Podcasts about watchguard

The structural shift highlighted in this episode is a move from simple AI enablement to a managed service model centered on agent governance, enforcement, and workflow automation within IT environments. The episode identifies unmanaged AI agents as a source of escalating risk, citing vendors like Scalepad shifting from remote monitoring to SaaS and AI usage discovery, and referencing research and audits from SNCC and Verizon that identify tangible security flaws and unapproved AI activity within organizations. Managed service providers are increasingly positioned as the operational layer that defines and enforces governance over automation systems, rather than simply deploying AI tools. The primary evidence for this shift is found in audit findings and market reports. SNCC's audit of 4,000 AI agent skills showed over a third had at least one security flaw, while Verizon's data cited by The Register noted a fourfold increase in employees using unauthorized generative AI, with 28% of data loss prevention violations involving code or proprietary data submitted to AI platforms. Gartner, as reported by The Register, predicts 40% of organizations will demote or remove AI agents due to failed governance efforts—attributing the problem to all-or-nothing approaches that lead to operational and compliance failures. Secondary developments reinforce the move toward operationalized governance. Scalepad and Watchguard are bringing AI and SaaS governance capabilities to the MSP channel, with product releases focused on real-time discovery, policy enforcement, and automation control. Incidents like Anthropic's leak of its full source code for Claude Code, exposing permission and sandboxing details, illustrate how transparency in AI agent operations can also create attack vectors—emphasizing the need for robust operational controls and ongoing auditability. The market is shifting to sell "coherence"—packaging identity, permissions, and workflow automation—rather than just technological capability. Operationally, the consequences for MSPs include increased responsibility for defining and enforcing permission boundaries, approval rules, and evidence collection. Failure to address agent governance will expose providers to operational ambiguity, unpriced liability, and recurring support burdens. The guidance is to move beyond AI enablement projects and toward agent operation retainers that include clear workflows, permission maps, execution logs, and contractual clarity on responsibility and incident management. MSPs that cannot prove and control agent behavior risk inheriting the complexity and fallout from system failures or misuse. 00:00 Shadow AI Surge  05:01 Context Is Infrastructure 07:46 Agent Control Plane 11:16 Why Do We Care?  Supported by:  JumpCloud TimeZest 

Security operations for MSPs are undergoing a structural shift from simply deploying additional tools to establishing a liability-focused accountability model, where the ability to provide operational evidence of controls is becoming as critical as the tools themselves. This shift is catalyzed by corporate insurance, procurement, and third-party verification structures—such as those cited by WatchGuard, Assurix, and the NIST AI cybersecurity overlays—demanding verifiable security outcomes and alignment with external standards, rather than relying on provider assertions alone. Survey data referenced from Cybersmart and Beta News reveals that 75% of MSPs experienced at least one breach in the past year, while 54% endured multiple incidents; concurrently, SMB buyers state security is a top priority, but only 13% of microbusinesses operate proactively. According to WatchGuard's global survey of 842 professionals, 94% of clients using dedicated MSPs feel adequately protected, yet 58% indicate intent to change providers within three years—highlighting a disconnect between perceived and delivered value. The emergence of Assurixs' live MSP Trustmark, based on 64 operational controls, further formalizes evidence requirements as market prerequisites. These dynamics are reinforced by shifts in insurer behavior and regulatory alignment. Huntress and Acrisure are collectively rolling out a cyber insurance package contingent on adoption of Huntress's managed detection and response, explicitly tying coverage eligibility to verifiable provider-side controls. The maturing of NIST's AI cybersecurity overlays introduces new standardized control checklists likely to become operational requirements. Additionally, reports from Omdia and MSP Channel Insights note that vendor ecosystems are now rewarded for integrating security as an outcome with automation and multi-tenant integration—reflecting market demand for reliable, defensible evidence of controls. For MSPs and IT leaders, these developments drive the need to restructure contracts to clearly delineate evidence obligations, manage liability exposure, and price evidence production as a formal deliverable rather than as unreimbursed support. Failing to do so risks absorbing unfunded post-incident evidence work, margin erosion, and loss of control over the security value conversation. Operationally, maintaining live accreditations, standing up a formal evidence management function, and explicitly excluding unmanaged SaaS, identity, and AI workflows from baseline service tiers are becoming necessary to maintain profitability and accountability. 00:00 Breach, Then Switch  04:52 SaaS Blind Spot 07:16 Prove or Pay 10:24 Why Do We Care?  Supported by:  Zero Networks HaloPSA   

Today’s headline news for Canadian IT solution providers: WatchGuard acquires Perimeters.io: WatchGuard Technologies announced Wednesday it has acquired identity threat management startup Perimeters.io. According to the company, the deal introduces WatchGuard Cloud Detection and Response (CloudDR), an AI-first solution built for MSPs to handle identity threats and shadow AI across more than 40 enterprise applications, including Microsoft 365, OpenAI, and Salesforce. The move allows Canadian partners to protect customer identities and govern AI adoption without adding significant overhead to their managed security stacks. Meter launches $100M partner fund: Networking startup Meter launched a one hundred million dollar partner fund Wednesday, positioning it as a financial mechanism to accelerate channel growth and challenge established networking vendors. Solution providers can leverage the fund to offer customers a pure Networking-as-a-Service model, where Meter owns and manages the hardware, software, and upgrades. The move gives partners a concrete commercial argument to shift mid-market client conversations from capital expenditures to predictable operating expenses. ServiceNow and Tanium announce Autonomous IT solution: At ServiceNow Knowledge 2026 in Las Vegas, ServiceNow and Tanium announced a joint offering called ITOM AI Prime powered by Tanium, integrating Tanium’s Autonomous IT Platform with ServiceNow’s IT Operations Management workflows and AI agents. According to the companies, the integration creates a closed loop between real-time endpoint intelligence and workflow orchestration, allowing issues to be detected, resolved, and verified without manual intervention. The announcement came alongside Day 2 keynote remarks from ServiceNow president Amit Zavery, who confirmed full MCP client connectivity support as part of the company’s Workflow Data Fabric. GTIA board updates: The Global Technology Industry Association has appointed Andrew Allen, Jennifer Baier Anaya, and Jennifer Roy to its board of directors. The newly elected voting members join Chair Scott Barlow and Vice Chair Rob Rae to advance the strategic direction of the IT channel. NVIDIA and Corning partnership: NVIDIA and Corning have announced a long-term partnership aimed at strengthening U.S. manufacturing for artificial intelligence infrastructure. The collaboration is expected to address ongoing supply chain constraints for essential AI hardware components. SAP acquires Dremio and Prior Labs: Enterprise software giant SAP has acquired data management company Dremio and AI startup Prior Labs to build out infrastructure capabilities for enterprise AI initiatives. According to SAP, the technology will be integrated to create a more unified data layer for its ERP customers, enabling generative AI applications without requiring complex data movement. Millennium Micro at ITSec: Millennium Micro‘s Philippe Fortier, director of Quebec and Maritimes, outlined the operational impact of Quebec’s new baseline cybersecurity regulations on MSPs during a keynote at ITSec 2026. The session focused on helping regional partners navigate the compliance burden for their SMB clients. Apple processor exploration: Apple is reportedly exploring partnerships with Intel and Samsung to manufacture its next generation of device processors, in a potential shift from the company’s long-standing reliance on TSMC. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Thursday, May 7, 2026, and here’s what’s happening in the channel today. WatchGuard Technologies announced yesterday that it has acquired Perimeters.io, marking a significant expansion into identity threat management. According to the company, the deal introduces WatchGuard Cloud Detection and Response, or CloudDR, an AI-first solution built specifically for managed service providers to handle identity threats and shadow AI. The new offering reportedly covers more than forty enterprise applications, including Microsoft 365, OpenAI, and Salesforce. In a statement, WatchGuard noted that this acquisition is designed to integrate identity threat detection and response, or ITDR, directly into its existing unified security platform. The company is positioning CloudDR as a tool that enables partners to detect anomalous behavior and unauthorized access across distributed cloud environments. This matters locally because managing SaaS sprawl and unauthorized AI usage is rapidly becoming a primary operational headache for the channel. Integrating these capabilities into an existing platform reduces the need to bolt on disparate security tools. The move allows Canadian partners to protect customer identities and govern AI adoption without adding significant overhead or vendor complexity to their managed security stacks. Networking startup Meter launched a one hundred million dollar partner fund yesterday, signaling a direct challenge to traditional networking vendors. The company is positioning the fund as a financial mechanism to accelerate channel growth and disrupt established enterprise networking deployments. According to Meter, the capital is designed to remove the friction of upfront hardware costs for customers while ensuring partners are compensated immediately. Solution providers can leverage the fund to offer customers a pure Networking-as-a-Service model, where Meter owns and manages the hardware, software, and upgrades. The channel implication here is substantial. Traditional networking deployments often tie up significant customer capital and require solution providers to manage complex hardware refresh cycles. Meter’s approach gives networking-focused partners a compelling commercial argument when competing for mid-market infrastructure deals – shifting client conversations from capital expenditures to predictable operating expenses while preserving their own margin and cash flow. ServiceNow’s Knowledge 2026 conference in Las Vegas closed its second day of major announcements yesterday, with the company unveiling a joint Autonomous IT solution alongside endpoint intelligence vendor Tanium. The new offering, called ITOM AI Prime powered by Tanium, integrates Tanium’s Autonomous IT Platform with ServiceNow’s IT Operations Management workflows and AI agents. According to the companies, the integration creates a closed loop between Tanium’s real-time endpoint intelligence and ServiceNow’s workflow orchestration, allowing issues to be detected, resolved, and verified without manual intervention. ServiceNow noted it is already a Tanium customer, with the company stating its 90 percent autonomous Level 1 service desk runs on the platform. The announcement came alongside Day 2 keynote remarks from ServiceNow president Amit Zavery, who outlined what the company calls its Blueprint for Agentic Business – a platform strategy built around connecting enterprise data, applying governance controls, and enabling AI to act across systems of record. Zavery also confirmed full MCP client connectivity support as part of the company’s Workflow Data Fabric. For channel partners who are building managed services practices around IT automation, the tighter Tanium integration is a signal of where platform-level AI operations are heading. In Brief The Global Technology Industry Association has appointed Andrew Allen, Jennifer Baier Anaya, and Jennifer Roy to its board of directors. NVIDIA and Corning have announced a long-term partnership to strengthen U.S. manufacturing for artificial intelligence infrastructure. SAP has acquired data management company Dremio and AI startup Prior Labs to build out infrastructure capabilities for enterprise AI initiatives. Millennium Micro’s Philippe Fortier, director of Quebec and Maritimes, outlined the operational impact of Quebec’s new baseline cybersecurity regulations on managed service providers during a keynote at ITSec 2026. Apple is reportedly exploring partnerships with Intel and Samsung to manufacture its next generation of device processors. Full details and links in the show notes or the blog post. Later today on In The Channel, we go deep on the ServiceNow partner model with the company’s senior vice president of global partnerships and channels, Michael Park – including the mechanics of the 100-day Go Live AI guarantee and what the compression of traditional services work actually means for solution providers. And if you haven’t heard it yet, yesterday’s episode with Cynomi Chief Evangelist Tim Coach on third-party risk management is worth your time – specifically the recurring revenue opportunity hiding in your clients’ vendor stack. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

