Podcast appearances and mentions of tony anscombe

Agentic AI was the theme that pulled away from the pack at RSAC Conference 2026. Tony Anscombe of ESET makes the case that once AI shifts from being directed by humans to operating with its own objectives and logic, the security surface changes with it, and organizations are being forced to rethink what they protect and how. At the show, ESET announced two products that meet that moment head on. The ESET AI Skills Checker is a free-to-use tool coming to market. ESET AI Protection looks inside AI sessions on the endpoint, flagging sensitive data leakage, malicious links returned by AI systems, and suspicious behavior, and surfacing it all inside normal cybersecurity operations for investigation, blocking, or detection. Tony closes with a reminder worth keeping. His first RSA was in 1998, and the technology he worked on then (sandboxing, dynamic code, remote windowing, encryption, authentication) mirrors a lot of what walks the RSAC Conference floor today. The packaging evolves, the core principles do not. Build forward, but do not lose sight of what the past already proved. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES Learn more about ESET: https://www.eset.com ESET AI Skills Checker and ESET AI Protection: https://www.eset.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, agentic AI, AI security, RSAC Conference 2026, threat intelligence, MDR, EDR, endpoint security, AI Skills Checker, AI Protection, cybersecurity community, multifactor authentication, cybersecurity evolution Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

New research and cybersecurity experts are warning that even strong passwords are no longer enough to protect your accounts, as hacking methods evolve and people juggle dozens of logins across their daily lives. Tony Anscombe is the Chief Security Evangelist at ESET, a global cybersecurity firm. He spoke to Andrew Carter about how to protect your passwords.

Cameron Tousley, director of MSP channels for ESET North America For most MSPs, the quarterly client conversation looks something like this: here are the alerts we handled, here is your uptime number, here is a dashboard of things we blocked. Useful, certainly – but not exactly the stuff of trusted advisor relationships. Cameron Tousley, director of MSP channels for ESET North America, has a phrase for the upgrade: move from statistical talks to threat briefings. In this episode of In The Channel, he and Pedro Kertzman, threat intelligence specialist at ESET, join host Robert Dutt to explain what that actually looks like in practice – and why the window for MSPs to make that transition may be narrowing. Pedro Kertzman, threat intelligence specialist at ESET The occasion is ESET’s eCrime Reports, a threat intelligence offering that tracks cybercriminal activity at the affiliate level – the individuals buying malware-as-a-service and executing the actual attacks. Kertzman explains why that granularity matters: affiliates signal tactical shifts before attacks scale, giving security-forward MSPs a genuine early-warning advantage. Tousley adds the client conversation layer: knowing that a specific threat group is targeting your customer’s vertical via a specific attack method is a meaningfully different conversation than “we blocked 4,000 threats this month.” There’s also an uncomfortable wrinkle for MSPs specifically: as Pedro notes, affiliates increasingly exploit MSP tooling itself as a vector – compromising credentials to access managed environments quietly, hitting dozens of small clients while staying well below the radar of law enforcement attention focused on high-profile infrastructure targets. For the smaller MSP without a dedicated analyst, the entry point is more accessible than it sounds. Indicators of compromise can be automated directly into client firewalls without a full threat intelligence platform. WeLiveSecurity and the live threat feed built into ESET Protect offer a low-barrier starting point for shops that are earlier in their security maturity journey. Tousley’s closing frame is the one worth sitting with: the Canadian MSP market is being reshaped by consolidation at a pace that isn’t slowing. The independents that survive will be the ones having more sophisticated conversations with their clients. Evolve or sell. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. Cyber Threat Intelligence, CTI, has long been framed as an enterprise discipline. Dedicated team, security operations center, analysts who live in the data. But the threat landscape doesn’t really respect that boundary anymore. The tooling is getting more accessible, the attacks are getting more targeted at smaller organizations, and as we’ve talked about on the show before, the MSP stack itself has become a threat vector. So the question for the typical Canadian MSP isn’t really “Is threat intelligence relevant to me?” It’s “What do I actually do with it?” To dig into that, I sat down with two people from ESET. Cameron Tousley is director of MSP channels for ESET North America, and he lives squarely in the business conversation around what MSPs need to grow and differentiate. Pedro Kertzman is ESET’s resident CTI subject matter expert, and I’ll note that Pedro usually sits on the other side of the interview chair as the host of his own podcast on threat intelligence. So this was a bit of a role reversal for him. We talked about ESET’s eCrime reports, the idea of tracking cyber criminal activity at the affiliate level rather than just the group level, what proactive threat intelligence actually looks like for a 15-person MSP shop, and what Cameron described as the “evolve or sell” reality facing the MSP market right now. Let’s get right into it. Cameron, Pedro, thanks for joining us. I appreciate it. Cameron Tousley: Thanks for having us. Pedro Kertzman: Great to be here. Robert Dutt: Before we get into what ESET is specifically bringing to market, Cameron, can you give our listeners a sense for where the threat intelligence conversation is right now in the channel? Is this still primarily an enterprise kind of discussion or has something really shifted in terms of how MSPs and MSSPs are thinking about and talking about CTI? Cameron Tousley: I think that the market is evolving as a whole, no matter if you’re in the SMB segment or enterprise. I mean, it’s evolving everywhere. The beautiful thing is technology is getting cheaper, it’s getting more accessible. People are able with the advent of AI to kind of do more with less staff and things like that, and then allow their staff to kind of become more specialized. Enter in the topic of CTI. I just think that there’s an appetite from certain, and probably more evolving larger MSPs, to start incorporating more for their clients. I think they’ve always probably wanted to educate them, but it’s always that, “Hey man, just make sure I have uptime and the help desk is active when I need it.” And that’s the conversation. Fast forward to now and it’s becoming a little bit more relevant to want to consume CTI. So I’ll kind of start there and I’ll take a pause. I don’t know if Pedro’s got any other comments on that. Pedro Kertzman: No, I 100% agree. I think the threat landscape now with the maturity of the CTI offerings, MSPs can see that the things they’re trying to protect their customers against are more clearly explained and delivered in a way that they can see through CTI offerings now. So I think it’s just a natural evolution within the cybersecurity space to start leveraging that expertise as well. Robert Dutt: Without getting too far into pure positioning, how would you characterize what differentiates your approach to threat intelligence, sort of at the methodology level? What’s the philosophy behind how you’re researching and tracking threats and what you’re bringing to market with this CTI package? Cameron Tousley: Yeah, I’d say first off, our reach. We’re a global company. We have a product line, yeah, but we have 11 threat intel centers and those are also R&D centers too. So it’s a wealth of knowledge. Then we have researchers outside of that that are just remote, and so our tentacles are everywhere and that means something for somebody choosing a cybersecurity vendor or a platform because our researchers, they’re looking at a bunch of different avenues. They’re looking at the major threat acting groups. We have an offering we’ll talk about here in a few minutes, that centers on tracking affiliates because malicious activity, malware-as-a-service, is just like MSPs provide a service. So if I’m an affiliate—and I’ll define that real quick, an affiliate being the people that are buying the malware service and then going and distributing it and causing zero-day attacks—those are affiliates. So the real key part is what they do, not necessarily always the major malware-as-a-service group because that’s just one large avenue, but then you can’t predict what your customers are going to go and do on the black market. So yeah, I think we have a really exciting offering on our threat intelligence called eCrime and it comes in a feed and reports and it’s amazing. It really centers on the affiliate level and that is going to help get the conversations to be more quality with customers. It’s going to help an MSP who provides more, let’s call it reactive security at best, generalized services—which no knock against them, that’s just the model—and that’s going to help propel them into the more proactive security and having more quality cybersecurity-forward conversations with their customers of all sizes. Robert Dutt: Let’s delve a little bit more into that. Can you walk me through a scenario, even hypothetical or composite, where that affiliate-level insight would practically change the outcome for an MSP or one of their customers? How does this show up for an MSP basically? Pedro Kertzman: Yeah. So basically, I’ll take a step back a little bit just to explain how this threat ecosystem works. So the affiliates will be the ones really on the end of the line bringing that malware they got from a quote-unquote threat actor market or affiliate programs, more technically speaking per se, but they will be the ones delivering or sending that payload forward to whatever companies that they are trying to attack. So knowing how these guys work is basically going to give the companies, and the MSPs of course working for their security, the ability to stop the attack in the early stages, because the affiliates will be the ones trying to break in, acquire through whatever methods—credentials stolen or compromised credentials. So they are responsible, quote-unquote, within these affiliate programs to get the foot inside the door. So if you’re knowledgeable about how they act, what kind of techniques they use to get that foot in, you’re basically stopping the attacks before they actually become super massive, widespread attacks or super dangerous attacks. It’s kind of the proactive security instead of the reactive security. Cameron Tousley: Yeah, that’s a good comment. And then I’ll just throw one more little thing on that. I was talking about the conversations you can have with your clients, everything Pedro said, plus it’s like, you could have a specific conversation about, “Hey, this is what we blocked this month, but these are the threat acting groups, and here are the patterns, here’s the kind of malware that’s out there right now. By the way, you’re in the healthcare vertical, this threat acting group is targeting healthcare and doing this specific type of attack—happens to be phishing or fileless or whatever the complex attack is.” So they got to get really granular in the conversation. It can’t just be a super high-level one, because then your user’s not going to know what to do with that information. But if you coach them on the end-of-the-line issue and where it’s sourcing from, to Pedro’s point, you get ahead of that attack early, you might even prevent stuff that would have normally been a real headache. Robert Dutt: And you need to position yourself at least somewhat as the hero in so much as you’re saying, “Here’s the people who are attacking you, here’s what they’re doing, here’s what we’re doing proactively to counter that.” Cameron Tousley: Absolutely. Yeah, that’s a huge value to your end customer. The one that normally would have not cared about security and it’s more of an annoyance, now they’re paranoid about it, just like the MSP, just like the vendors, we’re all trying to get ahead of it. So I think that that provides a lot of value, and the average MSP is probably not going to do that. So you don’t necessarily have to go spend a ton of money, you just have to consume the information that’s out there maybe for free, and then maybe some of the paid services like the eCrime reports without buying our full threat intelligence platform, you can just do that. And that is like a huge value on its own to track exactly what we’re talking about right now. Robert Dutt: So taking a step back, I think some of this certainly informs and colors the question we go to ask, but I’m a 15-person MSP somewhere. I’ve got solid endpoint protection, an RMM stack I like, maybe managed SOC coverage, that kind of model. What’s the case, in addition to what we’ve already discussed, for why threat intelligence should be on my radar as a distinct capability I need to think about, bring to my customers and offer? Pedro Kertzman: Yeah, I think especially because again, talking specifically about the eCrime reports, we’re talking about the ones that are really perpetrating the attacks or executing the attacks. When you understand how your adversaries really act, you don’t need to always rely on the expertise of a super senior CTI analyst. There are ways that also, depending on your vendor, you can automate the expertise to just be pumping, let’s say, IOCs or IP addresses into your existing end users’ firewalls. If you manage a bunch of other firewalls for your end users, you can pump that eCrime knowledge into those firewalls in the form of IP addresses, domains, and things like that. But understanding that it’s going to be a proactive approach so they don’t get a foot in the door first, it’s kind of that decision beforehand that will give the MSPs, or MSSPs with 15 or so employees, that kind of extra leverage against those frontline attackers. Robert Dutt: I’m really interested in the idea of using intelligence and these eCrime reports as a client-facing tool, not just something that’s consumed internally, especially for that smaller MSP—something that you’re using in your QBR or whatever business review you have with customers to show your value. I’m curious, is that something you’re seeing happening today or is it a realistic use case, or is it a stretch for most MSPs right now? Cameron Tousley: I think it’s realistic. Now, let’s set the tone here. An MSP, they may not have the budget nor the expertise nor the staff to be buying a full-blown threat intelligence offering even like ours, but they can use certain parts of it like the eCrime reports. So that’s a good jumping-in point for the MSPs that are growing, or if you have 15 people on staff and there’s a good deal of them on the technical side, you may want to run your SOC in-house. Maybe that’s something you want to do. I think for them, the maturing MSP and definitely the MSSP, a threat intelligence offering is something that you will probably want to consume if you’re doing everything in-house. Now, I think there’s an argument for even if you’re going to go out-of-house and use the vendor, I still think there are free sources. We have customers that are using free platforms but running a paid feed through it. This is really dynamic. It’s flexible. It can fit to every different audience for the most part, except for the ones who are just not staffed for it and they’re probably outsourcing everything and they just don’t want to do it. They know that they are never going to be able to staff a 24×7 team and they’re also never going to be able to consume as much information as is coming in. But there are also other free resources, like I said, associated with our threat intelligence platform, like the eCrime reports, but there’s white papers that we produce. There are periodic threat reports. We do all kinds of analysis. And then on our welivesecurity.com blog, we publish all kinds of free information. And the really cool thing for existing ESET customers is through our ESET security platform, ESET Protect, we run a live feed through there and it shows you like, “Hey, here’s the latest news on WeLiveSecurity. Here is something you need to be aware of, there’s a vulnerability in the wild.” So we run some of the security stuff and this news right through a window inside of our platform, which I think is really big value added. Pedro Kertzman: Awesome. Yeah, I would add, if I can, Rob, we do have monthly digests as well on the CTI offerings, even for not super deep-down technical people. Let’s say more executives or CSMs, let’s say account managers on the MSSP or MSP side. It’s kind of an executive-ready type of report. So it’s more about the threat landscape overview. I think it helps them show that they are expanding their offerings on the security side and they’re knowledgeable about it as well. Again, doesn’t need to go in the nitty-gritty like in the weeds of IOCs and all that, but understanding, for example, that now the ecosystem on the other side is somebody providing the malware, somebody going and executing it. So just to show how they see these movements, I think it’s sometimes important enough to show that they are expanding their coverage for their end users. Robert Dutt: The reports, the eCrime reports, have been in the market about a month now, I guess. I’m curious what you’re actually hearing from MSPs and MSSPs as they’re digging into them. Are people using them the way you expected or are there surprises that you’re seeing in how they’re engaging, what they’re doing, how they’re thinking about this information? Pedro Kertzman: That’s a good question. I think because of the name, we got out of the gate with police forces reaching out to us, but in theory, it’s not the best kind of deep analysis that we’re going to give them, because they have a lot of expertise. So then we have the APT reports that would bring more detailed analysis for them. So it was interesting to see that people are kind of eager on the end-user side to see how the threat landscape, especially related to financial crimes or eCrime, are really, let’s say, hot right now. The MSPs are kind of following that trend, not as jumping on like the police forces were, but they are starting to inquire about the new eCrime reports for sure. Cameron Tousley: Yeah, I’d agree. I think the defender agencies, I’ll call them, the ones that are fighting the same battle we are, but maybe physically, but now they’re fighting the eCrime too. As they’re learning, this is a great tool for them. We find that they’re excited about it. It’s relatively new, so we’re going to see more and more adoption of it. But plenty of people who are in evaluation are like, “Hey, can I run a free month of this? I want to check it out and see what I’m going to get.” And we’re getting a lot of good feedback on it right now. I’d say on the MSSP/MSP side, again, it’s new for them too. And they do a lot of different things. So for them, they’re like, “I need to slice out some time to check this out as well because this is interesting. I don’t know if anybody else is really doing anything quite like this.” So for them to be able to check it out and add it to their offering, I think what’s going to happen is that they’ll get hooked on something like that and they’ll want more. And we’re already working on more. So our teams are hard at work. We’re adding new feeds, new reporting structures, new ways to consume it. And reasonably priced packages and things like that. Even ones where you have somebody on retainer where you can go to and get a very long deep dive on what you’re reading periodically throughout any given month. So I think with that, you’ll see a lot of internal IT large agencies adopt it. I think you’ll see some MSSPs adopt it. And you might even see some general MSPs who are evolving up that chain do the same thing. So it’s kind of a report and an offering for everybody there. Pedro Kertzman: Yeah, I think you mentioned something important, Cam. We do offer trials for the eCrime reports as well, right? If they want to test it out. Cameron Tousley: Yeah, try it before you buy it. Yeah. Robert Dutt: It sounds like you’re also thinking about ways that you can slice this, dice this, package it out to that smaller MSP or that MSP who’s not a pure-play security player going forward. I was going to ask, what do you see as coming next in CTI and in your eCrime reports? I think that’s certainly a hint. Anything else that you see sort of in the pipeline or where you’d like it to go, where partners would like to see it go? Cameron Tousley: Yeah, I’ll take a stab at this one because my heart’s near and dear to the MSP community. That’s what I’ve been working in. That’s a segment for quite a long time now for ESET. And so what I’m reading and what I’m theorizing on is that there’s other kinds of technologies that are pretty complex, have gotten more simple in the way that they’re still doing complex processes, like an EDR, right? It’s an investigative tool, and then you pair it with AI and then things become easier for the team managing it. I think it’s going to be the same thing here where you’re going to have an AI paired with it, which we have our own agentic AI agent in this offering now, which is very, very cool, and it’s built in our security platform. But for this, I think it’s going to make consuming information easier, generalizing it, summarizing it, and making sure you can spin it into a quick executive summary. My theory is click of a button, right? So I’m going to have a dashboard. I’m going to say, “Hey, I want an executive summary on this event.” So you’re basically just filtering, and then the end result is you hit that AI generate button and then it generates something that’s quality, and you can do it at various user levels, maybe various role levels. I’ll hit the CTO button or I’ll hit the CEO button and they’ll be a little bit different, obviously. So I think that it’s going to get simpler and managed intelligence as a service, that’s next. It’s already a term that’s being thrown out there a little bit if you look for it. So it’s just not mainstream yet. And I think it will be here in a short period of time. Pedro Kertzman: A hundred percent. And just to double down a little bit as well, Rob. I think especially for the smaller MSPs, let’s say you hit a critical infrastructure, you stop a pipeline or anything like that, you’re going to have federal agencies going after you, right? But then when you hit a mom-and-pop shop, nobody really cares. And those guys are often served through these smaller MSPs. So I think getting a better understanding of the threat landscape that especially targets those small businesses, I think it’s just a natural progression of the change in the threat landscape. Robert Dutt: Well, and you bring up a point that I kind of pulled on a little bit with your friend, Tony Anscombe, not too long ago. There’s so much data about how many attacks right now are taking advantage of the MSP tooling as a threat vector. And so I think that also speaks to a need for an MSP who wants to be mature and responsible about these kinds of things to have a better grip on who’s looking, what they’re looking at, and how that maps to what they’re doing. Pedro Kertzman: A hundred percent. And just to link this specifically about eCrime and affiliates, affiliates would be the ones exploiting those RMM tools, right? Because it’s something that is already deployed in the environment. If they get the credentials that got stolen for whatever reason, they have access to those tools and then they can deploy malware that they bought from those affiliate programs inside of the victim’s networks. Robert Dutt: And it’s funny, almost a reversal of back in the day, I can remember as a Mac user, there was a saying that Apple engaged in security through obscurity. What you describe is almost the opposite of that. It’s insecurity to a degree through obscurity. In that if I’m an attacker, I know that if I go after Colonial Pipeline to use your example, I’m all over the front page and there’s going to be a lot of government agencies who have a lot of serious, serious questions for me. If I take out an MSP tool that gives me access to a bunch of very small clients though, maybe I fly under the radar just a little bit more. Cameron Tousley: Oh yeah. Robert Dutt: This is my last question. If there’s one shift in thinking that you’d want a Canadian MSP to walk away with after this conversation, in terms of how they think about these reports, in terms of how they think about the role of threat intelligence in their business, you know, one thing they should reconsider about how they’re approaching their security practice, what would that be? Pedro Kertzman: So I think first, Rob, that’s kind of more of a mindset type of thing. CTI still sounds super complex to a lot of people. I would say there are two main flavors. One, if you really want to dig into techniques and all that, yes, you can get fairly technical and sophisticated, but there are really simple ways to ingest cyber threat intelligence into existing automated tools. You can, of course, do a POC with one, two, whatever vendors you want to do. Once you find that real value for your customers, your end users, then it’s automated. We’re talking about data feeds ingesting directly into a firewall. If you don’t have a CTI central brain kind of thing, which the market knows as a TIP (threat intel platform), you don’t need to go that route, the sophisticated route. There are simple ways to use threat intelligence. And honestly, it’s super valuable because it’s just, again, automated. You’re outsourcing the knowledge to the vendor directly who’s going to execute that, like a firewall, for example. Cameron Tousley: Yeah, I think that’s some really good commentary. And I have a lot of business conversations with MSP business owners and I follow the market, and the consolidation, there’s tons of it. And there has been for a few years, but it’s just insane right now. And I think that there’s this thing going around, it’s like, look, evolve or sell. Because you have the advent of AI and that’s speeding everything up tenfold. And just don’t be afraid. If you want to continue to run your business, don’t worry, you’re going to have clients out there in your locale that probably love you. But they’re also going to have people calling them as these other MSPs get bigger, and these national ones that swallow other little smaller companies and then their go-to market will be, “Well, let’s go down market, down market,” because we can’t always go up market, that’s pretty hard to do. But down market is like shooting fish in a barrel kind of thing. So that means it’s a risk for the smaller MSPs that are not going to sell out, that want to be in business another 10 or 15 years. So don’t be afraid, utilize AI to research it. They say don’t use AI as Google, I disagree a little bit, but you can use it for a lot of things. This can summarize: what is this offering? Can I use it? Ask it really basic questions to get acquainted, and then take the next step and call your vendor and just have a conversation with them and say, “What are all my options? I am in this locale, I serve these kind of verticals, here’s my sizing, here’s the tools I use.” You’ve got to throw everything out on the table because then your vendor, somebody like a technical or business contact, can jump in and say, “Look, I think that you should check out this part of this larger offering. And here’s what I’ll do for you. And here’s what you’re going to do. We’ll give you a game plan, right? You’re going to trial it in the following ways, we’re going to pair you up with a technical person to teach you a little bit and be your co-pilot—Microsoft gets enough press.” But really kind of jump in, try it out. Don’t be afraid. Because if you want to be around another 10 or 15 years, you have to make the leap. And you don’t have to do anything big, but you have to start adopting some of this security-forward thinking so that you can have threat briefings with your clients and not statistical talks. There was just that MSP summit and there was actually a panel on what the next gen of MSPs is doing. And it was funny to hear it because they’re like, “Well, we’re focused on outcomes.” And I totally agree, but I know some of the older MSPs are like, “Well, we’re focused on outcomes too.” But I think it’s the talk track. You’re all saying the same thing, but you need some more complex tools in some ways to be able to have these more outcome-based discussions. Like, “Hey, I not only blocked X amount of threats, I kept your uptime up in this way, and that allowed you to keep productivity up. So by my clock here, you were able to achieve all those things that you wanted to achieve in our initial meeting, we’re on track.” That’s the conversation you want to have in addition to that little bit of the threat briefings peppered in. Robert Dutt: All right. Some great advice there. Gentlemen, thank you both for taking the time. I appreciate it. Cameron Tousley: Thank you, Rob. Pedro Kertzman: Great to be here. Cameron Tousley: Absolutely. It was a pleasure. Thanks so much. Robert Dutt: There you have it, Cameron Tousley and Pedro Kertzman from ESET. I’d like to thank both Cameron and Pedro for their time. They did exactly what we set out to do with this conversation, kept it firmly in the strategy lane with technical depth in service of the business point rather than the other way around. A few things to leave you with. The framing that stuck with me most was Cameron’s distinction between statistics talk and threat briefings. The idea that your quarterly client review shifts from “here’s how many threats we blocked” to “here’s the specific group targeting your vertical right now. Here’s how their affiliate operates, and here’s what we’ve already done about it.” That’s a real upgrade in how an MSP demonstrates value. It moves you from uptime vendor to trusted advisor and that’s a conversation your competitors probably aren’t having yet. On the technical side, Pedro’s explanation of affiliate-level tracking is worth sitting with. The headline ransomware groups get the attention, but it’s the affiliates, the ones buying malware-as-a-service and doing the actual execution who determine the tactics on the ground. Tracking them is what gives you an early warning before the attack scales. And as I noted during the conversation, there’s a certain logic in how attackers exploit the MSP model specifically. Go after the tooling, stay under the radar, quietly compromise a hundred small clients instead of one high-profile target. Obscurity in that scenario is working against you. For the smaller MSP who’s heard all of this and thought, “I’m not staffed for this,” Pedro’s entry point is worth considering. You don’t need a full threat intelligence platform or a dedicated analyst to start. Automate the ingestion of indicators of compromise directly into your clients’ firewalls. Let the tooling do the work. It’s not glamorous, but it’s real, actionable and it’s a lot more than most of your competitors are doing. And Cameron’s closing thought, “evolve or sell,” is the frame I’d put around all of it. The consolidation wave hitting the MSP market right now is not slowing down. The shops that survive as independents will be the ones that have more sophisticated conversations with their customers. Threat intelligence is one of the things that helps you have those conversations. If you found this one useful, please follow or subscribe to the podcast wherever you listen. We’re on Apple Podcasts, Spotify, YouTube, all the major podcast directories. Ratings and reviews are always appreciated. Until next time, I’m Robert Dutt for ChannelBuzz.ca and I’ll see you in the channel.

