Podcasts about Rmm

Forced arbitration clauses have become embedded as a dominant mechanism in technology vendor contracts, shifting legal risk and accountability away from large vendors and reducing recourse options for managed service providers (MSPs) and IT service firms. This structural change, present in agreements with RMM and PSA vendors as well as hyperscalers such as Microsoft, Amazon, and Google, establishes a private dispute resolution system that operates beyond the traditional court system and is typically non-negotiable for smaller partners. The shift is evidenced by data and case studies outlined by Brendan Ballou. According to supplied figures, while consumers win in 89% of small claims court cases, their success rate drops to between 20% and 30% in arbitration, and even less—sometimes as low as 0.2%—for certain arbitration providers. Arbitration clauses are enforced even in extreme cases, as illustrated by a notable instance involving Disney, in which a forced arbitration clause was applied following a consumer's prior account registration. Legal precedent as far back as the 2011 Supreme Court decision referenced by Brendan Ballou has broadened the Federal Arbitration Act well beyond its 1925 origins, further entrenching this system. Additional developments reference increased litigation in the 1980s, often cited as justification for expanding arbitration, though he attributes much of the legal caseload surge to government actions rather than consumer or employee lawsuits. The technology industry's broad adoption of arbitration, especially in contracts where MSPs have little or no room to negotiate, further cements these power imbalances. Alternatives such as mediation are discussed as potentially less risky, but their adoption remains limited. The operational implications for MSPs, IT service providers, and IT leaders include heightened contract risk and reduced leverage in vendor disputes. Arbitration clauses limit access to open legal processes, restrict discovery rights, and are prone to bias in favor of vendors with repeat arbitrator relationships. For MSPs reliant on large platforms and suppliers, this creates ongoing exposure and complicates risk management. Mitigating measures—such as leveraging peer coordination for "mass arbitration" or negotiating for post-dispute mediation rather than pre-dispute forced arbitration—require proactive planning but may remain unavailable in standard vendor agreements. Supported by:MoovilaHaloPSA  

EPISODE SNAPSHOT   Welcome to The Bryan Air Podcast. Career intelligence for pilots.   We break down executive moves, economic forces, and the technology reshaping how pilots are trained, assessed, and employed. Boardroom decisions land on your flight deck. We translate them first. No corporate spin. Just the intelligence pilots actually need.   South African airlines are about to lose another wave of pilots. With no real career layers left locally between the regionals and the long-haul foreign jobs, our pilots have once again become the industry's cheapest, best-trained export. Meanwhile Starlink at 33,000 feet has rewired long-haul flying, Ryanair has wiped out 1.4 billion in pandemic debt, and passengers are starting to tip airline crew. Are you ready for the next 12 months in a South African right seat?   In this episode of The Bryan Air Podcast, Bryan Roseveare and Ryan Parrock break down the South African pilot exodus, Starlink in the cockpit, UK pilot salaries in 2026, Ryanair becoming debt-free, an easyJet power bank diversion, the Air India Express runway edge takeoff scare in Muscat, automated taxi bots at Schiphol, and the impact of the Middle East conflict on South African tourism.   TIME-STAMPED FLIGHT PLAN   00:00 Cold Open And This Week's Flight Plan   00:43 Starlink First Impressions From An Air France A350   02:09 Why Starlink Makes In-Flight WiFi Feel Brand New   02:54 Every Airline That Has Already Switched To Starlink   05:01 Why O'Leary Refuses To Put Starlink On Ryanair   06:03 The Hidden Cost Of Being Connected At 33,000ft   08:00 Starlink In The Cockpit: A Pilot Distraction Problem   11:27 The Paris Tipping Trap And Hidden Service Charges   13:38 A Charles de Gaulle Nightmare And The Captain Who Saved It   17:56 Passengers Are Now Tipping Airline Crew   21:05 Should Pilots Actually Be Tipped?   22:25 UK Pilot Salaries In 2026: The New Numbers   24:20 Why South African Pilots Are About To Leave Again   28:40 Ryanair Paid Off 1.4 Billion And Is Now Debt Free   29:51 The EasyJet Power Bank That Diverted A Plane To Rome   31:40 Air India Express Tried To Take Off On The Runway Edge   32:14 Middle East Conflict, SA Tourism And Etihad's Joburg Return   34:14 Schiphol's Automated Taxi Bots Are Live   36:59 FIFA World Cup Liveries And A New Bryan Air SuperBru   39:20 Wrap And Sign-Off   JOIN THE BRYAN AIR COMMUNITY   Bryan Air is a career intelligence ecosystem for pilots. Sign up free to receive our weekly newsletter covering the disruption of AI in aviation, career strategy, and the analysis that does not make it into the episodes.   Sign Up Free → https://bryanairpodcast.com/   FREE PILOT CAREER ASSESSMENT   Where are you in your career? The Flight Plan is our free, AI-powered career intelligence tool. Answer 8 questions about your situation and get a personalised strategic assessment with specific moves tailored to where you are right now.   Take the Free Assessment → https://pilotcareerintelligence.netlify.app/   RISK MANAGEMENT AND DECISION MAKING SIMULATOR   Practise structured decision-making using live flights. Our AI-powered simulator lets you work through RMM and T-DODAR frameworks on real Flightradar24 data, with AI-generated scenarios and personalised debriefs. Built by Bryan Roseveare for pilots who want to sharpen the skills that matter most when things go wrong.   Early bird: $29 one-time. Lifetime access.   Try the Simulator → https://bryanair.tools/   LINKS   Bryan Air - Career Intelligence for Pilots → https://bryanairpodcast.com/   Free Pilot Career Assessment → https://pilotcareerintelligence.netlify.app/   Risk Management and Decision Making Simulator → https://bryanair.tools/   Bryan Roseveare → https://www.bryanroseveare.com/   Watch on YouTube → https://www.youtube.com/@BryanAirPodcast   Support on Patreon → https://www.patreon.com/bryanair   #AviationPodcast #BryanAir #PilotLife #SouthAfricanAviation #Starlink

EPISODE SNAPSHOT Welcome to The Bryan Air Podcast. Career intelligence for pilots. We break down executive moves, economic forces, and the technology reshaping how pilots are trained, assessed, and employed. Boardroom decisions land on your flight deck. We translate them first. No corporate spin. Just the intelligence pilots actually need. Cape Town went off the air on Monday. Gusts over 50 knots, crews diverting to PE, East London, and even back to Joburg, and a Turkish long-haul thrown into the mix. Ryan unpacks his shift into the charter market while the Middle East ripples through the industry, and we get into why FlySafair's on-time performance is not luck, it is strategy you can study. Then we go global: Trump's 200-aircraft China deal, Singapore Airlines printing $2.4 billion in revenue, $49.5 million awarded in the Ethiopian 302 case, and Google preparing to launch AI data centres into orbit by 2027. The hiring floodgates are about to open. Are you ready when they do? In this episode of The Bryan Air Podcast, Bryan Roseveare and Ryan Parrock analyse Cape Town weather diversions, FlySafair's on-time performance strategy, China's 200-aircraft Boeing order, Ethiopian 302 compensation, Singapore Airlines record results, French Bee pilot strikes, and Google's plan for AI data centres in orbit. TIME-STAMPED FLIGHT PLAN 00:00 Cleared for Approach 00:13 Welcome Back to the Studio 00:43 Ryan's Charter Market Pivot 02:13 Cockpit Casual Backs the Spirit Pilots 03:39 Cape Town Shuts Down: Wild Weather Hits 05:53 What Pilots Actually Pay for Tickets 07:45 The FlySafair OTP Strategy Decoded 09:14 Hiring Floodgates About to Open 11:19 Trump, China, and 200 Boeings 12:12 $49.5M Awarded in Ethiopian 302 Case 12:39 Singapore Airlines Hits $2.4B Revenue 13:29 Why Japan Is on the Travel Radar 15:16 Google Sends AI Data Centres to Orbit 17:38 French Bee Pilots Plan to Strike 18:54 Verstappen, the Nürburgring, and Springboks 20:31 Paris Bound: Air France Review Incoming 20:55 Outro and Subscribe JOIN THE BRYAN AIR COMMUNITY Bryan Air is a career intelligence ecosystem for pilots. Sign up free to receive our weekly newsletter covering the disruption of AI in aviation, career strategy, and the analysis that does not make it into the episodes. Sign Up Free → https://bryanairpodcast.com/ FREE PILOT CAREER ASSESSMENT Where are you in your career? The Flight Plan is our free, AI-powered career intelligence tool. Answer 8 questions about your situation and get a personalised strategic assessment with specific moves tailored to where you are right now. Take the Free Assessment → https://pilotcareerintelligence.netlify.app/ RISK MANAGEMENT & DECISION MAKING SIMULATOR Practise structured decision-making using live flights. Our AI-powered simulator lets you work through RMM and T-DODAR frameworks on real Flightradar24 data, with AI-generated scenarios and personalised debriefs. Built by Bryan Roseveare for pilots who want to sharpen the skills that matter most when things go wrong. Early bird: $29 one-time. Lifetime access. Try the Simulator → https://bryanair.tools/ LINKS Bryan Air — Career Intelligence for Pilots → https://bryanairpodcast.com/ Free Pilot Career Assessment → https://pilotcareerintelligence.netlify.app/ Risk Management & Decision Making Simulator → https://bryanair.tools/ Bryan Roseveare → https://www.bryanroseveare.com/ Watch on YouTube → https://www.youtube.com/@BryanAirPodcast Support on Patreon → https://www.patreon.com/bryanair #AviationPodcast #BryanAir #PilotLife #CapeTownWeather #FlySafair

Today’s headline news for Canadian IT solution providers: Acronis has launched Cyber Frame, a new hyperconverged infrastructure (HCI) and infrastructure-as-a-service (IaaS) platform built specifically for managed service providers. The platform allows MSPs to build and deliver infrastructure services with native integration into Acronis’ cyber protection and remote monitoring and management (RMM) tools. Acronis says it is designed to give service providers an alternative to legacy virtualization and hyperscaler cost pressures, offering better margin control and options for both fully hosted and partner-hosted deployments. Citrix has introduced Citrix Platform Flex, a new persona-based secure access model intended to help organizations move away from static, one-size-fits-all IT delivery. The new platform is built to align IT resources more closely with evolving business needs, delivering secure access, managed services, and observability with more flexible and predictable pricing. It acknowledges that different worker profiles require vastly different access parameters in a modern hybrid environment. Upwind has launched its new AI Agentic Pack, adding agent-driven capabilities to its cloud security platform. The tools are designed to help security teams investigate threats, validate active exposures, and prioritize remediation, leaning into the growing industry trend of using autonomous agents to compress the window between threat discovery and response. Nerdio vice president of MSP sales Will Ominsky warned in a Redmond Channel Partner interview today that MSPs who figure out how to monetize AI by the end of 2026 will grab massive market share. He noted that partners who only experiment with AI internally—without building client-facing, revenue-generating AI practices—will be left behind in the coming wave of SMB adoption. Boomi and Red Hat have announced a strategic collaboration to deliver an integrated stack for deploying agentic AI at scale. The partnership combines Boomi’s Agentstudio with Red Hat AI, providing organizations with a framework to orchestrate AI workflows securely without losing control of their data governance or allowing cloud consumption costs to spiral. The U.S. Department of Homeland Security is reportedly scrutinizing Instructure after a massive ransomware attack disrupted its Canvas online learning platform. The breach highlights the growing vulnerability of critical SaaS infrastructure and the widespread supply chain impact when platforms are targeted during peak usage periods, such as university finals week. Canadian cybersecurity provider Plurilock has announced CAD $1.13 million in new critical services contracts. The wins reflect continued momentum for the AI-native security firm as it expands its footprint across both public and private sector environments, capitalizing on the growing need for identity-centric security. [powerpresss] Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Thursday, May 14, 2026, and here’s what’s happening in the channel today. Acronis has launched Cyber Frame, a new hyperconverged infrastructure and infrastructure-as-a-service platform built specifically for managed service providers. The launch comes at a critical time for the channel, as many service providers are actively seeking alternatives to legacy virtualization platforms following recent industry shakeups and pricing model changes. Cyber Frame allows MSPs to build and deliver infrastructure services with native, seamless integration into Acronis’ existing cyber protection and remote monitoring and management tools. Rather than dealing with the unpredictable costs of hyperscale public clouds or the complexity of managing disparate vendor stacks, MSPs can use Cyber Frame to consolidate their service delivery. Acronis says the platform is designed to give service providers significantly better margin control and simplified management. It offers flexible deployment options, allowing partners to choose between a fully hosted model managed by Acronis, or a partner-hosted deployment running on the MSP’s own hardware in their local data center. By combining compute, storage, networking, and security into a single unified platform, Acronis is positioning Cyber Frame as a way for MSPs to scale their infrastructure offerings profitably while maintaining the tight security posture that modern SMB clients demand. Citrix has introduced Citrix Platform Flex, a new persona-based secure access model intended to help organizations move away from static, one-size-fits-all IT delivery. In today’s hybrid work environment, the access requirements for a call center employee, a traveling executive, and a remote software engineer are vastly different. Citrix built Platform Flex to recognize these distinctions, allowing IT teams to align resources, security controls, and application delivery specifically to the varying needs of different worker profiles. The new platform delivers secure application access, managed services, and comprehensive observability under a model designed for more flexible and predictable pricing. By shifting away from rigid licensing structures that often force companies to over-provision resources for basic users, Citrix aims to help enterprises optimize their cloud and infrastructure spending. Platform Flex also incorporates advanced analytics and security policies that adapt in real-time based on user behavior and location. For channel partners, this persona-driven approach provides a clear framework to help enterprise customers rationalize their IT investments, simplify the management of distributed workforces, and ensure that security protocols do not impede productivity for end users who require high-performance access to specialized applications. Upwind has launched its new AI Agentic Pack, adding autonomous, agent-driven capabilities to its cloud security platform. As cloud environments grow increasingly complex and security operations centers face unprecedented alert fatigue, the cybersecurity industry is rapidly shifting toward agentic AI to help manage the load. Upwind’s new tools are specifically designed to help security teams autonomously investigate threats, validate whether theoretical vulnerabilities are actually exposed to active exploitation, and prioritize remediation efforts based on real-world risk. Instead of simply generating more alerts for human analysts to sift through, the Agentic Pack leverages artificial intelligence to actively investigate the root cause of an incident, map the attack path across cloud infrastructure, and propose actionable fixes. This launch leans heavily into the growing necessity of using autonomous agents to drastically compress the window between threat discovery and response. With malicious actors utilizing AI to accelerate their attacks, defenders require matching speed to counter them. For managed security service providers, Upwind’s agentic capabilities offer a pathway to scale their operations, handle a higher volume of telemetry without adding headcount, and provide faster threat containment for their clients. In brief: Nerdio vice president of MSP sales Will Ominsky warned in a Redmond Channel Partner interview today that MSPs who figure out how to monetize AI by the end of 2026 will grab massive market share.  Boomi and Red Hat have announced a strategic collaboration to deliver an integrated stack for deploying agentic AI at scale.  The U.S. Department of Homeland Security is reportedly scrutinizing Instructure after a massive ransomware attack disrupted its Canvas online learning platform.  And Canadian cybersecurity provider Plurilock has announced 1.13 million dollars in new critical services contracts.  Later today on in the channel, we’re talking eCrime Reports and Threat Intelligence with Camerous Tousley and Pedro Kertzman of ESET. And if you missed it yesterday, check out my conversation with Auvik’s Steve Petryschuk on the gap between MSPs’ expectation around AI, and the reality they have realized to date. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