The dominant mechanism discussed is a shift from a focus on AI capability to trust and governance as the deciding factors in AI adoption for managed service providers and their clients. Vendors are increasingly positioning governance, control layers, and auditability as necessary operational functions, rather than add-on features. This is driven by enterprise demand for transparency and accountability across identity, data protection, compliance, and ongoing monitoring. Companies such as Acronis, Microsoft, and Elastic are introducing tools for managing AI access, monitoring sensitive data exposure, and embedding control processes directly into operational workflows. The episode highlights that, according to research from Gong, 58% of companies have stalled their AI projects due to a lack of trust in data handling and AI-generated outputs—not because of budget constraints. Nearly half (46%) of planned investments were paused specifically over concerns around privacy, explainability, and model transparency. Buyers cited the need for explicit policy controls, demonstrable security guarantees, and accountability safeguards before new capabilities are approved. Supporting developments include Acronis's Genai Protection, designed for MSPs to increase visibility over customer AI activities and detect risks such as prompt injection and shadow AI. Meanwhile, incidents like the unauthorized access to Anthropic's Claude Mythos preview through a contractor, reported by The Verge and Gizmodo, reinforce that even leading vendors face security and accountability challenges. Vendors such as Microsoft and Dropbox are moving to integrate centralized control layers that directly address these new operational risks, while tools like Watchguard and Halo are tying security events to key business workflows. For MSPs and IT leaders, the implications are operational rather than purely technical. AI governance now requires continuous policy management, exception handling, and documented evidence across multiple platforms—a scope that most internal teams are not resourced to handle. The market is shifting toward purchasing accountability as a managed service, and providers that fail to deliver clear governance frameworks, connector approvals, and audit-ready reporting will face increased contract risk, client loss following incidents, and potential liability under insurance and regulatory requirements. 00:00 Shadow AI Risk 03:07 Platform Consolidation 04:55 Stalled AI Spend 07:55 Why Do We Care?  Supported by:  ScalePad  Upcoming event: The Pivotal Point of IT: Building Services for the AI-First EraDate: May 13 at 1p.m. EDTRegister: https://go.acronis.com/davesobelaiera

The episode identifies a structural shift in the MSP business model: security is no longer a discrete service or line item but has become the organizing principle for operations and accountability. This is driven by an industry-wide trend toward increased automation in both attack and defense, as well as a shift in liability and accountability from vendors to the MSPs themselves. Companies such as Acronis and Anthropic are highlighted for introducing tools that increase the rate and automation of threat discovery, while research and market analysis by Watchguard and Jay McBain indicate that the capacity to remediate, rather than discover, security threats now forms the operational bottleneck. The most consequential development referenced is the acceleration of security automation and vulnerability discovery, specifically through Anthropic's Project Glasswing and Watchguard's reporting of a 1,500% surge in new endpoint malware variants. Anthropic's approach—limiting broad release of its model due to potential misuse for rapid exploitation—was supported by partnerships with cloud and technology firms like AWS, Apple, Google, and Microsoft, backed by up to $100 million in usage credits. Watchguard's data demonstrates that while threat discovery is increasing, the rate of remediation has not kept pace, creating a supply-demand imbalance in skilled security operations. Further reinforcing this trend, Acronis has promoted a 24x7x365 Managed Detection and Response (MDR) tool positioned to let MSPs deliver always-on monitoring without managing a full security operations center. Meanwhile, broader channel and delivery ecosystem analysis by Jay McBain emphasizes that partners, rather than platform vendors, bear primary responsibility for steady-state customer environments. This confluence of developments shifts the value—and the risk—onto the operational capabilities and governance structures of MSPs. Other referenced solutions, such as Zero Networks' microsegmentation, underscore that containing damage, not just preventing access, is a new business imperative. The operational implication for MSPs and IT providers is a shift from measuring security by tools deployed to measuring and pricing security by demonstrated remediation throughput. Service contracts will need to specify not only what solutions are deployed, but also explicit commitments on response times, closure rates, and SLA-backed operating motions. A lack of clear remediation commitments raises unpriced liability as discovery rates outpace closure capacity. Providers are encouraged to separate vulnerability discovery reporting from remediation progress, build reporting layers that highlight closure rates, and reconsider flat-fee models that do not account for increased operational workloads and accountability risks. 00:00 Closure Is Finite 04:10 Close the Gap 06:32 Govern or Absorb 08:57 Why Do We Care?  Supported by:  Zero Networks ScalePad 

A Little Bit Pivoting: What Web Shells are Attackers Looking for Today? https://isc.sans.edu/diary/A%20Little%20Bit%20Pivoting%3A%20What%20Web%20Shells%20are%20Attackers%20Looking%20for%3F/32874 WatchGuard Firebox Arbitrary File Write via Path Traversal in Fireware Web UI https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00009 Project Glasswing https://www.anthropic.com/glasswing Current Threats Against Kubernetes https://unit42.paloaltonetworks.com/modern-kubernetes-threats/