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Show Notes: https://securityweekly.com/bsw-443

The Huntress 2026 Cyber Threat Report found a 277% year-over-year surge in the abuse of RMM tools, which now account for roughly a quarter of all observed incidents. The ConnectWise 2026 MSP Threat Report frames 2025 as the year of “the abuse of trust,” with attackers increasingly exploiting valid credentials, misconfigured remote access, and trusted software updates rather than relying on novel exploits. For MSPs, the implication is uncomfortable: the tools you use to manage and protect your clients are increasingly being turned against you and them. Tony Anscombe, Chief Security Evangelist at ESET, returns to the podcast to dig into how these attacks actually work – from daisy-chaining multiple CVEs for entry, escalation, and persistence, to ClickFix-style social engineering where users are tricked into pasting malicious PowerShell commands through fake browser prompts. The conversation also gets into why attackers are going after MSP toolchains specifically, the patching dilemma MSPs face when every hour of delay is an hour of exposure, and why groups like Akira are now targeting backup infrastructure first to neutralize the recovery path before encrypting. On the business side, Tony is candid about what a breach through your own tools means for trust, reputation, and survival – and offers practical starting points: audit your environment, clean up stale credentials, patch on cadence, and run tabletop exercises with your customers, not just internally. He also introduces the concept of cyber warranties as a potential competitive differentiator for MSPs looking to stand out on RFPs. This is the second in an ongoing series of conversations with Tony. The first, covering the cybersecurity trends MSPs can’t ignore in 2026, is also available. Read Full Transcript TRANSCRIPT TO COME

