38:30 AI, Problem Management, and the Future of Help Desks42:30 Photography, Creativity, and Continuous Learning48:00 Closing Thoughts and IDAC OutroKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Mike Reiring, RSM, InfoSec World 2025, Managed Service Provider, MSP, MSSP, AI in Cybersecurity, Help Desk, Identity Management, Managed Identity, Partner Transparency, IT Outsourcing, Risk Reduction, Problem Management, Active Directory, DaVinci Resolve, Photography in Tech, Identity Governance, Cybersecurity Podcast

In this episode, we use cybersecurity as a lens to expose a truth that every leader forgets: the biggest threats to your company are the ones you can't see—until they take you down.Scott's career mirrors the evolution of tech itself—from software stores in the '80s to early network integration, to building one of the original managed services models before “MSP” was even a phrase. His latest book, Visible Ops for Cybersecurity, reframes the discipline not as an IT function, but as a visibility function: if you can't see it, you can't secure it… and if you can't secure it, you can't scale it.We break down why ransomware is now franchised, why even the best companies get breached, why cyber insurance is becoming a false safety net, and why every founder—yes, even a team-of-one startup—needs a security-first mindset.This isn't fear-mongering. It's leadership.TL;DR* Assume breach. The #1 mistake founders make is believing they're “too small” to be a target.* Backups are not backups unless they're encrypted, immutable, and air-gapped.* Cyber insurance is not protection—44% of claims were denied in 2024.* Reinvention is mandatory. Tech evolves, threats evolve, your systems must evolve.* Visibility beats bravado. Most failures come from what leaders think is secure, not what actually is.Memorable lines* “Security by obscurity died the day ransomware became a franchise.”* “If the best cybersecurity companies get hacked, your only strategy is resilience.”* “Backups aren't safety—they're hope, unless they're air-gapped.”* “Reinvention isn't optional in tech—it's the price of staying alive.”* “Make the invisible visible, or the invisible will make the decision for you.”Key Ideas We Unpack1. Reinvention as a Survival SkillScott turned retail software into network integration, then into managed services, then into cybersecurity leadership.The pattern:Visibility → Competence → Reinvention.Most founders skip the first step and collapse at the third.2. The Modern Threat Landscape Is IndustrializedRansomware now has:* franchises* training* support hotlines* experts who “close the deal” when an amateur hacker gets stuckThis is organized crime with a customer-service department.3. Backups Are the New LifeboatsThreat actors sit inside systems for 60–365 days before triggering an attack.If your backups are not:* encrypted* immutable* air-gappedyou don't have backups—you have illusions.4. Cyber Insurance Is Becoming a Mirage44% of claims denied.Policies are unregulated.Exclusions keep growing.Insurance is no longer a plan—it's paperwork.5. The Startup Founder Version of CybersecurityIf you're a team of one, your mantra is simple:Be good to your future self.Design tools, workflows, and systems with a security-first mindset from day one.The cheapest hack is the one that never becomes possible.6. Visibility Is a Leadership HabitYou can't manage what you can't see.And almost everything that destroys a business—breaches, failures, slow decay, talent risk—starts in the invisible layer.GuestScott Aldridge — President & CEO of IP Services.Cybersecurity author, technologist, MSSP leader, and early pioneer of managed services.Linkedin: https://www.linkedin.com/in/scott-alldridge-1a976/Website: https://ipservices.com/Why This MattersMost founders underestimate risk because they overestimate visibility.If you want a business that survives the next decade, the job is simple:Design for resilience.Assume breach.Back up reality, not hope.Reinvent before the market forces you to.And make the invisible visible—before someone else does.Call to ActionIf this conversation lit something up for you, don't just let it fade. Come join me inside the Second Life Leader community on Skool. That's where I share the frameworks, field reports, and real stories of reinvention that don't make it into the podcast. You'll connect with other professionals who are actively rebuilding and leading with clarity. The link is in the show notes—step inside and start building your Second Life today.https://secondlifeleader.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.dougutberg.com