Joe Smolarski, CEO of WatchGuard Technologies, joins the podcast for a wide-ranging conversation about why the company believes 2026 is “the year of the cybersecurity-focused MSP” – and what that actually means beyond the tagline. Smolarski came to WatchGuard in November after nearly a decade at Kaseya, where he served as president and COO. He’s been open about applying what he calls the “Kaseya playbook” to WatchGuard – driving down platform costs and consolidating tools to improve partner margins. In this conversation, we dig into what parts of that playbook he’s bringing, what he’s leaving behind, and why he believes WatchGuard can double MSP margins on cybersecurity. We also explore WatchGuard’s latest threat research, which showed a 1,500% spike in unique endpoint malware, and what the company’s 2026 predictions – including the first fully autonomous AI-executed cyberattack and the extinction of crypto-ransomware – mean practically for MSPs and the customers they protect. The conversation takes a Canadian lens as well. Smolarski discusses WatchGuard’s new partnership with Bell Cyber, the data sovereignty investments required to win that deal, and why he sees the Canadian market as ripe for its next level of MSP maturity – driven by regulation like Bill C-26 and the consolidation wave now reaching this side of the border. We also touch on WatchGuard’s 30th anniversary, what longevity means in a market full of startups and PE roll-ups, and how Vector Capital’s decades-long involvement shapes the company’s outlook. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. My guest this week is Joe Smolarski, the CEO of WatchGuard Technologies. Joe took the helm at WatchGuard back in November after spending nearly a decade at Kaseya, where he served as president and COO. He’s now leading a company that just celebrated its 30th anniversary, has been 100% channel-focused since day one, and is making a pretty bold claim that 2026 is the year of the cybersecurity-focused MSP. Now, that’s the kind of line that can sound like vendor marketing if you’re not careful, so I wanted to dig into what’s actually behind it. We talked about the explosion in endpoint malware, why the shift from ransomware to pure data extortion changes the game for MSPs, what Joe is bringing from his Kaseya experience and what he’s leaving behind, and why he thinks Canadian MSPs are at a tipping point. We also get into the economics of it all – his promise to double MSP margins on cybersecurity, and how WatchGuard’s platform play is supposed to make that math work. Let’s get right into it. My chat with Joe Smolarski. Thanks for taking the time, I appreciate it. Joe Smolarski: My pleasure, Rob. Robert Dutt: Security has been one of the biggest, maybe the biggest, growth driver for MSPs for years, and your company is saying that 2026 is the year of the cybersecurity-focused MSP. Help me understand what makes this year different from the last three or four, where people have been seeing the same kind of momentum in security in the MSP space. Joe Smolarski: Yeah, sure, Rob. I think ultimately many of the stats are clear, and they’re really eye-opening. I think no longer are MSPs having to educate and evangelize why it’s needed, because when you see eye-popping stats like the fact that cybercrime is the third largest GDP in the world behind the US and China, it’s like, holy cow, how the heck is that possible? But it’s escalated very, very quickly. And unfortunately for SMBs, SMBs have become the focus of those attacks, and I think that’s becoming clearer and clearer every day. SMBs used to feel as though they’re not the focus, that the big guys will be the focus. But what we’ve seen – and unfortunately I have some firsthand experience – is that when cybercriminals attack the big guys, they have people come after them. If you know my past, I served as president and COO of Kaseya for nearly a decade prior to becoming CEO at WatchGuard. And there, on July 2nd of 2021, we got attacked by Russian cybercriminals. When that occurred, within four hours I had the FBI and the White House and Department of Homeland Security and everybody else in my office, which was not very pleasant. So you get the attention when you’re a major provider, a big company. Look at Stryker right now, what they’re going through. In that situation, within four hours, they’re all in my office. Within three weeks, we got the bad guys, and those bad guys are sitting in a federal prison right now. But that’s not the case when it comes to SMBs, and it’s a shame. I had access to a bunch of inside information within the government when we went through that, because we also hired the FBI lead as our CISO at that time. And what they say is they’re just overwhelmed. There’s no way that they could get to all of the attacks that are occurring. The big guys get attention and the small guys don’t, and that’s become prevalent. So I think ultimately, this is the year for cybersecurity to get to that next level because the pace of attacks is picking up so much, in particular in the SMB market. We posted our bi-annual security report and showed a 1,500% increase over the last year, just in the velocity of attacks, which is scary. It’s scary for SMBs. And quite frankly, even if they have some of their own internal IT staff, they’re not going to be at the level that they require to stay protected. So they’re relying on the fantastic MSPs that are out there to get them to that next level. I will say, I caught up with three or four large MSPs in Canada over the last week, just to prepare for this a little bit, just to get some of the latest trends directly from the MSPs themselves. And they said they still feel like Canada is a little bit behind when it comes to the US, just a little bit behind in terms of education and things like that. And certainly, small business is so prevalent in Canada, given how dispersed it is. So they’re working on that. I know your government in Canada is working to increase regulation. I think some of the fighting back and forth with Trump and Carney has been interesting and ultimately fueling the Buy Canadian campaigns and some of that stuff. But you’ve got a lot going on. I know you’ve got a C-26 bill from an infrastructure perspective trying to be passed, just to make sure that the awareness is there for all businesses on what needs to be protected – supply chain and everything else. But it’s a huge opportunity for the MSP market to take it to that next level, because from my perspective, Rob, you have to. What I’ve seen – and this is very, very unfair – is that when a small business even declines that next level of, say, platinum service from an MSP, they’re like, “I don’t need that. We don’t need that level of protection. We’re not willing to pay that amount.” If something negative happens, then unfortunately the MSP still gets blamed. And that’s ridiculous, but it’s the reality of the situation. So this is the year to capitalize on it. There’s enough news and information out there that supports everything. It’s an exciting year and, of course, a nervous year, because you’ve got to protect your clients and use the best technology and services to get there. Robert Dutt: You touch on the 1,500% spike in endpoint malware in the second half. A quarter of those attacks are evading signature-based detection. At the same time, though, your team is predicting that crypto-ransomware is essentially going extinct this year as attackers say, “You know what? We’d rather just steal the data and extort you.” What does that shift mean practically for how MSPs need to think about protection and what they’ve been offering, given that ransomware has been such a driver for the last half decade or so? Joe Smolarski: Yeah, I think ultimately you just have to make sure that you have layers of protection. To your point, lots of things get through. You could have the very best technology in the world, whether that’s WatchGuard or some of the other leading providers, and things can get through. Ultimately, that’s why you need the layers. One of the things that you should also consider is the platform approach. There are many providers, WatchGuard being one of the leading providers in the MSP space. When you have a platform that gives you multiple layers and those layers get to be correlated together, it just increases your chances of detecting those things. You may see something on the firewall that’s not definitive evidence of something happening, but when you piece that together with what’s happening on the endpoint and you’ve got those two data points, you piece it together faster than point solutions can. I think ultimately you need to make sure you have 24/7 SOC monitoring. Things that you didn’t think were possible – you thought you put in the best products to protect you, why do I need that, nothing should get through. You just threw the stats out there that things do get through. The only way to stop that is to catch those anomalies at one of the respective layers. If you’re at 99.9999%, you’ll get it at the product level. But what gets through – and with the velocity of attacks that is there – you’ve got to make sure you’ve got AI-based SOC solutions and MDR solutions backed up by great security professionals to ensure you’re protected. Robert Dutt: On the AI tip, you guys have predicted the first fully autonomous, end-to-end executed-by-AI cyberattack this year. That’s a big call. What would that look like? And how do I, as a mid-market MSP, even begin to prepare for something like that? Joe Smolarski: Number one, it should scare the heck out of us. It scares me. It certainly scares me, Rob. It’s a world that is evolving very quickly. I think AI in and of itself – there are some anomalies. I’ve done a few interviews where I’ve said half of AI is bullcrap. Because so many people claim AI and everybody’s taking credit for it. Some of it’s real, some of it’s not. But what’s very real is the rate of acceleration of technological advancement, both for the good guys and unfortunately for the bad guys. So I think you can’t fight AI attacks with human-based people. You need to fight AI with AI. There’s no way, from a rate of defense, pace of defense, that you can fight that with just good security professionals. You want to make sure, as the complexities of these attacks, the velocity of these attacks – because it is AI-based – continues to accelerate at an unprecedented pace, that you’re fighting that with AI-based solutions. Because it can match the speed and complexity of the response. We’re seeing it. While we haven’t seen a complete 100% autonomous end-to-end, we’re seeing pieces that are getting very, very close. We have so many millions and billions of data points coming through and it’s getting scarier by the day. Our job is to stay ahead of that. We stopped billions and billions of attacks last year and we had seven reports come through of malware that maybe got through. So the success rate is phenomenal, but the only way that will stay phenomenal is if we just stay on top of that 24/7, 365 and read all the indicators of what the bad guys are doing and how we need to stay ahead of that to protect our MSPs and protect our end customers. Robert Dutt: We talked about platformization a little bit off the top. I wanted to circle back to that. First, you’ve been pretty open about bringing the Kaseya playbook to WatchGuard – driving down platform costs, consolidating tools, increasing margins. But Kaseya can be a complicated word in the MSP space. Some partners hear it and think great economics. Others hear it and think about aggressive bundling or the friction of integrating acquisitions. Which parts of the playbook are you looking to bring to WatchGuard, and which parts are you consciously choosing to leave behind? Joe Smolarski: Yeah, definitely. And listen, every company has its pros and cons. And certainly over there, I was the number two, not the number one, which is a difference, because you’ve got to abide by certain things. It had a fantastic leader with Fred and a great leader with Rania in the current leadership. But I think ultimately what always resonated – no matter, I say time and time again, even if somebody didn’t like certain practices at Kaseya – what always resonated was, “I need to lower my operating costs because my margins are too tight and I can’t scale efficiently.” It’ll be tough to get liquidity as an MSP if I’m not getting the proper margins and profitability. And we know that there’s a great opportunity for MSPs to get liquidity and have an event, because there’s a great rollup occurring in the industry. So just making sure that the unit economics continue to get better. And the second component is just an integrated platform. It makes all the difference in the world. Imagine you hiring your next technician, your next engineer, and then you’ve got to reach out to seven different vendors to get that person set up. That engineer has to learn seven different platforms and seven different logins and swivel chair through all of it. So those two components, no matter what, always resonated with the base, whether they were Kaseya lovers or Kaseya haters, those two things always resonated. And those are some of the common components. I think the benefit for me, and the reason why I left a very successful career at Kaseya – we did a lot of great things from a financial perspective, growing it tenfold in my tenure there – the reason why I left and the reason why I took that call is because WatchGuard just has a tremendous partner focus and is well respected in the industry. So you take that, you take the great products that we have, and then you have the focus on the unit economics that I’m certainly bringing to the table. It’s just very, very important. Sometimes an MSP needs some bells and whistles and sometimes they just need it to work and be a world-class security solution that gets to lower their costs in parallel. And that’s what we’ve done. It’s just a great combination of a company that is 1,000% focused on the partner community. That’s all we do. If you look at us compared to very amazing firms like a CrowdStrike – just phenomenal firms – but they’re not solely focused on MSPs. Prior to a decade ago when I joined Kaseya, I spent my life in the enterprise. And when you’re a firm dealing with enterprises and MSPs, I’m sorry, but it’s only natural that the enterprise gets the attention. They just do because, number one, if you look at how they segment their customer base, the Bank of America and the General Electric – when they call in, they’re going to get prioritized, let alone the human element. When you’re on support and you’re dealing with the big guy versus the little guy, it’s just different. You go above and beyond. That’s why for us, we never try to mix the two. We want to make sure that we’re dedicated to the MSP community. It makes a massive difference in terms of focus. We understand that if we let an MSP down, this is their livelihood. You let an IT director down at Bank of America, his life keeps on going. But you let an MSP down and this is their absolute livelihood, and we just can’t let that happen. That’s embedded throughout the culture of WatchGuard, which we’re super proud of. You put great products on top of that and the focus on unit economics, and it’s getting that cost down so that we allow them to be more aggressive. You and I talked earlier in the call about the fact that if an MSP offers a cybersecurity package and it gets declined, they’re still going to get blamed. So if we can keep getting that cost down to allow them to make sure all of their end customers are protected, it’s just a great thing for all. And that’s our genuine focus and we’re super excited about it. Robert Dutt: You’ve said that you want to double MSP margins on cybersecurity, and that’s a very specific promise, one that I have to imagine gets a lot of MSPs’ ears perked up. Can you walk me through the mechanics of how that actually works? Is this pricing, is it operational efficiency through the platform? And what does that transition to higher margins look like for a Canadian MSP with, say, 500 managed endpoints? Joe Smolarski: Yeah, listen, I think it’s all of the above, Rob. If you look at it, you can buy a dirt cheap solution and think that you’re saving money. But when it comes to cybersecurity, you buy a dirt cheap solution and then you get bombarded with alerts and noise and everything else. All you’re doing is increasing your operational headcount, your human capital. And you’re getting an absolutely nasty math equation that you just didn’t realize when you signed on the dotted line up front for the rock bottom price. So it’s not solely based on price. This is a world where there is a ton of noise. And if you’re not efficient with what we’re providing to the MSP in terms of threat indicators and things like that, they just get overwhelmed and either have to overstaff to accommodate for it, or they miss important things and ultimately allow bad stuff to occur within their environments. For us, we really focus on simplicity of the platform and making sure that we can give you absolute world-class solutions. You do the research on WatchGuard – we have world-class solutions across the board with tremendous success rates. So give world-class solutions, limit the noise that an MSP has to deal with, and always be there for that MSP when something occurs. We have a six-minute response time on our SOC, which is best in the industry. All of those things combined, along with very aggressive commercials. We have to be. We’re getting more and more aggressive when it comes to commercials and have a lot of great stuff planned for this year. I’ve been here four months, so give me a little bit of time, just a little bit. But we’re making progress every single day to continue to meet the needs of our MSP community. Get that price further down, improve the unit economics, and more importantly just provide a great simplified platform that simply works, and always show up when our customers need us. Robert Dutt: You’ve shipped a lot of product in a short time. The Zero Trust Bundle, FireCloud, Open MDR with third-party support, the unified agent. For an MSP that’s currently running your firewalls, maybe another piece of the stack, what’s the realistic path, the realistic starting point to adopting the full platform, and how do you avoid the rip-and-replace fatigue that you can feel from vendors who are in the platform play? Joe Smolarski: Yeah, we’re doing everything we can to avoid the fatigue. Not to kick anybody when they’re down, but we’ve had a flurry of major activity from SonicWall customers looking for relief from some of the challenges they’ve had. Our team has worked around the clock to put together fast, easy, white-glove migration using AI that can carry across profiles and configs to make it as easy as possible to reduce that fatigue when you do decide to move. We definitely concentrate on reducing that fatigue through automated migrations using AI tools to make sure that some of those things happen. But fatigue aside, in terms of next logical steps – we’re blessed, we have 25,000 MSP partners, most of which are using our firewall solution, which we’re famous for. The red boxes. It’s world-class and extremely well respected. If they’re just using the traditional firewall, the next easy logical step is to get the endpoint protection with fully managed SOC, because you need it and it just works so tightly together. Our goal when we work with our partners is just to show that one plus one truly does equal three. We work on that every day through additional integrations and ease of migration tools. We’re super excited about it, and we think it’s going to be a banner year for us. We had a record-breaking 2025 and think we’re just getting started at this stage. Robert Dutt: Vector Capital has been involved with you guys for decades, which is pretty unusual for private equity. Your partners are making long-term bets on the platform – obviously, that’s the nature of the beast. What are you giving them in terms of assurance that there’s continuity of investment there, that this structure keeps going, that it doesn’t become a growth-for-exit kind of play? Joe Smolarski: Yeah, well, I think you just answered it for me. You just said Vector’s been involved for decades. That is very rare, Rob. Very, very rare. Number one, Vector’s just a fantastic partner. I’ve dealt with many different private equity firms. I’ve been in private equity my entire life – very prestigious ones. Insight was fantastic at Kaseya. But ultimately, Vector has been in this for the long run. Some of the principals at Vector have personal financial interest in this company, which just creates a loyalty and a common vision for us to build a great company. And they tell me that every single day. We don’t build for an exit. We want to build a great company. We believe we have a great image and perception and brand in the market today, and we’ll never do anything to compromise that. Our focus is to build a great company, protect our partners, continue to build with our partners. Both myself, the WatchGuard team, and Vector – that’s the sole focus here. Because they’ve been involved for decades, it’s a little bit different than many other firms that are going through change of ownership every couple of years. And then they’ve got to cut costs and go through all that. We’ve had stability from that perspective, which is great. We’re still a business. We’re a for-profit business. We’re not a charity. So of course we always have to make business decisions in an ever-changing business world. But I think that continuity has really made a big difference. Having a private equity firm that has a personal interest in this company has made a big difference for us, and I think our partners see that with the level of focus and dedication to the partner community. Robert Dutt: Earlier in the conversation you mentioned data sovereignty. You mentioned some of the moves being made on the government side in terms of legislation. As you’re pushing a cloud-delivered security platform, how do you see data sovereignty factoring into that? Joe Smolarski: Yeah, it always has to, because otherwise it’ll preclude you from being able to penetrate certain markets. Ultimately, that started decades ago in Europe, in terms of having to make sure that data is stored locally. Any major vendor needs to make sure that focus is there. Canada is catching up quickly in terms of many of those requirements. Sure, it requires extra capital and build-out in terms of making sure we have local data centers and all of that. But at this stage of the world, unfortunately it’s getting more complex with all the wars and the turbulence that’s in the world now, which is unprecedented. So you’re going to get more of that – “No, it can’t leave the country, it’s got to be here” – more and more. All of us in the SaaS space need to be prepared for additional investments to accommodate for that. You’re not going to win and be able to get that business at a large scale without it. Our business has quickly taken off in many key areas. You may have seen we just announced the Bell Cyber partnership this week. Bell is the largest telco in Canada, as you know better than me, and Bell Cyber is their cyber arm. They’re embedding WatchGuard to make sure their customers are protected. As part of that, we had to make sure that there are no data sovereignty issues when you’re going to the largest telco to get to their millions and millions of customers. We’re super proud of that. WatchGuard – we’re not at the level of a gazillion-dollar firm, but we’re big, we’re serious, we have great technology. And to go and get the number one telco in Canada to use our solution for their cybersecurity offering is just evidence of how we’re attacking problems like that. Robert Dutt: I’m curious, as you’ve looked over the landscape, do you see the Canadian market differently than the US in terms of MSP maturity, cybersecurity adoption, those kinds of market condition issues? Joe Smolarski: I think the Canadian market is a fantastic market in this space that is ripe for the next level of maturity. As I mentioned, and this is not coming from my speculation, this is coming directly from some of the larger MSPs. I think F12 and Calvin caught up with them and a bunch of others earlier this week. Large, prestigious MSPs that are doing great things and growing significantly. Canada is just a little bit further behind, needs a little bit more education from an end-customer perspective. As regulation comes up, that’s going to solve some of that. As some of the geopolitical stuff continues to occur, that’s going to happen. The consolidation that we saw in the US on the MSP side, starting maybe five, six, seven years ago, is starting to pick up in the Canadian market as well. And that’s a great opportunity. To me, MSPs should be excited. When you see consolidation occurring and rollups occurring, that’s a chance for you to get a nest egg. What we’ve seen is MSPs can get some liquidity, either stay invested or exit, and then they go do it again because they’ve got the playbook. The MSP world’s not that complicated in the sense that there are playbooks on how you win. We certainly work with a lot of MSPs to share those playbooks. The Canadian market is ripe for that next level of maturity. I am super confident that it’s going to accelerate, because you have a lot of great MSPs and technology providers taking advantage of that now, and it’s going to continue. Robert Dutt: You guys just turned 30. In a market where a lot of security vendors either get acquired, completely change what they’re doing, or flame out, what does that longevity actually mean? What do you see as the selling points of it, and what do you see as the baggage of having that long of a history? Joe Smolarski: Listen, the selling points are we’re not going anywhere. We’ve been doing this for 30 years. We haven’t done it for 30 years at a small level, Rob. We’ll approach a half a billion dollars in revenue by the end of this year, well over $120, $130 million profit. We’re doing great things. We’re big, we’re stable, and that longevity gives customers and partners the assurance that we’re not going anywhere. Because I think you know it – there are many firms out there that look sexy. They’ve got the sizzle. They’ve been around for three years and everybody’s talking about them. And then I meet with many of these CEOs from an acquisition perspective, and you talk to them and you realize, “Oh, they’ve never made any money.” And when you’ve never made any money, sometimes you can get away with that because you sell and do your thing. But many other times, there’s a reckoning from a macroeconomic perspective, where money’s not free anymore and ultimately either make money or there’s going to be a problem. In those situations, when you change hands and you get swallowed up by a bigger company at some minimal value because of economic challenges, you invested in something that’s not going to be there for very long. Customers love knowing, “I can go with WatchGuard. I know you’re going to be around forever, quite frankly.” And they see how we’ve evolved. We have not been stagnant. On the positive front, we went from being the leading provider of firewall solutions, which are still very critical from a perimeter security perspective, in the MSP and SMB space. We protect many of the agencies that are protecting the world. Our firewalls are in government agencies throughout the United States and throughout Canada that are actually protecting our soldiers. Our solutions are in fighter jets. So we’ve got a lot to be proud of just in terms of that level of security that our government relies on us for, which is amazing. What you need to fight against, just to make it a balanced conversation, is being stagnant. This is a fast-changing world. If you’ve been here for decades, you have to make sure that you’re staying up with technology, understanding how AI can help you do your job three times more efficiently. Many people can, some can’t, but many people can because they have great roots in technology and innovation. So you just have to keep pushing the team to be aggressive, not stagnant. And that’s what you get with me, certainly. I know how to push people. I’m a little bit over-energetic, probably a few too many Celsius on a daily basis. My goal is to get the most out of people, but when you have a great team and a great foundation like we do, it’s not that tough. Robert Dutt: Just to wrap it up, let’s go back, if we can, to that Canadian MSP that we were talking about – that SMB-focused MSP who’s been focused on the firewall side of the business but hasn’t really gone too much deeper. What’s the single biggest reason that you see for them to take another look at what you guys are doing right now? Joe Smolarski: I think the progression of our platform is well beyond what people understand. The level of embedded AI throughout the platform is beyond what they would expect – if they looked at us three, four years ago, they just don’t understand where we’re at today. Ultimately, we have an AI-enabled platform that’s dedicated to the MSP and SMB market. Sure, firms like CrowdStrike are fantastic. They’re not dedicated to this. For us to have technology on par with anybody that’s out there throughout the entire cybersecurity stack and to solely dedicate that to the MSP and SMB market – so when you have a problem and you go through a breach or anything else and you call in, you’re not competing with Bank of America, you’re not competing with these other massive companies. You’re our sole focus. We understand your business is your lifeline. You get all of that sophistication and then a level of simplicity provided within the platform that is second to none, to just make your job way more efficient. That’s the ultimate selling point for us – that you can get everything you need throughout the cybersecurity stack from WatchGuard, plus that friendliness of just the pure partner focus and commitment. We truly believe the next few years are going to define which MSPs become security leaders and which stay as commodity IT providers. The opportunity is enormous. The demand is structural. And the partners who build disciplined, automated, security-first practices are really going to thrive. We’d love to be their partner. Robert Dutt: It’s a great point to leave it on. Joe, I appreciate your taking the time. This has been a great conversation. I think you’ve given partners lots to think about. Joe Smolarski: Thank you so much, Rob. Take care. Robert Dutt: There you have it. Joe Smolarski from WatchGuard Technologies. I’d like to thank Joe for his time. This was actually one of his first podcast appearances, and I thought he was remarkably candid throughout. I appreciate that. And of course, thank you for listening. A few things that stuck with me from this conversation. First, the honesty about AI. When a CEO tells you that half of what’s being called AI out there is, in his words, bullcrap, but then makes a clear case for where it genuinely matters – fighting the velocity of AI-driven attacks with AI-driven defense – that’s the kind of nuance I think partners need to hear more of. Second, the Kaseya question. Joe didn’t dodge it. He acknowledged the baggage, drew a line between what he’s bringing forward – the unit economics focus, the platform consolidation – and what belongs in a different chapter. Whether that distinction holds up over time is something we’ll all be watching, but I thought that was a fair answer. And third, the Canadian angle. WatchGuard’s partnership with Bell Cyber is a significant validation of their platform in this market. And Joe’s observation that Canada is ripe for the next level of MSP maturity, driven by regulation like C-26 and the consolidation wave that’s hitting us now, is worth paying attention to. If you found this conversation useful, I’d love it if you’d follow or subscribe to the ChannelBuzz.ca podcast. You can find us on Apple Podcasts, Spotify, YouTube, and most other podcast directories. And if you’re feeling generous, a rating or review goes a long way towards helping other folks in the channel find us. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