On the RSAC Conference show floor, Tony Anscombe shared how ESET has expanded its threat intelligence offering with ECR reports -- designed to give commercial organizations both machine-readable feeds and human-readable analysis. The reason: threat actors are increasingly hard to attribute, they share tools, run coordinated campaigns, and reinvest profits into more sophisticated operations. Having someone do the research and surface actionable intelligence is no longer a luxury. Anscombe pointed to a telling campaign pattern from last year: threat actors refined attack methods against UK retailers, then rapidly adapted those same techniques against US retailers. The implication is clear -- your business may be unique in its infrastructure, but it is not unique in its sector. Understanding how your sector is being targeted is the foundation of a prevention-first posture. Automation came up as equally non-negotiable. If it takes three days to collect all the information needed to make a determination about an incident, the post-attack phase has already begun. ESET Inspect is designed to flip that equation: when an analyst opens an incident, the forensic analysis is done, the evidence is visualized, and the determination can be made on facts rather than gathered through investigation. Anscombe was careful to draw a line between automation as speed and automation as replacement. ESET's position is that AI should operate alongside human expertise -- trust and verify applies to AI-assisted analysis just as it does to any intelligence feed. Oversight remains essential, even as the tooling gets faster. A preview of upcoming survey data offered one of the more striking moments in the conversation. Roughly 35% of SMBs using MDR are sourcing that service directly from their cyber insurer. Anscombe flagged the monoculture risk: when a large share of businesses in the same sector run identical security stacks, a single point of failure becomes a sector-wide vulnerability. His advice after 30 years in the industry -- different organizations should deliberately choose different platforms to maintain diversity. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET: https://www.eset.com ESET Threat Intelligence: https://www.eset.com/int/business/services/threat-intelligence/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, threat intelligence, cyber resilience, MDR, EDR, XDR, managed detection and response, SMB security, cybersecurity automation, RSAC Conference 2026, prevention-first security, cyber insurance, monoculture risk, ESET Inspect, APT research Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Tony Anscombe has attended RSA Conference since 1998 -- back when it was held at the Fairmont Hotel. That long view informs everything about how ESET approaches threat intelligence. It is not about volume. It is about accuracy, speed, and putting the right signal in front of the right team at the right moment. The ESET eCrime Ecosystem Report comes in two forms: a business-facing summary outlining current risks for leadership, and a long-form technical report for analysts -- complete with IOCs, coding examples, and structured intelligence feeds covering ransomware, crypto scams, malicious email attachments, and infostealer data. These feeds are built to plug directly into SOC workflows and firewall rules, not to create more work for already stretched teams. Tony Anscombe is direct about the quality problem in threat intelligence. Open-source feeds sound appealing -- until you factor in the analyst hours required to clean out the noise. By then, the intelligence is stale. Attacks circle the globe in hours. Near-real-time, verified intelligence is not a premium -- it is the baseline requirement. The threat detection conversation has also moved well past malware. Anscombe walks through how modern attackers often skip the payload entirely -- credential theft gets them in, then slow lateral movement and data exfiltration follow, with ransomware as the final act rather than the first signal. ESET's platform focuses on behavioral anomaly detection across the full environment, with on-site, cloud, and managed deployment options for organizations that cannot or will not go all-in on cloud architecture. At RSAC Conference 2026, ESET will be at booth 5253 in Moscone North. Anscombe has two sessions on the Wednesday agenda: one on supply chain blind spots -- urging security teams to engage directly with the business side to map third-party risk fully -- and a community rant session tackling four things that need to change in cybersecurity, including the cryptocurrency regulation debate. On AI, his message is measured: the real conversation at the show is not about using AI -- it is about securing it. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET website: https://www.eset.com ESET threat research blog (WeLiveSecurity): https://www.welivesecurity.com ESET at RSAC Conference 2026 -- Booth 5253, Moscone North Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, RSAC Conference 2026, eCrime, threat intelligence, eCrime Ecosystem Report, cybersecurity, endpoint protection, MDR, threat detection, supply chain security, AI security, ransomware, infostealer, brand spotlight, brand marketing, marketing podcast, brand story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Tony Anscombe, chief security evangelist at ESET Tony Anscombe, chief security evangelist at ESET, returns to the podcast for a wide-ranging conversation about the cybersecurity landscape in early 2026. From the emergence of AI-powered malware to familiar weak points that keep showing up in breach after breach, Tony shares practical insights for MSPs advising their customers on security strategy this year. The conversation opens with a look at major incidents from the past year, including the Jaguar Land Rover cyberattackthat disrupted thousands of supply chain businesses and led to a £1.5 billion UK government loan guarantee, the Ingram Micro ransomware incident, and breaches affecting Salesforce and Oracle. Tony shares a striking insight from a cyber insurer: open VPN servers without MFA have overtaken RDP as the leading driver of claims. The discussion moves to shadow AI risks, with real-world examples of what goes wrong when companies deploy AI tools without security guardrails, and why MSPs have an opportunity to embed themselves as trusted advisors by being the security voice in the room. Tony also walks through the emergence of AI-powered malware, including ESET’s research on PromptLock, the first documented AI-powered ransomware – originally a proof of concept from NYU researchers that ended up in the wild – and PromptSpy, the first Android malware to use generative AI at runtime. The conversation closes with Tony’s advice for MSPs to stop talking about “cyber risk” and start talking about “business risk” – framing security in terms of downtime, continuity, and financial impact rather than technical threat statistics. Read Full Transcript Robert Dutt: Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, still editor at ChannelBuzz.ca, and your host for the show. Cybersecurity is one of those areas where the threats never stand still, and lately the pace of change seems to be even faster. As we head further into 2026, factors like artificial intelligence, global geopolitical tensions, and increasingly organised cybercrime are reshaping what risk looks like for businesses of all sizes. Today we’re stepping back from the day-to-day headlines to talk about what’s coming next, what really matters beneath the noise, and what IT service providers and resellers should be paying attention to as they advise their customers. My guest is Tony Anscombe, chief security evangelist at ESET, and a frequent flyer on the podcast. Tony spends his time analysing emerging threats, talking with security teams around the world, and translating complex security trends into practical guidance. This conversation is focused on thought leadership and the big picture trends shaping cybersecurity this year, from AI-driven attacks and mobile threats to ransomware and the impact of global events on the digital world Canadians rely on every day. It’s a great conversation, so let’s get right into it. My chat with ESET’s Tony Anscombe. Tony, thanks once again for taking the time. Tony Anscombe: Oh, it’s always a pleasure to chat with you, Rob. Robert Dutt: I just wanted to take this opportunity to kind of take a look at where we’re at in cybersecurity in the early part of 2026 and get your thoughts on what to expect this year, sort of help our listeners, the VARs and MSPs of the world, get an overall feeling for where things are at, where they’re going. I guess to throw things open, when you look ahead at this year, what feels genuinely different about the threat landscape compared to, say, a year ago? I was going to say a year or two, but I think even a year in this rapidly changing place is plenty. Tony Anscombe: Well, I think you’ve seen some pretty big incidents last year. None of them, I would say, are a catastrophic incident, whereas the year before we saw the likes of Change Healthcare and there was the CrowdStrike update and things that affect hundreds of millions of people all at the same time. But you had Jaguar Land Rover with a significant issue. You saw the Salesforce ransomware, the Oracle zero day that was exploited in their systems. Ingram Micro ransomware incident took down a lot of the distribution channel. So I think there were incidents that are interesting. I think to an element, I’d kind of say that you’re going to see more of the same, but the same is becoming more sophisticated and is starting to change. Now, if you go back four or five years, we’d have told you that cybercriminals at some stage will start using AI technologies in there as we go. Then I meet people frequently that turn and say, “I’m being attacked by AI.” The answer to that is, no, you’re not. Stop watching Terminator at weekends. That’s my recommendation. You’re getting paranoid. I say that, but the use of AI within cybercrime is making it more sophisticated. It’s making it more challenging to detect in certain instances and it’s becoming more challenging from a social engineering perspective. The sophistication and the likelihood of you clicking on something is unfortunately increasing. I think if you look at cyber insurance reports that talk about claims and stuff like that, still 40% of people are paying. A lot of the things are business as usual. In fact, I spoke to a cyber insurer a couple of weeks ago, Rob, who gave me a snippet of information that I thought was fascinating. We talked about RDP a couple of years ago, you and I, about the issue of… and he said the majority of their claims are open VPN servers, where people have got a login page, ID and password to log into the VPN and they haven’t put MFA on it. VPNs have now taken the place of where RDP was, so that one seems to be moving down the chain a bit. I took a look, I went on Shodan. I took a look on Shodan and sure enough, you can find lots of open VPN servers. Robert Dutt: Just goes to show how some tools which are at least adjacent to security can be flaws as well. There’s no shortage of that. You already touched on a couple of them. You mentioned AI and obviously that’s the big subject of the industry and of business in general in 2025 and 2026. It seems like we’re at a place where right now, in many cases, it’s coming out in front of security, in front of management and in front of IT control, the whole shadow AI thing. I guess, what are your thoughts on where organizations are most exposed because of that gap that exists? Tony Anscombe: Well, that’s a good point. The boardroom or the management teams in companies are going, “We need AI, we need AI,” because that’s what they’re hearing. Sure, it’s a great tool. If you look at a company like us at ESET, we’ve used AI in our products for two and a half decades or so. It’s not that new to us. But if you look at the latest iterations where a customer can get natural language help and stuff like that, you can sort through our threat intelligence easier. Those type of tools are where companies are at, isn’t it? It’s the customer interaction or it’s the knowledge base searching or it’s being able to get reasonable information quickly and meaningfully and in a nice way. The problem is, a company takes all its data, throws it into an AI model and says, “Hey, AI, can you start helping my customers?” There’s likely to be personal information in there. They’re likely to leave APIs open and such like that then get abused. Before you do this, you need to have a cybersecurity person in the room. Now, that doesn’t mean you don’t do it. What that means is you do it in the right way. The cybersecurity person might turn and sit there and be the doomsday person and say, “Oh, no, we don’t want to do this.” But it’s then about explaining to the people that want it in the business about the risk and understanding where the level of risk lies and whether you’re comfortable and accepting of that risk. We’ve seen some great examples of it, haven’t we? What was it, somebody bought a car from one of the car companies for a dollar or something, they managed to trick the AI chatbot into it. That’s the type of thing you want to be protecting against, making sure that you’ve got those guardrails in place. Also making sure it’s not going to surface some customer’s phone number or customer data inadvertently. Some customer in a previous call may have turned around and said, “Here’s my email address,” or “Here’s my phone number.” Of course, if that’s in your knowledge base somewhere or stacked in your support tickets, the right teasing of that information might bring it out and suddenly, in effect, you’ve got a customer data breach, which your AI told somebody. I’m just saying you don’t want that. You need to do it with security in mind. Make sure the agents are tied down correctly. Now I saw there was an incident last year. I can’t remember which vendor it was with, Rob, but they had an API. It was an AI tool. They had an API for their customers to use. I think it was about 30 different customers were using it, or using the same ID and password. The password, by the way, I think was “default.” Robert Dutt: Perfect. Tony Anscombe: Right? So there you go. That’s just somebody doing it without too much thought. Put a cybersecurity person in the room, every customer would have had their own ID. There would have been stronger authentication, maybe certificate-based, and you wouldn’t have had that issue. It’s about having the cybersecurity people in the room with the business at the time you discuss it. Robert Dutt: That’s an interesting place for MSPs because especially in the smaller end of enterprise and into SMB, when those discussions are taking place, often that MSP is going to be serving as the security person for an organization. It speaks to, I think, the need for you, even if you’re a third party to the company, you’ve got to have a strong seat to be able to say, “Hey, customer, this is all sounding great as far as innovation goes, but there’s stuff you need to think about here too.” Tony Anscombe: Yeah, absolutely. But it’s also somewhere where the MSP actually shows up and provides the real value because if you can show that you’re reducing the company’s business risk, then that’s what you’re there to protect, isn’t it? I would have thought it actually cements you further into the company because the more projects you get involved in, the more you understand their business, the harder it is for that company to actually change MSP. You embed that customer relationship, which is kind of the holy grail, isn’t it? That’s what you want as a service provider. Robert Dutt: Absolutely. Your research talks about smartphones as an increasingly attractive target. No argument there, it makes sense. It’s where a lot of people are doing their computing, right? It’s an interesting space in that sometimes it’s under IT control. Sometimes it’s not. Sometimes it’s a little bit of both. I guess what’s changed about mobile threats that MSPs and businesses should be paying more attention to right now? Tony Anscombe: Well, I’m smiling, Rob, sat here listening to you say that because I’ve got two phones on my desk. One of them is very controlled and one of them is mine. Robert Dutt: Wild West. Tony Anscombe: Yeah, well, it’s not the Wild West. Mine is controlled by me, not the company. But it’s a good point because if you look at people’s phones, they need to be under some sort of MDM service. If you’re allowing somebody to use their own device, then you need the ability to delete data. You need the ability to track the phone if it’s lost, delete the data and control the apps. Potentially have some sort of compliance on the security settings that are on the phone. If the person hasn’t got biometric unlock on the phone, then maybe you don’t want to install your stuff on there at all. It’s not just about having that container for the company data that you control, but it’s also having a minimum set of security standards on the phone, that the phone itself is secure. Bear in mind, you’re helping actually your employees secure their phone in that scenario as well. But yeah, the more and more devices you see, the more and more I think compliance you need to do on them. I don’t think that will change anytime soon. Robert Dutt: Ransomware, obviously the constant presence, the constant scourge. It keeps evolving, but the pattern keeps repeating in that a lot of the successful attacks are relying on maybe not the same weak points, but familiar weak points. I guess, why do we still see these same mistakes playing out? And what, if anything, can I do about that as an MSP? Tony Anscombe: Well, certainly one of the things MSPs need to do is make sure the customer is being trained, but also make sure your own staff are being trained as well. If you look at… and I wouldn’t want to put a percentage on it, but it’s a big number. If you look at the number that involve some form of social engineering, unfortunately – social engineering, you know, phishing, text messaging, physical phone calls – it’s never-ending. The elements of social engineering are huge there. I mean, I can’t remember whether we spoke about ClickFix last year. ClickFix was an interesting malware family. They used, one of the variants used the screen that says, “Are you a robot?” We all click the box, don’t we? And they’re very creative. Then it says, “Can you press these three keys on your keyboard to verify you’re human?” And what actually the three keys do is they invoke a PowerShell script. And there you go, you’re now breached. But it’s those sophisticated mechanisms such as that, that you need to make sure your employees understand, and your staff and your customer staff. So within the MSP, that you’re doing regular training, regular, even for your technical people. I worked for a company, Rob, when I first started my career in finance. It was a credit card company. And they used to run a program where a fictitious fake card member would sit there ringing numbers in the company each day, internal numbers. And your phone would ring and you’d pick the phone up and it would be a fake card member. And you had to own the call. Everybody in the company had to own the card member, regardless of whatever your job was. I’d love to see tech companies doing something similar. Robert Dutt: Yeah. Tony Anscombe: MSPs could be doing something like this with their customers. Can I randomly phone up your staff and see if I can socially engineer a password out of them? Not because I want to embarrass them, but because I want to be able to show that it can be done and then improve things beyond it. Wouldn’t that be a great service? It’s like phishing simulation, but with a person. Robert Dutt: Interesting idea. Tony Anscombe: Yeah. But if I ran an MSP myself, I think I’d be doing that on my own staff because I wouldn’t want to be, unfortunately, the supply chain into my customer that gets breached, that ends up seeing my customers breached. And there were a few of those, unfortunately, I think last year. I think Marks & Spencer were that way. And I think Jaguar Land Rover may have been through a third party as well. So I think there are some really interesting examples where third parties were unfortunately responsible. Robert Dutt: Well, yeah. It speaks to kind of that trend too, where a lot of times those who are doing the attacks are looking at that as an increasingly viable way in because there’s potential for there to be a gap between organizations that no one’s really… everyone assumes that everyone else is kind of looking at it, maybe. Tony Anscombe: Yeah, absolutely. There are other things I think MSPs… MSPs need to show their customers that they’re 100% secure, that they’ve gone through the same programs that actually customers do as well. One thing I think, if an MSP doesn’t go through what I define as regular cyber insurance type requirements, to me that would be a good thing for them to do, because cyber insurers kind of push that whole reduction in risk. Robert Dutt: That is rapidly becoming table stakes, isn’t it? That’s an expectation. Continuing along that line, for MSPs who are kind of planning out their security strategy, their security approach for the rest of the year, I guess what’s one assumption or one thing they’re doing that they should probably challenge or change at this moment in time? Tony Anscombe: One thing to change, that’s a big question. Only take on customers that are secure. Robert Dutt: Problem solved. Tony Anscombe: Yeah. Don’t allow your customers to have any connectivity. No. It’s to make sure that you’re keeping pace with the advanced technologies that are out there. For example, we’ve seen EDR become MDR and XDR, but are you now plugging in good, accurate threat intelligence feeds into that EDR? Whoever’s EDR you’re using, obviously, I’d love everybody to use ESET’s, by the way. But if they’re offering that as a managed service from an MSP, I’d also couple that with threat intelligence feeds and APT reports. If you’ve got government customers, actually start taking it to the next level so that it’s not just about relying on the monitoring and detection of an issue, but also that you’re intelligently looking beyond where other issues might come through other industries or what’s happening elsewhere. Robert Dutt: And taking that same kind of idea, but turning it around from a customer-facing perception. If you were advising an MSP on how to talk to clients about cyber risk this year and what they should be thinking about going forward, how does that conversation need to change in light of the changing threatscape? Tony Anscombe: Well, firstly, now that’s an interesting term. I’m guilty of using the term cyber risk. If I was in the MSP shoes today, I would not be talking about cyber risk. I’d be talking about business risk. I think cyber is becoming a risk just like any other risk to a business, i.e. theft, fire, building collapsing, earthquakes, whatever it might be that we tend to have risk. And cyber now needs to be treated as that risk. You’ve got to talk to a business in the terms of it being a business risk. There are some really good examples in the market now. I mentioned Jaguar Land Rover just a moment ago. Think about that entire incident. A third party to them gets breached and Jaguar Land Rover gets taken down through it. It affected 5,000 businesses. The UK government stepped in and bailed them out with PS1.6 billion. That’s a huge amount of money. If you and I had a little company, we’re making screws for gearboxes. It’s all very well somebody coming to me and turning around and saying, “Cyber risk.” But what I really want to know is the business risk. How much is it going to cost my business if I have this incident? What is my downtime going to be? Talk to them in the business language and put it in real terms. It self-justifies, by the way, then the expenditure on cybersecurity because you’re talking to them about the finance of the business. I kind of stopped talking about, you know, “70% of ransomware attacks start as phishing.” Great, those are supplemental, but talk to them about actually how they keep their business running. Robert Dutt: I think it speaks to a broader trend in the channel of over time, moving from speaking about technology to speaking about solutions to increasingly speaking about outcomes. I think we’re talking about now the business outcomes of security investment. Tony Anscombe: Yeah, absolutely. To a lot of this, this is the decision of the CFO of where is the acceptable business risk. Then it’s about putting the right cyber plan in place to meet the line of business risk. And by the way, we all have risk in different… our line will all be in different places. If 10 of us stand in a casino in Las Vegas and we’ve all got $200, we’re all going to behave completely differently when we walk up to the roulette table. Robert Dutt: Yeah, absolutely. And depending on where we’re at, we may have additional oversight, which colours our risk decision-making and depending on what… in this case, in what industry you’re in, for example. Tony Anscombe: Well, exactly. Every CFO and every business will have a different line in the sand of where their business risk is. Robert Dutt: You obviously get to spend a whole lot of time looking at what’s there and what’s coming in terms of security. I’m curious, is there anything that’s surprising you about the current security scene? Tony Anscombe: Well, the one thing that we’ve seen in the last six months… we’re being attacked, but let’s come back full circle here. We’re being attacked by AI. We have seen a couple of examples of malware. At this stage, they appear to be proof of concepts of AI-based malware. What that means is it’s actually dynamically using AI within the malware to generate the attack. It’s looking at the environment and then using the environment, asking AI to then generate scripts and code on the fly in real time. They’re using public AI models to do this. It will create the script and then they attack with that script. Now, in theory, that means you’re using a never-before-seen piece of code within the attack, which obviously makes it very challenging to detect. The two instances we’ve seen, one was PromptLock. The other one, we published details in the last few weeks, PromptSpy. One was on a Windows, macOS and Linux platform. The other one, a few weeks ago, was on an Android platform. We’re seeing the emergence of that type of code. So lower barrier to entry. Now that code’s out there in the marketplace. Difficult-to-detect attacks. I think you’re going to see that expand over this next year. Now, interestingly, one of those examples I just used, PromptLock, was a project by a university student. That’s what it transpired to be, but they put it in the public domain. Need I say more? Please don’t do this. [Laughter] Robert Dutt: I guess it was a matter of time that once the idea of vibe coding became kind of mainstream, that it was going to get turned back around and used in some sort of malicious way. That is one true trend across security over time. They will take advantage of the tools that are available. Tony Anscombe: They will. But I expect to see more of that AI-generated code out there over this next year. The challenge then is making sure the technologies that are in place, those advanced technologies, are picking up those advanced attacks because it will become more challenging as it goes. Robert Dutt: Tony, as always, so much going on in the security space, but you’ve given us some good things to think about. I think most importantly, some actionable things to think about as you’re running the security practice of an MSP. Appreciate your taking the time, as always. Tony Anscombe: Hey, always a pleasure, as I said, Rob. Robert Dutt: There it is, my conversation with Tony Anscombe, chief security evangelist at ESET. Whether it’s the rise of AI-powered malware, open VPN servers quietly becoming the new weak link, or simply learning to talk about security in business terms, there’s a lot here for MSPs to think about as we move through 2026. I’d like to thank Tony for joining us once again. Thank ESET Canada for their ongoing support of the site. And of course, thank you for listening today. We’ll be back in your feed tomorrow as we’re joined by Lee Caswell from Nutanix to discuss the company’s 8th Annual Enterprise Cloud Index Report, and with a special episode on Friday as we discuss Amazon Web Services at 20 with AWS Canada chief Eric Gales. You’ll want to be sure you catch those, so please do subscribe to or follow the podcast in your podcast app of choice. And if it allows you to do so, please consider leaving a review or rating of the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Roi Karo, chief strategy officer at Check Point Check Point Software has been on an acquisition tear. Under new CEO Nadav Zafrir, the company has picked up five startups since early 2025, with three announced simultaneously in February: Cyclops, Cyata, and Rotate. But these aren’t opportunistic bolt-ons. They map directly to a four-pillar strategy that Check Point says defines the future of its security platform: Hybrid Mesh Network Security, Workspace Security, Exposure Management, and AI Security. In this episode, we sit down with Roi Karo, Check Point’s Chief Strategy Officer, and Angelo Valentini, head of channel sales for Canada, to dig into the thinking behind the acquisitions and what they mean for the channel. Roi brings an unusual perspective to the table, shaped by 25 years in Israeli defense intelligence and a stint as Chief Risk and Strategy Officer at blockchain infrastructure company Fireblocks before joining Check Point. Angelo Valentini, head of channel sales for Canada at Check Point The conversation covers how each acquisition fits into the broader strategy: Rotate brings MSP-native expertise to the Workspace Security pillar, where Check Point is consolidating endpoint, email, browser, and mobile security under a single management layer. Cyclops completes a full Continuous Threat Exposure Management cycle by adding internal asset scanning alongside CyberInt’s external scanning and Veriti’s automated remediation. And Cyata addresses the emerging challenge of governing autonomous AI agents operating on user endpoints, a category that barely existed a year ago but is evolving fast. We also explore what Check Point means by an “open garden” platform, including how its tools integrate with and remediate across competitors’ products, and how that philosophy plays out in practice for MSPs managing multi-vendor security stacks. Angelo adds a Canadian lens, touching on the opportunity in Canada’s SMB-dominant market and the compliance implications of Bill C-26. Check Point’s MSSP Partner Program offers consumption-based pricing and multi-tenant management for solution providers looking to explore the opportunity. Roi closes with a pointed message for partners: the assumption that there’s still time to learn and prepare is “terribly wrong.” The threat landscape is accelerating, and the window to adapt is narrower than most people think. