This site is part of the Informa Connect Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

The MSP Summit

COUNTDOWN TO MSP SUMMIT

  • 00
    Days
  • 00
    Hrs
  • 00
    Mins
  • 00
    Secs
Sept 15-17, 2025
Loews Royal PacificOrlando, FL
How to Turn the Risks of AI Into Opportunities

Channel partners often dream about artificial Intelligence leading to a spike in sales. But AI can just as easily turn into a nightmare depending on how it is deployed. Nightmare scenarios include when an MSP’s efforts are seen to have caused security or privacy breaches, if a client chooses to simply turn it on with the MSP out of the loop, or if a deployment fails to deliver the value that clients want from their investments. But this potential risk is also a major opportunity.

The reasons for AI’s upside may not be what you imagine, or those typically touted by the big tech companies, AI developers and distributors, etc. Yes, there is the opportunity for potential substantial financial gain in selling and deploying AI. Some will make fortunes recklessly hawking licenses and handing them off to companies with no support. Others will assist in deploying it and some of those will benefit from the gold mine of work it takes to do it right. There is real potential for AI to inject efficiencies into MSP services and management. But there is something much bigger for MSPs that hope to remain MSPs.

This is an MSPs’ opportunity to reset the security conversation with clients and prospects while eating their own dog food. MSPs have a greenfield of opportunity. How? By using the AI value chain and preparation to drive deeper client engagement and increase willingness to invest in security. AI is a security and IT strategic management game changer. In my view, it is as much a threat as an opportunity if not deployed with comprehensive preparation. But AI is also one of the best drivers of business level conversations I have seen in decades of hype cycles. It opens the door for much deeper and more strategic conversations with clients about their business and strategic thinking. Because AI is still new to most and seen broadly by executives as empowering, MSPs have a great ability to explore the possibilities with clients.

Shadow AI Brings Grave Risks

To take advantage of this opportunity, partners must first understand a client’s goals and discuss project options. Next, they must weave in the critical AI risks and prepare for containment and safe and ethical use. With AI as the driver, you have a better chance of getting support and budget for IT improvements and security clients should have already. Too many firms jump to deployment without deep considerations. That results in failure to achieve desired outcomes and occurrence of security and privacy breaches.

According to Varonis’ 2025 State of Data Security Report, “90% of organizations have exposed sensitive cloud data, 98% have unverified applications including unsanctioned AI and 90% have sensitive files exposed to all employees via M365 Copilot.” Shadow AI is a growing problem in IT sprawl and partners need to understand and manage it to the degree they can. It is an exponentially higher risk that most areas of shadow technology.

Releasing agentic AI onto a network is like letting a snoopy employee or worse a neighbor rifle through your most intimate data and communications when you do not even know it. The data can be quickly released to other employees, neighbors, hackers or the public. This is what is likely to happen when AI is poorly deployed.

Consider your value proposition before deploying AI. Is it to make infrastructure improvements that are appropriate for AI use? Is it guiding the client to the right AI for them, or a combination of both? To deploy ethical and safe AI, you must get the basics of cyber security down pat. This means going back to the core of cyber security. When introducing AI into an environment, you must address: identity validation, role-based access controls and multifactor authentication, data location, data classification, data tagging and storage, encryption, governance and regulatory compliance, threat and access monitoring, incident response planning and other elements.

The pressure to just do AI and do it quickly is growing. Microsoft is already requiring Copilot payment whether it is used or not. There is an incessant competitive drive to show the world how forward thinking a business is by hanging the AI flag with or without real business drivers other than marketing. Clients are asking for AI, much faster than they asked for cloud or other technologies when they were still emerging. You need to get ahead of this market shift and not be cornered into delivering services or products that you or your clients are not prepared to handle.

Many MSPs I have spoken with openly acknowledge that they have not priced security in depth into their pricing. They also are vapor locked about how to explain to a client that they are not doing the more advanced security work that they should, because they are wary of the client response. Those who provide all inclusive IT have not priced these requirements into their services and many simply do not do it or cannot do it well due to profitability challenges. This is the perfect opportunity to broaden scope, increase rates and provide the protections that the client deserves. By being an AI champion MSPs can deepen their relationships, improve their position in the value chain and increase their profits at the same time. Are you ready to live the dream? Don’t let it turn into a nightmare.

Kevin McDonald is a 25-year cybersecurity OG and currently serves as COO and CISO for Alvaka.