Cameron Tousley, director of MSP channels for ESET North America For most MSPs, the quarterly client conversation looks something like this: here are the alerts we handled, here is your uptime number, here is a dashboard of things we blocked. Useful, certainly – but not exactly the stuff of trusted advisor relationships. Cameron Tousley, director of MSP channels for ESET North America, has a phrase for the upgrade: move from statistical talks to threat briefings. In this episode of In The Channel, he and Pedro Kertzman, threat intelligence specialist at ESET, join host Robert Dutt to explain what that actually looks like in practice – and why the window for MSPs to make that transition may be narrowing. Pedro Kertzman, threat intelligence specialist at ESET The occasion is ESET’s eCrime Reports, a threat intelligence offering that tracks cybercriminal activity at the affiliate level – the individuals buying malware-as-a-service and executing the actual attacks. Kertzman explains why that granularity matters: affiliates signal tactical shifts before attacks scale, giving security-forward MSPs a genuine early-warning advantage. Tousley adds the client conversation layer: knowing that a specific threat group is targeting your customer’s vertical via a specific attack method is a meaningfully different conversation than “we blocked 4,000 threats this month.” There’s also an uncomfortable wrinkle for MSPs specifically: as Pedro notes, affiliates increasingly exploit MSP tooling itself as a vector – compromising credentials to access managed environments quietly, hitting dozens of small clients while staying well below the radar of law enforcement attention focused on high-profile infrastructure targets. For the smaller MSP without a dedicated analyst, the entry point is more accessible than it sounds. Indicators of compromise can be automated directly into client firewalls without a full threat intelligence platform. WeLiveSecurity and the live threat feed built into ESET Protect offer a low-barrier starting point for shops that are earlier in their security maturity journey. Tousley’s closing frame is the one worth sitting with: the Canadian MSP market is being reshaped by consolidation at a pace that isn’t slowing. The independents that survive will be the ones having more sophisticated conversations with their clients. Evolve or sell. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. Cyber Threat Intelligence, CTI, has long been framed as an enterprise discipline. Dedicated team, security operations center, analysts who live in the data. But the threat landscape doesn’t really respect that boundary anymore. The tooling is getting more accessible, the attacks are getting more targeted at smaller organizations, and as we’ve talked about on the show before, the MSP stack itself has become a threat vector. So the question for the typical Canadian MSP isn’t really “Is threat intelligence relevant to me?” It’s “What do I actually do with it?” To dig into that, I sat down with two people from ESET. Cameron Tousley is director of MSP channels for ESET North America, and he lives squarely in the business conversation around what MSPs need to grow and differentiate. Pedro Kertzman is ESET’s resident CTI subject matter expert, and I’ll note that Pedro usually sits on the other side of the interview chair as the host of his own podcast on threat intelligence. So this was a bit of a role reversal for him. We talked about ESET’s eCrime reports, the idea of tracking cyber criminal activity at the affiliate level rather than just the group level, what proactive threat intelligence actually looks like for a 15-person MSP shop, and what Cameron described as the “evolve or sell” reality facing the MSP market right now. Let’s get right into it. Cameron, Pedro, thanks for joining us. I appreciate it. Cameron Tousley: Thanks for having us. Pedro Kertzman: Great to be here. Robert Dutt: Before we get into what ESET is specifically bringing to market, Cameron, can you give our listeners a sense for where the threat intelligence conversation is right now in the channel? Is this still primarily an enterprise kind of discussion or has something really shifted in terms of how MSPs and MSSPs are thinking about and talking about CTI? Cameron Tousley: I think that the market is evolving as a whole, no matter if you’re in the SMB segment or enterprise. I mean, it’s evolving everywhere. The beautiful thing is technology is getting cheaper, it’s getting more accessible. People are able with the advent of AI to kind of do more with less staff and things like that, and then allow their staff to kind of become more specialized. Enter in the topic of CTI. I just think that there’s an appetite from certain, and probably more evolving larger MSPs, to start incorporating more for their clients. I think they’ve always probably wanted to educate them, but it’s always that, “Hey man, just make sure I have uptime and the help desk is active when I need it.” And that’s the conversation. Fast forward to now and it’s becoming a little bit more relevant to want to consume CTI. So I’ll kind of start there and I’ll take a pause. I don’t know if Pedro’s got any other comments on that. Pedro Kertzman: No, I 100% agree. I think the threat landscape now with the maturity of the CTI offerings, MSPs can see that the things they’re trying to protect their customers against are more clearly explained and delivered in a way that they can see through CTI offerings now. So I think it’s just a natural evolution within the cybersecurity space to start leveraging that expertise as well. Robert Dutt: Without getting too far into pure positioning, how would you characterize what differentiates your approach to threat intelligence, sort of at the methodology level? What’s the philosophy behind how you’re researching and tracking threats and what you’re bringing to market with this CTI package? Cameron Tousley: Yeah, I’d say first off, our reach. We’re a global company. We have a product line, yeah, but we have 11 threat intel centers and those are also R&D centers too. So it’s a wealth of knowledge. Then we have researchers outside of that that are just remote, and so our tentacles are everywhere and that means something for somebody choosing a cybersecurity vendor or a platform because our researchers, they’re looking at a bunch of different avenues. They’re looking at the major threat acting groups. We have an offering we’ll talk about here in a few minutes, that centers on tracking affiliates because malicious activity, malware-as-a-service, is just like MSPs provide a service. So if I’m an affiliate—and I’ll define that real quick, an affiliate being the people that are buying the malware service and then going and distributing it and causing zero-day attacks—those are affiliates. So the real key part is what they do, not necessarily always the major malware-as-a-service group because that’s just one large avenue, but then you can’t predict what your customers are going to go and do on the black market. So yeah, I think we have a really exciting offering on our threat intelligence called eCrime and it comes in a feed and reports and it’s amazing. It really centers on the affiliate level and that is going to help get the conversations to be more quality with customers. It’s going to help an MSP who provides more, let’s call it reactive security at best, generalized services—which no knock against them, that’s just the model—and that’s going to help propel them into the more proactive security and having more quality cybersecurity-forward conversations with their customers of all sizes. Robert Dutt: Let’s delve a little bit more into that. Can you walk me through a scenario, even hypothetical or composite, where that affiliate-level insight would practically change the outcome for an MSP or one of their customers? How does this show up for an MSP basically? Pedro Kertzman: Yeah. So basically, I’ll take a step back a little bit just to explain how this threat ecosystem works. So the affiliates will be the ones really on the end of the line bringing that malware they got from a quote-unquote threat actor market or affiliate programs, more technically speaking per se, but they will be the ones delivering or sending that payload forward to whatever companies that they are trying to attack. So knowing how these guys work is basically going to give the companies, and the MSPs of course working for their security, the ability to stop the attack in the early stages, because the affiliates will be the ones trying to break in, acquire through whatever methods—credentials stolen or compromised credentials. So they are responsible, quote-unquote, within these affiliate programs to get the foot inside the door. So if you’re knowledgeable about how they act, what kind of techniques they use to get that foot in, you’re basically stopping the attacks before they actually become super massive, widespread attacks or super dangerous attacks. It’s kind of the proactive security instead of the reactive security. Cameron Tousley: Yeah, that’s a good comment. And then I’ll just throw one more little thing on that. I was talking about the conversations you can have with your clients, everything Pedro said, plus it’s like, you could have a specific conversation about, “Hey, this is what we blocked this month, but these are the threat acting groups, and here are the patterns, here’s the kind of malware that’s out there right now. By the way, you’re in the healthcare vertical, this threat acting group is targeting healthcare and doing this specific type of attack—happens to be phishing or fileless or whatever the complex attack is.” So they got to get really granular in the conversation. It can’t just be a super high-level one, because then your user’s not going to know what to do with that information. But if you coach them on the end-of-the-line issue and where it’s sourcing from, to Pedro’s point, you get ahead of that attack early, you might even prevent stuff that would have normally been a real headache. Robert Dutt: And you need to position yourself at least somewhat as the hero in so much as you’re saying, “Here’s the people who are attacking you, here’s what they’re doing, here’s what we’re doing proactively to counter that.” Cameron Tousley: Absolutely. Yeah, that’s a huge value to your end customer. The one that normally would have not cared about security and it’s more of an annoyance, now they’re paranoid about it, just like the MSP, just like the vendors, we’re all trying to get ahead of it. So I think that that provides a lot of value, and the average MSP is probably not going to do that. So you don’t necessarily have to go spend a ton of money, you just have to consume the information that’s out there maybe for free, and then maybe some of the paid services like the eCrime reports without buying our full threat intelligence platform, you can just do that. And that is like a huge value on its own to track exactly what we’re talking about right now. Robert Dutt: So taking a step back, I think some of this certainly informs and colors the question we go to ask, but I’m a 15-person MSP somewhere. I’ve got solid endpoint protection, an RMM stack I like, maybe managed SOC coverage, that kind of model. What’s the case, in addition to what we’ve already discussed, for why threat intelligence should be on my radar as a distinct capability I need to think about, bring to my customers and offer? Pedro Kertzman: Yeah, I think especially because again, talking specifically about the eCrime reports, we’re talking about the ones that are really perpetrating the attacks or executing the attacks. When you understand how your adversaries really act, you don’t need to always rely on the expertise of a super senior CTI analyst. There are ways that also, depending on your vendor, you can automate the expertise to just be pumping, let’s say, IOCs or IP addresses into your existing end users’ firewalls. If you manage a bunch of other firewalls for your end users, you can pump that eCrime knowledge into those firewalls in the form of IP addresses, domains, and things like that. But understanding that it’s going to be a proactive approach so they don’t get a foot in the door first, it’s kind of that decision beforehand that will give the MSPs, or MSSPs with 15 or so employees, that kind of extra leverage against those frontline attackers. Robert Dutt: I’m really interested in the idea of using intelligence and these eCrime reports as a client-facing tool, not just something that’s consumed internally, especially for that smaller MSP—something that you’re using in your QBR or whatever business review you have with customers to show your value. I’m curious, is that something you’re seeing happening today or is it a realistic use case, or is it a stretch for most MSPs right now? Cameron Tousley: I think it’s realistic. Now, let’s set the tone here. An MSP, they may not have the budget nor the expertise nor the staff to be buying a full-blown threat intelligence offering even like ours, but they can use certain parts of it like the eCrime reports. So that’s a good jumping-in point for the MSPs that are growing, or if you have 15 people on staff and there’s a good deal of them on the technical side, you may want to run your SOC in-house. Maybe that’s something you want to do. I think for them, the maturing MSP and definitely the MSSP, a threat intelligence offering is something that you will probably want to consume if you’re doing everything in-house. Now, I think there’s an argument for even if you’re going to go out-of-house and use the vendor, I still think there are free sources. We have customers that are using free platforms but running a paid feed through it. This is really dynamic. It’s flexible. It can fit to every different audience for the most part, except for the ones who are just not staffed for it and they’re probably outsourcing everything and they just don’t want to do it. They know that they are never going to be able to staff a 24×7 team and they’re also never going to be able to consume as much information as is coming in. But there are also other free resources, like I said, associated with our threat intelligence platform, like the eCrime reports, but there’s white papers that we produce. There are periodic threat reports. We do all kinds of analysis. And then on our welivesecurity.com blog, we publish all kinds of free information. And the really cool thing for existing ESET customers is through our ESET security platform, ESET Protect, we run a live feed through there and it shows you like, “Hey, here’s the latest news on WeLiveSecurity. Here is something you need to be aware of, there’s a vulnerability in the wild.” So we run some of the security stuff and this news right through a window inside of our platform, which I think is really big value added. Pedro Kertzman: Awesome. Yeah, I would add, if I can, Rob, we do have monthly digests as well on the CTI offerings, even for not super deep-down technical people. Let’s say more executives or CSMs, let’s say account managers on the MSSP or MSP side. It’s kind of an executive-ready type of report. So it’s more about the threat landscape overview. I think it helps them show that they are expanding their offerings on the security side and they’re knowledgeable about it as well. Again, doesn’t need to go in the nitty-gritty like in the weeds of IOCs and all that, but understanding, for example, that now the ecosystem on the other side is somebody providing the malware, somebody going and executing it. So just to show how they see these movements, I think it’s sometimes important enough to show that they are expanding their coverage for their end users. Robert Dutt: The reports, the eCrime reports, have been in the market about a month now, I guess. I’m curious what you’re actually hearing from MSPs and MSSPs as they’re digging into them. Are people using them the way you expected or are there surprises that you’re seeing in how they’re engaging, what they’re doing, how they’re thinking about this information? Pedro Kertzman: That’s a good question. I think because of the name, we got out of the gate with police forces reaching out to us, but in theory, it’s not the best kind of deep analysis that we’re going to give them, because they have a lot of expertise. So then we have the APT reports that would bring more detailed analysis for them. So it was interesting to see that people are kind of eager on the end-user side to see how the threat landscape, especially related to financial crimes or eCrime, are really, let’s say, hot right now. The MSPs are kind of following that trend, not as jumping on like the police forces were, but they are starting to inquire about the new eCrime reports for sure. Cameron Tousley: Yeah, I’d agree. I think the defender agencies, I’ll call them, the ones that are fighting the same battle we are, but maybe physically, but now they’re fighting the eCrime too. As they’re learning, this is a great tool for them. We find that they’re excited about it. It’s relatively new, so we’re going to see more and more adoption of it. But plenty of people who are in evaluation are like, “Hey, can I run a free month of this? I want to check it out and see what I’m going to get.” And we’re getting a lot of good feedback on it right now. I’d say on the MSSP/MSP side, again, it’s new for them too. And they do a lot of different things. So for them, they’re like, “I need to slice out some time to check this out as well because this is interesting. I don’t know if anybody else is really doing anything quite like this.” So for them to be able to check it out and add it to their offering, I think what’s going to happen is that they’ll get hooked on something like that and they’ll want more. And we’re already working on more. So our teams are hard at work. We’re adding new feeds, new reporting structures, new ways to consume it. And reasonably priced packages and things like that. Even ones where you have somebody on retainer where you can go to and get a very long deep dive on what you’re reading periodically throughout any given month. So I think with that, you’ll see a lot of internal IT large agencies adopt it. I think you’ll see some MSSPs adopt it. And you might even see some general MSPs who are evolving up that chain do the same thing. So it’s kind of a report and an offering for everybody there. Pedro Kertzman: Yeah, I think you mentioned something important, Cam. We do offer trials for the eCrime reports as well, right? If they want to test it out. Cameron Tousley: Yeah, try it before you buy it. Yeah. Robert Dutt: It sounds like you’re also thinking about ways that you can slice this, dice this, package it out to that smaller MSP or that MSP who’s not a pure-play security player going forward. I was going to ask, what do you see as coming next in CTI and in your eCrime reports? I think that’s certainly a hint. Anything else that you see sort of in the pipeline or where you’d like it to go, where partners would like to see it go? Cameron Tousley: Yeah, I’ll take a stab at this one because my heart’s near and dear to the MSP community. That’s what I’ve been working in. That’s a segment for quite a long time now for ESET. And so what I’m reading and what I’m theorizing on is that there’s other kinds of technologies that are pretty complex, have gotten more simple in the way that they’re still doing complex processes, like an EDR, right? It’s an investigative tool, and then you pair it with AI and then things become easier for the team managing it. I think it’s going to be the same thing here where you’re going to have an AI paired with it, which we have our own agentic AI agent in this offering now, which is very, very cool, and it’s built in our security platform. But for this, I think it’s going to make consuming information easier, generalizing it, summarizing it, and making sure you can spin it into a quick executive summary. My theory is click of a button, right? So I’m going to have a dashboard. I’m going to say, “Hey, I want an executive summary on this event.” So you’re basically just filtering, and then the end result is you hit that AI generate button and then it generates something that’s quality, and you can do it at various user levels, maybe various role levels. I’ll hit the CTO button or I’ll hit the CEO button and they’ll be a little bit different, obviously. So I think that it’s going to get simpler and managed intelligence as a service, that’s next. It’s already a term that’s being thrown out there a little bit if you look for it. So it’s just not mainstream yet. And I think it will be here in a short period of time. Pedro Kertzman: A hundred percent. And just to double down a little bit as well, Rob. I think especially for the smaller MSPs, let’s say you hit a critical infrastructure, you stop a pipeline or anything like that, you’re going to have federal agencies going after you, right? But then when you hit a mom-and-pop shop, nobody really cares. And those guys are often served through these smaller MSPs. So I think getting a better understanding of the threat landscape that especially targets those small businesses, I think it’s just a natural progression of the change in the threat landscape. Robert Dutt: Well, and you bring up a point that I kind of pulled on a little bit with your friend, Tony Anscombe, not too long ago. There’s so much data about how many attacks right now are taking advantage of the MSP tooling as a threat vector. And so I think that also speaks to a need for an MSP who wants to be mature and responsible about these kinds of things to have a better grip on who’s looking, what they’re looking at, and how that maps to what they’re doing. Pedro Kertzman: A hundred percent. And just to link this specifically about eCrime and affiliates, affiliates would be the ones exploiting those RMM tools, right? Because it’s something that is already deployed in the environment. If they get the credentials that got stolen for whatever reason, they have access to those tools and then they can deploy malware that they bought from those affiliate programs inside of the victim’s networks. Robert Dutt: And it’s funny, almost a reversal of back in the day, I can remember as a Mac user, there was a saying that Apple engaged in security through obscurity. What you describe is almost the opposite of that. It’s insecurity to a degree through obscurity. In that if I’m an attacker, I know that if I go after Colonial Pipeline to use your example, I’m all over the front page and there’s going to be a lot of government agencies who have a lot of serious, serious questions for me. If I take out an MSP tool that gives me access to a bunch of very small clients though, maybe I fly under the radar just a little bit more. Cameron Tousley: Oh yeah. Robert Dutt: This is my last question. If there’s one shift in thinking that you’d want a Canadian MSP to walk away with after this conversation, in terms of how they think about these reports, in terms of how they think about the role of threat intelligence in their business, you know, one thing they should reconsider about how they’re approaching their security practice, what would that be? Pedro Kertzman: So I think first, Rob, that’s kind of more of a mindset type of thing. CTI still sounds super complex to a lot of people. I would say there are two main flavors. One, if you really want to dig into techniques and all that, yes, you can get fairly technical and sophisticated, but there are really simple ways to ingest cyber threat intelligence into existing automated tools. You can, of course, do a POC with one, two, whatever vendors you want to do. Once you find that real value for your customers, your end users, then it’s automated. We’re talking about data feeds ingesting directly into a firewall. If you don’t have a CTI central brain kind of thing, which the market knows as a TIP (threat intel platform), you don’t need to go that route, the sophisticated route. There are simple ways to use threat intelligence. And honestly, it’s super valuable because it’s just, again, automated. You’re outsourcing the knowledge to the vendor directly who’s going to execute that, like a firewall, for example. Cameron Tousley: Yeah, I think that’s some really good commentary. And I have a lot of business conversations with MSP business owners and I follow the market, and the consolidation, there’s tons of it. And there has been for a few years, but it’s just insane right now. And I think that there’s this thing going around, it’s like, look, evolve or sell. Because you have the advent of AI and that’s speeding everything up tenfold. And just don’t be afraid. If you want to continue to run your business, don’t worry, you’re going to have clients out there in your locale that probably love you. But they’re also going to have people calling them as these other MSPs get bigger, and these national ones that swallow other little smaller companies and then their go-to market will be, “Well, let’s go down market, down market,” because we can’t always go up market, that’s pretty hard to do. But down market is like shooting fish in a barrel kind of thing. So that means it’s a risk for the smaller MSPs that are not going to sell out, that want to be in business another 10 or 15 years. So don’t be afraid, utilize AI to research it. They say don’t use AI as Google, I disagree a little bit, but you can use it for a lot of things. This can summarize: what is this offering? Can I use it? Ask it really basic questions to get acquainted, and then take the next step and call your vendor and just have a conversation with them and say, “What are all my options? I am in this locale, I serve these kind of verticals, here’s my sizing, here’s the tools I use.” You’ve got to throw everything out on the table because then your vendor, somebody like a technical or business contact, can jump in and say, “Look, I think that you should check out this part of this larger offering. And here’s what I’ll do for you. And here’s what you’re going to do. We’ll give you a game plan, right? You’re going to trial it in the following ways, we’re going to pair you up with a technical person to teach you a little bit and be your co-pilot—Microsoft gets enough press.” But really kind of jump in, try it out. Don’t be afraid. Because if you want to be around another 10 or 15 years, you have to make the leap. And you don’t have to do anything big, but you have to start adopting some of this security-forward thinking so that you can have threat briefings with your clients and not statistical talks. There was just that MSP summit and there was actually a panel on what the next gen of MSPs is doing. And it was funny to hear it because they’re like, “Well, we’re focused on outcomes.” And I totally agree, but I know some of the older MSPs are like, “Well, we’re focused on outcomes too.” But I think it’s the talk track. You’re all saying the same thing, but you need some more complex tools in some ways to be able to have these more outcome-based discussions. Like, “Hey, I not only blocked X amount of threats, I kept your uptime up in this way, and that allowed you to keep productivity up. So by my clock here, you were able to achieve all those things that you wanted to achieve in our initial meeting, we’re on track.” That’s the conversation you want to have in addition to that little bit of the threat briefings peppered in. Robert Dutt: All right. Some great advice there. Gentlemen, thank you both for taking the time. I appreciate it. Cameron Tousley: Thank you, Rob. Pedro Kertzman: Great to be here. Cameron Tousley: Absolutely. It was a pleasure. Thanks so much. Robert Dutt: There you have it, Cameron Tousley and Pedro Kertzman from ESET. I’d like to thank both Cameron and Pedro for their time. They did exactly what we set out to do with this conversation, kept it firmly in the strategy lane with technical depth in service of the business point rather than the other way around. A few things to leave you with. The framing that stuck with me most was Cameron’s distinction between statistics talk and threat briefings. The idea that your quarterly client review shifts from “here’s how many threats we blocked” to “here’s the specific group targeting your vertical right now. Here’s how their affiliate operates, and here’s what we’ve already done about it.” That’s a real upgrade in how an MSP demonstrates value. It moves you from uptime vendor to trusted advisor and that’s a conversation your competitors probably aren’t having yet. On the technical side, Pedro’s explanation of affiliate-level tracking is worth sitting with. The headline ransomware groups get the attention, but it’s the affiliates, the ones buying malware-as-a-service and doing the actual execution who determine the tactics on the ground. Tracking them is what gives you an early warning before the attack scales. And as I noted during the conversation, there’s a certain logic in how attackers exploit the MSP model specifically. Go after the tooling, stay under the radar, quietly compromise a hundred small clients instead of one high-profile target. Obscurity in that scenario is working against you. For the smaller MSP who’s heard all of this and thought, “I’m not staffed for this,” Pedro’s entry point is worth considering. You don’t need a full threat intelligence platform or a dedicated analyst to start. Automate the ingestion of indicators of compromise directly into your clients’ firewalls. Let the tooling do the work. It’s not glamorous, but it’s real, actionable and it’s a lot more than most of your competitors are doing. And Cameron’s closing thought, “evolve or sell,” is the frame I’d put around all of it. The consolidation wave hitting the MSP market right now is not slowing down. The shops that survive as independents will be the ones that have more sophisticated conversations with their customers. Threat intelligence is one of the things that helps you have those conversations. If you found this one useful, please follow or subscribe to the podcast wherever you listen. We’re on Apple Podcasts, Spotify, YouTube, all the major podcast directories. Ratings and reviews are always appreciated. Until next time, I’m Robert Dutt for ChannelBuzz.ca and I’ll see you in the channel.

