Building the Workforce of the AI Future
For MSPs, it involves fewer techs and more business consultants. Plus: why everyone wants to be a vCISO per data from Cynomi and why Cork’s flipping the script on cyber warranties.
Elliott Hyman has known change is coming to how a typical MSP’s people spend their time for a while.
“A meaningful portion of their work can be done by generative AI,” he said when we met this March.
Eventually though, he meant. Like 2027, or maybe late next year. Then, days after we spoke, Hyman attended NVIDIA’s GTC conference in San Jose and saw just how well AI is already performing a task that many of his employees devote much of their time to at present: talking to customers.
“The AI voice chat is astoundingly good,” he said when we spoke earlier this month. Now Hyman (pictured), who is CEO of Lyra Technology Group, a (growing) collection of nearly 100 MSPs assembled by Evergreen Services Group, is more convinced than ever that his roughly 4,000-person labor force will be structured very differently very soon.
“I think you’ll be looking at seventy to eighty percent of the current work being done without people involved,” he says.
Joshua Skeens, for his part, no longer uses future tense when discussing AI-driven labor disruption. “It’s already happening,” he says, noting that Logically, the managed services giant he leads, has all but completely turned dispatch over to bots.
“There are a lot of things we provide today that are likely to go away,” Skeens says. And if they don’t, he adds, the margin they produce will.
“A customer might be able to go buy an agent off a shelf somewhere that can do the thing that they paid you to do all these years,” Skeens observes, adding that he already has customers asking why his prices haven’t dropped now that AI’s automating so much of the services his team delivers.
They’ve got a point. Since the modern era of managed services began some 25 years ago, most MSPs have been staffed to do increasingly commoditized work that will soon be best left to machines. What they should be staffed to do instead is an urgent question for anyone who hopes to remain profitable beyond the next few years, according to Peter Melby, CEO of mega MSP New Charter Technologies.
“If you’re built for something that’s not going to exist in that way at all in the next 18 to 24 months, then you definitely have to be rethinking things,” he observes. “That’s a lot of what our people team is focused on.”
Neither Melby nor Skeens nor Hyman claims to have cracked the code on what the MSP workforce of tomorrow should look like just yet, but they do share a few thoughts on what is and probably isn’t coming:
1. Smaller help desk teams. Hyman, like a Forrester analyst I quoted once upon a time, sees the help desk as ground zero for AI’s labor transformation. “Most of the reactive ticket work, which is the majority of our workforce, is going to be done by agents,” he says. “The Tier 3 stuff is what will remain.”
Which raises a thorny medium-term question, because no one (myself very much included) knows quite where tomorrow’s Level 3 techs will come from when there are no longer Level 1 techs rising through the ranks. Heard the joke about an entry-level job that requires seven years of experience?
“Well, that’s almost going to become a reality now,” Skeens says. The implication for MSPs is a lot more investment in skill-building and a lot more need for patience.
“You’re going to have to take risks on people and keep them employed, just training them for a while before they’re good,” Skeens says. “It might be twelve months now before you can get them to where there’s a task that they can help you with.”
2. Slower sales and ops hiring. Even now, in its early innings, AI is helping Logically’s sales team get more done with existing staff. “You’re able to go out and do very quick research against customers and competition,” Skeens says. “What might take somebody two to three days to put together you can do in a matter of minutes.”
His project managers are similarly more productive thanks to AI-equipped software from Moovila. “They can manage twice as many projects as before,” Skeens says.
3. New team members. While everyone I spoke with for this piece expects AI to slow the pace of hiring, no one plans to use it as a tool for shedding payroll.
“I actually think we’re going to have more people employed in our businesses in this next era than we do today in aggregate, but they’ll be doing very different work because people will be needed for different things,” Hyman says.
Like managing the agents increasingly handling the work people used to do, a role Microsoft calls “agent boss.” Logically, for example, no longer has dispatchers, but does have a dispatch manager monitoring its dispatch AI.
“We have the ability to override and help out in instances,” Skeens says. “I’d be hard-pressed to see where a business is going to go completely autonomous and nobody’s going to watch over it.”