In this episode of Partnerships Unraveled, we sit down with Adam Winston, Field CTO at WatchGuard. From scaling a services business to $12M in annual revenue to driving innovation at WatchGuard, Adam shares what it really takes to build trust when you are in an industry as high-stakes as security.Channel professionals will hear a candid take on the uncomfortable truths that shape partner programs. How financial perspectives shape the reality of the channel. Why vendors burn goodwill when they push “specials” that feel like leftovers. And what it looks like to design partner engagement around MSP economics, not product slides. Adam also breaks down practical enablement tactics like the “placemat strategy,” plus where he sees the biggest opportunity for MSPs over the next 3 to 5 years as AI changes the work and consolidation accelerates. Expect sharp stories, operator-grade advice, and ideas you can apply to partner strategy right away._________________________Learn more about Channext

Today is Monday, March 2, 2026. Welcome to In Case You Missed It, our weekly five-minute rundown of important channel news stories that might have flown under the radar last week. In this edition: Component shortages start hitting the channel: Rising memory and storage costs are prompting vendors to revisit pricing and deal protections, highlighted by a letter from Cisco to partners and reinforced by warnings from other vendors, distributors, and suppliers as availability tightens across servers, storage, and PCs. Pure Storage rebrands as Everpure: Pure Storage has rebranded to Everpure, signaling a shift toward AI-ready data management and rolling out partner program changes aimed at supporting subscription services and platform-led growth. WatchGuard targets MSPs with enterprise-grade security: WatchGuard says new platform enhancements allow MSPs to deliver enterprise-level security outcomes — including zero trust, MDR, and unified management — without enterprise-level complexity. AWS threat research highlights AI-driven attacks: New findings from Amazon Web Services show attackers using AI-assisted techniques to accelerate exploitation of perimeter devices, including firewalls, underscoring how rapidly the threat landscape is evolving. Read Full Transcript Hello and welcome to In Case You Missed It from ChannelBuzz.ca, your Monday morning recap where we catch you up on some of the channel news and trend headlines you may have missed in the last week. I’m Robert Dutt, editor of ChannelBuzz.ca. Today is Monday, March 2, 2026. Let’s get your week started right. This week, the IT channel is being forced to confront an uncomfortable reality. Global components shortages and memory price spikes are fundamentally reshaping how hardware deals are negotiated and fulfilled, and vendors are already updating partner policies as they try to cope. At the center of the storm is a note from Cisco Systems to partners, which was obtained by CRN, in which Cisco says it’ll adjust partner contract terms in response to rapidly rising memory costs and supply volatility. The company now reserves the right to cancel compute orders up to 45 days prior to shipment and to adjust pricing between order and shipment date if component costs, tariffs, or other external factors shift dramatically. That’s a significant departure from the traditional price protection norms. And this isn’t isolated. Executives from major distributors told CRN that memory and storage shortages, particularly DRAM and SSDs, are pushing prices up and tightening supplies across servers, storage, and PC portfolios. Memory prices are reported to have doubled year over year in early 2026, and are expected to continue rising, leading many distributors to shorten their own validities and revisit backlog pricing with vendors. Vendors themselves are directly advising partners of pricing shifts too. Lenovo has warned partners that select PC and server products will see price hikes in March unless orders are placed and shipped promptly, reflecting those costs. And hardware availability is also tightening in real terms. For example, Western Digital says its entire 2026 hard drive production capacity is already spoken for, with most allocations locked up in long-term agreements with hyperscale cloud and AI customers, a trend that could push prices higher and leave less inventory for channel projects. As memory, storage, and other components become harder to source and pricier to procure, partners may face shortened quote windows, less pricing certainty, and project timing risk, compelling MSPs and VARs to rethink their own quoting strategies, accelerate their sales cycles, and build supply chain agility into their roadmaps. Good luck out there. Also worth noting, Everpure, the company formerly known as Pure Storage, has completed a major strategic evolution, rebranding itself to signal a transition from traditional storage vendor to a broader AI-ready data management platform and announcing changes that partners should really pay attention to. The name change, which takes effect on the New York Stock Exchange March 5, reflects the company’s push into enterprise data orchestration and intelligence beyond simply shipping storage hardware and arrays. Central to this transformation is Everpure’s planned acquisition of data intelligence firm 1touch, a move designed to bring automated data discovery, classification, and semantic enrichment capabilities into its portfolio. This expands the enterprise data cloud vision, equipping enterprises to make data inherently AI-ready and more valuable across hybrid environments. Alongside that rebrand, Everpure has updated its partner engagement model with a new tiering structure that gives MSPs, resellers, and distributors clearer pathways to profitability and growth, reflecting the broader mission of the company going forward. Recent results show that the demand for data management and subscription services are driving double-digit growth, the company says, underscoring why partners should lean into Everpure’s evolving platform play. For channel pros, the message is that Everpure sees partners as critical to selling data-centric solutions in the AI era and is aligning its incentives and program structure accordingly. Up next, WatchGuard is positioning its latest platform updates as a way for MSPs to deliver what it calls enterprise-grade security to small and mid-sized customers, without the complexity typically associated with large enterprise tools. The company says the enhancements are focused on unifying endpoint, network, identity, and MDR capabilities into a single manageable platform designed for service providers. Key to the message is simplification. WatchGuard is emphasizing centralized management, automated threat response, and bundled security services that allow MSPs to deploy advanced protection like zero-trust network access, AI-driven threat detection, and 24/7 monitoring at scale and under predictable pricing models. For MSPs, the pitch is that this closes a long-standing gap, giving smaller customers access to security capabilities that more rival enterprise deployments, while still fitting MSP operational and margin requirements. WatchGuard argues that as threats become more sophisticated, the ability to offer enterprise-grade outcomes without enterprise-grade overhead is becoming a baseline expectation rather than a premium add-on. And speaking of more sophisticated threats to bring this week’s roundup home, new threat research from Amazon Web Services adding to the evidence that AI is actively changing how attacks are carried out, not just how they’re defended against. AWS researchers report seeing threat actors use AI-assisted techniques to more quickly identify and exploit vulnerabilities in perimeter devices, including Fortinet FortiGate firewalls, reducing the time between disclosure and real-world exploitation. The finding reinforces a growing concern for solution providers. Attackers are using AI to scale reconnaissance, speed up exploit development, and adapt attacks faster than traditional defenses expect. For MSPs and VARs, the implication is clear. Staying ahead now requires faster patching cycles, continuous monitoring, and security platforms that assume AI-accelerated threats are the norm and not an edge case. Those are some of the things we were paying attention to last week. This week on the podcast, expect to hear how Citrix is thinking of partners as it hands off more of its channel management to Arrow Electronics, a look at the role of identity in taming shadow AI, and how startup Lexful is aiming to redefine how MSPs think about documentation. I’m Robert Dutt for ChannelBuzz.ca. Have a great week!

