N-able CEO On The MSP AI Journey: Efficiency First, Safe Deployment Next, Monetization Last
‘I believe MSPs should be looking at best-in-class offerings. For us, that means having a unified platform where data flows between tools—EDR, backup, data protection—all integrated. That means integration and data flow from one offering to another so the MSP can spend more time on what matters and less time on administrative work,’ says N-able CEO John Pagliuca.
For MSPs navigating an ever-evolving AI landscape, the path to growth is becoming less about adding tools and more about redefining how they deliver value.
That’s the message from N-able CEO John Pagliuca: stop selling technology in pieces and start selling business resilience as a complete, outcome-driven service.
“If an MSP is talking about siloed attacks and not the business interruption, they’re going to miss the boat,” Pagliuca told CRN in an interview. “For a small, medium enterprise, it’s not about the ingredients, it’s about whether the business keeps running.”
That gap in communication is where MSPs have an opportunity to differentiate, he added. Rather than walking customers through a menu of tools and options, the emphasis should be on bundling services into a clear, cohesive promise.
“I don’t want MSPs talking about DNS filtering, EDR, all these bits,” he said. “I want them to bundle it up and tell the customer, ‘I got you.’”
MSPs that package their offerings around resilience while combining security, compliance, backup and monitoring into integrated services are seeing success, he said. Higher average sales prices, stronger customer retention, and improved long-term growth all follow from simplifying the story and owning the outcome.
At the Burlington, Mass.-based vendor’s Empower conference in Fort Lauderdale, Fla. this week, N-able introduced a new Model Context Protocol (MCP) server alongside its in-product AI assistant, N-zo. The MCP server securely connects external AI tools like ChatGPT and Claude with live Unified Endpoint Management (UEM) data from N-able tools N-central and N-sight, enabling real-time, governed actions and more flexible AI-driven workflows. N-zo is built directly into the platform to provide guidance, help teams troubleshoot faster, reduce risk and streamline day-to-day operations.
N-able also announced it expanded its Disaster Recovery-as-a-Service (DRaaS) offering to help MSPs deliver fast, reliable recovery without the expense and operational burden of building and maintaining their own infrastructure.
“We’re moving toward a world where you need autonomous monitoring and recovery, because humans can’t keep up,” Pagliuca said.
CRN spoke further with Pagliuca about how MSPs can best leverage AI agents for customers, how to secure them, and provide a message to partners about uncertainty in the market.
Why is it so important to double down on business resilience when helping partners grow?
I think there’s a lot of FUD out in the industry. There’s a lot of vendor FUD and that matriculates or trickles down to a lot of MSP FUD. A lot of vendors are speaking in terms of silos, and they’re speaking in terms of speeds and feeds. Maybe for the Fortune 1000, speaking in speeds and feeds works because you’re talking to a CISO [chief information security officer] or a director of IT or a VP of IT. Maybe they want to click in and understand all that. But for a small, medium enterprise, if an MSP is talking about siloed attacks and not business interruption, they’re going to miss the boat.
The conversation should be, ‘Look, you need a layered security approach. You need to be compliant with whatever industry you’re in. I’m going to make sure you’re secure. I’m focusing on your business resilience.’ The more we can get MSPs to understand that’s the value prop, the better it is.
It increases the ASP [average selling price], it creates a stickier experience. We know that when MSPs use more than three of our solutions, they have higher EBITDA [earnings before interest, taxes, depreciation, and amortization], they grow more and they’re more loyal. So it’s good business for us, good for them, and most importantly, it’s the right outcome for the small, medium enterprise.
So what’s the biggest mistake MSPs still make when communicating value to their customers?
One, MSPs get trapped in what I call alphabet soup: MDR, EDR, XDR. But more importantly, from a go-to-market perspective, they’re providing too many decisions to small and medium enterprises. If you’re the MSP, you shouldn’t walk in with a Chinese menu saying, ‘Do you want this, this, or this?’ You should walk in and say, ‘I know what you need.’
Provide two offerings. There’s a standard business resilience offering, and then there’s a higher-end one, maybe more compliance-focused. They shouldn’t be going line item by line item through the vendor stack. That’s what the SME is trusting them for. Act like the trusted advisor. Act like the cybersecurity expert. Talk about business outcomes, not speeds and feeds or software silos.
During your keynote, you described resiliency as an integrated experience, not a product. What does that look like in practice?
I believe MSPs should be looking at best-in-class offerings. For us, that means having a unified platform where data flows between tools—EDR, backup, data protection—all integrated. That means integration and data flow from one offering to another, so the MSP can spend more time on what matters and less time on administrative work.
What’s a waste of time is logging into multiple systems or re-entering data. A better example is when an MSP can see in one place, ‘Hey, my backup failed,’ or ‘I need to take action in EDR.’