4. More relationship skills. Skeens didn’t fire his former dispatchers. In a move reminiscent of how Ingram Micro’s using time freed up by AI to nurture partner relationships, he turned them into client experience managers responsible for keeping customers happy. Melby doesn’t see AI doing that kind of job well any time soon.
“There’s a human element that will be required beyond three to five years,” he says.
5. More strategic smarts. If thinking through AI’s long-term implications is hard for MSPs, imagine what their clients are going through. Addressing that need is a “massive opportunity,” according to Hyman.
“Business leaders don’t have the time or even the foundational knowledge to really decipher this AI thing,” he says. Helping them do so, however, requires talents ex-technicians often lack.
“They have the knowledge and skill set to do support services, but the ability to do consultative transformation services is a different mindset,” Melby says. “Some people will be able to make that jump, some people will probably need to look at different career opportunities that fit their skills, and some people from outside the industry are going to come and find jobs in this too.”
Best to start looking for them now, adds Melby, who predicts that the less technical, more strategic future AI’s swiftly bringing to life will eventually divide MSPs into two camps: “the people who predict it, who build for it, and who are ready for it sooner, and the people who wake up one day and say, ‘wait, where did all my revenue go?’”
Is your next help desk tech named Claude?
It’s worth noting, before we move on, that MSPs may not be alone in having AI-powered disruption ahead of them. Things could look a whole lot different soon for makers of RMM and PSA solutions too, according to Hyman, based on something he recently saw an MSP do in a demo using Anthropic’s Claude and MCP, a protocol for connecting AI to data sources that’s rapidly gaining momentum among vendors large and less large.
“He said, ‘Hey, it’s the first day of my MSP. I need to understand the systems we have,’” Hyman recalls. Claude mapped it all out for him and then suggested adding a new VM. Go for it, the user said. 45 seconds later, there it was.
“He was just plain language explaining what he wanted to do into Claude and the machine did it,” Hyman says. “Just did it. No technical skills.”
Think about all the time, money, and effort RMM vendors sink into interfaces. Then ask yourself if much of it’s being wasted.
“I’d be worried about this stuff if I was a producer of almost any software, but especially MSP software,” Hyman warns. “I think it’s going to be really different, and I frankly don’t see the big legacy guys getting it at all right now.”
We’re (nearly) all vCISOs now
RMM vendors aren’t the only ones likely to see borders erode between their products and LLMs someday. Cynomi (a maker of AI-driven vCISO software you’ve read about here once or twice) has partners blurring those lines now, in fact.
“Some of them, especially the larger ones, ask us, ‘can I get this and this from your platform? I want to train ChatGPT or whatever,’” says Rotem Shemesh (pictured), the vendor’s VP of marketing.
Queries like that aren’t all that surprising, actually, given that 81% of the MSPs and MSSPs surveyed by Cynomi for its recently published State of the Virtual CISO 2025 report either use AI to automate security today or will by the end of the year. Another 15% say they’ll follow suit in 2026, leaving just 4% with no plans whatsoever.
Shemesh sees a close correlation between all that AI adoption and another striking figure in Cynomi’s study: 67% of MSPs and MSSPs say they offer vCISO services at present, up from just 21% last year. Fully 77% of providers without a vCISO service, moreover, anticipate adding one by 2026.
“Suddenly, with AI and automation technology, the barriers for starting a vCISO practice are becoming much lower and much less significant,” Shemesh says.
Further survey data reveals why so many people are capitalizing on those lower entry barriers. SMBs, who want advanced security services of all kinds in big numbers, want vCISO services most of all:
“Most of the SMBs will not know to say, ‘I’m looking for a virtual CISO.’ They don’t even know what a CISO is,” Shemesh observes. They just know they’re in danger, need protection, have serious cyber insurance compliance burdens, and want an expert to manage the whole mess for them.
“Service providers see this,” Shemesh says, and are jumping into the market in response to that demand.
Of course, even Cynomi isn’t convinced that everyone who says they’re a vCISO really is. Doing the job properly takes business savvy and c-suite communication skills many MSPs lack. The company anticipates a lot of interest in AI-powered vCISO software just the same.