Today’s headline news for Canadian IT solution providers: Top Down Ventures closes C$38M Founders Fund I: Top Down Ventures has announced the final close of its Founders Fund I at $38 million Canadian, oversubscribed against its original target. According to the firm, this is the first institutional fund focused exclusively on early-stage software and AI for the MSP ecosystem, backed by more than 100 MSP operators including Pax8. The fund’s first exit – zofiQ to ConnectWise – returned 5.3x the invested capital in roughly six months. Canada now second globally for ransomware, Fortinet reports: New data from Fortinet‘s 2026 Global Threat Landscape Report and its companion 2026 Cybersecurity Skills Gap Report show Canada has moved from third to second globally for ransomware attacks, with 374 organizations extorted and 17 billion total cyberattacks recorded in 2025. According to Fortinet, AI-accelerated threats are compressing time-to-exploit by two to four times, while 47 percent of Canadian IT leaders cite a cybersecurity skills shortage as a top cause of breaches. Barracuda: one in three emails now malicious or spam: Barracuda‘s 2026 Email Threats Report, based on analysis of 3.1 billion emails, finds that 48 percent of malicious email activity is phishing, 34 percent of organizations experience account takeover at least monthly, and 70 percent of malicious PDFs now hide phishing links inside QR codes. According to Barracuda, attackers are shifting toward stealthier, trust-based tactics designed to bypass traditional filters, creating growing demand for layered email protection and automated response. Calian completes Computex acquisition: Ottawa-based Calian Group has officially completed its acquisition of U.S. managed service provider Computex. The deal expands Calian’s American IT services footprint and adds to its cybersecurity capabilities. Crogl begins private rollout of AI SOC platform: Crogl has initiated a private rollout of its new AI-powered SOC platform, positioning it to help service providers automate threat response and reduce alert fatigue for lean security teams. Pax8 and NinjaOne announce MSP partnership: Pax8 and NinjaOne have announced a partnership starting as a referral motion, giving MSPs a path to RMM and unified IT operations tools while the companies work toward future marketplace integration. TD SYNNEX secures reserved NVIDIA GPU access for MSPs: TD SYNNEX has arranged reserved NVIDIA GPU capacity for channel partners through a deal with Nebius AI Cloud, giving MSPs a route to AI infrastructure services without buying hardware or competing with hyperscalers for supply. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Tuesday, May 12, 2026, and here’s what’s happening in the channel today. Top Down Ventures has announced the final close of its Founders Fund I, pulling in 38 million Canadian dollars and oversubscribing its original target. According to the firm, this is the first institutional fund focused exclusively on early-stage software and artificial intelligence for the managed service provider ecosystem, which it values as a roughly 1 trillion dollar global IT services category. The fund is backed by a limited partner base of more than 100 MSP operators, including distribution giant Pax8. Top Down noted that closing the fund in the current economic environment was a challenge, but the oversubscription signals clear institutional interest in the MSP software space. The firm also pointed to its first exit as a proof point – zofiQ, an agentic AI platform for MSP service desks, was acquired by ConnectWise just six months after Top Down’s initial investment, returning 5.3 times the invested capital. Having dedicated institutional capital purpose-built for the ecosystem means the next generation of MSP tooling gets funded by people who actually understand the problem. For solution providers thinking about where the platform wars are heading over the next five years, this fund is part of that story. New data released yesterday by Fortinet paints a stark picture of Canada’s position in the global threat landscape. According to the company’s 2026 Global Threat Landscape Report and its companion 2026 Cybersecurity Skills Gap Report, Canada has moved from third to second globally in ransomware attacks, with 374 Canadian organizations extorted last year. Total cyberattacks against Canadian targets surged to 17 billion in 2025, up from 13.7 billion the year before. Fortinet’s FortiGuard Labs says the time-to-exploit for critical vulnerabilities is now running two to four times faster than it was, driven by threat actors deploying agentic AI to accelerate reconnaissance and execution. The skills picture compounds the problem: 47 percent of Canadian IT leaders cited a lack of cybersecurity talent as a top cause of breaches, and 49 percent say they struggle to hire staff with specific AI security experience. That combination – faster attacks, a shrinking talent pool – is exactly the kind of environment where a strong MSP security practice becomes a business necessity for SMB clients, not a nice-to-have. Derek Manky, chief security strategist and global vice president of threat intelligence at FortiGuard Labs, called it an “industrialized defense” challenge. New research from Barracuda released this morning adds another dimension to the threat picture. Based on an analysis of 3.1 billion emails, the company’s 2026 Email Threats Report finds that one in three emails is now malicious or unwanted spam. According to Barracuda, 48 percent of malicious email activity is phishing, 34 percent of organizations experience account takeover at least once per month, and 90 percent of high-volume phishing campaigns now use phishing-as-a-service kits. Perhaps most notable for the managed services conversation: 70 percent of malicious PDFs now hide phishing links inside QR codes, a tactic specifically designed to bypass traditional email filters. Barracuda positions the core finding as a shift in attacker strategy – away from noisy malware and toward stealthier, trust-based techniques that use compromised accounts and familiar file formats to slip past defenses. The report identifies growing demand for layered email and identity protection combined with automated response, which points directly to an opportunity for service providers helping customers with lean IT teams who are already stretched managing alert volume. In Brief – Calian Group has completed its acquisition of U.S. managed service provider Computex, expanding the Ottawa-based firm’s American footprint and cybersecurity capabilities. Crogl has begun a private rollout of its AI-powered SOC platform, positioning it to help service providers automate threat response and cut alert fatigue. Pax8 and NinjaOne have announced a partnership starting as a referral motion, giving MSPs a path to RMM and unified IT operations tools while the companies work toward future marketplace integration. TD SYNNEX has given MSPs reserved access to NVIDIA GPU capacity through a deal with Nebius AI Cloud, letting channel partners deliver AI infrastructure services without buying hardware or competing with hyperscalers for GPU supply. Full details and links in the show notes or the blog post. Later today on In The Channel, I sit down with Joel Abramson, managing partner at Top Down Ventures, to go deeper on the Founders Fund close – the LP flywheel strategy, the zofiQ exit, and what it means for the companies building the next generation of MSP software. And if you missed it yesterday, check out my conversation with Steven Kiss, partner and national ServiceNow practice leader at EY Canada, on what building Canada’s first ServiceNow elite partner teaches you about what is coming next in the agentic enterprise. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

EPISODE SNAPSHOT Welcome to The Bryan Air Podcast. Career intelligence for pilots. We break down executive moves, economic forces, and the technology reshaping how pilots are trained, assessed, and employed. Boardroom decisions land on your flight deck. We translate them first. No corporate spin. Just the intelligence pilots actually need. This week, three stories stacked on top of each other and they tell two completely different versions of where this industry is heading. IATA put hard numbers on the Gulf War, with Middle Eastern traffic down 58.6 percent year-on-year and global growth slowing to 2.1 percent in March. India's three biggest airlines wrote to their own government saying they are days from grounding aircraft as fuel rises from 40 percent to 60 percent of operating costs. Spirit folded. The UAE flipped its airspace switch back on and Emirates restored 96 percent of its network. Which story are you actually flying in? In this episode of The Bryan Air Podcast, Bryan Roseveare and Ryan Parrock break down the IATA fuel shock report, India's airlines on the brink, the UAE airspace reopening, Spirit Airlines folding, the BA taxi pilot job paying 100,000 dollars a year, the United 767 truck strike at Newark, and Japan Airlines testing humanoid robots on the ramp. TIME-STAMPED FLIGHT PLAN 00:00 ATC Cold Open 00:13 Headlines: Three Stories Stacked on Top of Each Other 00:55 Quick Favour Before We Roll 01:49 IATA Report: The Fuel Shock in Hard Numbers 04:28 Charter Pricing and Why Surcharges Are Now Standard 06:41 Why Europe Could Be Cheaper Than Cape Town This December 09:13 India: Three Major Airlines Days From Grounding 10:56 Spirit Airlines Folds and What It Means for Crew 12:47 UAE Airspace Reopens After Three Months Closed 16:33 Five Months Profit Share at Emirates? The Buzz 18:47 The 100,000 Dollar BA Taxi Pilot Gig at Chicago O'Hare 20:43 UK Government Lets Airlines Drop Slots Over Fuel Shortages 21:19 The United 767 That Smacked a Truck at Newark 22:54 Japan Airlines Tests Humanoid Robots on the Ramp 25:31 F1 Miami, UFC, and the Weekend Ahead 28:28 The Final Take: Which Story Are You Flying In? 30:08 Sign Off JOIN THE BRYAN AIR COMMUNITY Bryan Air is a career intelligence ecosystem for pilots. Sign up free to receive our weekly newsletter covering the disruption of AI in aviation, career strategy, and the analysis that does not make it into the episodes. Sign Up Free → https://bryanairpodcast.com/   FREE PILOT CAREER ASSESSMENT Where are you in your career? The Flight Plan is our free, AI-powered career intelligence tool. Answer 8 questions about your situation and get a personalised strategic assessment with specific moves tailored to where you are right now. Take the Free Assessment → https://pilotcareerintelligence.netlify.app/   RISK MANAGEMENT AND DECISION MAKING SIMULATOR Practise structured decision-making using live flights. Our AI-powered simulator lets you work through RMM and T-DODAR frameworks on real Flightradar24 data, with AI-generated scenarios and personalised debriefs. Built by Bryan Roseveare for pilots who want to sharpen the skills that matter most when things go wrong. Early bird: 29 dollars one-time. Lifetime access. Try the Simulator → https://bryanair.tools/   LINKS Bryan Air, Career Intelligence for Pilots → https://bryanairpodcast.com/   Free Pilot Career Assessment → https://pilotcareerintelligence.netlify.app/   Risk Management and Decision Making Simulator → https://bryanair.tools/   Bryan Roseveare → https://www.bryanroseveare.com/   Watch on YouTube → https://www.youtube.com/@BryanAirPodcast   Support on Patreon → https://www.patreon.com/bryanair   #AviationPodcast #BryanAir #PilotLife #IATA #FuelShock 

Tim Coach, chief evangelist at Cynomi For most managed service providers, the security services story has followed a familiar arc: endpoint protection, email security, security awareness training. Each category added value, then became table stakes. Third-party risk management – TPRM – is what comes next, and according to Cynomi Chief Evangelist Tim Coach, it may be the stickiest revenue category yet. The case is straightforward. Every business relies on a web of vendors, software providers, and service partners. Each one is a potential vulnerability. And most SMBs have no formal process for knowing how well those third parties are managing their own security – or what happens to them downstream if one of those vendors gets breached. Research from Cynomi suggests 45 percent of organizations will face supply chain attacks, and 30 percent of data breaches already involve a third party. The attack surface has shifted to the things organizations trust most. For Canadian MSPs, the regulatory pressure is specific and near-term. OSFI’s Guideline E-21, with a September 2026 compliance deadline for federally regulated financial institutions, puts third-party oversight explicitly on the agenda. The cascade effect on their vendors – and the MSPs serving those vendors – is already in motion. Perhaps the sharpest signal in this conversation: cyber underwriters are now denying SMB coverage not because of anything the SMB did, but because they are connected to an MSP. The managed service provider, long positioned as the path to better insurance outcomes, has become a risk factor in its own right. Coach’s recommended first move for any MSP building into TPRM isn’t a vendor questionnaire – it’s a Business Impact Analysis. Understand how the client actually makes money, which vendors are critical to those revenue processes, and what an hour of downtime costs. That reframes the conversation from technical widgets to revenue, cost, and risk – the language every business owner speaks. – UPLOAD AUDIO Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, your host for the show. My guest today is Tim Coach, Chief Evangelist at Cynomi, a vCISO platform purpose-built for MSPs and MSSPs. Tim brings an unusually grounded perspective to the space. He’s an engineer by training who spent nearly two decades building, running, and consulting on managed service practices before landing at Cynomi after seeing the platform first-hand and recognizing it could have solved one of his biggest operational headaches as an MSP owner – the CISO bottleneck, the point at which growth stalls because the security function can’t scale without adding expensive headcount. That personal history shapes everything he thinks about TPRM, third-party risk management, which is increasingly being talked about as the next major revenue category for MSPs after human cyber risk. Today we’re talking about what building a TPRM practice actually looks like, why cyber insurance has quietly flipped the MSP value equation, and why the right starting point isn’t a vendor questionnaire at all. Let’s get right into it, my chat with Tim Coach. Tim, thanks for taking the time. I appreciate it. Tim Coach: I absolutely love to be on. Thanks so much for having me, and for having Cynomi on your webinars. We’re always happy to do these things and educate the community. Robert Dutt: You’ve spent a long time in and around the MSP community. How did you end up at Cynomi specifically, and what was it about the opportunity around TPRM that pulled you in? Tim Coach: TPRM was eventually in the process – let me back up. What got me into the community was my engineering background. I went to college for what was called network communications back in those days. Basically I’m a network guy – I always point at the front-end programming guy and say, “It’s your fault,” and the programming guy says, “No, no, it’s the network’s fault.” So I did that for a large-scale nationwide company for many years, and then I fired my MSP. The owner was like, “Well, if you’re so good, why don’t you come over here and run this?” And I said okay. It took me about 24 hours to realize I didn’t have a clue what was going on – the place was chaos. But through process and procedure, and a military background, I knew I could get it under control. I ended up with a business partner from that experience, and we spent about 20 years rebuilding and consulting with MSPs. About five years ago, I just needed something different. The kids were a little older. I started looking at what else was out there, talked to a couple of mentors in the space – I’m sure if I mentioned their names everyone would know them – and they said, “You should come over and do this.” So I jumped. I went to work for a Canadian company, grew them quite a bit in the first year, then moved to an Australian company, grew them, and then went back to consulting for a short time. David from Cynomi was recommended to me as a consulting connection. We were going back and forth and he said, “Why don’t you come on board?” And I said, “I’m not really interested in selling a widget” – and it’s a security widget, right? There are so many great widgets and great personalities in the security space already. Probably not my jam. But he said, “No, no – let’s look at it.” And he showed me what Cynomi did, and I was blown away. The reason I was blown away is that at my most successful MSP, we hit a stopping point in our growth. The reason was our CISO – and this was before CISO was even a cool term. He was our bottleneck. Not because he was inefficient as a person, but because of the way he had to work: 80 pages of Excel spreadsheets and hours and hours of questionnaires. When I first saw Cynomi, I thought, “Here’s a way I could have doubled the size of my company with the same staff, the same CISO.” That’s what really inspired me to come on board – seeing that dashboard and connecting it to the personal pain I’d experienced around the security bottleneck. Now with the addition of TPRM, that excites me even more, because back in my MSP days I had a lot of bank clients, and banks are SOC 2 all over the place. Part of SOC 2 is that you have to have TPRM – you have to be responsible for everybody in the chain. So now we’ve built out a platform that lets the MSP, MSSP, ITSP, or whatever SP you want to put in front of those letters, easily manage vendor relationships and understand where clients are in their security posture. Robert Dutt: You may not feel it’s cool, but it’s certainly foundational security. Tim Coach: And that’s the problem, right? That’s why we’re still talking about security – because nobody knows how to talk business. They all talk widgets, bits and bobs: here’s this cool firewall, MDR, XDR. But you know what your clients don’t care about? The widgets. They care about being secure. Until we can bridge that gap – until Cynomi brings something that says, here’s an easy way to get to the data and details you need, here’s CISO-level intelligence so the MSP can translate it into business terms for the doctor’s office, the manufacturing company, whatever vertical you want – we’re going to keep having this same conversation. Robert Dutt: Let’s do a little bit of that with TPRM itself. Let’s take a step back and look at it from the viewpoint of an MSP who’s heard the acronym but hasn’t really dug in yet. Third-party risk management – what are we actually talking about, and what problem does it solve? Tim Coach: What a lot of people need to understand – and I try to say this in a way that’s easy to grasp – is: manage security first, and compliance becomes a default. What I mean is that you need a baseline, whether it’s CIS Controls, Cyber Essentials Plus, CMMC 2.0, one of the financial frameworks, HIPAA, whatever applies. You need a baseline you’re actively managing your security against. In the process of meeting that baseline, compliance follows. What we’re increasingly seeing is that certification bodies, auditors, and insurance underwriters all want to see that your solutions and partners are just as secure as you are. I was at Canalys Barcelona last year and someone made a statement that blew me away: for the first time ever, we’re seeing insurance underwriters deny coverage to an SMB because they’re connected to an MSP – and the MSP is what they consider the risk. We went from being the most important people in the room, essential workers, to being the risk factor. And on top of that, helping clients with their insurance has been one of our foot-in-the-door conversations for the last decade. That’s where TPRM comes in. The frameworks and insurance underwriters now want to see not just that you’re secure, but that everyone you’re working with is secure. The problem has always been how you manage that. Back in my day, you had to call the vendor, find the right person, ask for evidence of their SOC 2 compliance, get bounced around, end up with legal, sign an NDA, and eventually get the report. Now people share that information a bit more freely, but you still need a central place to manage it – so when an auditor or insurance broker asks, you can point to it and say, “Here it is.” We do a community call every Wednesday at noon Eastern, and we’ve had a gentleman on a couple of times who has written books specifically on TPRM. He’s sounding the alarms – not bad alarms, just “it’s coming.” But like a lot of SMBs, MSPs are having to drag their clients toward where they need to be. Once you make it easy for the MSP, you make it easy for the SMB, and you finally have a way to prove you’re taking those measures. Robert Dutt: Supply chain attacks have certainly been a theme in the channel for a while – Kaseya, SolarWinds, MOVEit. But TPRM as a formal managed service element feels newer. The insurance side sounds like a big driver. What else changed to make it go from a theoretical concern to something MSPs can actually build a practice around? Tim Coach: I firmly believe you cannot be a business partner without knowing how your partner makes money and how you need to protect them. I can’t protect them if I don’t know what they’re using. It’s the old adage: if two people are managing something, nobody’s managing it. TPRM is really the next step for the ITSP to move from a transactional relationship to a true business partnership – ensuring that everyone your clients are using is also protected. Because what happens is what always happens: it doesn’t matter what you have hard-coded in the contract about not being responsible for X. When something goes wrong, the SMB comes back and says, “But I thought you were managing this.” We go over it in the contract reviews, sure, but the conversation still happens. When you’re genuinely talking business – saying, “I’m going to protect how you operate quarter after quarter, year after year” – you’re protecting their entire environment, not just your piece of it. That’s when you move to a real business relationship instead of a sales relationship where every conversation is an upsell or a cross-sell. We’ve done it to ourselves a little bit, honestly. It’s like an insurance agent in Oklahoma trying to sell hurricane insurance. That’s not what we should be doing as business partners. TPRM allows us to have a full understanding of the client’s environment and make sure everything is protected – or at minimum, that the gaps are known by everyone. Robert Dutt: Cynomi has described TPRM as the next major revenue category after human cyber risk. Can you walk me through what the recurring revenue model actually looks like, and what makes it sticky? Tim Coach: Everything leads to MRR – that’s business. But you have to start with a project. You need to understand where the client is in their security journey before you can manage them ongoing. SMBs don’t do things for free, and neither do our partners. This is a revenue generator. But it’s a revenue generator because it actively has to be managed. I always say: I can’t throw a server at security. I can’t throw a firewall at it and declare myself secure. The best analogy I’ve heard for security is a block of Swiss cheese. There are holes, and you can stick a fork through those holes quite a way. But if you slice that block and turn every slice 90 degrees, the holes are still there – they’re just not as deep or vulnerable. That’s TPRM. There is no set-it-and-forget-it. It has to be actively managed, and that active management is where the recurring revenue lives. Robert Dutt: What does a typical engagement look like early on, for an MSP starting from zero with a client? Where does the work begin, and what surprises people about the scope as they go deeper? Tim Coach: Everything begins with an assessment. With Cynomi’s tools, we can use Cyber Essentials Plus or CIS Controls as a self-regulating baseline and add a couple of hours to the initial assessment to incorporate the security piece. We all do assessments upfront to understand what we’re getting into – or what needs to be fixed before we really dig in. Once you’re in the security layer, the next step is TPRM. And TPRM brings with it something I think is critically important: the Business Impact Analysis. It’s not enough to ask, “What does your client do?” They make dog food – do they? Or is that just the end product? When I was an MSP, I had a metal manufacturer that cut and stamped metal. But if you asked their CFO what the business was, he’d say, “Making pallets – I make more on pallets than on the stamping work.” I used this example in a presentation just yesterday. Years ago I was walking through a manufacturer’s facility and asked about a machine: “What does that one do?” “That runs the software that completes our product.” “Why isn’t it plugged into the network?” “It’s a Windows 98 machine.” “Why are you still running that?” “Because it runs decade-old German software that costs ten million dollars to replace. And we only have that one machine.” If you’re not walking through and genuinely understanding how they make money, you don’t know where the risks are. And that’s what TPRM forces you to do. Ideally, I’d love to sell a project that includes a full security assessment, a BIA, TPRM, BCP, IR planning, all of it from day one. But it doesn’t happen that way. You have to phase it. Once you understand the BIA and what they’re actually doing, you understand where the software and systems that carry real business risk are, and you can start building that into their security posture. It’s the same principle: why hack an individual when you can hack the software that manages all the individuals? Why try to crack one account when you can compromise an MSP’s RMM tool and get access to everybody? If you go into a business without understanding their software environment and vendor posture, you at minimum need to be able to tell them where the risks are. Because the language they speak is revenue, cost, and risk. TPRM is a risk if it’s not being managed – and that’s why we’re seeing so much attention on it lately, even though some of us have been doing this for decades. We just used to call it vendor management. Robert Dutt: We’ve talked a lot on the show about MSP tools as an attack surface – RMM agents, remote access tools, backup platforms. The MSP is supposed to be managing the client’s vendor risk, but the MSP’s own toolchain is also someone else’s third-party risk. How should MSPs be thinking about that? Tim Coach: It comes back to the BIA again. What are they using? What’s creating the security gaps, and how do you build better overall management around it? There’s a project in there, but every project should lead to MRR – period. It still has to be managed. Remember when Exchange servers went away and everyone panicked about where the revenue was going to go? There was still an entire environment to manage. We always made some revenue on hardware, though that’s gotten harder – the real money is in managing the ongoing environment. TPRM is the same thing: it’s a significant security gap in the overall posture of your clients, and that gap has to be actively managed. Robert Dutt: Pushing on that a little further – TPRM platforms are pulling in a pretty comprehensive map of an organization’s vendor ecosystem: the gaps, what’s been remediated, basically a full picture of the landscape. If one of those platforms gets compromised, that’s not just a breach – that’s a pretty rich target list for an attacker. How do you think about that? Tim Coach: Think about a CNC factory. Their job is building molds to produce a specific part, and the software on their server has all the schematics fully built out. What happens if that software gets hacked? You lose all the schematics for the CNC machine – so suddenly you can’t produce anything. And if the attacker gets in early enough in the process, the downstream supply chain impact goes way beyond that one facility. That’s the risk. If you’ve got $200,000 five-axis CNC machines – and I may have a little experience with this – and you’re not protecting the software running them, and you don’t understand from a TPRM perspective what the vulnerabilities look like, that’s an ongoing, persistent risk. You always have to be managing it. Robert Dutt: Sitting where Cynomi is, how do you think about the security side of running a TPRM solution, and what should MSPs be asking vendors in this space about that? Tim Coach: Efficiency. How efficient can you make it? I’ll probably get in trouble for saying this, but we’ve essentially stupid-proofed the first few levels. We’ve built it out for you. And look – I know AI is a word we’ve managed to avoid for about the last half hour, but AI is meant to enhance the human. It’s a tool. What we’ve done at Cynomi is build AI agents and intelligence into the platform to make this work manageable at a lower labor level. If I can take work that previously required a CISO – an expensive asset – and bring it down to a tier-two technician, my margins go up because my labor costs go down. That said, we’re not replacing the CISO. I used to work with a company that built a component for Apache helicopters – no public-facing anything. If a tier-two tech runs a report showing no web security for that client and flags it as a critical gap, the CISO might be the only person who knows that client has no public-facing presence by design. That context matters. The CISO still needs to be the final approval layer. What Cynomi has done is open up bandwidth for other people to do the groundwork, so you can grow your company without adding another six-figure salary. When your staff becomes more efficient, the CISO is less of a bottleneck – which was the original problem we started with. Robert Dutt: For the Canadians listening, there are some very specific regulatory drivers on the table right now. OSFI’s Guideline E-21 has a September 2026 compliance deadline for federally regulated financial institutions. Can you talk about the role you see TPRM playing in responding to that kind of regulation? Tim Coach: What we’re seeing is that the insurance underwriters, auditors, and regulators are the ones setting the standard, and the industry has to meet it – but the industry isn’t yet at a point where it can easily meet a TPRM standard. So what will probably happen, whether it’s Canada, the US, the UK, or EMEA, is a pattern we’ve seen before: they’ll release a guideline, there’ll be a period of voluntary adoption, and then they’ll give it teeth. Like HIPAA – they threw it out there, and eventually it got enforcement. The thing I’ve always loved is watching the auditors, because they’re typically running a couple of years ahead of the regulation. If you stop treating auditors like your mortal enemy – “they’re here to expose everything I’m doing wrong” – and start paying attention to what they’re flagging, you can get ahead of the game. Auditors are a leading indicator. It’ll always come down to government forcing the policy, and then insurance trying to find a way out of paying claims when it’s not followed. But if you’re watching the auditors and TPRM is showing up in their reviews, you already know what’s coming. Robert Dutt: For an MSP listening to this and thinking, “I should be doing this” – what’s the realistic first move? Not the ideal end state, but the practical starting point? Tim Coach: Start with the BIA – the Business Impact Analysis. Research suggests every SMB has three to five critical processes that drive about 80% of their revenue. Do they actually know what those are? Probably not. They make dog food. They take care of kids. Whatever it is – they don’t actually know how they make money. I have an old client who’s also a friend – he works in retirement planning. If you asked how he makes money, you’d assume it’s from managing portfolios. It’s not. He makes money by selling the policy, and the insurance company pays him a commission on that. If you don’t start by understanding the BIA, you don’t really know what solutions your clients are dependent on. Start with: who is your critical software outside of us? Who maintains it? Do we have a relationship with them? Does it connect directly to how you make money? And tie it to cost of downtime. If a doctor’s office goes down for four hours – and in a medical practice you call them providers, not doctors, right? Speaking their language, not ours – what does that cost? If the pallet machine on an assembly line goes down, and that pallet machine is the only thing holding product so the rest of the line can keep moving, what’s the cost per hour? If you don’t know that, you don’t actually understand how to service your client. You’re still talking bits and bobs instead of revenue, cost, and risk. Robert Dutt: Future-looking question to wrap up: where do you see this category going over the next couple of years? Is TPRM a standalone practice, or does it fold into a broader vCISO or governance offering? Tim Coach: I think it’s going to be both. For more mature MSPs, it’ll be baked right into their silver, gold, and platinum packages – TPRM is just part of what you get at a certain tier. For others, especially those that aren’t at a full vCISO-as-a-service level yet, it’ll be available as a standalone – a meaningful piece of the security posture they can deliver to clients without committing to the full stack. Growth and maturity, right? As people build their practices, the more advanced will have it embedded. But there’s also a real path for someone starting out to say, “I need to at least get this piece right, because it’s critical to the overall security posture of my clients.” Robert Dutt: Fascinating. It’s an interesting area of technology and – to your greater point – business. I appreciate you taking the time to share some thoughts on how service providers can get involved. Tim Coach: Thanks for having me on. I always appreciate it. Robert Dutt: There you have it – Tim Coach from Cynomi. I’d like to thank Tim for taking the time today. He’s been around the MSP space long enough that when he points at something and says it’s the next thing, it’s worth listening. A few things I want to make sure land from this conversation. The first is the Business Impact Analysis as the true starting point. Before you think about vendor questionnaires or risk scoring tools, you need to understand how your client actually generates revenue – which processes drive the majority of the business, and which vendors are load-bearing in that equation. That’s not a security conversation. That’s a business conversation. And that’s the shift that moves an MSP from tool vendor to genuine business partner. The second is the insurance signal. When underwriters start denying SMB coverage not because of something the SMB did, but because they’re connected to an MSP – that’s a warning and an opportunity in the same breath. MSPs who can demonstrate they’re actively managing their clients’ third-party risk have a new and better story to tell. And the frame to carry with you: security first, compliance becomes a default. Build the practice to the right security baseline and the compliance checkboxes largely take care of themselves. In The Channel is available on Apple Podcasts, Spotify, YouTube, and most major podcast directories. If you’re finding value here, ratings and reviews are always appreciated – they help other people in the Canadian IT channel find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

