Last week, Sophos promoted Scott Barlow to chief evangelist and global head of community. In his new role, Barlow will continue to play a key role in shaping the managed detection and response (MDR) provider’s support of MSPs.

I caught up with Barlow last month at Channel Partners Conference 2025, when he was merely the vendor’s VP of global MSP and cloud alliances. He offered advice for MSPs selling cybersecurity and a sneak peek at what Sophos will do with recently required Secureworks.

Highlights of the conversation (click the video above for the entire interview):

• “We see three major [cybersecurity] trends right now. The first is cyber criminals are actually attacking machines that are either end-of-life or not protected. The second is AI. Cyber criminals leveraging AI to enhance their phishing attacks and the simulations and so forth. And the third is MSPs are being attacked because they hold the keys to the castle, and once the MSP is breached, the cybercriminal would have access to all of that MSP’s customer base. And I'm going to add a bonus one, because Canalys came out with recent cyber security trends that said MDR frustrations will grow as expectations are not met.”
• “For a lot of MDR vendors, the ‘R’ is sometimes silent. And what I mean by that is, when you get into response, you want that response to be hands on keyboard as opposed to eyes on glass. You want the MSP and you want the vendor to actually go and help you do the remediation, or do the remediation on your behalf. You don't want the vendor to say, ‘Hey, MSP, here's a script, go fix the problem on your own.’”
• “No MSP should be having a Windows 7 machine running out there. If you have an unprotected machine or an end-of-life technology or software or an unpatched machine, that is how the hackers get in. Once they’re in, the cybercriminal will be able to access one machine that's on a domain, and there's a lot of lateral application because now they'll have domain access.”
• “MSPs should use the technology that they're deploying into their customer base in their own network so that they can become familiar with it and understand how to do the deployment configuration, and then they deploy it to their customers. So now you have a more holistic customer base that is secure, including yourself as the MSP. You have to secure yourself before you can secure your customer.”
• “I’m excited [about Secureworks] because we're going to add threat detection and response, we're going to add SIEM protection, and we're going to add risk assessment, and a lot of services for our MSPs in the future. I think over the next six to 12 months, you'll see a lot of additional enhancement, not only to the partner programs, but also to the technology that we offer and that MSPs can take and offer to their customers.”