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always your host for the show. Check Point Software has been making some big moves. Under new CEO Nadav Zafrir, the company has acquired five companies since early 2025, including three announced simultaneously in February: Cyclops, Cyata, and Rotate. And these aren’t random bolt-ons. They map to a deliberate four-pillar strategy that Check Point says defines the future of the platform. Those four pillars are: Hybrid Mesh Network Security, covering data centers, cloud, SASE, and SD-WAN. Workspace Security, protecting endpoints, email, browsers, and SaaS applications. Exposure Management, giving organizations visibility into their full attack surface. And AI Security, governing the new wave of autonomous AI agents operating inside enterprise environments. For solution providers, the most interesting piece here might be the Rotate acquisition. It’s an acqui-hire that brings in a team with deep roots in the MSP ecosystem, including veterans of Datto and Kaseya. Cyclops adds a data lake with over 150 integrations for attack surface management. And Cyata tackles a category that barely existed a year ago: identity management for AI agents. To unpack the strategy and what it means for the channel, I sat down with Roi Karo, Check Point’s chief strategy officer, and Angelo Valentini, who leads Check Point’s Canadian partner business. Roi brings an unusual perspective – 25 years in Israeli defense intelligence and a stint as chief risk and strategy officer at blockchain infrastructure company Fireblocks before joining Check Point. Here’s our conversation. Gentlemen, thank you for taking the time. I appreciate it. Roi Karo: Thank you very much. Angelo Valentini: Thanks for having us. Robert Dutt: Roi, before we dive into strategy itself, you come to Check Point from Fireblocks, and before that, 25 years in the IDF and on that side of the world. Pretty unique lens. I’m just curious, how does that shape how you think about security strategy versus someone who’s grown up and spent that kind of time inside the cybersecurity vendor world? Roi Karo: Yeah, that’s interesting. I think it gives a unique perspective, being part of the Israeli intelligence security, and it gives, I think, a wide view of how things are shaping. And it’s part of what we’re trying to answer today. The biggest hurdle I’m trying to uncover is what is going on. What’s going on in the world, what is going on in the market, and of course, how should we react as a security company. And I think my background gives an interesting perspective for that. And stating what is obvious, in Israel, many people in the cybersecurity industry are veterans of the Israeli defense forces. So it’s an interesting background and a very useful background to be part of the security ecosystem in Israel. Robert Dutt: You guys announced three acquisitions simultaneously, and that’s following last year, which saw Lakera and Veriti. That’s an aggressive pace. I guess, what do you see as the strategic urgency driving the acquisitions? Is it about AI creating new categories of risk, or is it about the competitive landscape forcing your hand? Is it a little bit of both? What’s driving this? Roi Karo: Yeah, I think both and maybe some more. Stating the obvious, things are changing faster than before. Everybody’s talking about how AI is changing the world. Something that everybody says in their first sentence: everything is faster. Things that before took years now take weeks and even days. So we can’t just wait. We need to move fast, faster than we moved before. So acquisition is a great way to move faster. When we find a very strong team that has a very good product that can help our portfolio and give us good products that we can suggest or offer to our customers, this is something that we’re very interested in. And I think, as you mentioned, the competitive landscape – competitors are also moving faster. So we need to keep pace. And the last thing I would add, Check Point as a large company offers a wide variety of solutions. We’re very known for our firewalls and network security, but if we’ll have more time, we can talk about the other pillars. And actually all three new acquisitions are supporting and accelerating our other product pillars. So offering a consolidated solution to our customers is one of our biggest strategic moves, and all of those acquisitions are helping us to get faster through this target. Robert Dutt: You kind of presage where I was going next, which is, in your blog post, you frame four pillars of where Check Point is going, what you want to be locking down. And as you rightly point out, Check Point has that history, that strength in network security. The newer bets, especially both exposure management and AI security, which is obviously nascent – it seems like they require different muscles, different skill sets, different approaches from Check Point and from partners alike. Where are the real capability gaps that needed filling? Roi Karo: Yeah, so I think when talking about gaps, there are different types of gaps. One type of gap is mostly on the AI front. Everything is new. So to be very honest, I think that the security industry is still learning how to secure AI. So we have gaps. Everybody has gaps because it’s so new. We’re inventing new things. We’re building new kinds of security solutions. And that’s one type of a gap. A different type of a gap is that we have products for many years and we want to have better solutions, acquiring features or products that can help us accelerate closing those types of gaps. But I think the first type is more interesting because those are purpose-built solutions that did not exist before. This is where the true innovation is happening. And without that, nobody will be able to secure the new types of attacks that we’re seeing in the wild. Angelo Valentini: Robert, if I could just add – on the partner side, I think some of the gaps and concerns are really about visibility, governance, and also about operational efficiency. I think that’s one of the things that we’re trying to help partners with in terms of what their concerns are relative to AI, relative to exposure management, all these areas. Robert Dutt: You describe this whole scenario as an open garden platform, which is a nice framing versus the walled garden approach. For MSPs who are running multi-vendor security stacks and representing multiple security vendors, which, let’s be honest, is the vast majority – what does that open garden mean in practice for them? Roi Karo: Yeah, so I think a couple of things. Our philosophy is openness. We’re not trying to create any kind of vendor lock. We play with all vendors. You mentioned the acquisition from last year of Veriti. That’s a great example because what Veriti offers is the ability to patch or virtually patch all of your security vendors. If you have a threat that you discovered, now you want to make sure that you’re actually being defended against it. So what Veriti does is go over all of those exposures and close them. And when they say close them, they close it using a Check Point security product, but also all other vendors. So we have integration even with our competitors, other types of vendors. So that’s one example of how we try to build our solutions in a way that supports all the other players, because we acknowledge what you said. Most vendors and even most companies, they don’t want vendor lock. They want to use several vendors. They want all of them to play together. So we design our solutions in an open way. It can be used with APIs, it can call to other types of solutions and help MSPs or customers, other types of customers, to build their full stack of solutions. Robert Dutt: That kind of maps, I think, with things that I’ve been hearing more and more from partners. Back in the day, you’d hear a lot of, “I want to work with fewer security vendors.” Still, no one’s saying, “Hey, I want to sign up 400 security vendors and try to understand the nuance of what all of them are doing.” That’s operationally impossible. What I hear more, I think, is the idea of, “I want to have a few strategic security vendors and I want them, where possible, to play nicely together in my environment.” Roi Karo: Absolutely, I can’t agree more. I think consolidation is important. Nobody wants 400. Nobody wants even 40 vendors. It’s hard. But nobody wants one vendor. I think that in a way, we’re trying to figure out this balancing, this sweet spot between having hundreds of vendors and having one vendor. And what we do is – the reason we picked those four pillars is because we truly believe that we’re leaders in each one of them and we have the best solution in each one of them. And anywhere that we don’t have a solution, we partner. So a good example is CNAPP. We have a strategic partnership with and other CNAPP vendors. So we don’t have our own CNAPP solution. We integrate it with another vendor. And everywhere we don’t have the best solution, we’ll integrate with the best vendors that are out there. Robert Dutt: Okay, let’s talk a little bit about the acquisitions that were made that start to build out this platform, or continue to build out this platform. And I wanted to start with Rotate specifically, because I think it’s really interesting for this audience. You acquired them, it seems, primarily for the team. And that team includes key people who come from a background in Datto, in Kaseya – companies that really built up the foundations of the MSP ecosystem of today. What does that signal about how you guys are looking at the MSP market and the MSP opportunity for Check Point? Roi Karo: Yeah, so I will zoom out a bit and then focus specifically. When we announced the workspace pillar, we realized among other things that companies want to manage the whole end user security through one vendor, through one unified management, and not point solutions. So we took our endpoint solution, our email solution, browser, mobile – all the solutions we have around the end user – bundled them together, and are offering a way to manage all of them from a unified management. That is something that is unique and I think is very compelling to all types of customers and mostly MSPs, for obvious reasons. They want to manage all of this end user security from one vendor, from one management. And doubling down on MSPs, we understand their needs. We have many MSPs as customers and we want to provide an easy way to manage all their tenants, all their end users in one single pane of glass. And that’s what we’re building, and this is what we want to accelerate with the team of experts coming from Rotate. Angelo Valentini: So Robert, in Canada, as you know, 90% of the businesses are SMB. So this is a huge opportunity for partners as we go and develop this and enhance that solution for our partners. It’s a huge opportunity. Robert Dutt: And speaking of huge opportunity, the email security business that’s already – I think I saw 160 million is the figure for Check Point’s revenue line there – as well as being one of the most foundational tools that MSPs bring to market and have fueled that business. I’m curious to get your thoughts on how you build from that beachhead that you’ve got established in email security and into that broader workspace security story that Rotate is facilitating. Roi Karo: I think email security, as you said, it’s so fundamental. And when we try to explain to people how AI is changing the hackers, this is the easiest example because it’s most common and easy to explain and imagine. Phishing attacks look different now with AI-based attacks. We all did this training that you need to find spelling mistakes and grammar mistakes to identify phishing. As you can imagine, there are no spelling and grammar mistakes anymore when phishing emails are being built or crafted with AI. So email security is being changed and being reinvented. And we are building new types of email security to make sure that we’re securing also for the most advanced AI-based phishing attacks. Our email security is something that we take a lot of pride in and we can prove that it is better than many others. So that’s, as you said, a great beach entry through many of what we’re doing with our customers. And adding the other capabilities on top of the email is super important. Because again, using a very simple example: someone got a link, they pressed it because it wasn’t blocked. And now they have malware on their computer. You want that endpoint security to be connected to the email security and have one platform that can see everything and can actually prevent attacks before they happen. So we integrated our endpoint solution, our browser extension, our mobile solution, and the email together into one threat intelligence layer that provides data to all of those solutions. Robert Dutt: Cyata is about governing AI agents, which as well as being the buzzword of the day is also a category that didn’t exist a few years ago, because AI agents themselves did not exist a few years ago. For an MSP today, is security around AI agents something that their customers are asking about? Or is this one of those things that’s in a “be ready for this now so you can sell it tomorrow” kind of space? Roi Karo: Yeah, I think that this will grow very fast because, as I’ve mentioned, AI is moving faster than we imagined. When we say agents, I think there are two separate use cases, and one of them is very relevant to the MSP. One that is less relevant is building AI applications that use agents. This is for bigger organizations and more sophisticated organizations that have engineers and are building their own software. But all of us are using agents. ChatGPT and Claude today, you just press a button and you’re running an agent from your endpoint. That is something that is happening. It’s the more advanced user today, but tomorrow it will be all of us using agents running on their endpoints. And one of the things that Cyata built, and we’re now adding to our products, is a capability running on the laptop of the end user, identifying agents that are running there on behalf of the users. It can identify and, first of all, give visibility into all the agents that are running from the end user’s computer, but also provide governance and policy that make sure that they’re doing only things that they’re allowed, that they’re using the right identities, that they have access only to things that they are supposed to have access to. And this is something that I believe will be very relevant to MSPs in the near future, sooner rather than later, because it’s related to all the end users, all the people that are using AI. Angelo Valentini: Robert, this also plays nicely with some of the government compliance developments with the Canadian government. So Bill C-26, for example, is all about governance and compliance. This is a great way in which this acquisition plays right into the government legislation. Insurance is another big thing where we’re seeing a lot of compliance requirements, and also financial institutions. So this is just another way that this plays into that compliance as well. Robert Dutt: Last but not least on the acquisitions, can you give me a bit of a feel for how Cyclops fits in, what they bring to the table, and the opportunity you see there for your partners? Roi Karo: Yeah, absolutely. And again, zooming out and zooming back into Cyclops. We just announced our Exposure Management pillar. We acquired, I think almost two years ago, CyberInt. They’re doing external risk management – they’re scanning the organization from the outside and providing all the data you can achieve from looking at the organization, the company, from the outside. Dark web and the organization itself. Six months ago, we acquired Veriti, that takes all of the data, all of the exposures, all of the threats, and mitigates them automatically. So you have automatic remediation. And now with Cyclops, we completed the full cycle, because they are scanning the organization internally. This is an asset management capability that actually connects to hundreds of vendors that provide data. And then you have the full picture of what’s going on inside your organization. So CyberInt’s capabilities are scanning from the outside, Cyclops’ capabilities are scanning from the inside, and Veriti’s capabilities take all of this intelligence – and all the intelligence we acquired in decades of building our capabilities – and make sure that all of this is being remediated. In this way, we accomplished the full cycle of what Gartner calls CTEM, Continuous Threat Exposure Management, and provide a very unique value proposition to our customers of having the full cycle of understanding what is happening across your attack surface, identifying the threats, and remediating the threats. Cyclops provided a very important piece of the puzzle that we were missing, and we’ll integrate them very quickly into our value proposition and offer a full cycle of CTEM. Robert Dutt: How quickly do these acquisitions – you mentioned the plan for Cyclops there – but how quickly do these become native Check Point experiences rather than adjacent tools that are also on the Check Point line card? Roi Karo: Very quickly in those three cases, because they’re part of a wider value proposition. It’s not a standalone – all of them started as a startup with a standalone capability, but the real magic and the real value will come when we integrate them. That will happen very quickly because all of those solutions are very modern in design, which makes it easier. And part of the due diligence we did around all of them is how quickly we can integrate. So this will be integrated very quickly. And of course, now – as I say, everything is happening faster – we are using AI to build products and integrate products. So that will happen very fast, and this will be offered to our customers immediately. Robert Dutt: Zooming back out to the strategy level, if I’m a Canadian MSP with managed seats numbered in the hundreds – typical SMB-focused MSP – today I’m running Check Point email security, maybe firewalls. When I look at this strategy, what is this going to change about what I sell and how I operate over the next 12 months? Roi Karo: I think CTEM and exposure management becomes even more important than before. Maybe we need to take one step back with your permission. I think that the threat landscape is changing, and that’s something that we all need to acknowledge. Just imagining how the attackers are using AI in order to accelerate their attacks – things that before took attackers months or years to build, to find new vulnerabilities, we’re seeing right now happening much faster. The scale, the sophistication of attacks is changing. And we all need to prepare. Vendors, MSPs, and other types of organizations need to make sure that they are prepared for a new wave of attacks. And for that, you need to have everything that can help you understand. We talked about my background – intelligence is super important to understand what is going on. And exposure management is exactly that: understanding what is going on. Are you attacked? Where are you exposed? Who is attacking you? You can’t fly blind. So the first thing I would add to my portfolio if I’m an MSP is offering threat intelligence, offering exposure management, scanning all of my customers and making sure that they’re not exposed, finding servers they have that are exposed, finding PII that is related to them on the dark web, and making sure that I’m warning them. Many kinds of solutions we have as part of our exposure management value proposition I think will be very interesting for MSPs. So that’s one thing I would explore with Check Point. The second thing is AI, of course. We talked about agents, but even the basic LLM use of end users, that’s something that needs to be governed. Angelo mentioned compliance, it will become part of it. Even if you’re a small law firm and you want to make sure that your lawyers are obeying the rules that you decided – can they use ChatGPT in order to write a legal document? If it’s a small medical company, can they consult ChatGPT on medical issues? What is the PII guidance you give them? Can they put PII in ChatGPT or not? All of this needs to be governed, and our products enable that. They run on the endpoints, they make sure that you’re aware of what all of your employees, all of the people in the company are doing with AI, and they can enforce governance on what you want to allow and what you want to block. Do you allow DeepSeek in your organization? Do you allow other types of LLMs or GPTs? All of this, as part of AI security, is something that MSPs will need to adopt and educate themselves on, and educate their end users very quickly. And what we’re building is a full suite of AI security. We’ll have offerings for small companies, offerings for large enterprises, and everything in between. Angelo Valentini: You touch on AI governance, we talked about exposure management. These are ideas that sound consultative and complex, which is great because channel 101: where there’s mystery, there’s margin, and there is ample mystery here. But again, through the lens of that SMB-focused MSP, how do I get to it? So I guess what I’m getting at is, how are you helping partners productize those conversations they need to have without requiring them to go super deep themselves as AI specialists? I think that’s the bread and butter of partners today, is the service offering. When they see acquisitions like this, we play in all their wheelhouse in terms of all the areas: visibility, governance, and also operational efficiency. So that’s the number one thing. It’s our job to enable our partners as well as part of it. Me in the partner community, we go and enable our partners to understand the technology and understand the opportunity. And there are consulting opportunities here, there’s increased revenue opportunity here. That’s one of the things that we focus on, is really to get awareness to the partners so they understand: hey, there’s an opportunity here for incremental revenue, for increased opportunity in consulting and implementation. And then from there, there’s ancillary AI solution revenue that follows. So it’s up to the partner to decide, but it’s really something that they should consider. Robert Dutt: Just to wrap things up before we go, do you have time to do two quick lightning round questions, quick answers? First of all, what’s one assumption about cybersecurity that you think partners need to stop making right now, or at least over the course of this year? Roi Karo: I think that the basic assumption is that we have time, that sophisticated attacks are not here yet, and we have time to learn, we have time to adjust, and everything will be okay. I think that’s terribly wrong. I think that the attackers, they don’t have the governance and legal obligations that we have as companies. So they’re running very fast. It’s happening now. So I think a wrong assumption that many people have, MSPs included, is: okay, it’s still early, we can learn, we can take our time. I think we need to move fast and we need to move faster than we’re moving. Robert Dutt: And taking that similar lens but turning it inside this time, what’s the hardest internal debate that you’re having at Check Point right now about AI and security, and why isn’t it settled yet? Roi Karo: We understand that we need to offer AI as a part of – we talked about many angles of AI, one that we did not mention, and I will use your question to address it – is using AI for security. We talked about AI for the attackers, we talked about AI that everybody’s using and we need to secure. Part of what we’re building in a very innovative way is autonomous security – AI agents that are running security. And this of course is the biggest promise. And many people feel that we need to move much faster on this front. It’s not easy. And we’re building it in many parallel lanes, because it’s hard to predict what will win. But we understand that the future of security – you need to fight AI with AI, you need to adopt AI. And this is maybe the biggest promise of our industry, when the industry will be able to adopt AI and leverage the power of AI in order to provide better security. And in many ways, in bigger organizations, the department that needs to adopt AI the fastest is the security department. Because for all the other departments, this is a force multiplier, it changes everything, but in a way it’s a nice to have. For security, because the attackers are using AI, if security people won’t adopt AI for themselves and use AI to secure their organization, they will lose. So we’re trying to do our best in offering our customers AI-based security. We have today in all of our pillars co-pilots and MCP servers and agentic capabilities. But we aspire much higher. We want to build real autonomous security, real AI employees – AI security employees that will be part of the team. We have very exciting, innovative teams that are building those kinds of things. And answering your question, the debate is: can we, or how can we, move faster on this front, offering our customers fully autonomous, fully AI-based security. Robert Dutt: That’s a pretty good overview and view of the strategy and of where you think things are at. Good luck with the acquisitions and rolling them in and continuing to broaden out the strategy. And thank you very much for taking the time for this conversation. Roi Karo: Thank you for hosting us. It was a pleasure. We’ll be in touch. Angelo Valentini: Great to be here. Robert Dutt: There you have it, a look at Check Point’s push to reshape its platform around AI security, exposure management, and the MSP workspace, with Roi Karo and Angelo Valentini. The takeaway I keep coming back to: Check Point isn’t just buying technology here. They’re making a deliberate bet on the MSP market, and hiring a team from Datto and Kaseya to build it out is the strongest signal of that intent. Whether you’re already in the Check Point ecosystem or not, the open garden approach they’re describing is worth paying attention to. And Roi’s point about urgency is one that I’d take seriously. The window to learn and prepare is shorter than a lot of people think. Thanks to Roi and Angelo for a great conversation. And thank you as always for listening. Also this week on ChannelBuzz.ca: on Wednesday, ESET’s Tony Anscombe joins me to walk through the security trends and threats solution providers should be watching this year. On Thursday, I sit down with Nutanix SVP Lee Caswell to dig into their latest Enterprise Cloud Index research, including what the data says about shadow AI, data sovereignty, and where infrastructure decisions are heading. And on Friday, a bonus episode – AWS Canada’s Eric Gales joins me for a look back at 20 years of AWS and what it means for partners going forward. If you’re enjoying the show, please take a moment to subscribe or follow in your podcast app of choice. And if you’re feeling generous, a rating or review goes a long way to helping other solution providers find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Today is Monday, March 9, 2026. Welcome to In Case You Missed It, our weekly five-minute rundown of important channel news stories that might have flown under the radar last week. In this edition: Ingram Micro Q4 and full year 2025 results: Ingram Micro reported fourth quarter net sales of $14.9 billion (up 11.5%) and full year net sales of $52.6 billion (up 9.5%), with its Xvantage platform now driving “billions” in transacted revenue. The company debuted the “AgenTeq” brand for its agentic AI capabilities, including a Sales Brief Agent initially piloted in Canada. Memory pricing crisis update: Dell is “compressing discounting” and shortening quote windows. HP says memory costs doubled in one quarter to 35% of PC production costs. Intel’s CEO says there’s no relief until 2028. The message to partners: quote fast, communicate pricing risk early, and plan for volatility. MSP Well launches as the channel’s first mental health community: Co-founded by Joe Ussia (Infinite IT Solutions), James Mignacca (Cavelo), and Miguel Ribeiro (VBS IT Services), MSP Well is a free peer-support network for IT and MSP professionals dealing with burnout, stress, and the mental health impact of cybersecurity work. Launched at XChange March 2026 in Orlando. ServiceNow claims AI bot resolves 90% of its own help desk tickets: The “Autonomous Workforce” agent handles Level 1 IT issues end-to-end, including password resets, VPN issues, and software access, with 99%+ resolution rates in targeted categories. GA expected in the second half of this year. Read Full Transcript Hello and welcome to In Case You Missed It from ChannelBuzz.ca. Your Monday morning recap where we catch you up on some of the channel news and trend headlines you may have missed in the last week. I’m Robert Dutt, editor of ChannelBuzz.ca. Today is Monday, March 9, 2026. Let’s get your week started right. Ingram Micro closed out fiscal 2025 with some pretty strong numbers. The distributor reported fourth quarter net sales of just under $14.9 billion, up 11.5% year over year and above the high end of its guidance range. For the full year, net sales came in at $52.6 billion, up nearly 10%. The company attributed the growth to strong demand across its core distribution business, an uptick in cloud marketplace revenue, and continued traction from its Xvantage digital platform, which management now says drives “billions of dollars” in transacted revenue. But the detail that caught my attention is a word, not a figure. During the earnings call, Ingram introduced the name AgenTeq – T-E-Q, by the way – as its branding for its agentic AI capabilities within the Xvantage platform. AgenTeq encompasses over 400 AI and ML models that Ingram’s been building, including a tool called the Sales Brief Agent, which gives Ingram sales teams real-time AI-generated intelligence on partner and customer accounts to help uncover growth opportunities. And in a detail worth noting for this audience, the Sales Brief Agent was initially piloted here in Canada before its planned global rollout in the first half of this year. We’re still learning what AgenTeq means in practical terms for channel partners and it’s early days for the branding, but the combination of its financial results and the platform investment suggests Ingram is placing a very deliberate bet on AI-driven distribution. A story we’ll be following up very soon here on In The Channel. If you listened last week, you heard us lead with the component shortage story. Cisco rewriting partner contract terms, Lenovo warning of March price hikes, Western Digital’s entire 2026 production already spoken for. The situation has not gotten better. In fact, it’s getting worse and faster than most of us expected. Dell COO Jeff Clarke told analysts last week the company’s compressing discounting and that quotes are now valid for “the shortest period of time they’ve ever been.” HP’s CFO disclosed that memory costs have doubled in a single quarter and now represent about 35% of PC production costs, up from 15 to 18% a few months ago. And Intel CEO Lip-Bu Tan says there’s no relief coming until 2028, a timeline backed by both SK Hynix and Micron. The takeaway for partners hasn’t changed from last week, but it’s more urgent now. Shorten your quote windows, have the pricing conversation with customers early, and assume that anything you quote today can and will cost more by the time it ships. Grab your helmet. Switching gears to something that doesn’t come up nearly enough. A new community initiative called MSP Well was formally launched this week at The Channel Company’s XChange conference in Orlando. MSP Well is a peer-support community dedicated to mental health and resilience among IT, MSP, and MSSP professionals. It was co-founded by Joe Ussia, CEO of Infinite IT Solutions, James Mignacca, CEO of Canadian vendor Cavelo, and Miguel Ribeiro of VBS IT Services. As Ussia put it, “the channel talks constantly about tools, threats, and uptime, but rarely about the human cost to the people doing the work.” MSP Well aims to change that, offering peer support, a Discord community, an anonymous call line, and partnerships with certified counsellors. It’s a meaningful initiative, and it’s something we’re looking forward to following up on here on In The Channel. And finally, ServiceNow says it has built an AI agent that’s now resolving 90% of inbound IT tickets on its own internal employee help desk. The system handles high-volume Level 1 issues like password resets, software access, VPN connectivity, and hardware troubleshooting, with resolution rates above 99% in those categories. When it gets stuck, it escalates rather than guessing. It’s an internal deployment for now, with general availability scheduled for the second half of the year. ServiceNow’s annual Knowledge conference takes place in May, and I’d expect we’ll hear a lot more about it there. Those are some of the things we were paying attention to last week. This week on In The Channel, we take a look at Check Point’s recent acquisition spree and how it all comes together with their chief strategy officer, Roi Karo. Sit down with frequent guest Tony Anscombe from ESET to talk about the current threat landscape. And break down the most meaningful findings of the Nutanix Enterprise Cloud Index report. I’m Robert Dutt for ChannelBuzz.ca. Have a great week!