We weigh the promise and peril of the AI agent economy, pressing into how overprovisioned non-human identities, shadow AI, and SaaS integrations expand risk while go-to-market teams push for speed. A CMO and a CFO align on governance-first pilots, PLG trials, buyer groups, and the adoption metrics that sustain value beyond the sale.• AI adoption surge matched by adversary AI• Overprovisioned agents and shadow AI in SaaS• Governance thresholds before budget scale• PLG trials, sandbox, and POV sequencing• Visualization to reach the aha moment• Buying groups, ICP, and economic buyer alignment• Post‑sales usage, QBRs, NRR and churn signals• Zero trust limits and non-human identities• Breach disclosures as industry standards• Co-sourcing MSSP with in-house oversightSecurity isn't slowing AI down; it's the unlock that makes enterprise AI valuable. We dive into the AI agent economy with a CMO and a CFO who meet in the messy middle. The result is a practical blueprint for moving from hype to governed production without killing momentum.We start by mapping where controls fail: once users pass SSO and MFA, agents often operate beyond traditional identity and network guardrails. That's how prompts pull sensitive deal data across Salesforce and Gmail, and how third‑party API links expand the attack surface. From there, we lay out an adoption sequence that balances trust and speed. Think frictionless free trials and sandboxes that reach an immediate “aha” visualization of shadow AI and permissions, then progress to a scoped POV inside the customer's environment with clear policies and measurable outcomes. Along the way, we detail the buying group: economic buyers who sign and practitioners who live in the UI, plus the finance lens that sets pilot capital, milestones, and time-to-value expectations.We also challenge sacred cows. Zero trust is essential, but attackers increasingly log in with valid credentials and pivot through integrations, so verification must include non-human identities and agent-to-agent controls. Breach disclosures, far from being a greater threat than breaches, are foundational to ecosystem trust and faster remediation. And while MSSPs add critical scale, co-sourcing—retaining strategic oversight and compliance ownership—keeps accountability inside. If you care about ICP, PLG motions, PQLs, NRR, or simply reducing AI risk while driving growth, this conversation turns buzzwords into a playbook you can run.Vamshi Sriperumbudur: https://www.linkedin.com/in/vamsriVamshi Sriperumbudur was recently the CMO for Prisma SASE at Palo Alto Networks, where he led a complete marketing transformation, driving an impact of $1.3 billion in ARR in 2025 (up 35%) and establishing it as the platform leader.  Chithra Rajagopalan - https://www.linkedin.com/in/chithra-rajagopalan-mba/Chithra Rajagopalan is the Head of Finance at Obsidian Security and former Head of Finance at Glue, and she is recognized as a leader in scaling businesses. Chithra is also an Investor and Advisory Board member for Campfire, serving as the President and Treasurer of Blossom Projects.Website: https://www.position2.com/podcast/Rajiv Parikh: https://www.linkedin.com/in/rajivparikh/Sandeep Parikh: https://www.instagram.com/sandeepparikh/Email us with any feedback for the show: sparkofages.podcast@position2.com

Podcast: Simply ICS CyberEpisode: S2 E7: ICS/OT Security Operations CentersPub date: 2025-11-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe growing need for visibility and response in industrial environments is driving more organizations to consider ICS/OT Security Operations Centers — but what does that actually look like for small and medium-sized operations?In this episode of Simply ICS Cyber, Don and Tom sit down with Dan Gunter, CEO and founder of Insane Cyber, to discuss how ICS/OT SOCs function, what data truly matters for monitoring, and how incident response changes when operators have (or don't have) the right information at hand.Drawing on experience from the Air Force CERT to founding an OT-focused security company, Dan shares a practical look at the realities of SOC implementation across industries — from utilities with limited staff to large-scale enterprises managing thousands of assets.Listeners will gain insight into how to start building visibility, selecting the right MSSP partners, and managing SOC fatigue — all while keeping industrial operations safe and resilient.⚙️ Tune in to learn how data, process, and people come together to make ICS/OT SOCs work in the real world.Connect with Dan on LinkedIn: https://www.linkedin.com/in/dan-gunter

