Navigating AI Adoption in Cybersecurity: What MSPs Need to Know to Protect SMBs

Duration 23 mins

AI in cybersecurity isn’t a future trend, it’s a present reality. For MSPs supporting SMBs, the challenge isn’t whether to adopt AI, but how to operationalise it effectively while mitigating emerging risks like Shadow AI and adversarial prompt attacks.

We recently hosted a panel with Richard De La Torre (Bitdefender), Peter Haynes (Acronis), and Rob Anderson (Barracuda), moderated by Giacom’s Kristopher Ford.

See below for advanced insights MSPs can use to navigate this evolving landscape.

AI Is Reshaping Attacker Tactics

Attackers aren’t deploying self-replicating AI malware at scale yet. Instead, they’re using AI for productivity gains:

  • Automated phishing campaigns with perfect language translation and style imitation
  • Rapid vulnerability scanning, especially targeting Internet of Things (IoT) ecosystems
  • Shadow AI risks: Employees using unsanctioned AI tools can leak sensitive data. One mid-sized business logged over 1 million AI queries in a week, raising serious exposure concerns

Are Attackers Ahead of Defenders?

Not quite. Attackers mainly use AI for mundane automation, while defenders have leveraged AI for years in anomaly detection and adversarial modelling. The real gap isn’t technology, it’s execution. MSPs that fail to integrate AI into workflows and governance will fall behind, regardless of tool sophistication.

Operationalising AI in Your Security Stack

Peter Haynes stressed that MSPs should:

  • Maximise embedded AI in Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) platforms for baselining and anomaly detection
  • Use AI for alert triage and enrichment, freeing analysts for proactive threat hunting
  • Deploy phishing simulations powered by AI for realistic user training. But remember: AI augments, not replaces, human expertise. Contextual decision-making and customer knowledge remain critical.

Human Expertise vs AI

AI accelerates detection, but humans remain the strongest and weakest link. Education and awareness are non-negotiable. As Richard noted, intuition cannot be automated.

Why SMBs Should Care

Rob Anderson put it bluntly: If your MSP isn’t using AI, that’s a red flag. AI:

  • Speeds up detection and response
  • Automates repetitive tasks like phishing remediation
  • Enhances scalability without inflating costs. But MSPs must avoid overpromising AI as a magic fix, it’s an enhancement, not a replacement for human judgment

Common Mistakes MSPs Make

  • Leading with technical jargon instead of business outcomes
  • Selling AI as a silver bullet, which erodes trust. Instead, make AI’s value tangible: reduced dwell time, compliance assurance, and resilience against emerging threats

Future AI-Enabled Threats

Richard warned about:

  • Shadow AI and insecure integrations like Model Context Protocol (MCP), vulnerable to prompt injection attacks
  • Promptlock malware, written in OS-agnostic languages (Go, Rust, Lua), targeting IoT and containerised environments. Peter added to expect unpredictability as attackers innovate fast
    Rob’s advice: Don’t buy AI tools blindly. Understand their capabilities and gaps; consult vendors for clarity

Top AI Security Tips for MSPs

  • Know your AI tools and their benefits, don’t adopt AI for hype
  • Treat AI adoption as a phased project: crawl, walk, run
  • Help customers create safe AI policies and train staff to avoid sharing sensitive data

The Bottom Line

AI is a force multiplier, but only if MSPs embed it into detection, response, and governance workflows. The next 12 months will reward MSPs that move beyond tool adoption to strategic operationalisation.

Watch the full panel for deeper insights into adaptive threats, AI governance, and practical deployment strategies.