Tony Anscombe, Cybersecurity Expert and Chief Security Evangelist at ESET

Pinar Ormeci, CEO of Lexful For MSPs, documentation is essential. But it's also one of the hardest parts of running a service business. Inaccurate, outdated, or inaccessible documentation slows teams down, increases onboarding time for new technicians, and can even put service quality at risk. That's the problem Lexful is aiming to solve with a new approach. In this episode, we sit down with Pinar Ormeci, CEO of Lexful, to discuss the company's new AI-native platform built specifically for managed service providers. Pinar explains how Lexful uses artificial intelligence to capture and organize MSP best practices in real time, making documentation not just a compliance task, but a practical tool that drives efficiency and reduces errors. We also dive into some of the challenges MSPs face when adopting AI tools — like ensuring sensitive client data stays secure and meets regulatory or geographic requirements — and how Lexful addresses these concerns with flexible data residency options. Plus, Pinar shares her thoughts on global expansion, including the Canadian MSP market, and what makes Lexful different from traditional IT documentation tools. Whether you're looking for ways to improve operational efficiency, reduce technician burnout, or future-proof your MSP business with AI, this conversation offers practical insights and a glimpse at where documentation technology is heading. Tune in to hear Pinar Ormeci explain how AI can transform the way MSPs capture, store, and use the knowledge that keeps their businesses running. Read Full Transcript Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always your host for the show. If you’re an MSP, you know that documentation is both critical and, let’s be honest, often a pain. From onboarding new technologies to keeping client procedures up to date, maintaining clean, accurate and accessible documentation can feel like a full-time job and even then it’s rarely perfect. That’s where Lexful comes in. Founded by Pinar Ormeci, Lexful is a new AI-native platform designed specifically for managed service providers. The goal is to make documentation smarter, faster and more useful, not just for the teams doing the work today, but for future technicians, clients and partners. Think of it as giving your organization a digital brain that learns your processes, organizes your best practices and helps your team actually use the documentation you spent so long building. In today’s conversation, Pinar walks us through what makes Lexful different from traditional IT documentation tools, how the platform’s AI assistant Ask Lex works, and how MSPs can balance the need for actionable insights with security and control over sensitive client data. We also talk about global expansion, including Canada, of course, and what it takes to bring AI-powered documentation to MSPs operating in regulated markets or multiple geographies. Whether you’re curious about AI in the MSP workflow, looking for ways to improve operational efficiency, or just interested in the next wave of tools that may be shaping the channel, this episode’s full of insights from someone who’s building a platform designed for exactly that. Grab your headphones and let’s jump into a conversation with Pinar Ormeci, CEO of Lexful. Robert Dutt: Thanks for taking the time. I appreciate you’re joining us to talk a little bit about what’s going on over at Lexful. Pinar Ormeci: Thank you so much for having me, Robert. Robert Dutt: You’re entering a market that MSPs already know well in terms of documentation tools. What was it that was broken enough about the status quo, the situation, that you felt like, “Oh, it’s time to start from scratch with something brand new.” Pinar Ormeci: Yeah, as you can imagine, everything changed with AI, with the advent of AI and the pace of doing things and how MSPs must react and are reacting to an AI-first world even today, and it’s even accelerating as we continue. So as such, we fundamentally believe that the things that worked yesterday will not work today and definitely not tomorrow, right, for the workforce that contains humans and AI agents. So we are the response to a long-standing pain point that the MSPs have when it comes to documenting what they have, finding answers and context when they need, and also having the ability to update that documentation as needed, right? So MSPs, when they’re operating, they’re going 100 miles an hour across clients, across tabs, across tools, and the last thing they need is wasting time trying to find the right answer, right network diagram, trying to see if that’s actually the latest and greatest. And usually that doesn’t happen. There’s a lot of tribal knowledge that lives in the MSPs because they honestly, at some point, stop trusting the data that they have and things start living in their minds. And that’s the reason why we exist. So yes, we are an IT documentation solution, but we are an AI-native platform that is starting with documentation and our goal is to really help MSPs move into knowledge operations, an AI operating layer, where the knowledge becomes autonomous, the outcomes become autonomous, and really the knowledge becomes a living thing. Robert Dutt: Well, let’s start with where you’re at in that regard. From your perspective and from what you were hearing as you were building up Lexful and planning it out, what’s the real cost of bad, outdated, unfindable documentation inside an MSP’s operation? Both in terms of operational stuff for the organization, but also in terms of ability to grow, margins of the business, the experience that technicians have, those kinds of things that are not peripheral, but not right at the center of operations. Pinar Ormeci: Excellent question. And what we say is that MSP documentation as it stands today is really broken. And ultimately, this is an economic problem. This is not a technical problem in the sense that it costs MSPs real margin. And how does that happen? So today, documents become stale as soon as they are written. Technicians waste hours collectively trying to find the right information, and manual updates really don’t scale. So what this ends up resulting in is missed signals, right? So you don’t act when you should be acting. You don’t find answers as fast as you could. Your technicians get burned out because literally after five, ten minutes of searching and not being able to find what they need, technicians go to other technicians. So everybody’s pinging each other, disrupting. So there’s also a lot of context switching. And this results in errors where you’re trying to solve different clients’ problems. And ultimately and fundamentally, this really results in eroding client trust and churn, right? So we see this documentation problem not as a technical problem, but fundamentally an economic problem that has real impact on the bottom line of the MSPs. And also their top line, because knowledge is also critical, Robert, for AI agents, for workflows. Your AI workflow or your agentic workforce is only as strong as the data that they rely on. So if you have a bunch of unstructured data lying around across different tools and you have no clue how stale or up to date they are, your agents won’t be as useful as they could be. So we are approaching the problem on both sides, both reducing your costs and increasing your margins, but also really preparing you for the agentic workflow and also AI-driven new revenue streams. Robert Dutt: You’ve positioned Lexful as an AI-native platform rather than a traditional documentation tool with AI built in, strapped on, however you want to phrase that. What does that mean in practice for an MSP that’s using Lexful on a day-to-day basis as opposed to using traditional documentation tools or methodologies? Pinar Ormeci: Sure. Legacy documentation tools were built in a different era, right? Before AI existed, they really depended on manual entry, keyword search, and they’re optimized for storage really, not to be an operational workhorse. Not for knowledge operations, where you’re able to put data to work for you 24/7. So our goal with Lexful is to move from this world of scattered docs and tribal knowledge to a unified AI-native platform that delivers the right solution to the right technician, anchored to the right context, to the right client, instantly. So this is how this looks in real life. Let’s say that you’re using a legacy documentation tool and you say, “Hey, I’m going to give Lexful a go. I want to try it.” By the way, you can have a completely free trial where you get to use the full functionality of Lexful in parallel to your existing tool. So there’s no risk. We call it migration without mayhem. So if you don’t like it, no feelings hurt. You can always continue with your existing platform. But this is how it looks. The first thing that we do is we migrate all your existing documentation. That means including your SOPs, onboarding guidelines, runbooks, what have you, your MSP-specific documentation, plus all your client assets and passwords and their documents into the Lexful schema. And while we are doing that, we transform that data into context, relationships, assets. So everything becomes structured so that AI can operate seamlessly and securely, very fast, within the guardrails that we put. So that’s fundamentally different than bolting AI into the scattered docs that are unstructured and expecting much from that AI agent. Before we even migrate the documents, Robert, what we’ve done is we completely context-engineered an LLM model to live in the MSP space. So you have this, let’s say, AI technician now that has access to all your data. And the things that you can do with this are really amazing. So we have AI as UI, as entry point to Lexful. And what that means is you can ask natural query questions in plain English. For example, a technician can easily ask, “Hey, what’s the admin password for this client?” Or they can ask, “Hey, what devices need patching for the clients that are in the Ohio area?” Or “What should I do about it?” Or you can say, “Hey, give me a project plan for me to patch these devices and make sure you’re prioritizing them based on urgency.” Or an L1 tech who you just hired and you’re trying to onboard, instead of pinging the senior technicians all the time, they can literally go to Ask Lex, which is our AI-powered knowledge assistant, and say, “Hey, how does my MSP do onboarding? What’s the best way for me to increase my learning curve immediately? What would you propose?” Because this is an LLM now that has access to all your knowledge and is context-engineered, as I mentioned, in the MSP and all things IT. Robert Dutt: And you mentioned data throughout that. And clearly, for Ask Lex, for the AI infrastructure to have the value that it potentially has, it has to have access to both an MSP’s most valuable data, the best practices, the procedures, the stuff that folks have developed over the however many years the business has been in place, and customer data, network diagrams and passwords, et cetera. How are you balancing getting the most out of that and getting the most value out of Lexful with trust, security, control, all those kinds of things that MSPs and rightly customers are going to be asking about? Pinar Ormeci: Yeah, 100%. And that’s why vibe coding is not going to work for any production-grade solution, but also definitely for MSPs, where you have multi-tenancy, security is of utmost importance. You have all these compliances and regulations and all of that, right? So you have to have a real MSP-grade solution. So in our case, obviously, we are handling really sensitive data, the client’s data, and also passwords, right? As a documentation tool, we have password management as part of that, a rich document creator and asset management. So it’s as sensitive as it gets. What we do is zero-trust security from day one. So Robert, I was the CEO of another MSP-first vendor before I joined Lexful, and what we did was Secure Access Service Edge, which is a SASE solution, right? So I’m so security-first because I’ve seen firsthand all the horrible consequences when security is optional. Security is a must-have. It has to belong in an MSP stack, and MSPs actually shouldn’t even deal with clients if the client says, “Oh, security is optional for me.” So I am very, very security-first. So from day one, what we’ve done at Lexful is we said that we’re going to be SOC 2 Type 2 compliant. So the whole thing that we’re building is built in that framework. We are already in SOC 2 audit, by the way, so hopefully we’ll get the SOC 2 Type 2 compliance. That’s the earliest you can get, by the way, as a young company, by the end of this half. Yeah, so we have a never trust, always verify framework, and we do take it very seriously. Robert Dutt: And similar issue, but from a different point of view, many MSPs, especially those outside the US, care about where data lives or even is in transit, or are required by regulation to care about where data lives or is in transit, whether that’s in-country, region-specific, or even locked down to the level of on-prem. I guess, how are you guys thinking about data residency and deployment flexibility as you scale and as your customer base scales? Pinar Ormeci: Oh, yeah, 100%. So as part of the SOC 2 Type 2, we are GDPR compliant. We are California CCPA compliant. So from a data residency perspective, similarly, we use AWS because we’re a global cloud-native platform. So we have data centers in the US, but also in Europe, in Canada, in Australia. So based on need, we have no problems having data centers locally in the region the MSP resides. Robert Dutt: You touched on this a little bit earlier, but I think for a lot of MSPs who are changing something like a documentation system that’s core to the business, it feels like there’s a risk there. Even if you see potential benefits, there’s also the challenge of leaving familiar systems, even if they aren’t your favorite things in the world. Can you elaborate a little bit on how you guys approach migration and early adoption so that partners can evaluate Lexful and still keep the business running at the same time? You touched on kind of having that parallel migration path. How exactly does that look for an MSP? Pinar Ormeci: Oh, yeah. As an operational tool, you cannot disrupt the MSP operations. That’s fundamental. So that’s why we say migration without mayhem, and it’s actually one of our core features. The other thing is we are very API-first, meaning even the product that we built is built on APIs. Our front end and back end are decoupled. Everything we do is via APIs. We have a RESTful API already out there for the MSPs to utilize. And for the migration as well, we have an API that automates the migration from an existing tool into the Lexful schema. But while we do that, we also have the MSP continue to use their existing tool while we bring that knowledge into Lexful. And then in that two-week trial, the MSP can use both platforms at the same time, really make sure all that data is there. They can validate that everything is to their liking and all of that. And at the end of that trial, if they continue to move with Lexful, then they can let go of their existing tool. So yeah, migration is very important. And like I say, we automate the migration to the extent possible using the API. Of course, migration is not trivial in any tool, let alone a documentation tool, especially if the MSP has so much documentation. So we always suggest, do this after Friday. Your workday is over, or during the weekend. So just don’t do it Monday 9 AM, just in case, because it might take one hour, two hours or whatever. But having said that, hopefully the migration is the easiest part of switching to Lexful. Robert Dutt: You’re working with AWS. I think you’re thinking on sort of a global scale, and why wouldn’t you, since it’s all online, it’s all technology. But as you think about global expansion, and I’m going to be biased here and say Canada in particular since that’s where this audience lives, how are you thinking about global focus? And also, I’m curious, as you’re talking to MSPs, what differences do you see in how MSPs think about and approach documentation, compliance, AI across the various regions that you’re talking to partners in? Pinar Ormeci: I think Canadian MSPs are pretty amazing and very innovation-forward. They’re definitely thinking about AI, their clients. They’re not that different from the North American ones, obviously. So we have very mature MSPs in Canada. And I don’t see massive differences when it comes to Canadian MSPs versus American MSPs, honestly, because the level of maturity in both countries is similar. So from a distribution perspective, we want to go wherever the pain points exist today when it comes to knowledge and documentation. And that is literally everywhere, right, Robert? So we are a global player and we also want to make it easy for the MSPs to get access to Lexful. We are working with Sherweb, we are working with Pax8. So the hope is that we will be part of those marketplaces definitely within this year. So by the way, a lot of our developers are in Vancouver. So we have great ties to Canada. I’m actually flying on Sunday to Vancouver for some internal meetings next week. So from our perspective, everything we do, everything we envision, our vision, we are a global player. We want to be the de facto central intelligence layer the MSPs trust for years to come. Robert Dutt: And along those lines, kind of looking forward, for an MSP who comes on board early days, as you guys are launching, how do you hope their business looks different a year from now after they’ve fully realized what you guys are doing and what you guys will do with Lexful over the course of that year? Pinar Ormeci: Yeah, excellent question. So we are a paradigm shift. I really see us, remember those days, for people who are old enough, like we used to have no internet, man. Like we used to have encyclopedias and the books, and like, my background is in engineering, I’m an electrical engineer. If I didn’t know something, I had to go open a book and like, it was these weird times without the internet. And then suddenly there was the internet, where this collective information and you can search for anything and, you know, then Google and so on. So that’s the paradigm shift that we are trying to bring the MSPs into. Instead of manual keyword-based search, manual updates and so on, now you live in that knowledge. Knowledge is always up to date. You do in-context troubleshooting. The technicians, they can be in co-pilot, they can be in their PSA, they can be in their Teams and they can just ask Lex to get the right answer contextually. The next steps, and then whatever is new discovered in that discussion is automatically detected if there is a gap and then trickled down to the right SOP, right KB. So this is the paradigm shift that we are talking about, so that MSPs can focus on not the mundane, like, “Hey, we need to update this document,” try to incentivize technicians on actually what makes the money, what delights their customers. They can be so much more strategic with their clients because just imagine now all the insights you can bubble up utilizing an AI and LLM that knows all your clients, that knows all the trends, that knows all the compliance needs. It is just a different game. So we’re really trying to bring the MSPs into an AI-first world because otherwise people will get left behind, right? The old ways don’t scale. Robert Dutt: And finally, probably the most important question we’re going to ask today, and that’s good journalistic practice, right, to wait till the very end to ask the most important question. I do have to ask though, is it true that your AI is also your channel chief? And if so, how sure are you that Lex isn’t coming for your job? Pinar Ormeci: Yeah, so I was like, you know, if you’re an AI-native company, we need to have some teammates that are not just human, but humanoid, let’s say. So we have as our channel chief a humanoid robot that has an LLM, has an NVIDIA chip. We have trained him on all the right things. Although at Right of Boom, people told me, “Oh, we thought he was a female,” but so yeah, Lex is amazing. And he is very clumsy though, so I don’t know that he’s coming after our jobs that fast. But yeah, we’re living in some amazing times. It’s just really fascinating as a technical person myself who’s been in the tech industry for 20-plus years. It’s fascinating to be living in these times where everything is moving exponentially. And yeah, so we do have a channel chief that is not a human. And he is with us at all the events that we go to. You can come to our booth and say hello, and then you can converse with him as well, right? Ask him like, “Hey dude, what do you think the MSP’s pain points are? Is Lex doing a good job? Is Pinar a good boss?” So he’ll have an opinion for you. Robert Dutt: All right, so flesh-and-bone channel chiefs have been put on notice. They are in fact on the list of roles that can be replaced. But jokes aside, no matter how good Lex and his AI pals get, what’s kind of the one role in all of this that you think humans will always play no matter where the technology goes? Pinar Ormeci: I think the judgment layer, at least for the, let’s say, near term, right? I honestly don’t know, 20 years… the thing is moving so fast. I keep reading Anthropic’s CEO and it’s just, things are changing a lot. But in the near term, the human judgment is still paramount. Human in the loop is paramount. And with AI, you have to always trust, but verify. So at Lexful, we make it such that we give all the reasoning the AI is doing to reach that conclusion, all the links where it’s going. So we make sure that the hallucinations, if there are any, are minimized and the humans can verify everything. So the human in the loop is ultimately critical and they are the judgment factor. And especially in the MSP channel, relationships are key. One of the things I love about the MSPs and this ecosystem is the community aspect, people helping each other. Then there’s MSPs being like, “Hey, we’re all on the same team” attitude. So I don’t think you can replace that for small, medium businesses. Ultimately, the best we can be is human. We are not AI, we are not robots. Humans, we’ve evolved to be social animals and community is such an important part of the MSP ecosystem. I don’t think that’s going anywhere soon. So we are here, as we say at Lexful, not to replace expertise. We’re just here to expose it to more people so that the technicians can do more important jobs other than just wasting hours documenting or finding the right information. Robert Dutt: I appreciate your taking the time. Good luck on rolling out and evolving Lexful. It will be exciting to see where things go from here. Thank you very much. Pinar Ormeci: Thank you so much. Thanks for having me. There you have it, a look at how AI may change your documentation system and maybe even provide a new business platform for your managed services business in the long run, courtesy of Lexful’s Pinar Ormeci. I’d like to thank Pinar for joining us and thank you for listening. That wraps up this week on the podcast. We’ll be back on Monday with In Case You Missed It, our weekly roundup of channel news and trends that you need to know about. And next week and into the near future, we’ll be taking a look at why modern IT environments are increasingly hard to monitor and have a chat with our frequent guest, Tony Anscombe, about the security forces you need to know about. Between now and then, please do subscribe to or follow the podcast in your podcast app of choice. And if it allows you to do so, please consider leaving a review or rating for the show. Have a great weekend. I’m Robert Dutt for ChannelBuzz.ca and I’ll see you around the channel.