Tommy Pope sits down with Matt McCusker and Shawn Gardini. Matt has a new Netflix special out "A Humble Offering" Matt McCusker and Shane Gillis also have a podcast Matt and Shane's Secret Podcast. Shawn Gardini can be seen on MSSP and has a monthly show in Austin called Optimum Noctis Comedians Chris and Tommy Pope are making all kinds of Stuff on the paytch. Each week they talk about anything & everything under the sun. Tommy also chefs up some delicious meals. It's a blast, folks. Check out our second channel @LookatDish where Tommy Pope and Chris O'Connor cook elaborate meals with your favorite comedians As always, get your first month of BlueChew FREE Just use promo codeSTUFFISLAND at checkout and pay five bucks for shipping. That's it. Join BlueChew's mission to upgrade humanity one thrust at a time. Head to https://www.BlueChew.com Today, get Huel for FIFTEEN PERCENT OFF with this exclusive offer for New Customers only withcode insertcode at https://huel.com/stuffisland (Minimum $75 purchase). SUB TO PATREON: patreon.com/stuffisland Follow Chris on IG: https://www.instagram.com/achrisoconnor Follow Tommy on IG: https://www.instagram.com/tommyjpope #comedy #comedypodcast #comedians Learn more about your ad choices. Visit megaphone.fm/adchoices

On this episode of The Cybersecurity Defenders Podcast we speak with Hannah Lloyd, Co-Founder and CRO of enhanced.io, about how MSPs can launch, sell and scale security offerings.With 10+ years of channel sales experience, Hannah leads global new business generation and account management to deliver innovative cybersecurity solutions to enhanced.io's MSP partners. As a GTIA EC member (2018) and Chair (2021), Hannah is actively involved in the MSP channel community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Send us a text

Send us a text

Send us a textIn this episode of Joey Pinz Discipline Conversations, Joey sits down with Scott Fuhriman, cybersecurity veteran and leader at Inveri, live from the MSP Summit in Orlando.Scott shares his 25+ years of cybersecurity experience, explaining how Inveri's runtime integrity technology, born from NSA research, helps MSPs and MSSPs detect hidden in-memory attacks, rootkits, and advanced threats that traditional tools miss. He highlights why protecting this overlooked layer is crucial to preserving revenue, preventing churn, and maintaining customer trust.The conversation also touches on Scott's personal discipline journey — from starting as a young PC tech overwhelmed by information to building a career through self-study, mentorship, and consistency. He and Joey discuss how MSPs can choose the right vendors, strengthen their security stacks, and enable long-term resilience in a competitive market.

Send us a textIn this episode of Joey Pinz Discipline Conversations, Joey sits down with Jeff Hill of Stellar Cyber to explore how MSPs can strengthen their security posture, grow their businesses, and simplify operations. Recorded live at the MSP Summit in Orlando, Jeff shares candid insights on what keeps MSPs awake at night—from cybersecurity breaches to staffing challenges and competitive growth pressures.Jeff explains how Stellar Cyber's multi-tenancy, unified platform, and AI-driven automation help MSPs deliver enterprise-grade security without added complexity. He emphasizes the importance of choosing the right MSSP partners, understanding compliance and cyber insurance requirements, and leveraging open platforms that integrate seamlessly with existing tools.The conversation also highlights how MSPs can turn security into a revenue generator, not just a cost center, while positioning themselves for long-term success or acquisition. Jeff's core message is clear: simplify, stay open, and create value that differentiates your business.Tune in to learn how Stellar Cyber is helping MSPs find their “diamonds in the rough” and why now is an exciting time in the cybersecurity landscape. 

Join Josh Israel, MD and Sean Cavanaugh in their video debut as they discuss the Medicare Shared Savings Program (MSSP) results for 2024 released by CMS with Aledade CEO Farzad Mostashari, MD They explore how Aledade Accountable Care Organizations (ACOs) earned more than $1 billion in total savings and continue to improve performance year over year, including substantially reducing hospitalizations. We also sit down with Sandeep Mann, MD, primary care physician and Aledade partner since 2015, to explore how his practice has thrived in value-based care. Watch the full episode Connect with us at acoshow@aledade.com or visit the Aledade Newsroom

