6 Boldest Statements From Top Security Vendor Execs: XChange Security 2026

Executives from cybersecurity giants including CrowdStrike, OpenText Cybersecurity and Sophos shared their latest insights on the AI and security space with an audience of MSPs this week.

The arrival of increasingly powerful AI models and tools is creating not just a fundamentally more-challenging cybersecurity environment, but also a “generational opportunity” for MSPs and MSSPs, according to CrowdStrike executive Daniel Danielli.

During a keynote at XChange Security 2026, Danielli, vice president of global scale partnerships at CrowdStrike, said there’s no question at this point that “we’re operating in a completely new security reality.” AI has dramatically lowered the cost of launching advanced cyberattacks while enabling threat actors to move faster than many organizations can respond, he told an audience of MSP and MSSP executives during the conference.

[Related: Microsoft’s Gigantic AI-Fueled Bug Disclosure Signals New Era For Security: MSP Execs]

At the same time, customers are clearly looking to their security service provider partners to protect against the unprecedented risk from the AI-driven cyber threat environment, Danielli said. “You are the security function,” he said.

The launch of ultra-powerful frontier AI models—which can accelerate many of the necessary tasks for executing successful cyberattacks—has clearly changed the game for MSPs and cyber defense teams, MSP executives told CRN this week.

The most recent confirmation of how frontier AI models are up-leveling the discovery of software vulnerabilities came Tuesday, with Microsoft disclosing its massive July security update that potentially includes patches for more than 600 vulnerabilities.

AI models for vulnerability discovery that could be exploited by attackers are “obviously accelerating the defensive stance that folks are having to take,” said Travis Woods, strategic executive advisor at Fort Point IT, a Novato, Calif.-based MSP. “And it’s AI against AI. Because AI against human is done.”

Along with CrowdStrike, vendors from companies including OpenText Cybersecurity, Sophos, Kaseya, ThreatLocker and Todyl addressed MSP executives this week in main-stage keynote sessions at XChange Security 2026, which was hosted by CRN parent The Channel Company and held in Frisco, Texas.

What follows are the six boldest statements from top security vendor executives at XChange Security 2026.

Daniel Danielli

VP, Global Scale Partnerships

CrowdStrike

“We're in a moment. We're in the opportunity of a generation. We're seeing things that we couldn't have even fathomed 12-18 months ago—that is unlocking and moving at a speed that we've never ever seen before. The second [is that] some of you are probably wondering, ‘Why is CrowdStrike showing up here at this event?’ We typically haven't turned up supporting the downmarket space. The MSP segment, the SMB segment, is one of the most heavily invested here at CrowdStrike. And what we want you to walk away from here today is understanding that the opportunity to partner with CrowdStrike has never been greater.”

Michael DePalma

VP, Business Development

OpenText Cybersecurity

“I think the goal overall, as a community, is to have the small business community and the medium enterprise business community saying, “If I want to be compliant, I have to work with an MSP”—and get that mindset of, this is what they do. And I think a lot of folks might be working with an MSP that's doing the typical blocking and tackling and help desk and all that—and they might not even know that that's who they should be going to [for compliance] … You’ve got to have the whole community be behind this. And I think some of the barriers are the investment of time and money and finding talent, which is preventing some folks from getting into that space. What I'm seeing more and more of—in a lot of different things, not just compliance—is MSPs working with other MSPs, which is what's so great about the community.”

Scott Barlow

Chief Evangelist and Global Head of Community

Sophos

“The [cybersecurity] poverty line is really a threshold below which organizations cannot reliably produce cybersecurity outcomes … It’s not defined [by] whether or not an organization actually has a chief information security officer. Secondly, it’s not defined by the size of the organization … It’s actually not defined [by whether] you have the budget. You can buy the tools, but you need to figure out how to implement them. It’s actually a strategic security capabilities gap. And the gap is between owning security technologies and being able to run it as a system. We also looked at the entire population of businesses that are out there. There are 359 million businesses. There are 35,000 CISOs … There’s more people at a Taylor Swift concert than there are CISOs in the world today. And so you have one CISO, on average, for every 10,000 organizations that are out there today.”

Brian Doty

Channel Development Manager

Kaseya

“What we're seeing in the industry—as we talk about AI and this huge shift—is [that] we’re seeing it as a wave. We're down in this trench now where things are AI-assisted, for sure. We're seeing a lot of that out there. AI-augmented, for sure—we’re starting to see some [technologies] take steps … But for fully autonomous IT to come, we're still a little bit of ways away of that. And it's not going to happen in one shot, one big bang. This is going to happen over time, like the frog in boiling water. And the thing is, the AI that is the most powerful in these platforms is going to be built into the platform—not just layered in over top, not just looking at things bolted on. One reacts, the other predicts.”

Morgan Clutterbuck

Solutions Engineer

ThreatLocker

“Detection, reaction, response-[it’s] an idea forced upon us. [It’s] a path that every single one of us has been mistakenly led down—into believing that this is the answer to endpoint security … I’m going to try to convince you that taking a reactive approach to endpoint security is fundamentally flawed. … The problem with these tools is they'll allow you to install the malicious software and then decide what's good or bad. But the problem with that is, there's millions and millions of new pieces of malware being produced every single week. … But what if there's a way that, instead of allowing the malicious software to execute and then deciding if it's good or bad, we just block it by default?”

Andrew Scott

Field CISO

Todyl

“There are two numbers I'm going to give everyone to think about. The first one is 30 minutes. That is the average amount of time right now—based on multiple industry reports that we are seeing—that it takes an adversary from the time they gain access to a network … until they're now moving laterally … The other number that I want everyone to think about is 72 minutes. And that is the [amount of] time from the initial access into an environment to when data is stolen and exfiltrated out of environment. So generally, you have about an hour before you have a breach on your hands. So this is really creating the pressure for the SMB, and especially mid-market organizations. They're increasingly targeted because their security postures are lower, their budgets are smaller.”