Cybercrime's escalation has reached a projected $12.2 trillion annual impact by 2031, with a notable surge in remote monitoring and management (RMM) tool abuse—up 277% year-over-year, according to Huntress and supporting vendor reports. Attackers utilize legitimate IT tools to facilitate stealthier ransomware and phishing campaigns, amplifying structural vulnerabilities within MSP technology stacks. Key metrics from Acronis, WatchGuard, and Vectra AI indicate a shift to smaller, more evasive malware campaigns, longer times to ransomware deployment (averaging 20 hours), and widespread unaddressed security alerts, raising questions about the adequacy of current defenses and incident response practices. Vendor-supplied threat intelligence further shows that MSPs' reliance on signature-based platforms and insufficient visibility leaves them exposed to evolving attack techniques. Data reviewed suggests phishing footholds can quickly compromise cross-client environments, and legal ramifications heavily fall on the service provider when RMM or monitoring tools act as entry points. Notably, only about 58-60% of organizations report full visibility across their systems, with a majority of alerts remaining unaddressed, underscoring gaps in operational maturity and preparedness. Adjacent coverage highlighted Microsoft Copilot's repeated security control failures within regulated environments, specifically its inability to enforce sensitivity labels and boundaries across emails—most recently affecting the UK's National Health Service. The lack of vendor-announced architectural changes calls into question the viability of deploying AI tools in compliance-driven contexts. Separately, political and public backlash against surveillance technologies (such as Flock cameras) demonstrates that unchecked data collection is no longer a manageable passive risk, as data becomes increasingly actionable and retains liability beyond technical considerations. The practical takeaway for MSPs and IT leaders is a need to prioritize audit, documentation, and enforcement of controls within their technology stacks, especially where vendor tools or AI-driven automation intersect with compliance and client trust. Preserving operational optionality and scrutinizing vendor terms—particularly data sharing and architectural enforcement—are essential to reduce exposure. Waiting for vendor patches, disregarding documented control failures, or underestimating public scrutiny elevate liability across legal, reputational, and client relationship domains. Four things to know today: 00:00 Vendor Threat Reports Converge on One Risk MSPs Can't Outsource: The RMM as Breach Vector 05:11 Copilot Failed Compliance Controls Twice in Eight Months — A Patch Won't Fix That 07:03 Flock Backlash Exposes the Liability Hidden in Every Vendor Data-Sharing Contract 09:42 GTDC Summit: Distributors Pitch AI On-Ramp as Hyperscalers Compress Their Margin Sponsored by:  

Adiel Sheik Mohammed's Journey: From Networking to Cybersecurity ExpertiseIn this episode of Breaking into Cybersecurity, Adiel Sheik Mohammed shares his journey from his early exposure to computers through his father's training institute to becoming a cybersecurity expert. Adiel describes his academic background in telecommunication and networking, the pivotal decision to specialize in cybersecurity, and the certifications and hands-on experience that facilitated his transition. He discusses his roles, including his first cybersecurity job as a solution architect with WatchGuard, and elaborates on his continued learning through certifications. Adiel also talks about his contributions to the field, including authoring books on AI's impact on SOC and cybersecurity and his ongoing doctorate focused on AI and cybersecurity. The episode concludes with advice for aspiring cybersecurity professionals on networking, certifications, and staying current with industry developments.https://www.linkedin.com/in/shadeel/https://speakerhub.com/speaker/adeel-shaikh-muhammadhttps://adeel.solutionshttps://www.amazon.com/dp/B0DG66357Nhttps://www.amazon.com/dp/B0F3DCKYQ9https://www.amazon.com/dp/B0DVC5Z3XZ00:00 Introduction and Guest Introduction00:53 Early Life and Initial Interest in Cybersecurity02:09 Transition to Cybersecurity04:35 First Cybersecurity Role05:43 Certifications and Continuous Learning07:31 Writing Books and Doctorate Journey10:19 Current Work and Future Plans18:44 Advice for Aspiring Cybersecurity Professionals21:35 Conclusion and Final ThoughtsSponsored by CPF Coaching LLC - http://cpf-coaching.comThe Breaking into Cybersecurity: It's a conversation about what they did before, why they pivoted into cyber, what the process was they went through, how they keep up, and advice/tips/tricks along the way.The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership, as well as tips/tricks/advice from cybersecurity leaders.Check out our books:The Cybersecurity Advantage - https://leanpub.com/the-cybersecurity-advantageDevelop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level https://amzn.to/3443AUIHack the Cybersecurity Interview: Navigate Cybersecurity Interviews with Confidence, from Entry-level to Expert roleshttps://www.amazon.com/Hack-Cybersecurity-Interview-Interviews-Entry-level/dp/1835461298/Hacker Inc.: Mindset For Your Careerhttps://www.amazon.com/Hacker-Inc-Mindset-Your-Career/dp/B0DKTK1R93/---About the host:Christophe Foulon focuses on helping secure people and processes, drawing on a solid understanding of the technologies involved. He has over ten years of experience as an Information Security Manager and Cybersecurity Strategist. He is passionate about customer service, process improvement, and information security. He has significant expertise in optimizing technology use while balancing its implications for people, processes, and information security, through a consultative approach.https://www.linkedin.com/in/christophefoulon/Find out more about CPF-Coaching at https://www.cpf-coaching.com- Website: https://www.cyberhubpodcast.com/breakingintocybersecurity- Podcast: https://podcasters.spotify.com/pod/show/breaking-into-cybersecuri- YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity- Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/

Broken Phishing URLs https://isc.sans.edu/diary/Broken+Phishing+URLs/32686/ n8n command injection vulnerability https://github.com/n8n-io/n8n/security/advisories/GHSA-6cqr-8cfr-67f8 Android February Update https://source.android.com/docs/security/bulletin/pixel/2026/2026-02-01?hl=en Watchguard Firebox LDAP Injection https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00001

Escalating distrust in identity systems and misuse of AI are forcing a shift in security accountability for small and midsize businesses. Recent analysis highlights that the prevalence of deepfake-driven business email compromise and non-human digital identities is eroding confidence in traditional protective solutions. According to Techyle and supporting reports referenced by Dave Sobel, the ratio of non-human to human identities in organizations is now 144:1, further complicating authority and responsibility for managed service providers (MSPs). As trust in exclusive third-party control disintegrates, co-managed security models are becoming standard, repositioning decision-making and liability.The rise of AI-generated data—described as “AI slop”—has prompted increased adoption of zero trust models, with 84% of CIOs reportedly increasing funding for generative AI initiatives. However, as rogue AI agents are recognized as a significant insider threat, current security services are often ill-equipped to manage these new vulnerabilities. Regulatory bodies, including CISA, have issued guidance noting that the integration of AI into critical infrastructure introduces greater risk of outages and security breaches, particularly when governance remains ambiguous. High-profile vulnerabilities in open-source AI platforms used within cloud environments further highlight the persistence of operational risks.Adjacent technology updates include new releases from vendors such as 1Password, WatchGuard, JumpCloud, and ControlUp. These offerings focus on enhancing phishing prevention, expanding managed detection and response, and automating endpoint management for MSPs. However, Dave Sobel emphasizes that these tools introduce additional layers of automation and integration without adequately clarifying who ultimately holds authority and accountability when failures or breaches occur. There is a consistent warning that stacking solutions or outsourcing core functions without redefining operational control creates gaps between action and oversight.For MSPs and IT leaders, the key takeaway is that security risk is no longer defined by missing technology but by unclear governance, undefined authority, and misaligned incentives. Without explicit contractual and operational delineation of responsibility when deploying AI and automation, service providers are increasingly exposed to liability by default. The advice is to move beyond tool-centric strategies and focus on process clarity: define who authorizes, audits, and terminates non-human identities; establish which parties approve automation actions; and ensure clients understand shared responsibilities to mitigate silent risk accumulation. Four things to know today00:00 TechAisle Warns SMB Security Will Shift in 2026 as Identity Attacks and AI Agents Redefine Risk05:44 AI Moves Deeper Into Critical Infrastructure as Open-Source and Human Weaknesses Expand the Attack Surface09:35 MSP Security Platforms Automate Phishing Prevention and MDR—Outpacing Governance and Control Models12:12 AI-Powered MSP Tools Promise Control and Efficiency, But Shift Responsibility by Default This is the Business of Tech.    Supported by:  https://scalepad.com/dave/