Support the D.A.W.G.Z. @ patreon.com/MSsecretpod Support Joe @ https://www.patreon.com/tuesdays Support Nathan @ https://www.patreon.com/pitm Go See Matt Live @ mattmccusker.com/dates Go See Shane Live @ shanemgillis.com Go See Joe Live @ https://www.comedianjoelist.com/ Go to Optimum Noctis 1st and 3rd Tues of Every Month https://www.creekandcave.com/events/optimumnoctis hello. Hope you're all having a good start to your day. This week we got the great Joe List on the cast while the big kahuna is away. It's a hot one. Support Joes casts Tuesday's w/ Stories! and The Regz, and watch his specials on YouTube. Please enjoy. God Bless. Go to armra.com/MSSP or enter MSSP to get 30% off your first subscription order. Visit https://prizepicks.onelink.me/LME0/DRENCHED and use code DRENCHED and get $50 in lineups when you play your first $5 lineup! Learn more about your ad choices. Visit podcastchoices.com/adchoices

Stellar Cyber Revolutionizes SOC Cybersecurity Operations with Human-Augmented Autonomous Platform at Black Hat 2025 A Stellar Cyber Event Coverage of Black Hat USA 2025 Las VegasAn ITSPmagazine Brand Story with Subo Guha, Senior Vice President Product, Stellar Cyber____________________________Security operations centers face an unprecedented challenge: thousands of daily alerts overwhelming analyst teams while sophisticated threats demand immediate response. At Black Hat USA 2025 in Las Vegas, Stellar Cyber presented a revolutionary approach that fundamentally reimagines how SOCs operate in the age of AI-driven threats.Speaking with ITSPmagazine's Sean Martin, Subo Guha, Senior Vice President of Products at Stellar Cyber, outlined the company's vision for transforming security operations through their human-augmented autonomous SOC platform. Unlike traditional approaches that simply pile on more automation, Stellar Cyber recognizes that effective security requires intelligent collaboration between AI and human expertise.The platform's three-layer architecture ingests data from any source – network devices, applications, identities, and endpoints – while maintaining vendor neutrality through open EDR integration. Organizations can seamlessly work with CrowdStrike, SentinelOne, Sophos, or other preferred solutions without vendor lock-in. This flexibility proves crucial for enterprises navigating complex security ecosystems where different departments may have invested in various endpoint protection solutions.What sets Stellar Cyber apart is their autonomous SOC concept, which dramatically reduces alert volume from hundreds of thousands to manageable numbers within days rather than weeks. The platform's AI-driven auto-triage capability identifies true positives among thousands of false alarms, presenting analysts with prioritized "verdicts" that demand attention. This transformation addresses one of security operations' most persistent challenges: alert fatigue that leads to missed threats and burned-out analysts.The revolutionary AI Investigator copilot enables natural language interaction, allowing analysts to query the system conversationally. An analyst can simply ask, "Show me all impossible travel incidents between midnight and 4 AM," and receive actionable intelligence immediately. This democratization of security operations means junior analysts can perform at senior levels without extensive coding knowledge or years of experience navigating complex query languages.Identity threat detection and response (ITDR) emerged as another critical focus area during the Black Hat presentation. With identity becoming the new perimeter, Stellar Cyber integrated sophisticated user and entity behavior analytics (UEBA) directly into the platform. The system detects impossible travel scenarios, credential attacks, and lateral movement patterns that indicate compromise. For instance, when a user logs in from Portland at 11 PM and then appears in Moscow 30 minutes later, the platform immediately flags this physical impossibility.The identity protection extends beyond human users to encompass non-human identities, addressing the growing threat of automated attacks powered by large language models. Hackers now leverage generative AI to create credential attacks at unprecedented scale and sophistication, making robust identity security more critical than ever.Guha emphasized that AI augmentation doesn't displace security professionals but elevates them. By automating mundane tasks, analysts focus on strategic decision-making and complex threat hunting. MSSPs report dramatic efficiency gains, scaling operations without proportionally increasing headcount. Where previously a hundred thousand alerts might take weeks to process, requiring extensive junior analyst teams, the platform now delivers actionable insights within days with smaller, more focused teams.The platform's unified approach eliminates tool sprawl, providing CISOs with real-time visualization of their security posture. Executive reporting becomes instantaneous, with high-priority verdicts clearly displayed for rapid decision-making. This visualization capability transforms how security