EPISODE SNAPSHOT Welcome to The Bryan Air Podcast. Career intelligence for pilots. We break down executive moves, economic forces, and the technology reshaping how pilots are trained, assessed, and employed. Boardroom decisions land on your flight deck. We translate them first. No corporate spin. Just the intelligence pilots actually need. Sitting across from Willie Walsh in Singapore, I asked the question every pilot, parent, and cadet is asking right now: will pilot jobs still exist in 10 to 15 years. His answer was honest, sharp, and not what the pilotless hype crowd wants to hear. This bonus reel pulls the highlights from IATA's World Data Symposium 2026: Walsh on the broader career paths most pilots ignore, the 1.4 billion people and only 50 wide bodies sitting in India, real-time turbulence data going straight to your iPad, why aviation is teaching the rest of tech how to govern AI, the honest truth about SAF, and a reminder that the right job at the right time is not always the heavy metal. If you are trying to read where this industry is actually heading, start here. In this bonus episode of The Bryan Air Podcast, Bryan Roseveare shares highlights from IATA WDS 2026 in Singapore featuring Willie Walsh (IATA Director General), Kim McCauley, David Fairman, Dr. Marie Owens Thompson, and Al McCauley on pilotless aircraft, pilot career outlook, AI in aviation, sustainable aviation fuel, and the future of the flight deck. TIME-STAMPED FLIGHT PLAN 00:00 Welcome to the bonus reel 00:22 Why IATA Singapore mattered 01:09 The pilotless hype check no one wants to hear 02:08 Will pilot jobs still exist in 10 to 15 years 04:43 A quick favour and a thank you 06:08 Willie Walsh on the broader career paths most pilots ignore 08:46 1.4 billion people, 50 wide bodies: India and Africa unpacked 09:39 Kim McCauley on nowcasting turbulence straight to your iPad 11:38 David Fairman on cybersecurity, agentic AI, and aviation as the benchmark 14:20 Dr. Marie Owens Thompson on SAF and the silo problem 16:24 Al McCauley on situational awareness and choosing the right job at the right time 20:15 Wrap up, resources, and what is coming next JOIN THE BRYAN AIR COMMUNITY Bryan Air is a career intelligence ecosystem for pilots. Sign up free to receive our weekly newsletter covering the disruption of AI in aviation, career strategy, and the analysis that does not make it into the episodes. Sign Up Free → https://bryanairpodcast.com/ FREE PILOT CAREER ASSESSMENT Where are you in your career? The Flight Plan is our free, AI-powered career intelligence tool. Answer 8 questions about your situation and get a personalised strategic assessment with specific moves tailored to where you are right now. Take the Free Assessment → https://pilotcareerintelligence.netlify.app/ RISK MANAGEMENT AND DECISION MAKING SIMULATOR Practise structured decision-making using live flights. Our AI-powered simulator lets you work through RMM and T-DODAR frameworks on real Flightradar24 data, with AI-generated scenarios and personalised debriefs. Built by Bryan Roseveare for pilots who want to sharpen the skills that matter most when things go wrong. Early bird: $29 one-time. Lifetime access. Try the Simulator → https://bryanair.tools/ LINKS Bryan Air — Career Intelligence for Pilots → https://bryanairpodcast.com/ Free Pilot Career Assessment → https://pilotcareerintelligence.netlify.app/ Risk Management and Decision Making Simulator → https://bryanair.tools/ Bryan Roseveare → https://www.bryanroseveare.com/ Watch on YouTube → https://www.youtube.com/@BryanAirPodcast Support on Patreon → https://www.patreon.com/bryanair  

EPISODE SNAPSHOT Welcome to The Bryan Air Podcast. Career intelligence for pilots. We break down executive moves, economic forces, and the technology reshaping how pilots are trained, assessed, and employed. Boardroom decisions land on your flight deck. We translate them first. No corporate spin. Just the intelligence pilots actually need. SAA is back in the headlines, and not for the reasons anyone at home wants. The Auditor General has flagged the airline as a going concern with material uncertainty, and SA Technical's financials are reportedly too severe to even audit. That one lands hard locally. Globally, the bigger signal is Lufthansa cutting 20,000 short-haul flights this summer because the fuel maths no longer works. Bryan and Ryan translate what all of it means for your roster, your contract, and your next career move. In this episode of The Bryan Air Podcast, Bryan Roseveare and Ryan Parrock break down SAA's going concern warning, Lufthansa cutting 20,000 flights, the Pratt and Whitney GTF Advantage engine, the US pilot mental health bill, and a Dubai WhatsApp arrest every crew member should know about. TIME-STAMPED FLIGHT PLAN 00:00 Welcome Back: The Stories That Matter This Week 01:05 Singapore Recap: What Stood Out 01:55 Quick Favour: Hit Subscribe 02:25 SAA Leadership Exit: Lamola Out, Acting CEO In 03:11 Parliament Fallout: AG Flags Going Concern 05:29 What This Means for SAA Pilots and Crew 10:38 Lufthansa Cuts 20,000 Flights as Fuel Maths Break 12:51 Fuel Surcharges and Geopolitical Uncertainty 19:28 Pratt and Whitney GTF Advantage Gets EASA Nod 21:11 US Senate Advances Pilot Mental Health Bill 27:57 Dubai WhatsApp Arrest: What Every Crew Needs to Know 30:05 Top Gun 3 Rumour: Maverick Might Be Back 31:45 Captain's Announcement: WhisperFlow for Pilots 37:02 Wrap Up and the Updated Flight Plan Tool JOIN THE BRYAN AIR COMMUNITY Bryan Air is a career intelligence ecosystem for pilots. Sign up free to receive our weekly newsletter covering the disruption of AI in aviation, career strategy, and the analysis that does not make it into the episodes. Sign Up Free → https://bryanairpodcast.com/ FREE PILOT CAREER ASSESSMENT Where are you in your career? The Flight Plan is our free, AI-powered career intelligence tool. Answer 8 questions about your situation and get a personalised strategic assessment with specific moves tailored to where you are right now. Take the Free Assessment → https://pilotcareerintelligence.netlify.app/ RISK MANAGEMENT & DECISION MAKING SIMULATOR Practise structured decision-making using live flights. Our AI-powered simulator lets you work through RMM and T-DODAR frameworks on real Flightradar24 data, with AI-generated scenarios and personalised debriefs. Built by Bryan Roseveare for pilots who want to sharpen the skills that matter most when things go wrong. Early bird: $29 one-time. Lifetime access. Try the Simulator → https://bryanair.tools/ LINKS Bryan Air — Career Intelligence for Pilots → https://bryanairpodcast.com/ Free Pilot Career Assessment → https://pilotcareerintelligence.netlify.app/ Risk Management & Decision Making Simulator → https://bryanair.tools/ Bryan Roseveare → https://www.bryanroseveare.com/ Watch on YouTube → https://www.youtube.com/@BryanAirPodcast Support on Patreon → https://www.patreon.com/bryanair #AviationPodcast #BryanAir #PilotLife #SAA #Lufthansa