　独立行政法人情報処理推進機構（IPA）は12月23日、WatchGuard Fireboxの脆弱性について発表した。影響を受けるシステムは以下の通り。

Trump signs the National Defense Authorization Act for 2026. Danish intelligence officials accuse Russia of orchestrating cyberattacks against critical infrastructure.  LongNosedGoblin targets government institutions across Southeast Asia and Japan. A new Android botnet infects nearly two million devices. WatchGuard patches its Firebox firewalls. Amazon blocks more than 1,800 North Korean operatives from joining its workforce. CISA releases nine new Industrial Control Systems advisories. The U.S. Sentencing Commission seeks public input on deepfakes. Prosecutors indict 54 in a large-scale ATM jackpotting conspiracy. Our guest is Nitay Milner, CEO of Orion Security, discussing the issue with data leaking into AI tools, and how CISOs must prioritize DLP. Riot Games finds cheaters hiding in the BIOS. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Nitay Milner, CEO of Orion Security, discusses the issue with data leaking into AI tools, and how CISOs must prioritize DLP. Selected Reading Trump signs defense bill allocating millions for Cyber Command, mandating Pentagon phone security (The Record) Denmark blames Russia for destructive cyberattack on water utility (Bleeping Computer) New China-linked hacker group spies on governments in Southeast Asia, Japan (The Record) 'Kimwolf' Android Botnet Ensnares 1.8 Million Devices (SecurityWeek) New critical WatchGuard Firebox firewall flaw exploited in attacks (Bleeping Computer) Amazon blocked 1,800 suspected DPRK job applicants (The Register) CISA Releases Nine Industrial Control Systems Advisories (CISA.gov) U.S. Sentencing Commission seeks input on criminal penalties for deepfakes (CyberScoop) US Charges 54 in Massive ATM Jackpotting Conspiracy (Infosecurity Magazine) Riot Games found a motherboard security flaw that helps PC cheaters (The Verge) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Ransomware payments may be falling, but attackers are not retreating—they are shifting their focus upstream to hypervisors, where a single compromise can undo years of layered security investment. This change fundamentally alters the risk equation for MSPs whose architectures emphasize shared infrastructure and efficiency. Lower payments reflect reduced victim capacity, not reduced attacker effectiveness, forcing adversaries to increase the impact of each successful breach. Recovery speed, architectural resilience, and catastrophic-failure planning now matter more than detection narratives.At the same time, regulators are tightening expectations around AI safety while modernization funding stalls. State attorneys general are warning major AI vendors about harmful outcomes involving minors, even as Congress allows critical federal IT modernization funding to lapse. This leaves implementers operating in environments where AI is treated as production infrastructure but lacks the controls, funding, and policy clarity required to manage risk. In these conditions, responsibility concentrates on service providers without corresponding authority.Concerns over AI transparency deepen as OpenAI's shift to a for-profit model triggers internal resignations and allegations of suppressed economic impact research. When AI vendors control both platforms and narratives, ecosystem participants lose access to inconvenient truths about displacement, quality degradation, and operational disruption. MSPs experience these impacts directly, often after automation decisions have already reshaped staffing, workflows, and customer expectations.Security vendors are responding by introducing AI governance and control-layer tools, but carefully stopping short of owning outcomes. From AI detection and response to bundled copilots, zero-trust packages, and expanded vulnerability scanning, the message is consistency and experimentation—not accountability. As AI systems move from passive tools to active decision-makers, governance becomes an ongoing service rather than a product feature. MSPs that fail to price, document, and limit decision risk will inherit liabilities they cannot automate away. Four things to know today 00:00 Ransomware Payments Fall 33% as Attacks Persist and Shift Toward Hypervisors04:33 State Attorneys General Warn OpenAI, Microsoft, and Apple on AI Child Safety as Federal IT Modernization Funding Stalls08:24 Former OpenAI Employees Raise Transparency Concerns as Economic Impact Research Is Curtailed10:51 CrowdStrike, Microsoft, Vectra, WatchGuard, and LevelBlue Push AI Security Controls Without Owning Outcomes This is the Business of Tech.    Supported by:  https://mailprotector.com/mspradio/

nanoKVM Vulnerabilities The nanoKVM device updates firmware insecurely; however, the microphone that the authors of the advisory referred to as undocumented may actually be documented in the underlying hardware description. https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in-sipeed-nanokvm Ghostframe Phishing Kit The Ghostframe phishing kit uses iFrames and random subdomains to evade detection https://blog.barracuda.com/2025/12/04/threat-spotlight-ghostframe-phishing-kit WatchGuard Advisory WatchGuard released an update for its Firebox appliance, fixing ten vulnerabilities. Five of these are rated as High. https://www.watchguard.com/wgrd-psirt/advisories

En un contexto donde la ciberseguridad migra hacia plataformas unificadas y servicios gestionados, WatchGuard ha nombrado a Joe Smolarski como CEO para impulsar la innovación, reforzar la operación global y consolidar el crecimiento del ecosistema de partners que sustenta su estrategia MSP a nivel mundial.

In this episode of Partnerships Unraveled, we sit down with Miguel Carrero, VP of Global Partner Ecosystem Growth at WatchGuard, a seasoned leader with a rare blend of experience across startups, private equity-backed firms, and large enterprises. Miguel shares his channel philosophy shaped by decades of working across partner models, market segments, and organizational structures.We unpack what it means to “meet partners where they are” moving beyond legacy segmentation models to frameworks that prioritize partner business models, motivations, and operational needs. Miguel outlines how WatchGuard reimagines partner tiering through training engagement and value alignment, ensuring programs resonate with everyone from boutique MSSPs to high-volume VARs. For channel professionals looking for practical tactics to better segment, enable, and motivate partners across the spectrum, this one's a must-listen.Tune in to gain proven perspectives on sustainable partner profitability, modern channel marketing, and how true partner-centric DNA, backed by executive sponsorship and organizational design, can drive scalable success._________________________Learn more about Channext

It isn t always defaults: Scans for 3CX Usernames Our honeypots detected scans for usernames that may be related to 3CX business phone systems https://isc.sans.edu/diary/It%20isn%27t%20always%20defaults%3A%20Scans%20for%203CX%20usernames/32464 Watchguard Default Password Controversy A CVE number was assigned to a default password commonly used in Watchguard products. This was a documented username and password that was recently removed in a firmware upgrade. https://github.com/cyberbyte000/CVE-2025-59396/blob/main/CVE-2025-59396.txt https://nvd.nist.gov/vuln/detail/CVE-2025-59396 JavaScript expr-eval Vulnerability The JavaScript expr-eval library was vulnerable to a code execution issue. https://www.kb.cert.org/vuls/id/263614

En este episodio los anfitriones e invitados discuten la naturaleza ineludible de la ciberinseguridad en la era digital, señalando que siempre se vivirá con la incertidumbre de la ciberinseguridad y que no habrá un escenario de seguridad al 100%. Utilizan la analogía de conducir un coche para explicar la necesidad de una concienciación constante, cultura y herramientas, comparándolo con la necesidad de medidas de seguridad y protección para conducir. Los temas clave cubiertos incluyen un reciente ciberataque a servidores de Microsoft que ha comprometido infraestructuras clave o críticas en Estados Unidos y Europa. Esto se explica a través de una vulnerabilidad en la versión de SharePoint, una herramienta interna utilizada para compartir ficheros en organizaciones, no en la versión (365). Además, la conversación aborda las responsabilidades legales en casos de fraude bancario, citando específicamente una noticia (publicada por La Voz de Asturias) sobre un fallo judicial donde la Audiencia Provincial de Oviedo determinó que Unicaja tenía que devolver 18.000 € a un cliente. Esta restitución se debió a la falta de medidas de protección adecuadas del banco contra el por SMS, responsabilizando a Unicaja por no proteger adecuadamente el proceso de autogestión. Finalmente, un segmento con un representante de Panda Security (ahora WatchGuard) ofrece un balance provisional de mitad de año (2025) sobre las amenazas de ciberseguridad. Este balance enfatiza el aumento de ataques más sofisticados y automatizados, impulsados por la inteligencia artificial. Entre las amenazas destacadas se encuentran el perfeccionamiento de las técnicas de (incluyendo el o hiperpersonalizado) y la creación de "extremadamente realistas". Las recomendaciones para el consumidor incluyen el uso de herramientas como una VPN (para crear un túnel cifrado, especialmente útil en WiFis públicas) y reforzar la autenticación, usando contraseñas robustas y activando la verificación en dos pasos en cuentas sensibles. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/

The hosts and guests discuss the inescapable nature of cyber insecurity in the digital age, using the analogy of driving a car to explain the need for constant awareness and protective measures. Key topics covered include a recent Microsoft cyberattack compromising critical infrastructure, which is explained through the vulnerability in the on-premise version of SharePoint. Additionally, the conversation addresses the legal responsibilities in banking fraud cases, specifically citing a ruling where Unicaja had to reimburse a customer due to inadequate security measures against SMS phishing. Finally, a segment with a representative from Panda Security (now WatchGuard) offers a mid-year balance of cybersecurity threats, emphasizing the rise of sophisticated, AI-powered attacks like personalized phishing and deepfakes, and provides consumer recommendations such as using a VPN and strong authentication. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/

OpenAI patches a ChatGPT flaw that could have exposed Gmail data. CISA documents malware exploiting two Ivanti Endpoint Manager Mobile (EPMM) flaws. WatchGuard patches a critical flaw in its Firebox firewalls. MI6 launches a dark web snitch site. The DoD looks to cut its cybersecurity job hiring time just 25 days. Researchers trick ChatGPT agents into solving CAPTCHAs. A UK teen faces accusations of being part of the Scattered Spider gang. The Senate confirms a new assistant secretary of defense for cyber policy. A former CIA officer is accused of selling classified information to private clients. Karin Ophir Zimet, Torq's Chief People Officer, is speaking with N2K Senior Workforce Analyst Will Markow about their internship program for upleveling AI skills. Russia's AI propaganda goes prime time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Karin Ophir Zimet, Torq's Chief People Officer, is speaking with N2K Senior Workforce Analyst Will Markow about their internship program for upleveling AI skills. Selected Reading OpenAI Fixed ChatGPT Security Flaw That Put Gmail Data at Risk (Bloomberg) CISA Analyzes Malware From Ivanti EPMM Intrusions (SecurityWeek) WatchGuard Issues Fix for 9.3-Rated Firebox Firewall Vulnerability (HackRead) MI6 upgrades dark web portal to recruit new spies (The Register) DOD official: We need to drop the cybersecurity talent hiring window to 25 days (CyberScoop) ChatGPT Tricked Into Solving CAPTCHAs (SecurityWeek) Scattered Spider teen cuffed after crypto splurge on games (The Register) Senate confirms Sutton as Pentagon cyber policy chief (The Record) Contractor Used Classified CIA Systems as ‘His Own Personal Google' (404 Media) Russian State TV Launches AI-Generated News Satire Show (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

CTRL-Z DLL Hooking Attackers may use a simple reload trick to overwrite breakpoints left by analysts to reverse malicious binaries. https://isc.sans.edu/diary/CTRL-Z%20DLL%20Hooking/32294 Global Admin in every Entra ID tenant via Actor tokens As part of September s patch Tuesday, Microsoft patched CVE-2025-55241. The discoverer of the vulnerability, Dirk-jan Mollema has published a blog post showing how this vulnerability could have been exploited. https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/ WatchGuard Firebox iked Out of Bounds Write Vulnerability CVE-2025-9242 WatchGuard patched an out-of-bounds write vulnerability, which could allow an unauthenticated attacker to compromise the devices. https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00015 NVidia Triton Inference Server NVIDIA patched critical vulnerabilities in its Triton Inference Server. https://nvidia.custhelp.com/app/answers/detail/a_id/5691

Das Wartungsfenster hat aufgerüstet und das Kaminzimmer hat jetzt eine Couch, wenn auch keine Therapiecouch. Die bräuchten wir eigentlich, denn WatchGuard hat es geschafft, ein paar ziemlich hässliche Schwachstellen in die aktuelle Firmware einzubauen. Und als ob das noch nicht genug wäre, haben die US-Behörden den Merger zwischen HPE und Juniper gestoppt. Das heißt, es gibt kein "commit confirm" auf AOS-CX.

What threats do security leaders need to worry about? Answer this question and more with Corey Nachreiner, CISO at WatchGuard.