teams communicate with leadership, replacing lengthy reports with dynamic dashboards that convey risk and response status at a glance.Real-world deployments demonstrate significant operational improvements. Organizations report faster mean time to detection and response, reduced false positive rates, and improved analyst satisfaction. The platform's learning capabilities mean it becomes more intelligent over time, adapting to each organization's unique threat landscape and operational patterns.As organizations face increasingly sophisticated threats powered by generative AI, Stellar Cyber's human-augmented approach represents a paradigm shift. By combining AI intelligence with human intuition, the platform delivers faster threat detection, reduced false positives, and empowered security teams ready for tomorrow's challenges. The company's commitment to continuous innovation, evidenced by rapid feature releases between RSA and Black Hat, positions them at the forefront of next-generation security operations. Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947Note: This story contains promotional content. Learn more.Guest: Subo Guha, Senior Vice President Product, Stellar Cyber | https://www.linkedin.com/in/suboguha/ResourcesLearn more and catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyberLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Navigating the complexities of dementia care can feel overwhelming. This episode offers a crucial GUIDE to understanding the Medicare GUIDE model, a federal payment initiative designed to revolutionize support for individuals living with dementia and their family caregivers. First, we explain what the GUIDE model is and how it provides access to dementia specialists, personalized care plans, and vital caregiver support, including a significant allowance for respite services. Moreover, learn the essential eligibility requirements for these no-cost benefits. Furthermore, we discuss a groundbreaking partnership between Remo Health and the Cleveland Clinic Medicare ACO, expanding access to comprehensive virtual dementia care in Ohio. This collaboration aims to reach underserved and rural communities, ensuring equitable access to world-class support. We also emphasize the importance of early diagnosis and proactive planning. Ultimately, discover how this innovative approach can alleviate caregiver burden and improve brain health outcomes. Consequently, this discussion serves as an indispensable GUIDE for families seeking crucial resources and support. Our Guest: Sabrina Chugani Sabrina is a co-founder and Chief Growth Officer at Remo Health, where she oversees partnerships, marketing, and account management. Sabrina has deep expertise in value-based care and has spent her career working at the forefront of innovative payment models, including MSSP, CKCC, and Direct Contracting, that change the way care is delivered nationwide. About Remo Health Remo Health is a virtual dementia care company. Our world-class neurologists diagnose and manage all types of dementia. Remo provides peer support, comprehensive and personalized care plans, and 24/7 access to experts for people living with dementia and those who care for them. Remo Health is a trusted participant in the Centers for Medicare & Medicaid Services' Guiding an Improved Dementia Experience (GUIDE) Model. ++++++++++++++++++++++++++++++++++++++++ Related Episodes: The Future of Dementia Care: Beyond Clinic Walls The Brain's Fountain of Youth: Innovative Paths to Dementia Prevention ++++++++++++++++++++++++++++++++++++++++ Sign Up for more Advice & Wisdom - email newsletter. Please help us keep our show going by supporting our sponsors. Thank you. ++++++++++++++++++++++++++++++++++++++++ Make Your Brain Span Match Your LifeSpan Relevate from NeuroReserve With Relevate nutritional supplement, you get science-backed nutrition to help protect your brain power today and for years to come. You deserve a brain span that lasts as long as your lifespan. ++++++++++++++++++++++++++++++++++++++++ Feeling overwhelmed? HelpTexts can be your pocket therapist. Going through a tough time? HelpTexts offers confidential support delivered straight to your phone via text message. Whether you're dealing with grief, caregiving stress, or just need a mental health boost, their expert-guided texts provide personalized tips and advice. Sign up for a year of support and get: Daily or twice-weekly texts tailored to your situation Actionable strategies to cope and move forward Support for those who care about you (optional) HelpTexts makes getting help easy and convenient. ++++++++++++++++++++++++++++++++++++++++ List of the Top 20 Alzheimer's Podcasts via FeedSpot! See where we rank. Join Fading Memories On Social Media! If you've enjoyed this episode, please share this podcast with other caregivers! You'll find us on social media at the following links. Instagram LinkedIn  Facebook Contact Jen at hello@fadingmemoriespodcast.com Or learn more at Our Website

Send us a textWhat happens when you combine a cybersecurity expert with a volunteer fire chief? You get Tim Weber.