Aharon Chernin, founder and CEO of Rewst Aharon Chernin has been building technology specifically for MSPs for more than twenty-five years – including founding Perch Security, which ConnectWise acquired in 2020. His next venture was Rewst, a workflow automation platform purpose-built for managed service providers, now serving over 1,500 MSPs. The founding insight: automation was the foundational promise of managed services, and the tools had never lived up to it. In this conversation, Chernin draws the distinction that frames everything else: there’s a difference between an MSP that does automation and an automated MSP. One is a project. The other is a culture. Success, he argues, is one hundred percent cultural – the person who writes the cheque and the engineer who builds the workflows both have to want it, or it stalls every time. We dig into where AI fits in the MSP operational stack, and why treating AI and automation as interchangeable leads to bad decisions. The Chernin framing: AI thinks, automation acts. Without a connected execution layer like Rewst’s RoboRewsty AI Workflow Builder, AI can only advise. We also get into the governance model – approval gates, trust levels, and the balance between cyber risk and business risk – and the MCP Server architecture enabling genuinely agent-driven MSP operations. Chernin shares numbers from three Canadian MSPs on the platform – Resolved IT, Ideological Systems, and Yardstick – and walks through how to calculate the real economics of automation investment beyond simple time savings. He closes with a practical roadmap for any MSP owner who wants to get serious in the next six months: get out of firefighting mode, find your automation champion, start small, and do not wait for perfection. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last sixteen years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. If you’ve been following the conversation around AI and MSPs over the last year or two, you’ve probably noticed that a lot of it is pretty fuzzy. AI is going to transform your business. AI is the future of service delivery. AI this, AI that – but not a lot of specificity about what it actually means for the way an MSP runs its operations day to day. My guest today has been building technology specifically for MSPs for more than twenty-five years. He founded Perch Security, which was acquired by ConnectWise back in 2020, and then turned around and founded Rewst, a workflow automation platform built from the ground up for managed service providers. Rewst now has over 1,500 MSPs on the platform, which means he has a pretty clear view of where the channel actually stands on automation – not where vendors wish it stood, but where it actually is. We talk about the difference between an MSP that does automation and an automated MSP, and why that distinction matters more than any specific tool. We get into why AI and automation are not the same thing, and why confusing them leads MSPs to make bad decisions. And we look at what the operational stack of an MSP actually starts to look like as AI moves from advising on workflows to generating and executing them. Aharon Chernin is the founder and CEO of Rewst, and he’s been thinking about this a lot longer than most. Let’s get right into it. My chat with Aharon Chernin. Aharon, thanks for taking the time. I appreciate it. Aharon Chernin: Nice being here. Robert Dutt: Rewst isn’t your first time building specifically for the MSP market. You come out of Perch Security, acquired by ConnectWise. What did your time inside ConnectWise’s world teach you, and was Rewst a direct response to something specific you saw from there, or from the community there? Aharon Chernin: I was actually only at ConnectWise a couple of months. Really, the Rewst idea came from working with MSPs for years while I was doing Perch. I was learning more and more about how MSPs operated. I saw the tools they were using, the problems they were having. And, mind you, this is the era circa 2017-18, and they’re using tools called PSAs – professional services automation – that didn’t really automate anything. It had me scratching my head: what’s going on here? But then I just continued moving forward because I had security stuff going on. And then there were RMM tools called Automate, and I was trying to figure out what these things actually automated. It was just endpoint stuff, right? But there’s so much more than just an endpoint. And then I saw a bunch of single-point solutions – software products out there doing a single automation, not even calling it an automation, just calling it a software product. So once I had the opportunity after Perch, I went and started investigating what were these quirks in the market I was seeing, because automation is much, much bigger than what the market actually thought it was. Robert Dutt: Well, and it’s for so long been one of the key premises of managed services – the idea of automate everything you can towards success. So it’s interesting to hear those observations. You’ve got the platform now with 1,500 or more MSPs on it – you probably have a better view of the real state of automation adoption in the channel than almost anyone out there. How would you honestly characterize it today? Is this a story of meaningful progress from the scenario you saw back in your Perch days, or is it still pretty early for many MSPs? Aharon Chernin: It’s still the beginning. We only have 1,500 MSPs. And how many MSPs are there – depending on who you talk to, 60, 80,000. We only have 1,500 of them. So in my mind, these are all early adopters in automation. But when it comes to what adoption actually looks like in an MSP that successfully automates, it’s cultural – 100%. If you look at cybersecurity – Perch was a cybersecurity company – you’d be looking for the correct size MSP that focused on security to resell through. But when it comes to automation, every size MSP needs to automate – small and big. And we’re actually seeing that. We see really, really small MSPs automate and really, really big MSPs automate. And we’ve also seen both those sizes fail. The number one reason they succeed is culture. The buyer – the buyer could be the CEO of the MSP, or a director of managed services, whoever can write a cheque – that person has to want to automate. And the engineer who’s actually going to do the automation, they have to want to do it too. If the buyer wants to automate but the engineer doesn’t, it’s not going to work. If the engineer wants to automate but the buyer doesn’t, it’s not going to work. And that cultural thing extends further than just the want. The CEO of the MSP should be running around saying, “I want to be an automated MSP,” and excited about it. If they’re not excited about it, they’re going to be a part-time automation MSP. The way I like to say it is: you’re either an automated MSP, or you’re an MSP that does automation. Robert Dutt: What do you find helps flip the switch from one to the other? What is it that gets those teams that are either misaligned or not aligned at all to get things lined up and moving in the right direction? Aharon Chernin: It’s really an open line of communication between the buyer and the person implementing. Because if the buyer has an automation idea – just one, a single simple basic thing that would save the company time or help improve service delivery reliability – and that engineer performs that small automation, and they talk to each other, and the engineer says, “Yes, it’s running. Yes, it runs fifty times a day. We’ve saved eight hours today running this automation” – and that actually gets back to the person who writes the cheque – there is alignment. The tide has turned. Suddenly the MSP says, “How do I dedicate more people to helping automate this business?” It’s a matter of getting that first win and getting it in place. Robert Dutt: There’s a lot of talk, obviously, about AI. And Canadian MSPs are being sold a lot of things that blur the line between AI and automation. You’ve talked about that distinction – the idea that AI thinks and automation acts. Can you expand on that? Because I think getting that framing right can help change how MSPs make decisions and think about how they’re structuring things internally. Aharon Chernin: AI can’t touch anything by itself. This goes back to: AI thinks, automation does. Take ChatGPT, for example. ChatGPT is not an AI. ChatGPT is a tool on top of AI. The AI is GPT. The tool is Chat. So just having AI gives you a lot of answers to a lot of questions, but nothing gets done. You need the tool on top of the AI. I can’t think of an easier way to define it than that. There are an infinite number of possibilities of what you can do with a tool that leverages AI. Robert Dutt: So you guys have RoboRewsty now. You’re moving from AI that guides building workflows to AI that generates those workflows. That sounds incremental, but to your point on thinking versus doing, I suspect it’s more significant than that. What actually changes for an MSP team when anyone in the org can describe a workflow in language that’s natural to them and have it built for them, rather than having to go back to that one person who knows how to build out the automation? Aharon Chernin: AI is easier to understand than even that. We need to think of it as just another employee. Now, depending on how much the business trusts that employee is how much governance we’re going to put around that employee. If there is one hundred percent trust, it gets free will and can run freely. If there is zero to ten percent trust, every step of the way needs to be gated by a person. But there’s a balance. One of the funny things about cybersecurity is everyone looks at the cyber risk side of the equation, but no one looks at the business risk. The business risk of having zero trust in your AI means all the other MSPs can surpass you. You need to balance business risk and cyber risk. It’s never one hundred percent cyber risk, or your business won’t move forward. How do you put people in the middle? When you tell the AI to build the automation, you require approval gates along the way. And the AI will build in those approval gates for people to get in the way of automation and approve or deny things. That solves the problem of the AI acting fully independently. Robert Dutt: You’ve announced an MCP server that lets external AI agents trigger Rewst automations directly. That feels like a pretty big architectural shift toward that AI-doing side of things – toward operations that are genuinely agent-driven rather than just automated. What does that look like in practice today, and where do you see that going over the next couple of years? Aharon Chernin: I see three main agent use cases. But if we sit back and think, “Where does this MCP server fit in?” – in my world, in my vision, when I create products, I have to try to predict the future. Because it takes time. If I create a product for what’s needed right now, by the time it gets done and goes to market, it’s already a bad idea. In the future, people will be interacting with agents, not with the user interface of any product – a PSA, an RMM, maybe even an operating system. When you think that way, without a capable MCP server in front of your product, you’re forcing people to always log into it. If everyone is in Claude Code all day long and you’re the one product they have to pop out of Claude Code for, that’s not good. I don’t want to be there. And for folks who want more approval controls in an automation process – what’s cool about using Claude Code to interact with the Rewst platform is you can put requirements in your Claude Code, in your AGENTS.md file, for example, to be enforced however you want them enforced on your side. Which is pretty neat, in my opinion. As far as the three major use cases for agents: I immediately get brain-fried when someone asks what an agent-driven MSP of the future looks like, because I think – what agent are they talking about? I really see three specific, distinct agent implementations that an MSP could ever have. One is an agent that they build for their customers that just does customer-centric business things. That’s not something the MSP would run internally – that’s something they want their customer running. Then they may want an agent that the customer uses to interact with the MSP – “Hey, I need to add a new user,” for example. That may launch Rewst automations, because it’s just an agent – it’s just AI, it can’t go do those things on its own. And then the third type is the agent that an engineer uses at the MSP itself, because that agent is going to have more privileged access and communicate in a much more technical way than you’d want to present to a client. Robert Dutt: How do you see those rolling out in terms of timeline? My first assumption would be that you build the internal side first – get the side the engineers are working with up and running, learn from that, then start building out the customer-facing side, and finally toward the end-user type stuff. Aharon Chernin: You always eat your own dog food first. It’s got to be useful for you. If you’re just doing it to say you’re doing it, you won’t be able to sustain it. It won’t scale. I would have your help desk and your engineers doing simple things first. I love the owner-operators that have grand visions of their AI-automated futures, because those are the ones who are going to succeed. The one downfall they may have is they won’t settle for anything other than that grand vision – they work on the most complex thing first. Or they get a ton of small wins under their belt and never go for the big win because the big vision feels too far away. So: keep it small initially. Eat your own dog food. Get really good at it. Then move bigger successfully internally. Then maybe the next step is the agent the customer uses to interact with your business – do the same thing, start small, then go big. The agent the MSP builds for their customers’ businesses is the toughest. Not because it’s technically challenging – it’s tough because the MSP has to go learn how that customer’s business actually operates. And if you want your agent to provide value, you’re going to have to do that work. Robert Dutt: That’s a chance to really test the “trusted advisor” theory out and get real about it. Aharon Chernin: Exactly. Robert Dutt: Let’s talk about the economics of this. Especially as a Canadian MSP – we’ve got a smaller talent pool, cross-border salary competition, the Canadian dollar. The headcount argument for automation is particularly acute here. Where does break-even actually land? What does an MSP need to have in place before this really starts to visibly move the margin needle? Aharon Chernin: You start with understanding the economics of automation. The most basic is: how much time will you save? And even the definition of saving time can be less obvious than you’d think, because saving time might mean “I don’t do this work today” – so how do you calculate that? Well, one of those savings is: will it reduce churn? How much time does it take to go get a new client? Then you realize, oh, there is a time savings there. Or it may not save time, but it improves service delivery reliability. How much time do you spend each month on ticket re-dos because they were done wrong the first time? And some of these savings are security-related. If you can take away privileged access from your lowest-level help desk because automation handles those tasks instead, how much does an incident cost you each month? The next big thing is understanding the cost to build an automation. We’ve dramatically reduced that over the past three months through RoboRewsty – you just describe an automation and it goes and builds it for you, then runs, tests, and fixes it. It could save you roughly ninety percent of the build time. Just like writing code with Claude Code saves you a lot of time building software. So: you’ve got an automation idea. It costs you four hours to build and saves you 400 hours a month – you break even really, really quickly. You have an automation that takes four hours to build but only saves you thirty minutes a month – do you still build it? Yes. Because automation is not a one-month profit thing. It builds off itself each and every month. And that’s when you start to realize: maybe I do start small, because the big grandiose ideas might save you ten hours a month but take you a hundred hours to build. We’ve got a couple of Canadian partners who’ve had great success and are okay with me naming them. Resolved IT: last month they did 420,000 tasks and saved fifty-nine hours – 1,800 endpoints. Ideological Systems: 28,000 tasks, forty-five hours saved – 750 endpoints. And Yardstick: 744,000 tasks, 327 hours saved – 6,500 endpoints. Just some numbers for you. Robert Dutt: That’s certainly some solid data. You’ve talked about where you’re at now with RoboRewsty. Can you share a little about where you see things going in the short term – in terms of the direction of the technology and how you’re automating processes? Aharon Chernin: I feel like I’m more of a future predictor than a startup founder. AI is both scary and exciting at the same time. It’s a huge opportunity for everybody – for MSPs, for vendors that serve MSPs. But it’s also super scary because it’s a disruptor. It could disrupt MSPs, the vendors that serve them, and their customers’ businesses. You have to take risks in how you predict what’s coming. But I really do think the user interface for people is going away, and that the primary user of all products will be AI. That’s where the world is going. Think about that – how does that change how an MSP operates? Look at the tool stack MSPs use today. Is your PSA built for people, or is it built for AI? It’s going to be interesting. Never a dull moment in this industry. Robert Dutt: Last one for me. If I’m an MSP listening to this and being honest with myself about where I’m at in my automation and AI journey – what’s the one thing that most of them should be doing in the next six months that most of them aren’t? Aharon Chernin: Starting at a really high level: you’re a business owner. I’m a business owner. I understand how hard it is to get out of firefighting mode. It’s hard to see thirty days out. There’s so much going on – happy people that want to talk to you, unhappy people pulling you aside. You have to spend some time thinking beyond thirty days. You can’t ignore what’s coming with AI and automation, because there is going to be an MSP that doesn’t ignore it. The next level: come up with an automation idea. As the owner of the MSP, that’s the most valuable automation idea that will ever get identified, because it’s coming straight from the business – not from a random engineer with a random problem. That engineer can go automate something and make their job better, but you may never know about it and it may never impact the business. Come up with an automation idea. If you find that easy, come up with more. Having the ideas is half the battle – not even having a product. Just start writing them down. Next: identify someone in your organization who will become the automation champion. As fast as tech is moving, it may not have to be a super technical person, because they’ll be able to talk to an agent to make the automation happen. But if it were me, I would still pick who I think can automate the best. Go to your team and say, “Who wants to automate?” and pick the hand-raiser. That’ll also help with alignment. Once all that’s done, you’re finally ready to look at automation solutions. Learn everything you can – we have Cluck U, our certification program, get certified in automation. Then build that simple automation as quickly as possible and get it into production. Do not wait for perfection. If you’ve got a ten-step process that takes a hundred minutes, and you only automate nine steps, you’re still saving ninety minutes. Why wait for the last step to get that win? And then we’ve got a conference called Flow – an automation-focused conference for MSPs. The coolest thing about it is that everyone there is an MSP that wants to become an automated MSP, not just one that wants to do some automation. This is our third year. First year we had about 120 people, second year over 300, and this year I think we’ll have 500. It’s in Nashville, June 23rd. Check it out at mspflow.events. Was I allowed to plug that? Robert Dutt: I think you’re good. Aharon Chernin: Sounds good. Robert Dutt: Aharon, I appreciate you taking the time and giving us a view of where automation’s at and where it could be going. Thank you. Aharon Chernin: Thanks – it was nice chatting. Robert Dutt: There you have it – Aharon Chernin from Rewst. I’d like to thank Aharon for his time today, and thank you for listening. A couple of things I’m still thinking about from this conversation. The framing that stuck with me most is the distinction between an MSP that does automation and an automated MSP. It sounds like a subtle difference, but Aharon’s point is that one is a project and the other is a culture – and only one of them actually compounds over time. If automation is something your team does when they get around to it, rather than something that’s baked into how the business operates, you’re probably not going to get the return you think you are. The other thing worth sitting with is the governance question. As AI moves from helping you build workflows to actually generating and running them, the trust model has to evolve with it. The new employee analogy Aharon used – starting with limited access, expanding trust as it earns it – is a practical framework for MSPs who are trying to figure out how much autonomy to give AI in their stack right now. And for any Canadian MSPs listening – the data points Aharon shared from Resolved IT, from Yardstick, from Ideological Systems – those are real Canadian shops with real numbers. The economics of automation are compelling anywhere, but they’re particularly compelling here, given our labour market realities. If this episode was useful to you, the best thing you can do is subscribe to or follow the ChannelBuzz.ca podcast wherever you get your podcasts. We’re on Apple Podcasts, Spotify, YouTube, and most major directories. A rating or review goes a long way and is always appreciated. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Alex Webb, CEO of F12.net and Leanne Yeatman, chief of staff at F12.net F12.net has completed more than 15 acquisitions since founder and CEO Alex Webb and Chief of Staff Leanne Yeatman made their first deal in 2006. What started as a circumstantial opportunity evolved into a deliberate growth strategy that has taken the company from its Alberta roots to a national MSP with offices across Canada and over 500 employees. In this conversation, Webb and Yeatman open up about how they evaluate potential acquisitions – and why the criteria that matter most aren’t the ones on their website. Culture, resilience, and how distributed the workload is across the team all weigh more heavily than the financial table stakes. They also share hard-won lessons on integration, including why they stopped calling deals “mergers” and why leadership can’t outsource the transition work. The conversation takes a turn when Webb discusses F12’s recent private equity transition from Clairvest to Audax, putting him on the other side of the due diligence process he’s put sellers through for years. “Gives me a lot of empathy for what we put our sellers through,” he says. For MSP owners considering a sale, there’s practical advice throughout – from cleaning up your P&L and building leadership depth to understanding why recurring professional services isn’t managed services, and how that distinction affects your valuation when it surfaces in due diligence. Webb and Yeatman also weigh in on the AMTRA Solutions acquisition, a capability play that signals a shift in what acquirers are looking for beyond geographic expansion. Read Full Transcript Robert Dutt:  Hello and welcome to In the Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. If you go to F12.net right now — one of Canada’s largest managed service providers — you’ll find something you don’t see on most MSP websites. A page that says “Looking to sell? Let’s talk!” And it’s not vague. It lists exactly what they’re looking for and exactly what a seller gets. That kind of openness tells you something. It tells you that for F12, M&A isn’t opportunistic. It’s a core part of how they’ve grown from an Alberta basement operation in 1994 to a national MSP with over 500 employees and more than 15 acquisitions under their belt. My guests today are Alex Webb, founder and CEO of F12.net, and Leanne Yeatman, Chief of Staff, who’s been deeply involved in the company’s acquisition strategy and adds some valuable perspective throughout our conversation. We cover the full picture here — how F12 decides what to buy and what to walk away from, what integration actually looks like after the deal closes, and what MSP owners on the other side of the table need to know if they’re thinking about selling someday. Alex also shares what it was like to recently go through a recapitalization of his own company, putting him on both sides of the M&A equation. Let’s get right into it. My chat with Alex Webb and Leanne Yeatman. Robert Dutt:  Alex, Leanne, thanks for joining us. Alex Webb: Thanks. Leanne Yeatman: Thank you for having us. Robert Dutt:  Not every MSP has a “looking to sell” page on their website — much less one that is as prescriptive as listing what you’re looking for and what a potential seller gets. Pretty deliberate signal. When did M&A go from something that happened at F12 — an opportunity that came along — to something that became a core part of how you grow and something that you approach intentionally? Alex Webb: Going back to the memory here — I would say that transition happened right around 2015. Prior to that, we did two acquisitions and they were more circumstantial, opportunistic, presented themselves more than us actually going out and seeking them out. But that shifted when we wanted to expand into a new region that we targeted. That region was Ontario. We were Alberta-based in 2014 and we had a plan to expand into two more provinces — Ontario being first, then BC being second. So I would say that was the date. Robert Dutt:  Your first acquisition was CPU Technologies, way back in 2006 — 20 years ago. What was that experience like, and how much of what you do now was shaped by what you learned, for the good and the bad, doing it for the first time? Alex Webb: I’ll actually let Leanne go first. She played a big role in that acquisition. Leanne Yeatman: Going back a long time in history — that was our first transaction. It was different in the sense that we had some outside influence. One of our partners at the time, Wayne Scrivens, played a big role in coaching and teaching us what to look for and how to go through that process. I would say it was foundational in that it sparked this desire to do it more and to recognize that this can be a huge part of our growth story. It’s not the only piece of the journey, of course, but it definitely was a foundational moment for us. And while no two transactions are the same, there are obviously similarities. The more you do it, the more you look back and remember the specific things that went well and the things that maybe didn’t go so well — that you would do differently if given another shot. I remember the details very clearly still to this day. What we learned in that early phase of the CPU acquisition was that when you don’t have the relationships, it’s very hard to convert clients, because they don’t trust you, they don’t know you, they don’t believe you. You have to work really hard to build that trust. That was the biggest education we had: that integration and converting clients was going to be way harder than we thought. Robert Dutt:  Obviously it didn’t scare you off, because you’ve done 15 or so acquisitions over those last 20 years. Is there a rhythm to it? Is it a “you’re always looking” kind of thing, or do you find it comes in waves? Alex Webb: I would say waves. We found it a little easier to have a few acquisitions brought in and do that integration work together, because you’re usually assembling teams, and it tends to work a little better than fully integrating one and then starting another. You can do a lot of things in tandem, because you’re generally ripping and tearing not only at their systems but at your own — learning as you go all of the inadequacies in your own systems that need to be redeveloped. That work has to happen while you’re doing integration. So we just found it a little easier to do them in waves. Robert Dutt:  The technology tradition of batching — it kind of makes sense from that regard too. Your website lists the criteria you look for: north of $5 million in revenue, low churn, a majority of managed services, healthy EBITDA. Those are the table stakes. What’s the stuff that’s not on the website? What makes you lean in on a company that maybe looks more marginal on paper but gives you a good vibe — or conversely, walk away from one that checks all the boxes but just leaves you with a “no” feeling? Alex Webb: Culture plays a big role. The depth in the organization — how distributed is the effort? Does it all sit on one or two people? Or, even if they’re smaller, have they found ways to distribute the workload across the team? The test of resiliency in the organization matters too. Sometimes longevity brings a certain amount of resilience to a team and a culture. Sometimes experience doing their own expansions or acquisitions brings some of that. That’s important, because when you go through integration, things change — and not just for one entity. A wise person in the industry once explained it to us as: there are two cultures, and both cultures change and become one going forward. The pressure integration puts on both teams is significant. So you really want to look for a team that’s going to be able to weather that storm — one that has a good amount of trust built up with their leadership and with each other. Robert Dutt:  How much of the decision comes down to the owner? Their personality, their readiness to move, what they want their life to look like after the acquisition? Alex Webb: That’s a big one. The motivation for why they want to do it is a key ingredient. We try to get to that early, because in M&A, some owners might feel like they can get a little more value out of the business if they portray that they’re staying — but it’s actually traumatic on the business when the alignment is wrong. So we work really hard up front to figure out what’s actually going on. And it’s okay if you want to transition out, or if you want to stay and we work a role around you. Those are very important ingredients for a successful integration outcome. Sometimes there’s indecision — do I want to be part of it or do I want to leave? We just help them with that. We make it okay either way. F12 is a good home for their people and their clients, so they don’t have to worry about that part. We can concentrate our efforts on the outcome the owner actually wants. Robert Dutt:  To Leanne’s point about two cultures becoming one — you close the deal, it’s Monday morning. I presume champagne pops, but that’s just my vision of how these things work. What does that first week actually look like for the employees and the clients of the company you just acquired? Alex Webb: If you’ve done it right, it doesn’t feel any different. I know that’s a bizarre answer, but I think that’s what people build up in their minds — that day one, a bunch of things are going to change. Balloons and fanfare. And really you just wake up Monday morning and, you know what, we need to collect some money, answer the phone, go to the client site. All of the things just keep happening. The only difference is generally that there’s a little more money in your bank account than there was the day before — and that’s significantly the only difference. That’s a bit of an out-of-body experience for most owners who’ve never done it. The real work starts more like two or three weeks in. You want things to be business-as-usual for a beat, and then you’re working through the integration plan and executing against it. But that doesn’t happen on Monday morning. Robert Dutt:  After 15 or more acquisitions, what have you learned about that integration process? How does the playbook look different now than it did for deal three or four — once you’d realized you were going to do this more than once, but before it had become the muscle memory it is today? Alex Webb: I can say for sure what we don’t do: don’t call it a merger anymore. That’s the tendency with people who are new to it — “we’re merging, we’re going to take the best of both businesses.” That communication is false, because inevitably an acquisition is going to become one entity, and you’re not going to change the processes of the mothership too quickly. You might learn some things and adapt, but you’re not going to adopt their RMM tool or their PSA tool — not likely, because you’ve done so much work building your own. On the communication side, we’re very clear on that now. I think we presented it more like a merger in those earlier days, and it didn’t create a better outcome. The better outcome comes when it’s highly communicative all the way through the process, so people know what’s going on and can plan accordingly. Leanne Yeatman: I’d add two things. One — you can’t outsource the integration work. You can use outside parties to support it, but the leadership team needs to be present and own those pieces of integration very intently. And two — really understand the essence of the business: the things that make the culture what it is, the things that drive people’s loyalty and love for that entity. Make sure you foster those things and allow them to continue. Robert Dutt:  What does that transition look like? When you acquire a company, they have their own name, their own culture, their own way of doing things. How do you handle that — it doesn’t sound like it’s “welcome to F12” from day one? Alex Webb: It starts with core systems — getting the tools in place so that we have shared visibility into how the business is performing. That’s the first wave. What we’ve discovered from a culture perspective is that you can still have your identity as a region, as a location. Just because the logo is different, that doesn’t need to change how you do things. You can still have that Friday lunch if that’s what you did. You can still have the barbecues. You could still race RC cars in the parking lot. We don’t need to have a brand above the door to enable those things — but it’s bizarre how people interpret that they’re suddenly not allowed to do them anymore. So for us, it’s about being, as Leanne said, very intentional — making sure people continue doing the things that kept that culture alive. Then when the logo changes over, it shouldn’t feel that different other than it’s a different brand. And now there’s marketing support, sales support, and a lot of things that help that business that they didn’t have before. If you’ve done it right, you’ve added capabilities, expanded the offerings, and people can be more successful and feel more security about their future. That’s the magic. When that occurs, retention stays high — for both clients and team members. Robert Dutt:  You mentioned that you initially started doing acquisitions to expand geographically, and a lot of your acquisitions have looked like that going across Canada. AMTRA Solutions last year looks a little different, though — that’s a capability play, adding Microsoft Cloud and AI Copilot expertise. Is what you’re looking for in an acquisition changing? Alex Webb: It certainly is — or, maybe I should rephrase: it’s not so much changing as expanding. We’re still doing what we did on the geographic side, but we’re now adding strategic capabilities as an additional objective. For us, it’s either build it or buy it, and if it makes sense to buy it and bring that capability in, we will. AMTRA really presented a very unique opportunity. In full transparency — when clients get larger, into that upper mid-market range of roughly 350 to 500 seats, their IT needs shift from what a traditional managed service provider does. We handle level one, level two, level three help desk, patch management, backup, infrastructure management — all of those things. But as those organizations get a little larger, the needs change. They want to bring in more advanced Microsoft capabilities, and we would either lose those clients to larger enterprise providers, or bring those capabilities in-house. AMTRA presented that opportunity. It’s been incredibly successful, and we’ve been able to bring those technologies to our upper-end clients in a way that’s really working. Robert Dutt:  Without tipping your hand on anything specific — where are the gaps? Is the next chapter more geography, more capability, or are you looking at different frontiers altogether? Alex Webb: For us, the primary frontier is still geographic expansion — into Central Canada and Eastern Canada. That’s still on the to-do list. We also have our eye on more advanced security capabilities, because that’s forever changing and moving more toward the AI front. And we’re not ruling out ERP — the things I like to see are capabilities that all of our clients could utilize and benefit from. When we look at ERP applications, Dynamics 365, these are technologies that the broader client base can use and benefit from, having a mid-market provider able to bring them to market at scale. And we’re not ruling out going south of the border either. We already have clients in the U.S., and we’re starting to see opportunities in states just adjacent to Canada. Robert Dutt:  In December, Clairvest exited and Audax came in. You’ve spent 20 years as the buyer. What was it like to be on the other side of that process — having someone evaluate your company the way you evaluate the companies you acquire? Alex Webb: It gives me a lot of empathy for what we put our sellers through. How’s that for an answer? It’s tiring. It was a tiring process. It’s enjoyable on a lot of fronts, and incredibly rewarding when it’s done. But the six to eight months leading up to it — that was a ton of work for the organization. We had some really good support from our banking partners, from Clairvest, and the Audax team were terrific to work with. But even with all that, a lot of work and a lot of sleepless nights. That wasn’t our first experience on that side of the table, though. That was our third private equity transaction. We’ve been through it a few times — just enough to stay in tune with what it actually feels like. Robert Dutt:  You’ve got the muscle memory built on both sides of the equation — that’s an interesting place to be. You mentioned how it gave you empathy for what sellers go through. Did going through it change anything about how you think about and deal with the sellers you work with? Or did it confirm what you already believed, having lived as an MSP in this industry? Alex Webb: I think it did both. It confirmed some things, and I think we approach the process with a little more maturity now — on how we handle due diligence, data collection, and integration strategy — because every time you go through it from the other side, you learn a little more. And even when we’re not going through a full business integration, we’re still integrating at a board level, reporting to different people, going through change when you move from one private equity partner to another. I think that leveled us up a little bit and is making us stronger on the buyer side — helping sellers through the process with a little more elegance. Robert Dutt:  A lot of MSP owners hear “private equity” and get nervous. They picture cost-cutting and layoffs. From your point of view — having been through it a few times now — what actually changes when you have an institutional capital partner? Does it speed up acquisitions? Redirect them? Put guardrails on them? Alex Webb: Every private equity firm has their own view of what a good target looks like. So for any listeners thinking about private equity, it’s really critical that you align on strategy upfront. That becomes part of the conversation — what’s the tolerance, how does this look, who’s driving the acquisitions? These are important questions. Generally speaking, the private equity partners we’ve worked with liked that we had M&A capability and could hit the ground running. But the types of businesses and the size of acquisitions does change as you grow and move from one partner to the next. As your business gets larger, you can take on larger transactions. Leanne Yeatman: I’d add — knowing what you want to get out of the relationship and how you intend to continue operating the business with that new partner is critical. What we would do leading up to any transaction is decide on the top three things we were looking for in a new partner and what our vision for the organization was for the next five years — then stay focused on that through the process, to make sure you’re finding the partner that’s going to help you execute that vision. When done well, it should be a true partnership. It comes down to alignment. Robert Dutt:  You’ve sat across the table from a lot of MSP owners who want to sell. What’s the most common disconnect between what they think their company is worth and what the market says it’s worth? Alex Webb: I would answer that with their understanding of what should be normalized in the business and what shouldn’t — as it relates to EBITDA. The multiples vary a little, but M&A is generally a multiple of EBITDA. So what is that EBITDA, and what’s normalized? The biggest disconnect usually comes from owners running what you might call a lifestyle business — where a lot of their personal world is woven into the business finances. When it comes to doing a transaction, it’s very tricky to determine what’s truly in the business and what isn’t, and to convince the accountants, bankers, and funders of what the real number is. Owners who operate with a clean separation — who take a dividend and keep their personal world out of the business P&L — those are by far the easiest transactions, and you might even pay a little more for a company that runs a pure P&L. That’s one of those intrinsic things we look for. Robert Dutt:  In your experience, how many owners who say they want to sell are actually ready to sell? And what does “not ready” look like when you’re sitting across the table? Alex Webb: Tough to quantify, but I’d say it’s usually not a matter of “no” — it’s “not right now.” Either they’re ready and it makes sense, or they just need another year or two to readjust and get things to where they need to be. Everybody has a number in their mind: “If I could get this number for my business, I would sell it.” But nobody wants to reveal that number, because maybe they’d get more. The reality is, people who know their number and understand the mechanics of what it’s going to take to get there tend to have more success. Maybe they’re there now, or maybe they can get there in six months. But that’s the financial side. The mental side is probably trickier. Am I ready to let go? Am I ready to report into an entity? Am I ready to walk off into the sunset? Because sometimes the motivation for doing the transaction is fear — fear of industry change, all of the AI coming, feeling like you’re not ready to compete. That can be traumatic for an owner, because they’re doing it from a position of fear rather than from a position of opportunity for themselves and for their family. Robert Dutt:  There’s a whole generation of MSP founders who started their businesses in the nineties and early 2000s who are approaching retirement. Is that creating a wave? And if so, does that make it a buyer’s market? Alex Webb: I would still say it’s a seller’s market. The multiples are still high, there’s still lots of opportunity, and the industry loves businesses focused on recurring revenue with multi-year contracts — there’s real value in those businesses. As for the retiring founders — I’d say we’re just at the beginning of that wave. I haven’t seen a meaningful change in M&A deal flow as a result of it yet. But I believe we’re at the beginning, as some of these groups hit their late fifties and early sixties and start thinking about succession. In fact, I just had one of those conversations recently. Robert Dutt:  If I’m an MSP owner three to five years away from wanting to sell, what should I be doing right now to put myself in the best position — not just financially, but operationally and personally? Alex Webb: I’ll let Leanne start with this one. Leanne Yeatman: Build depth in the organization — have multiple leaders present and capable of guiding the rest of the organization through that change. On the normalization side, be clear on what’s acceptable going forward: anything personal that’s wrapped up in the business should start coming out. And third — focus on organic growth. Being able to demonstrate that the business is actively growing and has the ability to keep moving forward. Those three would be my top priorities. Alex Webb: I would add — bring your management team into the conversation when you’re ready to start thinking about a sale. It’s a tough situation when an owner goes through the LOI and due diligence process and then reveals it to the team at the very end. Everybody feels like, “why didn’t you trust me with this earlier?” Bringing them into the dialogue — saying “here’s what I’m thinking about” — you get their input, you get buy-in, you work it together. We do that even when we’re going into a transaction ourselves. When we were going through the Clairvest to Audax transition, we didn’t do it as a cloak-and-dagger move. It was intentional. And I think when it’s done that way, the outcome is even better. Leanne Yeatman: Exactly. The length of the process — if you’ve been in that seat for six or eight months going through due diligence, you’ve already had the time to mentally transition yourself to what’s next. But everybody else at close is just finding out. The more people who are part of that journey earlier, the easier that first week and beyond is. Robert Dutt:  My last question — if you could sit down with every MSP owner in Canada at one big table and tell them one thing about M&A that they probably don’t want to hear, what is it? Alex Webb: That recurring contract revenue needs to actually be in managed services. Meaning: you’re getting compensated on a contract whether you put a person out there or not. Recurring professional services — that isn’t managed services. This comes out in due diligence. People take that bucket of revenue and pile it in, trying to present it as managed services. But it gets found out and the deal gets discounted. So: be really clear about your lines of business. What’s product, what’s professional services, what’s managed services. You can have recurring professional services, and if it’s contractual, you’ll get a little more for it. But if you have true managed services, isolate it — because it won’t have the same revenue volatility, and you’ll get better rewarded for it. And if you want to improve your position, convert that recurring professional services to recurring managed services. It’s a lot of work, but we’ve successfully done that through integration for years. People are afraid to have those conversations — it goes back to the old time-and-materials, block-time days. That was the first wave. But when you look at block time and ask “why does this revenue move up and down?” — well, that’s because it’s getting classified as managed services when it isn’t. To hammer again on normalizations: less normalizations will actually benefit you more. Robert Dutt:  Great insights, and I appreciate you sharing what you’ve learned through 20 years of acquisitions. Good luck on the next 15. Alex Webb: Thank you very much. Leanne Yeatman: Get it. Robert Dutt:  There you have it — Alex Webb and Leanne Yeatman from F12.net. I’d like to thank Alex and Leanne for their time and for their candor. These aren’t always easy conversations to have publicly, and they were both remarkably open about what they’ve learned across 15-plus acquisitions and 30 years of building the company. A few things that stuck with me from this conversation. First, the shift from opportunistic to intentional. 2015 was the year that F12 decided M&A wasn’t just something that happened when a deal fell into their lap, but a deliberate growth strategy. That distinction matters, because it changes everything about how you prepare, how you evaluate, and how you integrate. Second, the culture point. Alex and Leanne both kept coming back to the idea that the numbers can look perfect and you still walk away if the culture isn’t right. And on the flip side, integration isn’t about slapping your logo on the door — it’s about two cultures becoming one new thing. “You don’t need a brand above the door to race RC cars in the parking lot,” as Alex put it. And third — and this is the one I think every MSP owner listening needs to sit with — Alex’s closer about recurring professional services versus managed services. If your recurring revenue is really just project work on a retainer, that gets found out in due diligence and your deal gets discounted. That’s specific, actionable, and probably uncomfortable for more than a few people listening. If you found this episode valuable, I’d appreciate it if you’d follow or subscribe to the show. We’re on Apple Podcasts, Spotify, YouTube, and most other podcast directories. And if you’ve got a minute, a rating or a review goes a long way to helping other people in the channel find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Tightening budget constraints and rising data trust requirements are increasing operational pressure on managed service providers by shifting risk and accountability downward through the service chain. Developments in both the European and US markets, together with supply chain volatility and heightened scrutiny of where and how data is handled, are forcing MSPs to redefine both service delivery and governance models. According to Speaker A, MSPs focusing on auditability, clear data residency, and sovereignty will remain viable, while those relying on traditional narratives or ambiguous transformation pitches risk being sidelined. The episode points to evidence from several reports: Politico notes that 8 out of 10 Europeans do not trust US or Chinese firms with their data, highlighting explicit concerns over data location and custodianship. Concurrently, the U.S. Chamber of Commerce Small Business Index, cited by Axios, shows declining confidence among American small businesses, with only 37% expecting new investments and 53% listing inflation as their top challenge. Further, Channel Insider flags “memflation,” with DRAM and NAND prices expected to rise 125% and 243% respectively by 2026, intensifying margin pressure and pricing risk for operators. Additional risk drivers come from both operational and technical layers. Speaker A references the Blackpoint Cyber 2026 threat report, which attributes most breaches to the abuse of trusted credentials and tools—such as RMM solutions and SSL VPNs—rather than new vulnerabilities. Governance gaps are also worsened by declining white-collar hiring, as cited by Gallup and Axios, reducing internal capacity for vendor reviews, incident follow-up, and process controls. Increased automation and outsourcing in response to these gaps tend to create more dependency chains and larger blast radii, making explicit governance even more important. For MSPs, these findings point to operational needs that go beyond technical capability. Contract terms must address volatile input costs directly, with shorter quote validity and explicit repricing clauses. Governance processes should include audit-ready data maps, clear documentation of subprocessors, and proactive credential management. Without these measures, MSPs risk being treated as interchangeable commodities and exposed to margin compression and heightened liability from external compliance and trust requirements. 00:00 SMB Caution 03:48 Coordination Crunch 06:24 RMM Exposed 09:36 Why Do We Care?  Supported by:  Zero Networks HaloPSA 