As do others, apparently. Cynomi closed a $37 million Series B funding round three months ago.
Cork’s superconnector cyber strategy
When Cork first opened for business two years ago, it was a cyber warranty provider with an interesting real-time endpoint monitoring tool. When Dan Candee (pictured) took over as CEO about a year later, he saw an opportunity to build something even bigger by promoting that tool—which currently integrates with 93 third-party applications—from supporting player to star of the show.
“I would describe us, especially over the last twelve months, as a superconnector for risk insight technologies wrapped up with financial protection,” says Candee. Cork’s mission has always been to mitigate the impact of cyber incidents, he notes, and warranties help. But the company’s greatest impact happens elsewhere.
“There are very few companies like ours that have the ability to see as clearly as we do what the true security posture is of every single endpoint,” Candee says.
Clearly and thoroughly, it seems. Cork recorded 2.9 million insurance or warranty compliance issues between June 2024 and last month, 2.4 million of which were subsequently fixed by the appropriate MSP. Such numbers have made the company an attractive alliance partner to vendors like Barracuda and OpenText as well as cyber insurance providers like DataStream and now UKON.
The latter deal, announced last month, reflects a strategic pivot on Cork’s part. Early in its history, the company stressed the advantages of cyber warranties, which pay out in days, over cyber insurance policies, which pay out in months if they pay out at all. These days, Candee says, Cork tells a “better together” story about insurance instead.
“I don’t sell cyber insurance, never will, but I know it’s part of the journey for modern businesses,” Candee says.
Hence the free, AI-powered cyber policy analyzer tool Cork rolled out in April, which is designed to expose coverage gaps buried in indecipherable insurance contracts automatically.
“Now what took hours or days takes about a minute and a half,” Candee says. “We’ve created the easy button for partners to now be able to talk about cyber insurance.” And do so without engaging in risky conversations about regulated topics, he adds, by directing customers straight from their report to a licensed broker.
Warranties are still very much in the picture too as a source of nearly immediate financial assistance in the event of a breach. “Within an hour, I’m handing over a virtual credit card of either $5K or $10K,” Candee says. “Within fourteen days, I’m reimbursing partners and clients for all of their out-of-pocket, including wire transfer fraud.” No one has to fight for those funds either.
“We’ve said yes to 100% of the claims,” Candee says.
MSPs appear to appreciate it. Cork doubled its partner count in 2024, according to Candee, and then tripled it in just the first half of 2025.
“It’s been a wild year,” he says.
Meanwhile, in MSP M&A…
Former MSP and vendor exec Juan Fernandez joined me and my co-host on the latest episode of MSP Chat, our podcast, to discuss his new venture, the MSP Owners Group, a newcomer to the mergers and acquisitions landscape. Tune in here.
Also worth noting
Kaseya’s added an AI-powered workflow generator to its VSA 10 RMM.
Further evidence that the Microsoft cloud is big business for MSPs: inforcer has closed a $35 million Series B round.
Newly crowned vendor visionary ManageEngine has added identity risk exposure management and local user MFA features to AD360, its IAM platform.
The Malwarebytes ThreatDown product family now includes an email security module powered by IRONSCALES.
You’ll now find NinjaOne’s endpoint management platform on the Google Cloud Marketplace.
Bitdefender Security for Creators now covers Instagram and Facebook.
Darktrace has acquired Mira Security, a network traffic visibility vendor with inline decryption capabilities.
HackerOne has a new vulnerability triage service that mixes AI agents with flesh-and-blood experts.
Palo Alto’s acquisition of AI security company Protect AI is officially complete.
Exabeam’s new APEX Partner Program features a competency-based tiering model that rewards certifications, specializations, and customer success versus revenue.
Dashlane’s new partner program features a points-based system for rewards performance across sales, engagement, and customer success.
SecOps vendor Stellar Cyber is getting extra vulnerability and threat intelligence now that it’s part of the Microsoft Active Protections Program.
A10 Networks is now distributed in North America via Exclusive Networks.
Ryan O’Hara has joined the leadership team at peer community MSP-Ignite.