This episode is a part of a special series of interviews conducted at the INCH360 Cybersecurity Conference in Spokane, Washington. Visit their website to learn more about INCH360 and their mission. In this episode, Jethro Jones interviews Hunter Weiffenbach from WatchGuard. They discuss the importance of WatchGuard's presence at the event, their focus on SMB market simplicity, the challenges of cybersecurity education, and resources available for students and IT professionals. We're thrilled to be sponsored by IXL. IXL's comprehensive teaching and learning platform for math, language arts, science, and social studies is accelerating achievement in 95 of the top 100 U.S. school districts. Loved by teachers and backed by independent research from Johns Hopkins University, IXL can help you do the following and more:Simplify and streamline technologySave teachers' timeReliably meet Tier 1 standardsImprove student performance on state assessments

The episode highlights a surge in small business digital transformation initiatives, with over 80% of surveyed leaders either adopting or considering AI technology. This trend is accompanied by a forecasted 40% increase in capital expenditures, reflecting a strong optimism among business leaders regarding future profits and sales. The episode also notes a recovery in the global smartphone market, driven by consumer demand for ultra-premium devices, and a substantial rise in data center spending, primarily fueled by hyperscalers and enterprise investments.The podcast delves into the job market, reporting that the U.S. added 256,000 jobs in December 2024, marking the largest increase since March. Unemployment rates fell to 4.1%, with wages rising by 3.9% year-over-year. CompTIA's report indicates a growth of 7,000 tech jobs in December, despite losses in PC and semiconductor manufacturing. The demand for roles in software development, IT project management, and cybersecurity remains robust, with nearly half of job postings not requiring a four-year degree, suggesting increased accessibility in tech careers.In a significant industry shift, the Computing Technology Industry Association has rebranded to the Global Technology Industry Association (GTIA), focusing on serving the IT channel. This change follows the sale of CompTIA's training and certification business, which will now operate separately. The GTIA aims to maintain affordable membership dues while expanding charitable initiatives in technology. Meanwhile, Kaseya's CEO Fred Voccola transitions to vice chairman, leaving behind a legacy of growth as the company seeks a new leader to navigate its future.The episode also covers recent acquisitions, including WatchGuard Technologies' purchase of ActZero, a threat analysis startup, and 1Password's acquisition of Trellica, a provider of SaaS access management tools. These moves reflect a broader trend of platform expansion within the tech industry. Four things to know today 00:00 Big Wins for Tech: AI Booms, Jobs Climb, and Small Businesses Bet Big on Transformation05:32 From CompTIA to GTIA: What the Rebrand Means for the IT Channel's Future06:36 Fred Voccola Passes the Torch at Kaseya—What's Next for the $1.5B Powerhouse?07:56 WatchGuard and 1Password Make Big Moves—Platform Expansion, Security, and SaaS Simplified Appearance on IT Business Podcast https://youtu.be/FCDmm2p_noc?si=WVcUxjLv71vGwjpb  Supported by:  https://www.huntress.com/mspradio/https://mspradio.com/engage/   All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Hoy conversamos en vivo desde nuestro estudio en el Tema del Día con Carlos Martínez, Gerente de Territorio Norte de Latinoamérica WatchGuard Technologies. Especialista en ciberseguridad y Speaker internacional en temas de liderazgo y transformación digital en 12 países de Latinoamérica.

https://youtu.be/jE2m_BO_yyY This week on the podcast we cover the WatchGuard Threat Lab's Internet Security Report from Q1. In this episode, we discuss the latest trends in malware detections at the network and the endpoint, network attack trends, and malicious domains that targeted WatchGuard customers around the world.

https://youtu.be/uo9m0hHQua4 In a very special episode of #the443Podcast, WatchGuard Director of Security Operations, Marc Laliberte sits down with Seattle Kraken Cybersecurity Engineer, Ryan Willgues to discuss how Ryan got his start in IT, what it's like working for an NHL franchise, how the Kraken have deployed WatchGuard's Unified Security Platform, and much more.

https://youtu.be/iYM3y85hEkM This week on the podcast, we're joined by Ryan Estes, a member of WatchGuard's Zero-Trust Application Service classification team and resident ransomware expert to discuss the wild month in ransomware news. We start the episode with a story about a fake ransomware operator that scammed cybercriminals out of tens of thousands of dollars before discussing two major Ransomware-as-a-Service operators that have had a pretty rough couple of weeks.

Corey Nachreiner returns to our show to share his experiences and the remarkable work done by the WatchGuard Threat Lab research team. We kick off by reflecting on his journey over the past year, setting the stage for a deep dive into WatchGuard's cybersecurity predictions for 2024.  These predictions aren't just speculative; they are a window into the future challenges and opportunities in the realm of cybersecurity. Corey discusses the intriguing concept of "Prompt Engineering," a potential vulnerability in large language models (LLMs) that could lead to significant data leaks. He elaborates on the growing trend of AI/ML-based social engineering, with a particular focus on phishing automation kits sold on the dark web, presenting a formidable challenge for organizations worldwide. We then shift our focus to the rise of AI-driven voice phishing (vishing) attacks. Corey explains how the combination of deepfake audio and LLMs could lead to an alarming increase in sophisticated vishing calls. The conversation also covers the vulnerabilities associated with the widespread use of QR codes, revealing the risks of what seems like a simple technology. A particularly fascinating segment delves into the emerging threats in the realm of virtual and mixed reality (VR/MR). Corey shares insights on how hackers could potentially steal detailed environmental data from VR/MR headsets, a concerning prospect for privacy and security. The episode also highlights the crucial role of Managed Service Providers (MSPs) in addressing the cybersecurity talent shortage. Corey discusses how MSPs are leveraging automated platforms to double their security services, despite the skills gap in the industry. In closing, we explore the broader trends shaping the cybersecurity landscape in 2024 and beyond. Corey offers strategic advice on how organizations can adapt and prepare for these evolving threats. We also ponder over the future threat landscape, considering the impact of emerging technologies on cybersecurity.

Our special guest is Steven McEvoy, an IT Professional and Project Manager for MME Consulting, a computer company specializing in serving dental practices nationwide. Steve is here to discuss cyber security. He exposes the loopholes, but he also provides solutions. Orthodontic practices are lucrative, making them a prime target for hackers who can leverage you and hold your data as ransom. This episode is a must-listen-to protect your data from ransomware and bad actors.   IN THIS EPISODE: [0:00] Dr Leon introduces today's topic: Cyber Security.  [4:04] Steve explains why an orthodontic practice is ripe for cyber attack.  [6:53] Steve discusses antivirus programs and has suggestions on next-gen antivirus software for orthodontic practices.  [11:19] Steve describes how a hacker can fool a staff member.  [17:14] Listener, Mark Bronski, asks how to start protecting your practice from cyber attacks? [22:28] Steve discusses the value of staff training and using a password manager.  [28:25] Steve discusses the question of having your information in the crowd.    KEY TAKEAWAYS:  [3:35] Why is an orthodontic practice a target for cyber security threats? [7:00] Do we still need antivirus software on my computer, and is it effective to fight off the next-gen cyber attacks? [11:11] How do you define this phenomenon? Is it phishing scams or social engineering? How do you define it? RESOURCE LINKS People + Practice  - Website Leon - Email Amy - Email Steve McEvoy Email MME Consulting - Website   QUOTES:  “Every new ransomware attack is a unique thing. So an old school antivirus program was used to look for a particular pattern, an executable file that's coming in attached to an email. If it matched that pattern, it would stop it. But now it's a hacker that makes something that's completely dynamic. So there are better antivirus tools that are out there today. I refer to them as next-gen antiviruses, and they're available from multiple companies.” Steve McEvoy   “All practices should be monitored. If someone's out shopping for one, the buzzword is an EDR. An EDR solution stands for endpoint detection and response. They're available from multiple companies like Sentinel 1 and WatchGuard.” - Steve McEvoy  

Corey Nachreiner, CSO at WatchGuard, joins me in a conversation about the latest cybersecurity predictions for 2023 from WatchGuard's Threat Lab research team. Our guest then shares the story behind the batch of predictions for 2023, offering different takes on potential hacks and attacks in various categories.  We discuss two matchups: “Insurers Going Vertical” and “Targeting Vendors and Partners.” Then, moving on, we explore the hype around the metaverse and web3 and question whether we could see a Big Metaverse Hack this year too. One of the standout predictions is the potential surge in MFA-targeted Social Engineering Attacks. Our guest expands on this trend and explains the prediction regarding Hacking AI Robotaxis in a simple and accessible way as if explaining it to a five-year-old. The podcast also explores the prediction regarding Vulnerability Proliferation through AI Coding Tools, discussing how AI tools could empower script kiddies to write malware and write more convincing phishing emails. Sponsored VPN Offer https://www.piavpn.com/techtalksdaily

*Threat Hunting Workshop: Hunting for Lateral Movement March 22nd | 12:00 – 1:00 PM ET Earn your “Lateral Movement – Level 1” certification

Mark Romano, Senior Director of Worldwide Channel Programs and Field Engagement at WatchGuard, joins "The Holtz Story" to discuss the state of cybersecurity today. The podcast opens with a discussion of WatchGuard's Internet Security Report and some current trends, including increases in ransomware and malware. Tracy and Mark discuss the need for multiple layers of security and the focus on Zero Trust. Mark shares how the acquisition of Panda Security is helping WatchGuard with Zero Trust. He also shares some of his thoughts about WatchGuard's acquisition strategy. The conversation shifts to MSP needs. WatchGuard is paying close attention to the needs of MSPs such as SOC and detection and response. Tracy and Mark also discuss how MSSPs are working with MSPs to evolve their service offerings. The conversation concludes with a discussion on the talent gap, burnout, and the need to develop more talent.We hope you enjoy the show. Please share it with colleagues and remember to subscribe using your favorite podcast platform (I.e., iTunes, Stitcher, Spotify, Google Podcasts, etc.).

Como invitados han intervenido Santiago Campuzano, Director General de Veeam; Felix García, Director General de Zertia; Felix de la Fuente, Director General de Hornet Security; y Carlos Vieira, Director General de WatchGuard. También con el gerente de la Asociación Aslan, Francisco Verderas.

This week on the podcast we take a look back at our 2022 cybersecurity predictions and give ourselves a grading on how well we did. From cyber insurance to space hacks, we'll cover each of the 6 predictions we made last December and discuss why we think they did or did not come to fruition. As mentioned on the episode, several WatchGuard employees are participating in "Mo-vember" to raise awareness and contributions for men's health charities. Check out our page, and Corey's amazing mustache, at - https://nl.movember.com/en/team/2435885

A little shame in your life isn't a problem. Piles of the stuff is a different story. While we ponder how things went this badly wrong, you can enjoy this week's episode, in which Matt, Rich, and returning guest host—MSP, security expert, and ChannelPro Peer of the Year Oli Thordarson of Alvaka Networks—discuss the latest enhancement to Sophos MDR, the latest partner resources from D&H, the new partner program from NetApp, and the secrets to successfully onboarding and offboarding managed services clients. Then they're joined by Corey Nachreiner, chief security officer at WatchGuard, for a tour through that vendor's latest Internet Threat Report. Scary yet fun stuff just in time for Halloween, and not the slightest bit shameful. Subscribe to ChannelPro Weekly! iTunes: https://itunes.apple.com/us/podcast/channelpro-weekly-podcast/id1095568582?mt=2 Google Podcasts: https://podcasts.google.com/feed/aHR0cHM6Ly9jaGFubmVscHJvd2Vla2x5LmxpYnN5bi5jb20vcnNz?sa=X&ved=2ahUKEwjq-N3UvNHyAhVWPs0KHYdTDmkQ9sEGegQIARAF Spotify: https://open.spotify.com/show/7hWuOWbrIcwtrK6UJLSHvU Amazon Music: https://music.amazon.com/podcasts/a1d93194-a5f3-46d8-b625-abdc0ba032f1/ChannelPro-Weekly-Podcast More here: https://www.channelpronetwork.com/download/podcast/channelpro-weekly-podcast-episode-244-piles-shame Topics and Related Links Mentioned: Sophos Integrates MDR Service with Third-Party Security Solutions - https://www.channelpronetwork.com/news/sophos-integrates-mdr-service-third-party-security-solutions Undeterred by Recession Fears, D&H Is Rolling Out New Partner Resources - https://www.channelpronetwork.com/news/undeterred-recession-fears-dh-rolling-out-new-partner-resources NetApp Introduces All-New Partner Program - https://www.channelpronetwork.com/news/netapp-introduces-all-new-partner-program The Art of Onboarding and Offboarding - https://www.channelpronetwork.com/article/art-onboarding-and-offboarding WatchGuard Internet Security Report - Q2 2022 - https://www.watchguard.com/wgrd-resource-center/security-report-q2-2022 WatchGuard Secplicity site - https://www.secplicity.org/ Rich's quickie preview of the week ahead

This week on the podcast, we focus on highlighting WatchGuard's Q2 Internet Security Report, covering the latest threat trends and what you can do to avoid them. However, we also pack in our security news segment, with an Optus breach update from an Australian IT and security expert and WatchGuard Partner, the latest on the UBER CSO trial, and a warning about the recent zero day Exchange exploit that some call ProxyNotShell. This week's episode is a long one, so grab a fresh coffee and listen during a long walk or drive.