Hot Topic Topic: Report reveals phishing as top weapon against SA organisations – Tony Anscombe: Chief security evangelist, ESET

Back to school and back to work! Tech lifestyle expert Carley Knobloch joins us to share some great Fall tech pics for the entire familyShould teachers allow genAI in the classroom? Tony Anscombe, Chief Security Evangelist with ESET, says “yes” -- and explains whyLife-saving communications tech during natural disasters and other emergencies – we'll learn all about Verizon Frontline with its VP, Cory DavisI'll share some thoughts on the Apple AirPods Pro 3. In a word? Wow.Thank you to Visa and Sandisk for your support!

Dozens of online influencers are using their platform to spread financial literacy, which continues to have a growing impact on younger generations looking to get into investing, saving and making more money.And although cybercriminals have been around for decades, they're capitalizing on social media users with the help of artificial intelligence in the form of deep fakes or fraudulent advertisements to get your money and information. Host Mike Eppel speaks to Tony Anscombe, chief security evangelist at ESET to discuss the signs to look out for, and how to protect yourself and your wallet from being one of the millions of cybercrime victims. We love feedback at The Big Story, as well as suggestions for future episodes. You can find us:Through email at hello@thebigstorypodcast.ca Or @thebigstoryfpn on Twitter

Deepfake videos impersonating real doctors are being used to push fake medical advice. How big of a problem is this becoming? Tony Anscombe, chief Security Evangelist for cybersecurity company ESET, joins us.

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-409

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-409

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Show Notes: https://securityweekly.com/esw-409

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Show Notes: https://securityweekly.com/esw-409

Join Paco as he sits down with Cameron Tousey and Tony Anscombe to delve into the evolving landscape of cybersecurity. In this insightful interview, they discuss ESET's perspective on the latest trends and how Managed Service Providers (MSPs) can navigate these changes to better protect their clients. Don't miss out on expert advice and valuable insights that can help you stay ahead in the cybersecurity game! --------------------------------------------------- Connect with us! --------------------------------------------------- MSP Unplugged https://mspunplugged.com/ Paco Lebron from ProdigyTeks  Email: paco@mspunplugged.com Rick Smith from Renactus Technology  Email: rick@mspnplugged.com Corey L Kirkendoll from 5K Technical Services https://linkedin.com/in/coreykirkendoll/

Relebogile Mabotja speaks to Tony Anscombe the Chief Security Evangelist at ESET about South Africa being ranked the most targeted country in Africa for cybercrime, accounting for 40% of all ransomware attacks and nearly 35% of infostealer incidents on the continent.See omnystudio.com/listener for privacy information.

TECH FOCUS Topic: Why SA is the top cybercrime target Guest: Tony Anscombe, the Chief Security Evangelist at ESET

Podcast: Speakeasy SecurityEpisode: Unpublished - Trust in Technology - AI & Driverless CarsPub date: 2025-01-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe first episode of series 8 introduces a new co-host for this season, Kirsten Bay, Co-Founder and CEO of Cysurance. Kirsten and Tony discuss “Trust in Technology—AI and Driverless Cars”, starting off with the key question – ‘Would you take a ride in a driverless vehicle?'. Waymo driverless vehicles are a part of everyday life in some cities in the US and while early adopters may leap at the chance to ride, not everyone in society may share the same opinion. With technology integrating into every part of our personal and professional lives just how comfortable and trusting should we be with the new AI powered devices and services? Hear the viewpoint of your Speakeasy hosts.This podcast is for informational purposes only and is not intended to replace professional legal, financial or insurance advice. We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. The content and views expressed are those of the host and guests.The podcast and artwork embedded on this page are from Tony Anscombe, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Welcome to the CanadianSME Small Business Podcast! Today, we're diving into cybersecurity—a critical topic for small businesses navigating today's digital threats. We're joined by Tony Anscombe, Global Security Evangelist at ESET, who brings over 20 years of experience in cybersecurity, data protection, and privacy. Tony has been at the forefront of cybersecurity innovations, guiding businesses in securing their data and staying resilient in an increasingly complex digital landscape.Key Highlights:AI in Cybersecurity: Exploring the evolving role of AI in detecting and preventing threats.Ethical Concerns: Understanding the ethical considerations tied to AI use in cybersecurity.Practical Strategies: Actionable advice for small businesses to enhance their cybersecurity posture and protect against common threats.Tony, it's an honor to have you on the podcast. Thank you for joining us to discuss these critical topics that impact small and medium-sized businesses across Canada.A special thank you to our partners: RBC, UPS, Xero, Constant Contact, and IHG Hotels & Resorts, for their continued support in helping Canadian businesses thrive.And thanks to our sponsors for making this episode possible. For more resources, find their links below:RBC: https://www.rbcroyalbank.com/dms/business/accounts/beyond-banking/index.htmlUPS: https://solutions.ups.com/ca-beunstoppable.html?WT.mc_id=BUSMEWAConstant Contact: https://www.constantcontact.com/landing1/new-marketer?utm_campaign=canadiansme&utm_medium=sponsorlogo&utm_source=brandIHG Hotels and Resorts: https://businessedge.ihg.com/s/registration?language=en_US&CanSMEGoogle: https://www.google.ca/For more expert insights, subscribe to the CanadianSME Small Business Magazine at www.canadiansme.ca. Join us next time as we continue to bring you strategies for business success.

Chief Security Evangelist at ESET, Tony Anscombe on whether its ok to fear AI, the role cybersecurity plays in making sure that AI doesn't get out of control and on the role movies like The Terminator plays in our perception of Artificial Intelligence.See omnystudio.com/listener for privacy information.

ESET's Tony Anscombe joins us on the podcast to discuss the role of VPNs in your clients' remote access and cybersecurity approaches, including what solution providers need to know about different classes of virtual private networks, and how to find new VPN opportunities.

A software update for Microsoft Windows operating systems issued by the cybersecurity firm CrowdStrike was the root cause of the recent global tech outage that hit many parts of the world. The incident, which affected 8.5 million Microsoft Windows devices, led to widespread disruptions of airlines, banks, broadcasters, healthcare providers, retail payment terminals and cash machines globally, with the cost of the outage estimated to top $1 billion. On this episode of Morning Shot, Tony Anscombe, Chief Security Evangelist at ESET - a cybersecurity software company shares his insights on the scale of impact of the outage and mitigation strategies for future instances. Presented by: Audrey Siek Produced & Edited by: Yeo Kai Ting (ykaiting@sph.com.sg)Photo credits: Bing Guan/ReutersSee omnystudio.com/listener for privacy information.

‌Scammers are looking to ruin your summer vacation. Travel scams are up between a whopping 500 and 900 percent! So, what do you need to know to avoid being taken advantage of on your next vacation? We get the insight of Tony Anscombe, Chief Security Evangelist with cybersecurity company ESET. Are you in the market for a new vehicle? Well, according to the latest data from the Canadian Black Book, new car prices are starting to drop. So, has supply finally caught up with demand? We discuss with Daniel Ross, Senior Manager of Industry Insights & Residual Value Strategy with “Canadian Black Book”.   Finally, “It's in you to give”, but not enough people are rolling up their sleeves to donate blood. We catch up with Jhoanna DelRosario from Canadian Blood Services for details on the current need for donations and how Canadian Blood Services is making it easier than ever to donate blood in Calgary.

Introducing our series of podcasts unpacking cyber insurance and its significant relevance to companies in this digital era. Peter Warren, an award-winning investigative journalist, writer, and broadcaster chats to Tony Anscombe, ESET's Chief Security Evangelist with over 20 years of international leadership experience in business development, partnerships, and as a company spokesperson.This podcast is for informational purposes only and is not intended to replace professional legal, financial or insurance advice. We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. The content and views expressed are those of the host and guests.

Tom Bodrovics welcomes Tony Anscombe, ESET Chief Security Evangelist, to discuss cybersecurity in the mining sector. With over three decades in IT and cybersecurity, Anscombe stresses that security fundamentals remain crucial despite technological advancements. He highlights vulnerabilities from remote locations, outdated technology, third parties, and activists/nation states. Mining companies face significant risks, including potential for fatalities and financial losses. A comprehensive cybersecurity framework is necessary, along with advanced technologies like EDR systems. The financial cost of cyber attacks can reach $14 trillion by 2027, affecting industries, including mining. Companies must prioritize cybersecurity and involve third parties to adhere to security policies. Anscombe also touches on the ethical implications and potential international collaboration in AI development. Time Stamp References:0:00 - Introduction0:30 - Tony's Background2:03 - Industrial Security6:47 - Potential Risks10:37 - Attack Vectors12:32 - 3rd Party Liability14:30 - AI & Cyber Security17:30 - Practical Solutions19:50 - Capable People20:58 - Global Impacts & Costs24:16 - Reporting & Regulations27:02 - Technical Glitches?30:04 - AI Risks & Benefits33:57 - Restricting AI?36:19 - Wrap Up Talking Points From This Episode Mining companies face significant cybersecurity risks due to remote locations, outdated technology, third parties, and activists/nation states. A comprehensive cybersecurity framework and advanced technologies like EDR systems are necessary to mitigate mining sector risks. The financial cost of cyber attacks can exceed $14 trillion by 2027, emphasizing the importance of prioritizing cybersecurity for all industries. Guest Linkshttps://www.welivesecurity.com/en/https://twitter.com/TonyAtESET Tony Anscombe is Chief Security Evangelist for ESET. With over 20 years of security industry experience, Anscombe is an established author, blogger and speaker on the current threat landscape, security technologies and products, data protection, privacy and trust, and Internet safety. His speaking portfolio includes industry conferences RSA, Black Hat, VB, CTIA, MEF, Gartner Risk and Security Summit and the Child Internet Safety Summit (CIS). He is regularly quoted in cybersecurity, technology and business media, including BBC, Dark Reading, the Guardian, the New York Times and USA Today, with broadcast appearances on Bloomberg, BBC, CTV, KRON and CBS. Anscombe is a current board member of the NCSA and FOSI. Tony is based in the USA and represents ESET globally.

Michael chats with Tony Anscombe, Chief Security Evangelist at ESET. In this episode, Michael and Tony discuss the motivation behind and nature of healthcare cyber attacks, the pros and cons of using AI in healthcare, protection in light of the prevalence of telehealth, the importance of threat intelligence and human expertise in preventing cyber attacks, and much more. This episode is sponsored by ESET, eset.com/us.   Visit with ESET at booth #1601 at HIMSS, March 11–15, in Orlando.   The views in this podcast do not necessarily reflect those of our sponsors.

While in Seattle, I sit down with David Carbon, VP and GM of Prime Air at Amazon, to talk all about its latest delivery drones already operational in parts of California and TexasIn partnership with LG, entrepreneur and content creator Tess Barclay talks about the importance of thin and light laptops for workers on the go – including the LG gram familyESET's Tony Anscombe gives us helpful tips to fighting back against car theftsThank you to Visa, Slickdeals, and Western Digital for being such awesome partners on Tech It Out

Recently a group of teenage hackers managed to breach some of the world's biggest tech firms last year by exploiting systemic security weaknesses in US telecom carriers and the business supply chain, in what is a cautionary tale for America's critical infrastructure. Also, researchers from the cybersecurity firm ESET have uncovered a cyber plot targeting foreign embassies in Belarus. The company says at least four countries have been targeted by a cyber espionage group, using advanced techniques. Joining the show to discuss is Tony Anscombe, ESET's chief security evangelist. To learn more about how CNN protects listener privacy, visit cnn.com/privacy

We start off with T-Mobile's Steve Carlson, on how many robocalls and scam attempts were caught last year, with the free Scam Shield app. It's an insane number.• Speaking of criminals, ESET's Tony Anscombe stops by to talk about why car thefts are up across the country, and the 5 things you can do to fight back (both high- and low-tech solutions).• Western Digital is in the house! I interview Nitin Kachhwaha about the latest WD My Book external hard drives – which now go all the way up to 22 terabytes (22TB) of capacity, wow.• I also talk about Visa's multibillion dollar anti-fraud efforts, ASUS laptops and accessories, and more.

