MSPs need to harness the use of AI to provide their customers with the best cybersecurity solutions, says Ryan Bradbury, CTO at CyberLab, who has been working in the IT industry for almost two decades.
Bradbury said that given AI’s increasingly widespread adoption, MSPs must get on board with the technology to ensure their customers gain the full benefits of automation and improved decision-making within their security protocols and systems.
Bradbury has been working with MSPs for the last 18 years. After working as an IT manager, he started his own MSP, Avalon IT, in 2010, which was subsequently acquired by Active8 Managed Technologies.
Then, in 2020, Bradbury established CyberLab, an MSP, which, again, was acquired by Chess ICT in May 2023. Currently, in his role at CyberLab, he is responsible for the partner channel and the evolution of its cloud portal.
Among the biggest trends and developments Bradbury has seen in the cybersecurity market over the last 12 months have been the increasing uptake of AI and zero trust security. He said that following an exploratory phase where companies have been testing the boundaries of what AI is capable of, now they have entered an "arms race" phase, where they are putting large resources into bringing new products, services and tools which use the technology to market.
Deployed effectively, Bradbury said that AI can be used by MSPs to easily automate core security functions within their IT stack. That offers a big opportunity for MSPs to capitalise on by providing additional products and services to their customers, he said.
"AI is an evolution as opposed to a revolution," said Bradbury. "It's easy to become scared about where the technology is going to take us eventually, but the reality is that now we are augmenting its capabilities to make faster and better decisions."
Zero trust security works by considering every user and device to be a potential threat, whether it’s from inside or outside the network, said Bradbury. By using the principle of least privilege, he said users are only given access to as much data or information that they require.
"In terms of reducing the risk of a cyber incident, zero trust security is very important," said Bradbury. "And that’s a trend that's only going to become more popular over time."
Challenges of AI
As well as an opportunity, Bradbury views AI as a key challenge. While the technology can be used to prevent cyberattacks, he said that it's also being used by the cyber criminals themselves.
"By using the technology, they can create social engineering attacks that are more personalised, sophisticated and effective than ever before," said Bradbury. "So it's a huge area of concern for MSPs and their customers."
Another growing problem that isn’t going away any time soon, according to Bradbury, is ransomware. With more than 66 per cent of organisations have been hit by a ransomware attack in 2023 according to Sophos research, he said that presented a huge opportunity for MSPs to provide the service to their customers.
While most MSPs realise the importance of cybersecurity, Bradbury said that some don't necessarily have the in-house capability and expertise to offer it and, therefore, ultimately become an MSSP. The best way to bridge that gap and integrate cyber into their portfolio, he said, is to partner with a third-party specialist. At CyberLab, this manifests itself in a partner channel which MSPs can use to unlock their full suite of cyber services and resell them to their customers.
"Cybersecurity can be a very confusing marketplace," said Bradbury. "There are literally thousands of products and services out there, however, no two customers are the same or have the same needs, so the best advice I can give to MSPs is to focus on a core set of products and specialise in those. They also need to practice what they preach and ensure that their own internal security is meeting and keeping up with the ever-changing cyber threat landscape."
One of the biggest costs of cybersecurity is securing cyber insurance, said Bradbury. Given that insurers are focusing far more on evaluating the risk a new client poses when offering them a quote or policy and the core set of requirements needed to obtain coverage, he said MSPs must ensure their customers have the right security protocols and training in place, and are compliant with independently audited cybersecurity assessments such as Cyber Essentials and Cyber Essential Plus.
"MSPs should look to provide their clients with the tools that insurers are looking for that will make them more insurable and bring down their insurance costs as much as possible," said Bradbury. "They also need to provide the necessary accreditations to show that they are compliant.”
With the cybersecurity market projected to grow by more than 10 per cent year-on-year over the next 12 months according to IBM, Bradbury believes that there’s going to be greater consolidation between cyber tools and services, driven by the use of AI. As that integration becomes easier, so it will only continue to accelerate in the future, he said.