It’s about removing that swivel-chair effect. At the end of the day, MSPs are trying to drive efficiency and deliver business resilience through an integrated experience. And frankly, it doesn’t even have to all come from one vendor. But they need to pick solutions that believe in an open ecosystem. We believe in APIs. We believe in openness.
Now with MCP [model context protocol] servers and AI tools, MSPs can actually pull data directly into their AI workflows. It’s just another proof point of that integrated, open experience.
How should MSPs rethink workflows for machine-speed operations and AI agents?
Look, you have to fight fire with fire. That’s the obvious answer. If threat actors are operating at machine speed, you cannot respond at human speed. So you need to augment [that] with AI-infused solutions. Our XDR (extended detection and response), for example, is detecting 90 percent of things automatically.
Think about a typical workflow: A ticket gets raised, passed to another tech, someone makes a decision…that can take hours. Meanwhile, the attacker is fully automated. MSPs need to find the balance—what they’re comfortable automating—but they have to start using AI, co-pilots, even autonomous agents. Otherwise, they’re leaving customers exposed.
So how should MSPs monetize AI?
There are a couple ways: monitoring, managing, securing, protecting. First, MSPs can provide managed AI services like setting up secure AI environments, enterprise-grade LLMs, making sure customer data doesn’t leak, helping with shadow AI. That’s one layer.
Then there’s a more interesting layer where MSPs help businesses create digital workers. We’re seeing MSPs walk into a business and say, ‘You’ve got three people doing ten admin tasks. I can automate seven of those and eliminate two roles.’ That’s $100,000 saved. Then they charge $1,000 a month to run the automation safely.
Now the MSP becomes a digital staffing agency. They’re creating agents, managing them, securing them and sharing in the ROI. So MSPs move from IT needs, to security needs, to actual business needs. And they start making money off labor savings. That’s a big shift.
What are successful early adopters doing differently?
They’re moving in phases. Phase one is internal efficiency, phase two is helping customers deploy AI safely, phase three is monetization. You need to understand customer processes and data. AI only works well if it’s built on well-documented processes and clean data. Think of it like a triangle: data, process, AI. A lot of SMEs don’t have that foundation yet. We’ll get there, but for most MSPs, that last phase is still a bit out.
So what is N-able doing to help partners along that journey?
We’re giving them AI-powered tools, access to data through MCP servers, and guidance on orchestrating agents. We’re also providing frameworks and best practices on how to build agents safely and how to think about shadow AI and non-human identities. It’s a mix of technology and business know-how so they can actually execute.
Tell me more about N-zo?
N-zo is an AI assistant, and there’s a difference between an assistant and a co-worker. A co-worker is autonomous, it does the work. An assistant helps you do the work faster.
You can ask, ‘How many devices have this vulnerability?’ or ‘Which devices are out of warranty?’ Right now, it’s about saving technicians’ time. Over time, we’ll add more co-worker capabilities and more autonomous actions.”
The MCP server connects to external AI tools like ChatGPT or Claude directly to live operational data. Why was openness and model flexibility such a priority?
These LLMs are improving every day. We don’t want to lock customers into one model. Today it might be one platform, tomorrow it’s another. So we want to give customers flexibility and use the best model available. It’s early days and optionality matters.
How will AI change technician-to-endpoint ratios?
It starts with math. Today, a good MSP might manage 300 to 400 devices per technician. With AI, that number goes up because now you’re not just managing devices, you’re managing digital assets and agents too. That ratio is going to expand.
This is where non-human identity comes in. If an agent has access to systems, it needs credentials, controls and monitoring. Otherwise, attackers will target the agent. And then there’s friendly fire. What if the agent makes a mistake and deletes data? That’s why backup and recovery becomes even more important. We’re moving toward a world where you need autonomous monitoring and recovery, because humans can’t keep up.
Is that something you’re actively preparing for?
Yes, identity is top of mind, vulnerability management too. I think in the next six to 12 months, we’ll see this hit more mainstream. The environment is changing fast.
So how does AI play into your M&A strategy?
We’re looking at cybersecurity and AI, especially AI-infused solutions. But it has to fit the mission: making MSPs more efficient, effective and secure. We have a three-pronged approach: build, partner or acquire. We’ve done all three and we’ll continue to.
N-able’s stock has dropped to $4 since the start of the calendar year. How should partners interpret that when it comes to the health of the business?
Look at the fundamentals. Stock prices are driven by speculation about the future, not always the reality of today. We’re bigger than we’ve ever been, more profitable, generating more cash and growing at a healthy rate. So don’t use stock price as the barometer, look at the business. We’re healthy, we’re growing and we have a strong future.
Lastly, what’s your message to reassure partners that this doesn’t impact your long-term commitment to them?
We’re playing the long game. We’re financially healthy, not burdened by debt and transparent as a public company. MSPs are making long-term bets when they choose vendors. They need to look at technology, partnership and financial strength. We check those boxes, and we’re committed to helping them grow over the long term.