Today we are joined by Selena Larson, Threat Researcher from Proofpoint research team and co-host of Only Malware in the Building, talking about their work on "(Don't) TrustConnect: It's a RAT in an RMM hat." Proofpoint uncovered TrustConnect, a malware-as-a-service platform posing as a legitimate remote monitoring and management (RMM) tool, but actually functioning as a remote access trojan (RAT) sold to cybercriminals for $300/month. The operation used a fake business website, legitimate-looking certificates, and branded installers (like fake Microsoft Teams or Zoom apps) to trick victims, while providing attackers with full remote control, file transfer, and surveillance capabilities. Although parts of its infrastructure were disrupted, the threat actor quickly rebounded with new variants, highlighting both the resilience of the operation and its deep ties to the broader cybercriminal ecosystem abusing RMM tools. The research and executive brief can be found here: (Don't) TrustConnect: It's a RAT in an RMM hat Learn more about your ad choices. Visit megaphone.fm/adchoices

3 Days, 1 Conference, Every Question Answered | IATA WDS 2026 Live

Today we are joined by Selena Larson, Threat Researcher from Proofpoint research team and co-host of Only Malware in the Building, talking about their work on "(Don't) TrustConnect: It's a RAT in an RMM hat." Proofpoint uncovered TrustConnect, a malware-as-a-service platform posing as a legitimate remote monitoring and management (RMM) tool, but actually functioning as a remote access trojan (RAT) sold to cybercriminals for $300/month. The operation used a fake business website, legitimate-looking certificates, and branded installers (like fake Microsoft Teams or Zoom apps) to trick victims, while providing attackers with full remote control, file transfer, and surveillance capabilities. Although parts of its infrastructure were disrupted, the threat actor quickly rebounded with new variants, highlighting both the resilience of the operation and its deep ties to the broader cybercriminal ecosystem abusing RMM tools. The research and executive brief can be found here: (Don't) TrustConnect: It's a RAT in an RMM hat Learn more about your ad choices. Visit megaphone.fm/adchoices

The Huntress 2026 Cyber Threat Report found a 277% year-over-year surge in the abuse of RMM tools, which now account for roughly a quarter of all observed incidents. The ConnectWise 2026 MSP Threat Report frames 2025 as the year of “the abuse of trust,” with attackers increasingly exploiting valid credentials, misconfigured remote access, and trusted software updates rather than relying on novel exploits. For MSPs, the implication is uncomfortable: the tools you use to manage and protect your clients are increasingly being turned against you and them. Tony Anscombe, Chief Security Evangelist at ESET, returns to the podcast to dig into how these attacks actually work – from daisy-chaining multiple CVEs for entry, escalation, and persistence, to ClickFix-style social engineering where users are tricked into pasting malicious PowerShell commands through fake browser prompts. The conversation also gets into why attackers are going after MSP toolchains specifically, the patching dilemma MSPs face when every hour of delay is an hour of exposure, and why groups like Akira are now targeting backup infrastructure first to neutralize the recovery path before encrypting. On the business side, Tony is candid about what a breach through your own tools means for trust, reputation, and survival – and offers practical starting points: audit your environment, clean up stale credentials, patch on cadence, and run tabletop exercises with your customers, not just internally. He also introduces the concept of cyber warranties as a potential competitive differentiator for MSPs looking to stand out on RFPs. This is the second in an ongoing series of conversations with Tony. The first, covering the cybersecurity trends MSPs can’t ignore in 2026, is also available. Read Full Transcript TRANSCRIPT TO COME