0:30 | Alberta Justice says there's no record of electronic communication between Alberta Premier Danielle Smith's office and prosecutors, in the context of charges stemming from the Coutts border crossing blockade. This contradicts what the premier herself told Rebel Media in December. Ryan opens the show with the latest developments in this story, including Real Talkers' comments via Twitter and email. BE IN TOUCH: talk@ryanjespersen.com  20:26 | Rick Peterson is a money guy. The former Conservative Party of Canada leadership candidate and co-founder of Centre Ice Canadians says all politics aside, it's a bad idea for Alberta to establish its own pension plan. Rick explains why, including some key differences between the Canada Pension Plan and the Alberta Investment Management Corporation (AIMCO).  READ RICK'S ARGUMENT RE: PENSION PLANS: https://www.nationalnewswatch.com/2023/01/19/the-biggest-kid-on-the-block/#.Y8mr8j3MKUk CHECK OUT CENTRE ICE CANADIANS: https://www.centreicecanadians.ca/ 44:10 | Have you ever found a hidden camera in a hotel room, Airbnb or VRBO? More than one in ten people surveyed say they have. Now that's creepy. "Security evangelist" Tony Anscombe tells us what he does when he checks into a new place, and teaches us how to do a quick sweep of a property. He's also got great insight into Apple AirTags and other devices that can be used for good or evil.  CHECK OUT TONY'S TEAM'S BLOG ON HIDDEN CAMERAS: https://www.welivesecurity.com/2022/11/01/spy-who-rented-to-me-hidden-cameras-airbnbs/ CHECK OUT THE HIDDEN CAMERA SURVEY RESULTS: https://www.ipx1031.com/airbnb-guests-trust-hosts/ 1:00:20 | Most of us know we should leave service dogs alone while they're working. But would you know what to do if a service dog approached you, requiring assistance? NAIT students Michelle Gariepy, Brandon Lindsay, and Roseveer Salh developed Lassie 2.0, which could be a game changer. Find out why the innovation was nominated for the 2022 Capstone Project of the Year in this week's edition of The Leading Edge presented by our friends at Leading Edge Physiotherapy!  LIFE SHOULDN'T HURT: https://leadingedgephysio.com/ CHECK OUT DOGS WITH WINGS: https://dogswithwings.ca/ THE REAL TALK POND HOCKEY CLASSIC IS SATURDAY, FEBRUARY 4!  REGISTER TO PLAY, VOLUNTEER, OR SPONSOR: https://ryanjespersen.com/pond-hockey WEBSITE: https://ryanjespersen.com/ TWITTER: https://twitter.com/RealTalkRJ INSTAGRAM: https://www.instagram.com/RealTalkRJ/ TIKTOK: https://www.tiktok.com/@realtalkrj PATREON: https://www.patreon.com/ryanjespersen THANK YOU FOR SUPPORTING OUR SPONSORS! https://ryanjespersen.com/sponsors The views and opinions expressed in this show are those of the host and guests and do not necessarily reflect the position of Relay Communications Group Inc. or any affiliates.

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   Joining RIMScast today is Josephine Wolff to provide a 2023 outlook on cybersecurity and insurance!   Josephine Wolff is an associate professor of cybersecurity policy at The Fletcher School at Tufts University. Her newest book, Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks, came out just this last August and examines the development of cyberinsurance and addresses what governments can do to make it a more effective tool for cyber risk management. Josephine will also be a panelist on RIMS's January 24th, 2023 webinar, “What to Expect from Cyber Insurance in 2023 and Beyond,” linked below under Upcoming Webinars.   In this interview, Josephine shares what risk professionals need to rethink or reevaluate in 2023, the top three cybersecurity issues that will have the largest impact on organizational leaders in 2023, her advice regarding cyber and ransomware attacks, and more.   Key Takeaways: [:01] About the RIMS Membership. [:14] Registration for RISKWORLD 2023 is now open! [:34] About RIMScast. [:45] About today's episode. [1:00] All about upcoming RIMS webinars, workshops, events, and more! [2:18] All about today's episode with Josephine Wolff. [2:55] Justin Smulison welcomes Josephine to the podcast! [3:07] Josephine shares her career history and what led her to pursue cybersecurity. [5:17] Is it inevitable that we will all become victims of a cyber or ransomware attack at some point in our lives? [6:57] Josephine shares her experiences with risk managers and professionals over the years. [9:00] Top three cybersecurity issues that will have the largest impact on organizational leaders in 2023. [12:22] As an instructor that teaches on the subject of cybersecurity, what is on the minds of Josephine's students currently? [16:05] RIMS plug time! All about upcoming RIMS virtual workshops. [18:00] What risk professionals need to rethink or reevaluate in 2023. [20:32] RIMS and several other organizations want the federal government in the U.S. to have a centralized framework to help prepare for and navigate the aftermath of major cyber attacks. How beneficial does Josephine feel this would be on a grand scale? [23:42] Josephine gives a preview of the upcoming Telos webinar she will be joining RIMS for on January 24th, 2023. [26:01] Josephine's thoughts on whether the CIO is a new best friend for the risk manager. [28:40] Are any of Josephine's students on the path to becoming CIOs? [29:25] Justin thanks Josephine Wolff for joining the podcast and shares some links to check in today's show notes.   Mentioned in this Episode: RISKWORLD 2023 — April 30‒May 3 in Atlanta, Georgia! Public registration is now open! RIMS Virtual Workshops in 2023 — a Brief Dialogue with Instructor Elise Farnham Contribute to Risk Management Magazine Prepare for the RIMS-CRMP Certification exam with RIMS and St. John's University from January 24‒25th. Learn about the five core competencies of a risk professional and enhance your risk management skills. Register now! RIMS Events, Education, and Services: RIMS Risk Maturity Model® RIMS Events App Apple | Google Play NEW FOR MEMBERS! RIMS Mobile App RIMS Buyers Guide Dan Kugler Risk Manager on Campus Grant Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information. Related RIMScast Episodes: “2022: The Year in Risk (Part 1)” “Cybersecurity and Data Privacy with Fred Karlinsky & Travis Wong” (2022) “CERT-In Cyber Details to Know with Jyoti Krishnan” “2022 Midyear Risk Review with RIMS Publications Director Morgan O' Rourke” “Getting to Know Jackware with Dan Healy of Anderson Kill” “Cloud Security Risks with Google's Monica Shokrai” “Roadway Risks: AI, Autonomous Vehicles, & Automated Driving” “Ransomware Risks and ‘Responding Gracefully' with Masha Sedova” “Cyber Breach Responses with Kate Fazzini, Flore Albo CEO” “The World of Cybersecurity with NCSA's Kelvin Coleman” “Cybersecurity Frameworks with NIST Fellow, Ron Ross” “Cyber Risk News & Trends with Tony Anscombe, Part 2” More RIMS Resources on Cybersecurity and Cyber Insurance: RIMS Letter to Federal Insurance Office Supports the Development of a Cyber Insurance Backstop From Risk Management Magazine: “Can Cyber Insurance Recovery from a Third Party Satisfy a Self-Insured Retention?” by Joshua Gold” “Insurance Coverage For Jackware Attacks,” by Daniel J. Healy & Robert M. Horkovich “Preparing for New U.S. Data Privacy Laws,” by Ben Richmond “4 Principles to Improve Your Data Privacy Program,” by Ray Pathak Upcoming Webinars: “What to Expect from Cyber Insurance in 2023 and Beyond” | Sponsored by Telos | Jan. 24, 2023 “Demystifying Business Continuity for Risk Managers” | Sponsored by Riskonnect | Feb. 16, 2023 Virtual Workshops: Captives as an Alternate Risk Financing Technique | January 18‒19 | 10:00 am‒5:00 pm ET Registration closes Jan. 17 Fundamentals of Insurance | January 25‒26, 2023 | 9:00 am‒4:30 pm ET Registration closes Jan. 24 Fundamentals of Risk Management | February 14‒15, 2023 | 9:00 am‒3:00 pm ET Registration Closes Feb. 13 See the full calendar of RIMS Virtual Workshops Sponsored RIMScast Episodes: “Using M&A Insurance: The How and Why” | Sponsored by Prudent Insurance Brokers Ltd. (NEW!) “Zurich's Construction Sustainability Outlook for 2023” “Aon's 2022 Atlantic Hurricane Season Overview” “ESG Through the Risk Lens” | Sponsored by Riskonnect “A Look at the Cyber Insurance Market” | Sponsored by AXA XL “How to Reduce Lithium-Ion Battery Fire Risks” | Sponsored by TÜV SÜD “Managing Global Geopolitical Risk in 2022 and Beyond” | Sponsored by AXA XL “Keeping Subcontractors Safe Through Partner Elevation” | Sponsored by Highwire “ESG: A Responsibility and a Growing Megatrend” | Sponsored by Prudent Insurance Brokers Ltd. “Prioritizing People: Focusing on Your Team to Deliver Exceptional Quality and Service to Your Clients” | Sponsored by Gallagher Bassett “Bermuda Opportunities in 2022 with BDA Chair Stephen Weinstein” | Sponsored by Bermuda Business Development Agency “SyncR: A Tool to Enhance Your Risk Quality & Insurance Strategy” | Sponsored by Prudent Insurance Brokers Ltd. “RIMScast: Navigating the Risk Landscape in 2022” | Sponsored by AXA XL “RIMScast: Prioritizing People: Expertise and Innovation” | Sponsored by Gallagher Bassett “RIMScast: Risk Findings for the Industrial & Manufacturing Industry” | Sponsored by Aon “RIMScast: Establishing the Right Assurance to Request From Business Partners” | Sponsored by HITRUST “RIMScast: Aon's 2021 Retail Industry Overview” | Sponsored by Aon “RIMScast: A Legacy of Resilience” | Sponsored by J.B. Boda Group “The Golden Era of Insurance” | Sponsored by The Hartford “Insurance Investigation Trends Happening Now” | Sponsored by Travelers “What Could a CRO Do for Your Business?” | Sponsored by Riskonnect “Hard Reality: A Look at Rising Rates in Property & Excess Casualty” | Sponsored by AXA XL “Property Valuation Deep Dive” | Sponsored by TÜV SÜD “Property Loss Control Engineering” | Sponsored by Prudent Insurance Brokers RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops Upcoming RIMS — Virtual Workshops RIMS Webinars On-Demand Webinars RIMS Advisory Services — Ask a Peer Risk Management Magazine Risk Management Monitor RIMS Risk Leaders Series RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — New interview featuring Merline Barrington of the Port Authority of NY & NJ! Spencer Educational Foundation RIMS DEI Council RIMS Path to the Boardroom   Want to Learn More? Keep up with the podcast on RIMS.org and listen on iTunes. Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   Follow up with Our Guests: Josephine Wolff's Profile Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks, by Josephine Wolff   Tweetables (For Social Media Use):   “I think one of the things that risk managers struggled with for a while now … is really trying to lock down: How do we understand what is a reasonable amount of risk to accept? When it is so hard to quantify.” — Josephine Wolff   “I think another [cybersecurity issue] that we're going to see [that's] somewhat linked to the ransomware trend … is this question of state-sponsored cyberattacks.” — Josephine Wolff   “I do think there's value in thinking through, in more detail, what a federal backstop for cyber attacks would look like. That's something insurers have been asking for, for a while.” — Josephine Wolff   “The cyber insurance policies you can buy today look very different from the ones that you could buy 10‒15, 20 years ago. Part of how that fits in data privacy is understanding how breaches of personal information really drive this market from the beginning.” — Josephine Wolff  

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In anticipation of Data Privacy week (January 25th‒28th, 2023), Justin Smulison is joined by Fred E. Karlinsky and Travis Wong to discuss all things cybersecurity and data privacy.   Joining in the first half of the podcast is Fred E. Karlinsky, a shareholder and Co-Chair of the Insurance Regulatory & Transactions Practice at the Florida law firm, Greenberg Traurig. Fred is also a member of the RIMS External Affairs Committee and will be one of the panelists joining the RIMS External Affairs webinar on January 5th titled, “How Cyber Insurance is Shaping the Insurance Industry.” In his conversation with Justin Smulison, he provides an overview of the webinar and discusses how cyber and risk management trends are overlapping this year and in 2023.   Travis Wong, the VP of Risk Engineering and Security Services at Resilience Insurance, joins the podcast in the second half to offer a deeper perspective on data privacy topics against the backdrop of current events. He lends his expertise on cyber security trends, the FTX collapse, and organizations that are at risk for data breaches, and shares his advice on what organizations can do to better protect their remote employees.   Key Takeaways: [:01] About the RIMS Membership. [:14] Registration for RISKWORLD 2023 is now open! [:33] About RIMScast. [:50] About today's episode! [1:00] All about upcoming RIMS webinars, workshops, events, and more! [1:53] About “RIMS Letter to Federal Insurance Office Supports the Development of a Cyber Insurance Backstop.” [2:27] Justin introduces today's first guest, Fred E. Karlinsky. [3:11] Justin welcomes Fred to the podcast. [3:36] What can risk managers learn from the FTX collapse? [4:50] What “RIMS Letter to Federal Insurance Office Supports the Development of a Cyber Insurance Backstop” details and why it is important. [6:15] Fred shares some updates from the RIMS External Affairs Committee. [8:03] What to expect from RIMS External Affairs' upcoming webinar, “How Cyber Insurance is Shaping the Insurance Industry.” [10:27] Justin thanks Fred for joining the podcast! [11:15] RIMS Plug time! All about upcoming workshops and webinars. [12:10] One Hot Minute with Scott Fenstermaker to discuss the upcoming webinar: “Royal Caribbean Group Creatively Uses RMIS to Boost Wellness.” [14:31] Justin introduces and welcomes Travis Wong to the podcast! [15:19] About Travis' career and his role as VP of Risk Engineering and Security Services. [15:48] Trends in cyber security and privacy breaches that Travis has witnessed in 2021‒22. [17:11] The industries that threat actors mainly target. [18:34] Has the FTX collapse changed the way that threat actors view crypto? [19:50] How did public or private organizations demonstrate cyber resiliency in 2022? [22:04] How can businesses ensure that they have formal and efficient processes in place to comply with CCPA and GDPR transparency requests? [24:40] Travis' tips and advice for organizations on protecting remote employees. [28:08] Justin thanks his guests for joining the podcast and shares some links to check in today's show notes.   Mentioned in this Episode: RIMS Letter to Federal Insurance Office Supports the Development of a Cyber Insurance Backstop From Risk Management Magazine: “Insurance Coverage For Jackware Attacks,” by Daniel J. Healy & Robert M. Horkovich “Preparing for New U.S. Data Privacy Laws,” by Ben Richmond “4 Principles to Improve Your Data Privacy Program,” by Ray Pathak RIMS Events, Education, and Services: RISKWORLD 2023 — April 30‒May 3 in Atlanta, Georgia! Member registration is now open! RIMS Risk Maturity Model RIMS Events App Apple | Google Play NEW FOR MEMBERS! RIMS Mobile App RIMS Buyers Guide Contribute to RIMS Risk Management magazine Dan Kugler Risk Manager on Campus Grant Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information. Upcoming Webinars: “Protect Against Machinery Breakdown and Supply Chain Delays” | Sponsored by TÜV SÜD GRC | Dec. 8, 2022 “Royal Caribbean Group Creatively Uses RMIS to Boost Wellness” | Sponsored by Riskonnect | Dec. 13, 2022 RIMS External Affairs Presents: “How Cyber Insurance is Shaping the Insurance Industry” | Jan. 5, 2023 “Recertification: Keep Your RIMS-CRMP Active” | Complimentary to All | Jan. 9, 2023 “What to Expect from Cyber Insurance in 2023 and Beyond” | Sponsored by Telos | Jan. 24, 2023 Virtual Workshops: “Contractual Risk Transfer” — Dec. 7‒8 | 9:30 am‒3:30 pm EST | Registration Closes Dec. 6th — Register Now! “Managing Cognitive Bias Risk” — Dec. 7‒8 | 9:30 am‒3:30 pm EST | Registration Closes Dec 6th — SAVE $100! Use Code: MCBR100 See the full calendar of RIMS Virtual Workshops Related RIMScast Episodes: “RIMS Advocacy — See You In September” (2022) “CERT-In Cyber Details to Know with Jyoti Krishnan” “2022 Midyear Risk Review with RIMS Publications Director Morgan O' Rourke” “Getting to Know Jackware with Dan Healy of Anderson Kill” “Cloud Security Risks with Google's Monica Shokrai” “Roadway Risks: AI, Autonomous Vehicles, & Automated Driving” “Ransomware Risks and ‘Responding Gracefully' with Masha Sedova” “Cyber Breach Responses with Kate Fazzini, Flore Albo CEO” “The World of Cybersecurity with NCSA's Kelvin Coleman” “Cybersecurity Frameworks with NIST Fellow, Ron Ross” “Cyber Risk News & Trends with Tony Anscombe” “Cyber Risk News & Trends with Tony Anscombe, Part 2” “Cybersecurity in a COVID-19 World with Luke Wilson” “Cybersecurity Tips for Small Businesses with Daniel Eliot” “Cybersecurity with Christopher Loeber” “The State of Cybersecurity and 5G Technology with Jason Ruger, Ruby Zefo, and Chris Novak” Sponsored RIMScast Episodes: “Zurich's Construction Sustainability Outlook for 2023” (New) “Aon's 2022 Atlantic Hurricane Season Overview” “ESG Through the Risk Lens” | Sponsored by Riskonnect “A Look at the Cyber Insurance Market” | Sponsored by AXA XL “How to Reduce Lithium-Ion Battery Fire Risks” | Sponsored by TÜV SÜD “Managing Global Geopolitical Risk in 2022 and Beyond” | Sponsored by AXA XL “Keeping Subcontractors Safe Through Partner Elevation” | Sponsored by Highwire “ESG: A Responsibility and a Growing Megatrend” | Sponsored by Prudent Insurance Brokers Ltd. “Prioritizing People: Focusing on Your Team to Deliver Exceptional Quality and Service to Your Clients” | Sponsored by Gallagher Bassett “Bermuda Opportunities in 2022 with BDA Chair Stephen Weinstein” | Sponsored by Bermuda Business Development Agency “SyncR: A Tool to Enhance Your Risk Quality & Insurance Strategy” | Sponsored by Prudent Insurance Brokers Ltd. “RIMScast: Navigating the Risk Landscape in 2022” | Sponsored by AXA XL “RIMScast: Prioritizing People: Expertise and Innovation” | Sponsored by Gallagher Bassett “RIMScast: Risk Findings for the Industrial & Manufacturing Industry” | Sponsored by Aon “RIMScast: Establishing the Right Assurance to Request From Business Partners” | Sponsored by HITRUST “RIMScast: Aon's 2021 Retail Industry Overview” | Sponsored by Aon “RIMScast: A Legacy of Resilience” | Sponsored by J.B. Boda Group “The Golden Era of Insurance” | Sponsored by The Hartford “Insurance Investigation Trends Happening Now” | Sponsored by Travelers “What Could a CRO Do for Your Business?” | Sponsored by Riskonnect “Hard Reality: A Look at Rising Rates in Property & Excess Casualty” | Sponsored by AXA XL “Property Valuation Deep Dive” | Sponsored by TÜV SÜD “Property Loss Control Engineering” | Sponsored by Prudent Insurance Brokers RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops Upcoming RIMS — Virtual WorkshopsIMS Webinars On-Demand Webinars RIMS Advisory Services — Ask a Peer Risk Management Magazine Risk Management Monitor RIMS Risk Leaders Series RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — New interview featuring RIMS-CRMP Chairman Ward Ching! Spencer Educational Foundation RIMS DEI Council RIMS Path to the Boardroom   Want to Learn More? Keep up with the podcast on RIMS.org and listen on iTunes. Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   Follow up with Our Guests: Fred E. Karlinsky's LinkedIn Scott Fenstermaker's Website Travis Wong's LinkedIn Resilience Insurance   Tweetables (For Social Media Use):   “At the end of the day, the fundamentals stay the same. You need to prepare. If you fail to prepare, prepare to fail.” — Fred E. Karlinsky   “What I think is going on in the world we live in today when we think about risks [is that] cyber risks are probably the ones that are the most prevalent. They affect all of us.”  — Fred E. Karlinsky   “I would say … over the last year or so, government entities and technology companies in particular [are targets for cyberattacks]. Those companies with a lot of PII or Personally Identifiable Information … have been significantly hit.” — Travis Wong   “The first thing I would tell clients is: ‘Please understand what you have.' You need to inventory your data; you need to manage it. You can't protect what you don't know exists. You can't provide transparency to consumers if you don't know you have it somewhere.” — Travis Wong   “Ensure you have a solid foundation. Know where your key data is, know who has access to it, and know what type of data that actually is. Inventorying it is one thing, classifying it is something else.” — Travis Wong  

