IT Execs On AI In Cybersecurity: ‘Unfortunately, The People Who Are Getting It Right Are The Threat Actors’
‘[Threat actors] don’t play by the rules. They don’t have governance. They don’t have AI use policies. They’re just on a mission to maximize their ransom,’ says Jason Magee, Cynet CEO.
As AI transforms industries across the board, top channel executives expressed a mix of concern, urgency and cautious optimism about the impact AI is having on cybersecurity, particularly for SMBs.
“AI makes cybersecurity so much harder,” said Austin McChord, founder of software vendor Datto and now Slide. “It’s far more likely now that a seemingly perfect email tricks someone into opening the door rather than a zero-day exploit getting in.”
McChord joined Jason Magee, CEO of software vendor Cynet and former ConnectWise CEO; Nick Heddy, president and chief commerce officer at cloud marketplace Pax8; and Chris Day, CEO of software vendor ScalePad, on stage at the Global Technology Industry Association’s ChannelCon event in Nashville, Tenn., last week to discuss how cybersecurity in 2025 isn’t just about better tools. It’s about better teams, better planning and better preparation for a world where AI plays both sides. The panel was moderated by Carolyn April, vice president of research and market intelligence at GTIA.
“The threat landscape is more social than technological,” said McChord, who emphasized that AI is exploiting human vulnerabilities rather than technical ones.
[Related: GTIA CEO Dan Wensley: ‘From Cybersecurity To AI, MSPs Are Navigating Seismic Shifts’]
AI-powered phishing and social engineering attacks are becoming the norm, he added. And while cybersecurity tools are still necessary, many breaches stem from the human layer, which is something even the best technology can’t always protect against.
“AI is super good at exploiting humans,” he said. “And when you hire AI agents, they’re going to be exploited by other AI agents too.”
But despite the uncertainty, he sees value in compliance frameworks and cyber insurance to drive best practices.
Magee agreed that the stakes are higher than ever, and not just because of the technology.
“Unfortunately, the people who are getting it right are the threat actors. [They] don’t play by the rules,” he said. “They don’t have governance. They don’t have AI use policies. They’re just on a mission to maximize their ransom.”
Those who collaborate across vendors, platforms and peer networks are more successful in defending against threats, he said, calling cybersecurity a team sport and urging organizations to adopt platform-based approaches that use AI intelligently and holistically.
Across the board, the message from industry leaders was clear: AI is fundamentally changing cybersecurity. And while the challenges are mounting, so are the opportunities to invest in compliance, governance, collaboration and strategy.
Heddy urged MSPs to proactively build AI strategies, not just to stay secure but to capitalize on business opportunities. Companies that document their processes, adopt strong governance and invest in the right tools and talent will be best positioned for AI both as a security challenge and a business enabler.
“Even if they’re not creating agents to automate workflows yet, there’s big-ticket business in governance, data management and compliance,” he said.
Day echoed the executive’s sentiment and added that part of the solution lies in structured planning and governance. “There’s a massive opportunity in governance,” he said.
“Most SMBs don’t have a plan for how to deal with risk,” Day said. “Most MSPs don’t either,” “I’d say only about 5 [percent] to 10 percent are really thinking that way, and that’s usually only because they’re regulated.”
He said the lack of structured cybersecurity risk planning is a huge opportunity for MSPs to step in and lead. As AI further complicates the threat landscape, structured governance, compliance and security frameworks will become even more essential and marketable, according to Day.
“There’s a clear path to generate real revenue helping clients build out that infrastructure,” he said.