How are organized crime rings infiltrating our supply chains, and is your vetting process strong enough to stop a "Trojan driver" from walking off with your high-value loads? Tune in to this episode as "The Fraud Girl" Danielle Spinelli from GenLogs breaks down the exploding crisis of freight fraud and cargo theft. We discuss the nitty-gritty of why a tight market is the best time to sharpen your brokerage skills, the importance of building authentic carrier relationships, and the terrifying reality of cyber-enabled theft costing the industry millions. Danielle shares her expert insights on everything from driver-level vetting to sophisticated RMM hacks targeting small to mid-sized fleets.  If you're a transportation pro looking to protect your business and stay ahead of the latest fraudulent trends, you cannot afford to miss this discussion on the front lines of logistics security!   About Danielle Spinelli Danielle Spinelli is the Director of Partnerships at Genlogs with over a decade of experience in logistics, specializing in carrier sales, vetting, and cargo theft prevention. After 8 years as a Carrier Sales Broker and later educating brokers and shippers on compliance at MyCarrierPortal, she now focuses on partnerships and industry collaboration to raise awareness around cargo theft and promote data-driven prevention strategies. Danielle also hosts the Tell Me Everything podcast, where she shares insights on cargo theft, logistics trends, and supply chain security.   Connect with Danielle Website: https://www.genlogs.io/  LinkedIn: https://www.linkedin.com/in/daniellespinelli11/  

Lots of cottage cheese and empanadas in #RMM, training at Planet Fitness, lifting for cycling, random fevers and The View is back with more retardation.Power Up Here: https://swolenormous.com

EPISODE SNAPSHOT Welcome to The Bryan Air Podcast. Boardroom decisions land on your flight deck — we translate them first. We break down executive moves, economic forces, and the technology reshaping how pilots are trained, assessed, and employed. No corporate spin. Just the career intelligence pilots actually need. Jet fuel prices have doubled in three weeks. Brent crude is above $100 a barrel. Airlines are canceling thousands of flights and slapping surcharges on tickets. And yet Emirates is still selling seats while smoke from a drone strike billows over the Dubai skyline. In this episode, we dig into what the fuel shock actually means for pilots on the line, from South Africa's 21-day strategic reserve to European carriers killing green fuel mandates because they cannot afford regular kerosene. We ask the question a father called in to ask us: should his kid stay in flight school? And we look at whether this crisis reshuffles the deck for airlines like British Airways who are already adding capacity while Gulf carriers absorb the hit. In this episode of The Bryan Air Podcast, Bryan Roseveare and Ryan Parrock analyse the Middle East fuel crisis, jet fuel price shock, South Africa's supply vulnerability, Dubai airspace safety, pilot career strategy during conflict, British Airways market repositioning, and the growing role of AI in airline rostering ahead of the Singapore aviation symposium. ✈ TIME-STAMPED FLIGHT PLAN 00:00 Bryan Air decision training tool: practise cockpit decisions on live flights 01:09 Episode intro and why this week is not sugarcoated 01:58 Jet fuel doubles in three weeks: the numbers airlines do not want you to see 03:43 South Africa runs on imported fuel with 21 days of reserves 06:20 Should your kid go to flight school? A father calls in for honest advice 10:42 Drones hit Dubai fuel tanks and Emirates keeps flying through the smoke 16:08 British Airways adds 10% more flights while Gulf carriers take the hit 18:30 What smart pilots do when the industry enters survival mode 19:59 Singapore AI symposium preview: rostering algorithms and the death of the roster clerk bribe 25:46 F1 SuperBru standings update and predictions for Japan 28:05 Live show announcement and how to send us your questions

(Presented by TLPBLACK: High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help defenders detect, hunt, and disrupt threats faster, with seamless integration into SIEM and SOAR workflows.) Huntress threat intelligence analyst Greg Linares shares insights on the modern ransomware ecosystem, including how crews operate like businesses and why Akira, Medusa, RansomHub, and Qilin cause so much damage. Plus, signs of overlap between ransomware and nation-state activity, what “time to ransom” really means for defenders, and why techniques like ClickFix and credential theft keep working at scale. The conversation also covers the surge in RMM tool abuse, how “living off the land” attacks can unfold without traditional malware, and the basic defenses smaller organizations can prioritize.

Cybercrime's escalation has reached a projected $12.2 trillion annual impact by 2031, with a notable surge in remote monitoring and management (RMM) tool abuse—up 277% year-over-year, according to Huntress and supporting vendor reports. Attackers utilize legitimate IT tools to facilitate stealthier ransomware and phishing campaigns, amplifying structural vulnerabilities within MSP technology stacks. Key metrics from Acronis, WatchGuard, and Vectra AI indicate a shift to smaller, more evasive malware campaigns, longer times to ransomware deployment (averaging 20 hours), and widespread unaddressed security alerts, raising questions about the adequacy of current defenses and incident response practices. Vendor-supplied threat intelligence further shows that MSPs' reliance on signature-based platforms and insufficient visibility leaves them exposed to evolving attack techniques. Data reviewed suggests phishing footholds can quickly compromise cross-client environments, and legal ramifications heavily fall on the service provider when RMM or monitoring tools act as entry points. Notably, only about 58-60% of organizations report full visibility across their systems, with a majority of alerts remaining unaddressed, underscoring gaps in operational maturity and preparedness. Adjacent coverage highlighted Microsoft Copilot's repeated security control failures within regulated environments, specifically its inability to enforce sensitivity labels and boundaries across emails—most recently affecting the UK's National Health Service. The lack of vendor-announced architectural changes calls into question the viability of deploying AI tools in compliance-driven contexts. Separately, political and public backlash against surveillance technologies (such as Flock cameras) demonstrates that unchecked data collection is no longer a manageable passive risk, as data becomes increasingly actionable and retains liability beyond technical considerations. The practical takeaway for MSPs and IT leaders is a need to prioritize audit, documentation, and enforcement of controls within their technology stacks, especially where vendor tools or AI-driven automation intersect with compliance and client trust. Preserving operational optionality and scrutinizing vendor terms—particularly data sharing and architectural enforcement—are essential to reduce exposure. Waiting for vendor patches, disregarding documented control failures, or underestimating public scrutiny elevate liability across legal, reputational, and client relationship domains. Four things to know today: 00:00 Vendor Threat Reports Converge on One Risk MSPs Can't Outsource: The RMM as Breach Vector 05:11 Copilot Failed Compliance Controls Twice in Eight Months — A Patch Won't Fix That 07:03 Flock Backlash Exposes the Liability Hidden in Every Vendor Data-Sharing Contract 09:42 GTDC Summit: Distributors Pitch AI On-Ramp as Hyperscalers Compress Their Margin Sponsored by:  

How do I know if the software I'm installing is legit? Crims created a fake RMM tool to gain access to business networks, Ransomware attacks, Why is Cloudflare blocking me? Security Cam Talk, AI Generated passwords, Want's to remote into PC for Quickbooks work.

How do I know if the software I'm installing is legit? Crims created a fake RMM tool to gain access to business networks, Ransomware attacks, Why is Cloudflare blocking me? Security Cam Talk, AI Generated passwords, Want's to remote into PC for Quickbooks work.

Dutch authorities warn Russia is escalating hybrid operations across Europe. Ransomware shuts down the University of Mississippi Medical Center. PayPal notifies customers of a data breach. The FBI says ATM jackpotting is on the rise. An FBI confidential informant had a hand in online fentanyl sales. TrustConnect malware masquerades as a legitimate remote monitoring and management tool. Researchers uncover the first Android malware to integrate generative AI. A critical zero-day hits Grandstream VOIP phones. The IRS slashes IT staff and technology executives. Our guest is James Turgal, a 22-year FBI vet and VP of global cyber risk and board relations at Optiv, discussing the latest wave of tax scams and IRS fraud. DOGE dudes deliver DEI deathblows. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by James Turgal, a 22-year FBI vet and VP of global cyber risk and board relations at Optiv, discussing the latest wave of tax scams and IRS fraud. Selected Reading Russia stepping up hybrid attacks, preparing for long standoff with West, Dutch intelligence warns (The Record) University of Mississippi Medical Center Suffers Cyberattack, Closes All Clinics, Cancels Services (Mississippi Free Press) PayPal discloses data breach that exposed user info for 6 months (Bleeping Computer) FBI: Over $20 million stolen in surge of ATM malware attacks in 2025 (Bleeping Computer) An FBI ‘Asset' Helped Run a Dark Web Site That Sold Fentanyl-Laced Drugs for Years (WIRED) (Don't) TrustConnect: It's a RAT in an RMM hat (Proofpoint US) PromptSpy ushers in the era of Android threats using GenAI (We Live Security) CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED) (Rapid 7) DOGE bites taxman (The Register) DOGE Bro's Grant Review Process Was Literally Just Asking ChatGPT ‘Is This DEI?' (Techdirt) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In a podcast recorded at ITEXPO / MSP EXPO, Doug Green, Publisher of Technology Reseller News, spoke with Rick Bekers, CEO of Channel Sales Pro, about how MSPs and technology vendors can design effective channel programs that accelerate growth while avoiding common pitfalls. Bekers brings more than four decades of experience to the conversation, including 35 years as an MSP owner, time leading a Technology Services Distributor (TSD), and years as a consultant helping vendors and service providers enter and scale through the channel. He emphasized that channel programs—whether built by vendors or MSPs evolving into “master MSPs”—require specialized expertise. “Trying to build a channel program on your own can slow you down by 18 months to three years,” Bekers said, noting that missteps and trial-and-error often delay revenue and partner momentum. The discussion focused on how Channel Sales Pro engages with MSPs seeking to expand. Bekers described a structured discovery and gap analysis process designed to align channel strategy with business goals, followed by execution that leverages established industry relationships. Drawing on his own experience running an MSP, he stressed the importance of solid operational foundations—repeatable processes, PSA and RMM tools, and consistent onboarding—to prevent burnout and customer churn as firms scale. “You don't want to try to scale a program on broken processes,” he explained. Bekers also delivered a direct message to MSP founders who feel stuck managing growth alone. By standardizing operations and seeking experienced guidance, MSPs can move from reactive, exhausting growth cycles to predictable, repeatable expansion. His confidence in the model is underscored by a performance guarantee tied to measurable revenue outcomes, reinforcing his belief that disciplined channel strategy can deliver returns within months. Visit https://www.channelsales.pro/

Jace Inman and RMM on Sub FM 7th February 2026 - https://www.sub.fm

OpenAI's direct investment and technical involvement with Thrive Holdings, specifically through its partnership with SHIELD Technology Partners, presents a new precedent for AI's integration into the managed service provider (MSP) space. Unlike prior private equity roll-ups or traditional organic growth, this move involves embedding OpenAI's models and engineers directly within SHIELD's platform, an entity that has rapidly acquired and integrated nine MSPs and executed two $100 million funding rounds. The arrangement is characterized by efforts to optimize MSP operations through proprietary AI automation, raising immediate questions around operational dependency and the shifting locus of software control.According to Seth Robinson, this approach signals OpenAI's attempt to navigate both consumer and enterprise technology markets—a dynamic seen previously in mobility—and reflects the broader tension between individual AI use cases and deeply integrated stack solutions. The initiative may accelerate operational scale, but it also introduces new operational risks by centralizing key components of service delivery and support within a single AI-driven platform, potentially affecting vendor lock-in, data governance, and continuity of MSP business models.Parallel developments highlight new vendor integration strategies among MSP-focused software providers. One example is Lexfold's AI documentation system, which, rather than integrating directly with core PSA and RMM tools, utilizes intermediary platforms such as Scalepad and Liongard for data access. Seth Robinson emphasizes that these alternative integration points may alter an MSP's center of operational gravity and complexity management, underscoring the need to assess not just functional outcomes but also system dependencies and brittleness introduced by new integration paths.For MSPs and IT leaders, these trends underscore the necessity of rigorous due diligence in vendor relationships, clarity on operational dependencies, and attention to the long-term implications of AI-enabled automation. Management—not elimination—of complexity remains central, with the risk of oversimplification leading to commoditization and loss of differentiation. Moreover, advances in AI should prompt greater scrutiny about talent pipelines, upskilling strategies, and the potential risks of eroding early-career roles, which may impact long-term service quality and resilience. Careful evaluation of integration points, data integrity, and operational control is recommended to mitigate the practical and organizational risks emerging from these developments.

Bob Miller, CEO and Founder of IRGame, is a technology entrepreneur with 30+ years of experience across cybersecurity and emerging technologies. He's a pioneer in using AI-powered gamification for incident response (“IR”) training, designed specifically for busy executives who can't spend full days in training but must make high-stakes decisions quickly during real crises. IRGame puts executive teams through realistic scenario such as ransomware, data breaches, business email compromise, and AI-related incidents, so they can practice decision-making under pressure. Returning to Lafayette and building startups Bob graduated in 1988 from University of Louisiana – Monroe in Computer Science and Math. He moved back to Louisiana from San Jose around 2010 and chose Lafayette as home. Almost immediately, the Lafayette Economic Development Authority (LEDA) contacted him about helping build a startup accelerator. With experience across roughly 10 startups, he became founding director of what he named the Opportunity Machine, where his title was “Head Machinist”). Bob later continued mentoring via the Accelerator Board. After three years, engineer and entrepreneur Bill Fenstermaker recruited him to help commercialize products at Fenstermaker & Associates. Bob worked on projects including a custom GIS system and underwater acoustics, following earlier work in areas like satellite systems. Later he became COO at Waitr in its early stage, helping scale from about 300 to 3,000 employees in roughly 12–14 months, the kind of operational scaling challenge he's often brought in to manage. He then joined a local managed service provider and helped transform it into a managed security service provider, an experience that directly led to IR Game. Why IR Game exists Bob identified a persistent problem: many organizations resist spending time and money on cybersecurity because they don't understand it and lack an emotional connection because they have never experienced a crisis. Traditional tabletop training exercises meant to train a business team on how to respond during a crisis (paper scenarios, PowerPoint presentations, and sitting around a conference table discussing solutions) have existed for decades, but they're time-consuming (often 80–90 hours to prepare) and require pulling people into a room for a full day, which makes them expensive and hard to scale. If it's hard, many companies simply don't do it. Bob attended a cybersecurity conference and participated in a tabletop designed for managed service providers, an exercise that was “fundamentally terrifying” and eye-opening. A worst-case Managed Service Provider (“MSP”) scenario is when a third-party tool, especially remote monitoring and management (RMM) software, gets compromised. That can lead to ransomware across an MSP's entire customer base simultaneously. The exercise illustrated IRGame's central insight: about 80% of incident response is non-technical in nature: financial consequences, shutdown decisions, customer impact, employee panic, communications, reputational and legal exposure. Bob brought the tabletop back to his company and ran it with 80 of 130 employees, customizing it with real customer names, revenue figures, and tenure. Even with a mature incident response plan and twice-yearly practice, they discovered a dozen needed changes. That convinced him that if a well-prepared security organization learns that much from a scenario, “everybody can.” The breakthrough: turning tabletop into an online multiplayer game During that exercise, a longtime software collaborator of Bob’s mentioned he still had a dormant game app framework built years earlier for a high-school project with Bob's daughter. He believed he could convert the paper tabletop into an online multiplayer experience in a weekend. After running the in-person tabletop on Thursday, he demonstrated a working browser-based multiplayer version on Sunday. They showed it to cybersecurity tabletop authors and industry influencers, Matt Lee and Ethan Tancredi, who were shocked by how quickly the tabletop content had been transformed into a functional digital game. Soon after, they invited about 20 people to test it. The early version looked rough, like a 1980s text adventure, but it worked. The response was far stronger than expected: participants reported intense emotional engagement and immediate practical takeaways. One government participant said it left him rattled, with pages of notes and a need for a drink; an MSP in Hawaii asked when he could use it with customers. That became a monthly community practice program: they've run 25+ free games, putting 1,000+ people through the system. As demand grew—especially from providers wanting to use it with customers—IRGame chose to commercialize. IR Game mirrors tabletop training but compresses it into a high-intensity, guided simulation. A scenario is narrated like scenes in a movie. Participants answer opening questions to get teams communicating quickly, which is critical because incident response requires fast coordination. Players assume roles and must allocate limited resources to tasks. Challenges pile up faster than teams can handle them, forcing prioritization and tradeoffs, just like real incidents. A key design element is pressure: a relentless timer counts down; there's no pause button. This stress reveals the truth: under pressure, people become more honest about gaps in their preparedness. That's valuable because organizations often sugarcoat weaknesses—until a simulation forces real reactions. Bob explained an example crisis scenario: a business email compromise (which he says is currently a dominant incident type). A financial firm discovers a customer wired money to a “new account” supposedly sent by the CFO, yet the CFO didn't send it. As the story unfolds, participants learn the compromise likely affected many customers, not just one. The game surfaces operational realities executives often miss: internal rumors, uncontrolled communications, legal exposure triggered by words like “breach,” and the need for an “event mode” communications policy that calms the organization and prevents chaos. AI scenarios and new risks IRGame also focuses on emerging AI-related risks. Miller says they ran what they described as the first AI incident scenario at a national security conference (IT Nation Secure) and now maintain multiple AI scenarios. The point is not to create fear, but to provide a safe environment to practice decisions around new threat patterns. Practical cybersecurity guidance for individuals and small businesses Bob emphasizes that cybersecurity is no longer optional and that AI strengthens attackers as well as defenders. He predicts that in 2026 smaller businesses will face increased targeting, because automation lets “two dudes and a dog” run campaigns that once required larger teams, making up revenue in volume rather than big single payouts. He also notes that cybercriminal ecosystems now resemble legitimate businesses, including tools, support, and organizational structure. Bob recommends baseline controls that are realistic for small organizations: unique passwords, password managers, multi-factor authentication, training on phishing, cyber insurance, and economical endpoint monitoring (EDR/MDR). These measures raise the cost for attackers so they move on to easier targets, though no control is perfect. On password managers, Bob uses Keeper and mentions 1Password and others. He strongly warns against saving passwords in browsers. He also flags emerging concerns about AI-enabled browsers that maintain a large “context window” across many sites, potentially increasing risk if compromised. On online exposure to your information, such as emails and staff info on websites, he advises sharing only what's necessary. Data can be scraped and used for phishing and impersonation. Deepfakes and better-written scams are making social engineering harder to detect. He also notes that much personal data is already exposed through breaches, citing Louisiana's DMV breach as an example of widespread data loss where every licensed driver's Social Security Number was compromised. Incident response planning and insurance pressure A recurring theme: organizations need an incident response plan and must practice it, especially as cyber insurers increasingly demand proof. In a room of 50+ attorneys he spoke to recently, Miller found only three had a plan, and none practiced it. He warned that future claims could be denied if companies claim they had plans but don't demonstrate practice. Trying IRGame for free IRGame offers free public sessions: the last Friday of every month, sign-up available via their website. Miller notes they also post recordings and content online (LinkedIn and YouTube). Visit https://www.irgame.ai/ for more information and to sign up for a free public session. You can also see how IRGame works by visiting its youtube channel at https://www.youtube.com/@IRGameify Personal note: music and creativity Outside cybersecurity, Miller is a musician, primarily blues/rock, and often appears on video with guitars behind him. He draws a parallel between software development and music: both require creativity within rules. He argues policies and procedures aren't bureaucracy—they're like scales and tempo: structure that enables effective performance under pressure.