 In this ISACA Podcast episode, ESET's Chief Security Evangelist, Tony Anscombe, joins ISACA's Principal, Emerging Technology Professional Practices, Collin Beder to discuss ESET's recently released T2 2022 Threat Report. As a global leader in cybersecurity, ESET's T2 2022 Threat Report summarizes the most notable trends that have shaped the threat landscape for the past four months. This report dives into CloudMensis, the previously unknown macOS malware discovered by ESET researchers. To read the full ESET report: https://www.welivesecurity.com/wpcontent/uploads/2022/10/eset_threat_report_t22022.pdf. For more information, check out ESET's award-winning blog: WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research. To listen to more ISACA Podcasts, please visit www.isaca.org/podcasts.

00:00 - Quebecers casted their votes after a five-week election campaign dominated by divisive issues. Guest: Dan Spector, Global News Montreal Reporter 06:24 - There are some new, yet old, fees coming to your credit card purchases. Guest: Raji Sohal, CKNW Contributor 12:48 - A new report into repeat offenders and random stranger violence in B.C. shows the need for greater accountability. Guest: Wally Oppal, Former BC Attorney General 22:14 - Since employees have started working remotely, more and more companies are at a greater risk for data breaches. Guest: Raji Sohal, CKNW Contributor interviewed Tony Anscombe, Chief Security Evangelist at ESET. 27:18 - B.C. nurses say they're overwhelmed by the current workload and are seeking a lifeline. Guest: Aman Grewal, President of the BC Nurses Union 35:28 - The B.C. government is expected to table a new deal for family doctors in October, promising a better compensation model to address rising business costs Guest: Dr. Rita McCracken, assistant professor in family medicine at the University of British Columbia. 44:52 - Children and Youth in Canada have received an F, when it comes to exercise and physical activity. Guest: Dr. Nicholas Kuzik, Research Fellow, CHEO.

ESET, a global leader in cybersecurity, has released its T1 2022 Threat Report, which summarizes the most notable trends that shaped the threat landscape from January to April 2022. Join ISACA's Research Advisor, Brian Fletcher, as he breaks down the ESET T1 2022 Threat Report with Chief Security Evangelist for ESET, Tony Anscombe. For more information, check out ESET's award-winning blog: WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research. Be sure to like, comment, and subscribe for more ISACA Productions content.

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   The RIMS mission is to educate, engage, and advocate for the global risk community. In alignment with said mission, the annual Florida RIMS Educational Conference is coming back once again! With an incredible agenda and many familiar faces in attendance, this 2022 conference, held July 26th‒30th in Naples, Florida, is jampacked with fantastic sessions, fun after-hours events, and great accommodations.   Joining Justin today to share more about the upcoming conference, is long-time conference chair and Audio/Visual Coordinator, Jason Lynch! Jason shares about the focused events that attendees can look forward to, the special guest speakers that will be in attendance, and more!   In the second half of the podcast, Justin is joined by Dan Healy, a partner at the Anderson Kill law firm in the D.C. office. Dan is currently the co-chair of Anderson Kill's Cyber Insurance Recovery Group, as well as a member of the firm's Blockchain & Virtual Currency and Regulated Products groups. He has also co-authored many articles for RIMS Risk Management Magazine and is leading several sessions at the RIMS Florida Educational Conference!   In their conversation, Dan and Justin take a deep dive into Jackware; how it is different from ransomware, why it is an emerging risk that we all need to be aware of, where it emerged from, and how it works. Be sure to tune in to learn everything you need to know about this new, emerging cyber risk!   Key Takeaways: [:01] About the RIMS Membership. [:14] About RIMScast. [:26] About today's episode with special guests, Jason Lynch and Dan Healy. [:40] RIMscast sends their deepest sympathies to the friends and family of Jack Hampton. [1:09] Upcoming RIMS webinars and workshops. [1:38] About the upcoming RIMS Canada Conference in Halifax. [2:01] Justin welcomes Jason Lynch to RIMScast to share about the 2022 RIMS Florida Educational Conference. [2:36] How long Jason has been attending the RIMS Florida Conference? [3:12] Is the RIMS Florida Conference members-only or open to anybody? [3:53] A key highlight for the upcoming event: Florida's Insurance Commissioner, David Altmaier, will be keynoting on July 27th. [4:43] Is Jason overseeing the education sessions on the agenda? [5:37] The benefit of “focused” events, especially with the backdrop of COVID-19. [6:39] RIMS new CEO, Gary LaBranche will be making one of his first public appearances at the RIMS Florida Conference. [7:34] Exciting after-hours events that coincide with the RIMS Florida Conference! [9:35] Where to register for the conference and learn more about it online. [10:17] Justin thanks Jason for joining the podcast and shares the save-the-date for the 2023 RIMS Florida Educational Conference. [10:35] RIMS plug time! All about upcoming RIMS events, conferences, virtual workshops, and more! [13:12] About today's conversation with Dan Healy. [14:05] Justin welcomes Dan Healy to RIMScast! [14:33] What you need to know about Jackware; understanding the basics. [16:09] As a sub-set of ransomware, should we be paying more attention to it over other areas of cybersecurity? [17:23] Why Jackware is an emerging risk that we all need to be aware of. [18:18] Where the hackers are coming from and the origin of Jackware. [20:08] Why might Jackware attacks implicate a wider range of insurance policies than ransomware attacks? [23:35] More information about the risks of Jackware and how it works. [24:50] About Dan's live, in-person workshops on the 30th and the 31st at the 2022 RIMS Florida Conference. [27:11] Justin thanks Dan for joining RIMScast and Dan shares some final parting words of advice for risk professionals. [27:51] Justin thanks Dan Healy once again for joining the podcast and shares some of the links to check in today's show notes.   Mentioned in this Episode: Florida.RIMS.org RIMS Events, Education, and Services: Risk Management Magazine Article, co-authored by today's guest, Dan Healy of Anderson Kill: “Insurance Coverage For Jackware Attacks” NEW FOR MEMBERS! RIMS Mobile App RIMS Canada 2022 — Turning Tides — Sept. 11th‒14th in Halifax! RIMS Advocacy — Legislative Summit Returns on September 20th! Spencer Educational Foundation | Annual Gala Returns Sept. 22, 2022 RIMS ERM Conference 2022: Call For Session Proposals — Due June 22! RIMS Buyers Guide RISKWORLD registrants can still access educational sessions on-demand through the RISKWORLD app and through desktop here. Dan Kugler Risk Manager on Campus Grant RIMS Announces Gary LaBranche as New CEO Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information. In-Person Events: The 2022 Florida RIMS Educational Conference | Naples, FL | July 26‒July 30 Create a Contract that Effectively Transfers Risk | Naples, FL | July 30‒31 (Save $200 at checkout with code LEARNFL22 if you are also attending the Florida Educational Conference!) Virtual Workshops:  “Managing Worker Compensation, Employer's Liability and Employment Practices in the U.S.” — June 22‒23 | 10 a.m.‒5:30 p.m. EST “Captives as an Alternate Risk Financing Technique” — July 13‒14 “Fundamentals of Risk Management” — Aug 10‒11 Webinars: June 28, 2022 | “Your Greatest Asset: Smart Risk Management in the Age of Workforce Transformation” | Sponsored by Travelers June 30, 2022 | “What Really Happens When You Negotiate with a Hacker?” | Sponsored by Gallagher Core Insights 360 Sponsored RIMScast Episodes: “How to Reduce Lithium-Ion Battery Fire Risks” | Sponsored by TÜV SÜD (NEW) “Managing Global Geopolitical Risk in 2022 and Beyond” | Sponsored by AXA XL “Keeping Subcontractors Safe Through Partner Elevation” | Sponsored by Highwire “ESG: A Responsibility and a Growing Megatrend” | Sponsored by Prudent Insurance Brokers Ltd. “Focusing on Your Team to Deliver Exceptional Quality and Service to Your Clients” | Sponsored by Gallagher Bassett “Bermuda Opportunities in 2022 with BDA Chair Stephen Weinstein” | Sponsored by Bermuda Business Development Agency “SyncR: A Tool to Enhance Your Risk Quality & Insurance Strategy” | Sponsored by Prudent Insurance Brokers Ltd. “Navigating the Risk Landscape in 2022” | Sponsored by AXA XL “Prioritizing People: Expertise and Innovation” | Sponsored by Gallagher Bassett “Risk Findings for the Industrial & Manufacturing Industry” | Sponsored by Aon “Establishing the Right Assurance to Request From Business Partners” | Sponsored by HITRUST “Aon's 2021 Retail Industry Overview” | Sponsored by Aon “A Legacy of Resilience” | Sponsored by J.B. Boda Group “The Golden Era of Insurance” | Sponsored by The Hartford “Insurance Investigation Trends Happening Now” | Sponsored by Travelers “What Could a CRO Do for Your Business?” | Sponsored by Riskonnect “Hard Reality: A Look at Rising Rates in Property & Excess Casualty” | Sponsored by AXA XL “Property Valuation Deep Dive” | Sponsored by TÜV SÜD “Property Loss Control Engineering” | Sponsored by Prudent Insurance Brokers NEW RIMSCAST VIDEO: “Climate Change and Insurance: A Fireside Chat with Dev Bhutani and Deepak Madan” | Sponsored by Prudent Insurance Brokers Ltd. Related RIMScast Episodes: “Cloud Security Risks with Google's Monica Shokrai” “Roadway Risks: AI, Autonomous Vehicles, & Automated Driving” “Ransomware Risks and “Responding Gracefully” with Masha Sedova” “Cyber Breach Responses with Kate Fazzini, Flore Albo CEO” “The World of Cybersecurity with NCSA's Kelvin Coleman” “Cybersecurity Frameworks with NIST Fellow, Ron Ross” “Cyber Risk News & Trends with Tony Anscombe” “Cyber Risk News & Trends with Tony Anscombe, Part 2” “Cybersecurity in a COVID-19 World with Luke Wilson” “Cybersecurity Tips for Small Businesses with Daniel Eliot” “Cybersecurity with Christopher Loeber” “The State of Cybersecurity and 5G Technology with Jason Ruger, Ruby Zefo, and Chris Novak” RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops Upcoming RIMS Webinars On-Demand Webinars RIMS Advisory Services — Ask a Peer Risk Management Magazine Risk Management Monitor RIMS Coronavirus Information Center RIMS Risk Leaders Series RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — New interview featuring RIMS Treasurer Jennifer Santiago! Spencer Educational Foundation RIMS DEI Council RIMS Path to the Boardroom   Want to Learn More? Keep up with the podcast on RIMS.org and listen on iTunes. Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   Follow up with Our Guest: Dan Healy's LinkedIn   Tweetables (For Social Media Use):   “Once you go [to the RIMS Florida Educational Conference] once, you're hooked for life. Anybody and everybody that I meet that comes for the first time … value that experience. … It's something very special.” — Jason Lynch   “[Jackware is] almost a sub-category of ransomware. What Jackware focuses on is taking over a device or a piece of machinery … usually in the category of a smart device, smart car, or smart appliance … potentially hurting people or costing the owner a ton of money.” — Dan Healy   “The issue is that the prevalence of devices and equipment that can be attacked with Jackware is rising.” — Dan Healy   “We need to be ready because the past two years have seen ransomware — and now Jackware attacks — on the rise.” — Dan Healy   “Don't forget to give notice and don't take no for an answer.” — Dan Healy

Kevin Carroll sits down for a cybersecurity update with Chief Security Evangelist Tony Anscombe to chat about the escalating risk of cyberattacks and more.

Are you having a conversation with your market or merely making noise? B2B brands—including HealthTech solutions—must invest in their brands. Expecting your inbound marketing and direct-to-customer approaches to distinguish you among your competitors will result in missed goals. Who speaks on behalf of your brand? Who is attractive to journalists and others observing your marketplace? Do you have a brand evangelist? Tony Anscombe, Chief Security Evangelist for ESET discusses modern brand communication on this edition of Studio CMO. About Our Guest Tony Anscombe is the Chief Security Evangelist for ESET. With over 20 years of security industry experience, Anscombe is an established author, blogger and speaker on the current threat landscape, security technologies and products, data protection, privacy and trust, and Internet safety. His speaking portfolio includes industry conferences RSA, CTIA, MEF, Gartner Risk and Security, and the Child Internet Safety Summit (CIS). He is regularly quoted in security, technology and business media, including BBC, The Guardian, the New York Times, and USA Today, with broadcast appearances on Bloomberg, BBC, CTV, KRON and CBS. Show Notes Technology only communicates to a certain level. To reach the depth you need with your end-user, you must engage and educate. —Tony Anscombe, ESET Sometimes, the very last thing you need to communicate is your product. Do you: know your customer well? talk about the challenges facing your industry? understand the threat landscape? connect problems to solutions? How does the role of brand ambassador or brand evangelist propel you forward? How do you calculate the ROI of a role like this? Links Discussed on This Episode Building a Bridge of Transformation for Your Buyer When What You Know Can Kill Your HealthTech Marketing

Tune in as ISACA's Kevin Keh talks with the Chief Security Evangelist of ESET, Tony Anscombe about the latest released report from ESET. ESET, a global leader in cybersecurity, has released its T3 2021 Threat Report, which summarizes the most notable trends that shaped the threat landscape from September to December 2021. For more information, check out ESET's award-winning blog: WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research. To read the full Report, please check out https://www.welivesecurity.com/2022/02/09/eset-threat-report-t32021/ We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

Jay Hatfield, Portfolio Manager and CIO at Infrastructure Capital Advisors, shares his outlook for the markets and economy heading into the new year. Tony Anscombe, Chief Cyber Threat Officer at ESET, explains why 2022 is poised to be the Year of Cybersecurity. Ed Cofrancesco, CEO at International Assets Advisory, discusses why he sees a major correction on the market horizon. And Matt Maley, Chief Market Strategist at Miller Tabak wraps up the year in trading. Hosts: Tim Stenovec, Kriti Gupta and Romaine Bostick. Producer: Paul Brennan. Learn more about your ad-choices at https://www.iheartpodcastnetwork.com

Tony Anscombe is the Global Security Evangelist for ESET. With over 20 years of security industry experience, Anscombe is an established Author, Blogger and Speaker on the current threat landscape, security technologies and products, data protection, privacy and trust, and Internet safety. His speaking portfolio includes industry conferences RSA, CTIA, MEF, Gartner Risk and Security, and the Child Internet Safety Summit (CIS). He is regularly quoted in security, technology and business media, including BBC, the Guardian, the New York Times, and USA Today, with broadcast appearances on Bloomberg, BBC, CTV, KRON and CBS. Read the privacy policy, what they collect, what they share and, how long they retain it. Tony Anscombe | One Parent to Another | Book Introduction – https://youtu.be/zH8FfbqOZs4 FTC – IdentityTheft.gov 11 year old blackmails his own father