BlackByte is back. Iran suspected of cyber operations against four Israeli sectors. A look at wipers as a tool in hybrid war. A Russian cyber ops scorecard. Josh Ray from Accenture on how dark web actors are focusing on VPNs. Our guest is Corey Nachreiner from WatchGuard with findings of their latest Internet Security Report. Cyber war clauses coming to cyber insurance policies. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/156 Selected reading. BlackByte ransomware gang is back with new extortion tactics (BleepingComputer)  Suspected Iranian Actor Targeting Israeli Shipping, Healthcare, Government and Energy Sectors | Mandiant (Mandiant) Russia-Ukraine cyberwar creates new malware threats  (VentureBeat) Global Threat Landscape Report: A Semiannual Report by FortiGuard Labs (Fortinet)  Overview of the Cyber Weapons Used in the Ukraine - Russia War (Trustwave SpiderLabs) Lloyd's sets requirements for state-backed cyber attack exclusions (Insurance Day)

Patch notes, and the risks associated with failure to patch. Finland's parliament comes under cyberattack. Killnet says there will be blood, but they may just be grandstanding for the home crowd. Cyberattacks against a UK firm that's criticized Russia's war. We're joined by FBI Cyber Division AD Bryan Vorndran and Adam Hickey, deputy assistant attorney general for the National Security Division with an introduction to Watchguard. Our guest is Matthew Warner from Blumira with tips on avoiding burnout. And not all criminal organizations are working for Russia. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/151 Selected reading. Already Exploited Zero-Day Headlines Microsoft Patch Tuesday (SecurityWeek)  Microsoft August 2022 Patch Tuesday fixes exploited zero-day, 121 flaws (BleepingComputer). IBM Patches High-Severity Vulnerabilities in Cloud, Voice, Security Products (SecurityWeek) Adobe Patch Tuesday: Code Execution Flaws in Acrobat, Reader (SecurityWeek)  ICS Patch Tuesday: Siemens, Schneider Electric Fix Only 11 Vulnerabilities (SecurityWeek)  VMSA-2022-0022 (VMware)  Emerson OpenBSI (CISA)  Emerson ControlWave (CISA) Mitsubishi Electric GT SoftGOT2000 (CISA)  Multiple attackers increase pressure on victims, complicate incident response (Sophos News) Life After Death—SmokeLoader Continues to Haunt Using Old Vulnerabilities (Fortinet Blog)  NBI launches probe into attack on Finnish Parliament site (Yle) Russian hacker warns cyberwarfare will turn deadly (Newsweek)  Russian hacker warns cyberwarfare will turn deadly (Newsweek) Suspected Russian cyber attack on British soil as firm subjected to ‘daily' hacks (The Telegraph) Meet DUMPS Forum: A pro-Ukraine, anti-Russia cybercriminal forum | Digital Shadows (Digital Shadows)

On this week's Cyber Report, sponsored by Fortress Information Security, Robert Salvia, Fortress' vice president for professional services, discusses WatchGuard's first quarter threat report on ransomware, how threat awareness is improving and the balance between good guys and bad ones; and Philip Niedermair and David Moon of the National Cyber Group discuss how the company is working to fill a growing workforce gap that needs to be bridged for the nation's security and economic prosperity, and the need for better through life cyber literacy and education with Defense & Aerospace Report Editor Vago Muradian.

On this week's show Patrick Gray, Adam Boileau and Dmitri Alperovitch discuss the week's security news, including: Ukraine foils Russian ICS hack US Government burns someone's ICS toolkit China gets all up in India's energy gridz The Heroku/Hithub/Travis CI story is very confusing US DOJ removes GRU malware from Watchguard boxes under Rule 41 North Korea behind $540m crypto hack Much, much more This week's sponsor interview is with Scott Kuffer, co-founder of Nucleus Security, and Jared Semrau of Mandiant. They'll be joining us to talk about how you can now plug Mandiant data into the Nucleus vulnerability scan aggregator. Links to everything that we discussed are below and you can follow Patrick, Dmitri or Adam on Twitter if that's your thing. Show notes Ukraine foiled Russian cyberattack that tried to shut down energy grid (4) Catalin Cimpanu on Twitter: "Days later... anyone managed to confirm or debunk this?" / Twitter (4) Matthew Garrahan on Twitter: "Ukraine has since adapted a government app so that people can more easily upload information about Russian military positions https://t.co/oWRctXBTxU" / Twitter Pipedream Malware: Feds Uncover 'Swiss Army Knife' for Industrial System Hacking | WIRED Suspected Chinese hackers are targeting India's power grid Lawmakers ask Energy Department to take point on sector digital security - The Record by Recorded Future Threat of Russian cyberattack prompts energy firms to collaborate with U.S. government - The Washington Post US says it disrupted Russian botnet 'before it could be weaponized' DOJ's Sandworm operation raises questions about how far feds can go to disarm botnets Microsoft seizes internet domains linked to GRU cyberattacks against Ukraine WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers | Ars Technica Microsoft uses court order to disrupt ZLoader botnet - The Record by Recorded Future DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii US agency attributes $540 million Ronin hack to North Korean APT group - The Record by Recorded Future Chemical sector targeted by North Korea-linked hacking group, researchers say - The Record by Recorded Future U.S. offers $5 million for info on North Korean cyber operators - The Record by Recorded Future Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators | The GitHub Blog After a brief decline, organizations once again are bombarded with ransomware - The Record by Recorded Future BlackCat ransomware group claims attack on Florida International University - The Record by Recorded Future North Carolina A&T hit with ransomware after ALPHV attack - The Record by Recorded Future Ransomware groups go after a new target: Russian organizations - The Record by Recorded Future T-Mobile Secretly Bought Its Customer Data from Hackers to Stop Leak. It Failed. Experts warn of concerns around Microsoft RPC bug - The Record by Recorded Future Make phishing great again. VSTO office files are the new macro nightmare? | by Daniel Schell | Apr, 2022 | Medium VMware patches critical flaws in Workspace ONE Access identity management software | The Daily Swig Researcher finds cryptomining malware targeting AWS Lambda - The Record by Recorded Future Apple paid out $36,000 bug bounty for HTTP request smuggling flaws on core web apps – research | The Daily Swig Hackers steal more than $11 million from Elephant Money DeFi platform - The Record by Recorded Future WonderHero game disabled after hackers steal $320,000 in cryptocurrency - The Record by Recorded Future 'We Are Fucked': Crypto Stablecoin Collapses After $182M Hack The Original APT: Advanced Persistent Teenagers – Krebs on Security

RaidForums hacker marketplace shut down in cross-border law enforcement operation Sandworm hackers fail to take down Ukrainian energy provider CISA warns of Russian state hackers exploiting WatchGuard bug Thanks to our episode sponsor, Code42 Surprise! Surprise! Five years from now, Jamie, who's resigning today, will ring the NASDAQ bell officially launching her company on the public market. And what you'll soon realize is that Jamie stole your most valuable data to start her new company. Learn how Code42 Incydr can stop data theft and protect your organizations' most valuable assets. Visit Code42.com/showme to learn more. For the stories behind the headlines, head to CISOseries.com.

GRU deploys Industroyer2 against the Ukrainian energy sector. NB65 counts coup against Roscosmos. Anonymous doxes three more Russian companies. President Putin purges the FSB's Fifth Service. CISA warns of an exploited firewall vulnerability. Medical robots' vulnerabilities are remediated. A Cyber Civil Defense effort in the US. Ben Yelin on newly passed cyber legislation. Our guest is Chase Snyder from ExtraHop to discuss their recent Cyber Confidence Index. And good riddance to RaidForums. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/70 Selected reading. Russia's Reset (New York Times) Russia will not pause military operation in Ukraine for peace talks (Reuters)  Industroyer2: Industroyer reloaded | WeLiveSecurity (WeLiveSecurity) CERT-UA warns of large-scale cyber attack on energy sector (Interfax-Ukraine) Russia's space programme hit by western cyber attack (The Telegraph) Anonymous Hits 3 Russian Entities, Leaks 400 GB Worth of Emails (HackRead)  Russia's Ukraine Propaganda Has Turned Fully Genocidal (Foreign Policy)  Russia-Ukraine latest news: Vladimir Putin vows ‘clear and noble' aims of Russian invasion will be achieved (The Telegraph) CISA warns orgs of WatchGuard bug exploited by Russian state hackers (BleepingComputer) CISA Adds Eight Known Exploited Vulnerabilities to Catalog (CISA)  Cynerio Discovers and Discloses JekyllBot:5, a Series of Critical Zero-Day Vulnerabilities Allowing Attackers to Remotely Control Hospital Robots (Cynerio) Craig Newmark Philanthropies Pledges $50 Million to Cyber Civil Defense (Global Cyber Alliance) 

An update on US cyber defensive operations and the war in Ukraine. You can't tell your oligarchs without a scorecard. Google ejects data-harvesting apps from Play. China preps the cyber battlespace against India's power grid. More moves against Hydra Market. Bearded Barbie's catphishing. Betsy Carmelite from BAH on a blueprint for achieving a secure and resilient dot gov. Our guest is Padraic O'Reilly from CyberSaint with a fresh look at ransomware. And your majesty, meet this here dissident, who also needs to move money for the best of reasons…. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/67 Selected reading. Pentagon: Russia has fully withdrawn from Kyiv, Chernihiv (Washington Post)  Zelenskyy tells UN: Act now on Russia or dissolve yourself altogether (Atlantic Council)  DoJ takes down Russian botnet that targeted WatchGuard and Asus routers (ZDNet)  FBI Disables "Cyclops Blink" Botnet Controlled by Russian Intelligence Agency (SecurityWeek)  Justice Department Announces Court-Authorized Disruption of Botnet Controlled by the Russian Federation's Main Intelligence Directorate (GRU) (US Department of Justice)  Adversarial Threat Report (Meta) Facebook cracks down on covert influence networks targeting Ukraine (Washington Post) Russian-backed hackers broke into Facebook accounts of Ukrainian military officials (CBS News)  Britain slaps sanctions on Russia's biggest bank  (The Telegraph)  Russia hit with new round of U.S. sanctions as Biden decries 'major war crimes' (Reuters)  U.S. to Sanction Putin Children, Banks Over Bucha Atrocities (Bloomberg) The Forbes Ultimate Guide To Russian Oligarchs (Forbes)  Suspected Chinese Hackers Collect Intelligence From India's Grid (Bloomberg)  Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group (Recorded Future)  Operation Bearded Barbie: APT-C-23 Campaign Targeting Israeli Officials (Cybereason)  Google Bans Apps With Hidden Data-Harvesting Software (Wall Street Journal) The Nigerian Prince Scam, with a Russian Twist (Avanan)

On today's Network Break we discuss potential impacts of the coronavirus pandemic on Internet loads, conferences and events, VPNs and working from home, and other tech areas. We also examine Aruba's new Air Pass and Air Slice offerings, drill into VMware's massive Tanzu and vSphere 7 releases, a WatchGuard acquisition, and more. Guest pontificator Ned Bellanvance comes along for the ride.