MSP business model expert Dave Sobel, who built and sold SolarWinds MSP for hundreds of millions, reveals how technical professionals transform IT expertise into scalable managed service provider businesses. Struggling to turn technical skills into recurring revenue? Discover the repeatable process strategies that separate profitable MSPs from break-fix IT support. You'll learn Dave's proven approach to pricing managed IT services for premium value, building automation systems that reduce production time by 50%, and scaling without founder burnout. Perfect for tech entrepreneurs and IT consultants ready to start an MSP or grow existing managed services. Dave shares frameworks for client acquisition, cybersecurity service delivery, and systematic business protection that kept his clients loyal for 15+ years post-acquisition. Learn why competing on value beats racing to the bottom on price, how to structure MSP contracts that generate predictable revenue, and the essential PSA and RMM tools for MSP automation. This episode delivers actionable strategies for IT business growth, team building in technology services, and navigating the transition from technical operator to scalable business owner. Listen now to build a managed services provider that runs without your constant involvement.

Wild experience with Spam in RMM...didn't know people actually buy that stuff, how to deal with elbow pain and other injuries in your programming, and the wild eyes are back.Join The SwoleFam https://swolenormousx.com/membershipsDownload The Swolenormous App https://swolenormousx.com/swolenormousappMERCH - https://papaswolio.com/Watch the full episodes here: https://rumble.com/thedailyswoleSubmit A Question⁠ For The Show: https://swolenormousx.com/apsGet On Papa Swolio's Email List: https://swolenormousx.com/emailDownload The 7 Pillars Ebook: https://swolenormousx.com/7-Pillars-EbookTry A Swolega Class From Inside Swolenormous X: https://www.swolenormousx.com/swolegaGet Your Free $10 In Bitcoin: https://www.swanbitcoin.com/papaswolio/   Questions? Email Us: Support@Swolenormous.com

Sail the seas of tech and AI with experience and confidence.  Gavin Garbutt, Co-Founder and Chairman of Augmentt shares how MSPs must evolve to secure and manage Microsoft 365 and SaaS environments. Adopt a security-first mindset, and dramatically increase technician capacity through standardized Microsoft security best practices; through a unified Microsoft Security Management Platform designed for MSPs. Gavin outlines why “blocking and tackling” fundamentals—leveraging audits and maintaining a consistent security posture—remain critical as MSPs prepare for AI-driven growth.  Key Highlights:  How Augmentt represents the “next generation of RMM” for Microsoft 365, Intune, Defender and SaaA visibility.   Intune Autopilot enables MSPs to standardize, audit, and deploy policies across multiple tenants. 'Secret Sauce' for fostering successful partner and customer relationships. Series A funding, strategic partnerships and marketplace strategy (including Pax8) accelerate innovation and scale. Gavin's vision for unified security, AI enablement, and helping MSPs become more profitable. The charge to go from being reactive to becoming proactive; for 10,000 users per tech and 5x revenue per tech.   From sailing the open seas to navigating the channel's next wave, this conversation delivers practical insight for MSP leaders planning for 2026 and beyond.  Visit augmentt.com/ to learn more and to take advantage of a free security audit report & tool.   Timestamps:  Audit as a Best Practice 13:31  Quickfire Questions 32:45 What to Expect 36:26

The episode reviews the outcomes of predictions made for 2025, highlighting the evolving role of automation and AI in Managed Service Providers (MSPs). Key findings indicate that while generative AI has improved data accessibility, it has not fully resolved existing reporting issues related to data quality and governance. Additionally, the anticipated widespread adoption of autonomous IT systems among small and medium-sized businesses (SMBs) has not materialized, as many still rely on traditional remote monitoring and management (RMM) tools. The episode emphasizes that AI governance and advisory services have become central to modern MSP offerings.Further analysis reveals that while AI-driven legal services gained traction, MSPs have not widely adopted these as packaged offerings. Instead, they have focused on AI compliance and regulatory advisory services. The discussion also touches on the mixed results of fraud prevention becoming a standard service, with significant growth in some sectors but uneven adoption across the board. The episode concludes with a scorecard of predictions, noting a few clear successes in AI governance and readiness consulting, while highlighting a notable miss regarding decentralized MSP models.Looking ahead to 2026, the episode presents several predictions that reflect the increasing importance of automation in IT services. It suggests that MSPs whose revenue models still depend heavily on human labor will face pressure to adapt, as automation becomes the primary driver of service scalability. The discussion also raises concerns about accountability in automation, predicting that individuals may be held responsible for failures in automated systems, emphasizing the need for robust governance frameworks.The implications for MSPs and IT service leaders are significant. As automation becomes the production system for IT services, providers must focus on governance, risk management, and advisory roles to differentiate themselves in a competitive landscape. The episode underscores the necessity for MSPs to evolve their service offerings and business models to align with these trends, ensuring they remain relevant and capable of delivering value in an increasingly automated environment.

Join us for this week's Defender Fridays as we explore the reality of AI-powered malware threats with Randy Pargman, Senior Director of Threat Detection at Proofpoint.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.In this episode, Randy challenges the hype around AI-powered polymorphic malware and examines how threat actors actually operate in practice. He discusses why defenders should focus on real-world threats rather than theoretical sophisticated attacks.Key Topics:The gap between AI malware hype and practical realityWhy threat actors prefer simple, effective methods over sophisticated techniquesThe prevalence of legitimate RMM tools in modern attacksBuilding practical detection strategies for actual threatsLessons from physical security that apply to cybersecurity defenseRandy Pargman is Senior Director of Threat Detection at Proofpoint, where he leads detection engineering, sandbox development, and threat actor tracking initiatives. Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

Alex Berninger, Senior Manager of Intelligence at Red Canary, and Mike Wylie, Director, Threat Hunting at Zscaler, join to discuss four phishing lures in campaigns dropping RMM tools. Red Canary and Zscaler uncovered phishing campaigns delivering legitimate remote monitoring and management (RMM) tools—like ITarian, PDQ, SimpleHelp, and Atera—to gain stealthy access to victim systems. Attackers used four main lures (fake browser updates, meeting invites, party invitations, and fake government forms) and often deployed multiple RMM tools in quick succession to establish persistent access and deliver additional malware. The report highlights detection opportunities, provides indicators of compromise, and stresses the importance of monitoring authorized RMM usage, scrutinizing trusted services like Cloudflare R2, and enforcing strict network and endpoint controls. The research can be found here: You're invited: Four phishing lures in campaigns dropping RMM tools Learn more about your ad choices. Visit megaphone.fm/adchoices

Alex Berninger, Senior Manager of Intelligence at Red Canary, and Mike Wylie, Director, Threat Hunting at Zscaler, join to discuss four phishing lures in campaigns dropping RMM tools. Red Canary and Zscaler uncovered phishing campaigns delivering legitimate remote monitoring and management (RMM) tools—like ITarian, PDQ, SimpleHelp, and Atera—to gain stealthy access to victim systems. Attackers used four main lures (fake browser updates, meeting invites, party invitations, and fake government forms) and often deployed multiple RMM tools in quick succession to establish persistent access and deliver additional malware. The report highlights detection opportunities, provides indicators of compromise, and stresses the importance of monitoring authorized RMM usage, scrutinizing trusted services like Cloudflare R2, and enforcing strict network and endpoint controls. The research can be found here: You're invited: Four phishing lures in campaigns dropping RMM tools Learn more about your ad choices. Visit megaphone.fm/adchoices

Michael Assraf is building Flamingo, an open-source and AI-powered operating system for managed service providers. After exiting Vicarious in May 2024, he spent seven months on market research before writing a single line of code—conducting 15+ MSP interviews, mapping their complete tool stack economics, and testing distribution channels with a free community product. The research revealed a structural margin crisis: MSPs operate on 10-15% margins with 30% of revenue flowing to vendor payouts and 25-30% to technician labor. Meanwhile, private equity consolidation drives customer pricing down while legacy vendors raise prices. Michael closed a $2.2 million pre-seed in February 2025, built OpenMSP as a lead-gen vehicle that generated 1,000+ waitlist signups, and launched Open Frame with 70% of capital still in the bank. In this launch-day conversation, he breaks down why the $380 billion MSP market remains massively underinvested, how Facebook ads outperformed LinkedIn 5:1, and why he's giving away the core product while charging for hosted deployment. Topics Discussed: The seven-month research phase: 15+ MSP interviews, mapping 19 tool categories with pricing data, evaluating open source project maturity through commit frequency and VC backing MSP margin compression mechanics: 30% vendor payouts, 25-30% labor costs, 10-15% net margins being crushed by PE-driven consolidation and vendor price increases Building OpenMSP as distribution validation: four months before alpha, generated 1,000 waitlist signups and 200 Slack members while testing paid acquisition channels Why Facebook delivered 40%+ of leads at $6-8 CPL while outbound completely failed with IT-busy MSPs aged 25-50 in central US markets Launching with 70% of $2.2M pre-seed still in bank by solving for distribution and product-market fit before scaling headcount Open Frame's architecture: unified control plane over open source tools (RMM, SSO, zero trust) with dual AI agents—one for end users, one for technicians Offering both self-hosted (free, GitHub) and commercial SaaS (per-seat pricing starting January 2026) to build trust in an underserved market The MSP category opportunity: $380B market, 12% annual growth, 30-40K US MSPs, minimal VC-backed innovation against 20-year-old incumbents GTM Lessons For B2B Founders: Build lead-gen infrastructure before you have a product to sell: Four months before launching Open Frame, Michael shipped OpenMSP—a free tool that analyzes MSP tech stacks and suggests open source replacements. It wasn't a waitlist landing page; it delivered standalone value while capturing intent data. This generated 1,000 qualified signups and 200 Slack community members while simultaneously validating paid acquisition channels. By launch, he knew Facebook cost $6-8 per lead while outbound failed completely. Most founders build product first, then scramble for distribution. Michael inverted the sequence. Fire fast on sales hires in early stage, or don't hire them at all: Michael fired three VP Sales at Vicarious before learning the lesson: "The moment to bring salespeople is not when you are able to sell your product, is when someone else is able to sell your product." The critical test isn't whether the founder can close deals—founders sell vision and relationship. The test is whether a marketing person, SDR, or non-sales hire can generate revenue. Only then do salespeople accelerate an already-working motion. Hiring VP Sales at $50K ARR because the board wants "someone to own revenue" burns 12+ months and $200K+ learning this. Spend 6-12 months researching before building in unfamiliar markets: Michael conducted 15+ MSP interviews, mapped all 19 tool categories they use with pricing, evaluated open source alternatives by analyzing GitHub commit frequency and pull requests, identified which projects had VC backing for long-term viability, and tested multiple marketing channels before alpha deployment. This allowed him to launch with product-market fit indicators already validated and 70% of his $2.2M still in the bank. The alternative—build fast, iterate with customers—works when you deeply understand the market. When you don't, research is cheaper than pivots. Target categories where lack of innovation creates adoption momentum: MSPs represent 30-40K companies in the US alone, part of a $380B global market growing 12% annually. Yet VCs historically avoided the space assuming low ACV and high churn. The dominant platforms—ConnectWise, Datto, Asea—have existed 20+ years with minimal AI adoption or architectural modernization. Michael specifically chose MSPs because "in cyber security you would never get traction that we're getting right now unless you're spending millions of dollars." In crowded categories, distribution cost kills you. In starved categories, any credible innovation gets attention. Architect your product so adoption mechanically improves customer unit economics: Open Frame attacks both sides of MSP margin compression simultaneously. The open source tool suite eliminates the 30% of revenue paid to commercial vendors. The dual AI agent system (end-user self-service + technician orchestration) reduces the 25-30% spent on labor. Michael didn't find a problem and then figure out monetization—he reverse-engineered a solution where product adoption directly expands customer margins. When your product makes customers structurally more profitable, adoption isn't a marketing problem. // Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co   //   Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here: https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

Do you ever feel like God can use everyone else, but not you? Pastor Ed Newton joins Lori for a powerful conversation about discovering who you are in Christ and learning to believe what God believes about you.   In his new book, Why Not You? Believing What God Believes About You, Pastor Ed shares his journey through depression and how he came to understand how he can walk in God's confidence.  Together, Lori and Pastor Ed unpack what it means to walk in your God-given identity, overcome self-doubt, and trust that your past mistakes don't disqualify you from God's purpose.   You'll be reminded that no weapon formed against you will prosper (Isaiah 54:17), and that God's plans for your life are still good, regardless of what you are facing today.   Why Not You? Believe What God Believes About You   Connect with Pastor Ed Newton   Follow on Instagram - @rejoicemarriageministries   Follow on Facebook - @rejoicemarriageministries   Every day, you can receive encouragement straight to your inbox through our Fight for Your Marriage Devotional and find free resources and prayers to pray over your marriage. To take advantage of these resources and others, visit https://rejoiceministries.org   We appreciate your feedback. If this episode touches you, please leave us a five-star rating and review, helping us reach new listeners with hope for their marriage. You can also subscribe to our show on YouTube, Spotify or iTunes.

Kate's story is one of deep transformation through Christ. From childhood, she carried the wounds of rejection and exposure to things no child should face. After her parents' divorce, she sought approval in relationships and substances, not realizing she was really searching for the love of God.   When her marriage began to crumble, Kate discovered that her husband had become an idol in her life. In her brokenness, she surrendered fully to Jesus, and that is when everything changed. Today, Kate shares how God healed her heart, gave her a new identity in Him, and is teaching her to trust Him with her marriage.   Her testimony will encourage you to stop striving, release control, and trust the Lord with every part of your life. As you listen, you'll be reminded that God heals hurting homes by first transforming one heart at a time.   Monthly Scripture Journaling   The Spiritual Journey Toward a Healed Marriage   Follow on Instagram -@rejoicemarriageministries   Follow on Facebook - @rejoicemarriageministries   Every day, you can receive encouragement straight to your inbox through our Fight for Your Marriage Devotional and find free resources and prayers to pray over your marriage. To take advantage of these resources and others, visit https://rejoiceministries.org   We appreciate your feedback. If this episode touches you, please leave us a five-star rating and review, helping us reach new listeners with hope for their marriage. You can also subscribe to our show on YouTube, Spotify or iTunes.

In this episode, we sit down with author and illusionist Drew Worsham to discuss his new book, The Magic of Curiosity: Unlocking Personal Growth, Deeper Connections, and Creativity in Every Area of Life.   Drew unpacks how curiosity can transform both our spiritual journey and our relationships. He challenges us to consider: How often do we miss out on divine moments because we're too busy or distracted? By leaning into curiosity and even wrestling with God, we move beyond surface-level faith and discover a deeper, more vibrant relationship with Him.   We explore how curiosity plays a powerful role in marriage and connection. Whether you're standing for marriage restoration, navigating separation, co-parenting, or seeking healing within your home today, this conversation will inspire you to build stronger communication and connection, so you are prepared for the next phase of your marriage. Drew reminds us that curiosity, about God and about one another, opens the door to growth, understanding, and restored relationships.   This is a conversation for anyone longing for hope, healing, and a deeper walk with God in every season of life and marriage.   Connect with Drew   The Magic of Curiosity Book    Follow on Instagram - @rejoicemarriageministries   Follow on Facebook - @rejoicemarriageministries   Every day, you can receive encouragement straight to your inbox through our Fight for Your Marriage Devotional and find free resources and prayers to pray over your marriage. To take advantage of these resources and others, visit https://rejoiceministries.org   We appreciate your feedback. If this episode touches you, please leave us a five-star rating and review, helping us reach new listeners with hope for their marriage. You can also subscribe to our show on YouTube, Spotify or iTunes.

In this powerful episode, Charlyne and Lori sit down with Chuck and Lisa to share their incredible story of God's restoring power in their marriage. After years of pain, multiple affairs, and unsuccessful marriage counseling sessions, it seemed like their marriage was beyond repair. But God had another plan.   Chuck and Lisa share about the brokenness they faced, the choices that nearly destroyed their relationship, and the moment when hope began to break through. They share how God met them in the darkest season of their lives and began to rebuild trust, heal wounds, and restore love where there had been betrayal.   This conversation is a reminder that no marriage is too far gone for the Lord to redeem. Whether you're standing for your marriage, praying for a prodigal spouse, or healing in a restored marriage, Chuck and Lisa's testimony will encourage you to keep trusting God's perfect timing and unfailing love.    Follow on Instagram - @rejoicemarriageministries   Follow on Facebook - @rejoicemarriageministries   Every day, you can receive encouragement straight to your inbox through our Fight for Your Marriage Devotional and find free resources and prayers to pray over your marriage. To take advantage of these resources and others, visit https://rejoiceministries.org   We appreciate your feedback. If this episode touches you, please leave us a five-star rating and review, helping us reach new listeners with hope for their marriage. You can also subscribe to our show on YouTube, Spotify or iTunes.

Send us a textIn this action-packed episode of the Joey Pinz Discipline Conversations podcast, Joey dives deep with Mike Psenka, CEO of Moovila, as they explore how discipline, probability, and automation intersect to revolutionize project management for MSPs.

This is the conclusion of our discussion with Jim and David. They are two men with two different stories, but both point to the same faithful God. One has experienced the joy of a restored marriage. The other is still praying, waiting, and trusting for his marriage miracle to come.   In this episode, they share the ups, the downs, and the unexpected ways God has worked in their lives. Men, you'll be challenged and inspired by their courage and faith, but women, don't skip this one. You'll gain powerful insight and encouragement for your stand as well.   Prayers for Victory   Your Story Has a Villain   Standers Affirmation Bookmark     Follow on Instagram - @rejoicemarriageministries   Follow on Facebook - @rejoicemarriageministries   Every day, you can receive encouragement straight to your inbox through our Fight for Your Marriage Devotional and find free resources and prayers to pray over your marriage. To take advantage of these resources and others, visit https://rejoiceministries.org   We appreciate your feedback. If this episode touches you, please leave us a five-star rating and review, helping us reach new listeners with hope for their marriage. You can also subscribe to our show on YouTube, Spotify or iTunes.

Jim and David are two men with two different stories, but both point to the same faithful God. One has experienced the joy of a restored marriage. The other is still praying, waiting, and trusting for his marriage miracle to come.   In this episode, they share the ups, the downs, and the unexpected ways God has worked in their lives. Men, you'll be challenged and inspired by their courage and faith, but women, don't skip this one. You'll gain powerful insight and encouragement for your stand as well.   Prayers for Victory   Your Story Has a Villain   Standers Affirmation Bookmark     Follow on Instagram - @rejoicemarriageministries   Follow on Facebook - @rejoicemarriageministries   Every day, you can receive encouragement straight to your inbox through our Fight for Your Marriage Devotional and find free resources and prayers to pray over your marriage. To take advantage of these resources and others, visit https://rejoiceministries.org   We appreciate your feedback. If this episode touches you, please leave us a five-star rating and review, helping us reach new listeners with hope for their marriage. You can also subscribe to our show on YouTube, Spotify or iTunes.

In this raw and unfiltered episode, you will hear a message of hope for a weary soul. This episode is a tender reminder that you've been chosen for this season, not by accident but by God's divine purpose. This message will strengthen you to continue praying, standing, and hoping—even when you feel weary.   You Were Made for This Moment     Follow on Instagram - @rejoicemarriageministries   Follow on Facebook - @rejoicemarriageministries   Every day, you can receive encouragement straight to your inbox through our Fight for Your Marriage Devotional and find free resources and prayers to pray over your marriage. To take advantage of these resources and others, visit https://rejoiceministries.org   We appreciate your feedback. If this episode touches you, please leave us a five-star rating and review, helping us reach new listeners with hope for their marriage. You can also subscribe to our show on YouTube, Spotify or iTunes.