Ingram Micro’s Crawl, Walk, Run Strategy for Partner AI
The distributor plans to spend 2026 helping partners with the unglamorous prep work they must complete before going big on AI solutions. Plus: A report card on CISA’s Secure By Design program.
Over the holidays, I—someone who couldn’t write two lines of HTML with a gun to his head—vibe coded a genuinely useful productivity app into existence in something like 90 minutes. Haven’t had a chance to put this to the test yet, but I expect it to shorten one of the more time-consuming chores I do in my analyst role at Channel Mastered by about two-thirds, and the whole experience was so exhilarating that there are people in my life right now eagerly awaiting the day I stop talking about it.
That’s the fun part of AI. In the business world, unfortunately, you can’t get there responsibly without first thinking through a lot of decidedly less fun issues.
“Customers need clean data, they need modern architectures, they need operational discipline,” says Patrick O’Dell, Ingram Micro’s executive director of cloud and services. Ingram sees that essential yet unglamorous upfront work as another opportunity (beyond those I’ve discussed before) to remain valuable to its partners.
“It’s definitely creating a lot of excitement, interest, and demand, but also there’s a ton of complexity in there too,” says Duncan Robinson, who runs Ingram’s global cloud business, of AI. “I see our role really in helping partners both navigate and monetize some of that complexity.”
Indeed, if there was a theme to the many conversations I had with executives last week at Ingram’s Irvine, Calif. headquarters, it’s that the distributor’s core focus for 2026 in AI will be readying partners who spent 2025 strategizing about it (crawl) to begin building it (walk) so they can scale it (run) in 2027 and beyond.
“Where 2025 felt, especially in the MSP community, like there were a lot more conversations about AI, this year we’re excited to help them really take it and operationalize it differently,” says Cheryl Rang (pictured), Ingram’s vice president of technology solutions.
Here are a few examples of how Ingram intends to do so:
Infrastructure: Migrating workloads into the cloud is nothing new for Ingram and its partners. “We have over 200 people in the services organization that are focused on commoditized lift and shift migrations today,” O’Dell observes. AI workloads, however, have compute, storage, and networking requirements new to most IT providers. Helping them design and construct migration “landing zones” capable of meeting those requirements will be a top priority for Ingram this year.
Financing: Not every AI workload will end up in a hyperscaler cloud environment. Large businesses are building data centers of their own, sometimes with assistance from smaller technology partners unprepared for the upfront spending such projects require. Ingram’s finance team expects to devote more time in 2026 to sharing creative solutions to that problem.
“If you’re a small SMB and you land a multi-billion dollar project, I have a solution for you. If you have a multi-year deal where your cash flow can’t handle it, I have a solution for you,” says Rusty Ramos, chief financial officer/executive and SVP for Ingram Micro North America. “I have a solution for most everything that comes up.”
People: Readying AI infrastructures, whether on-prem or in the cloud, takes skills many solution providers don’t yet have, notes Rang. Ingram’s professional services team, she continues, can fill those gaps until they do. “That way we can teach them to fish” until they’re ready to fish on their own, she says.
The same dynamic applies before and after the infrastructure phase of AI engagements, adds Jim Annes, Ingram’s senior vice president of global platform operations. “Every interaction that one of our partners has creating a solution and delivering that to an end user creates a lifecycle opportunity” in services, he says, ranging from pre-deployment design to post-deployment management. Partners who can’t meet those needs on their own at present can collect that revenue anyway by outsourcing services to Ingram.
Which gets to a larger point about AI that Ingram badly wants its partners to understand. “Nobody can do it alone,” says Tim Ament, SVP of U.S. sales and services, but no one should let that fact stop them from winning AI business.
“Don’t say no,” Ament says. “We will help you get to yes.”
Ingram plans to curate agent marketplaces, not build them
As regular Channelholic readers know, Pax8 and Ingram Micro have different views about listing ready-made agents on online marketplaces. Pax8 is more or less betting its future on becoming the MSP channel’s go-to source for agents. Ingram, by contrast, doesn’t think ready-made agents are even really a thing.
“You cannot distribute agents, because agents are custom built” around very specific use cases, said Sanjib Sahoo, president of Ingram’s Global Platform Group, last November. “There are no ready-made agents.”
Which sure made it sound like Ingram has no intention of distributing agents to its partners. The truth, I now believe, is a bit more nuanced. While Ingram will not build an “agent store” of the kind Pax8 plans to make generally available in the first half of the year, it will offer agents. It just won’t have much to do with sourcing or hosting them.
“My personal view is Microsoft, AWS, and Google will build huge agent marketplaces and we’re integrated with all of them,” says Robinson (pictured). The thing Ingram can do that the hyperscalers can’t, in addition to aggregate their agent listings in one place, is help partners make sense of all those listings.
“To me, the catalog challenge is actually not one that’s difficult to solve,” Robinson says. “The bigger challenge is how do you help a partner select the right agent as part of a solution that’s going to deliver the customer the outcome that they want, and how do you do that in a secure, compliant, data-governed way.” Ingram’s role therefore, he continues, will be “curating, training, and even certifying” agents.
Presumably with at least a little help from AI itself, which would make it a perfect job for the “platform with intelligence delivering outcomes” that Ingram has spent the last several years building.
The AI $hit’s getting real
Kevin Lancaster, of BetterTracker and Channel Program, shared a lot of thoughts about AI and its sobering implications for some managed service providers on the latest episode of MSP Chat, the podcast I co-host. If you’re a smaller MSP in particular trust me when I say you can’t afford to miss this interview, which you’ll find right here.
Secure By Design’s uncertain report card
I was at the RSA Conference and feeling hopeful back in 2024 when then CISA director Jen Easterly personally rolled out Secure By Design, a federal program aimed at getting vendors to pledge they would “measurably increase” things like enforcing MFA and patching vulnerabilities.
A lot, needless to say, has changed since then, especially in the past year. For one thing, Easterly resigned last January. For another, the person nominated by the Trump Administration to replace her has yet to receive Senate confirmation. And for a third, Secure By Design doesn’t appear to be much of a priority in Washington anymore.
“I’ve not heard from my contacts in the Secure By Design team in this calendar year,” said Chester Wisniewski (pictured), director of global field CISO at inaugural Secure By Design signatory Sophos, last month. “CISA’s not focusing on this anymore.”
That said, over 300 companies have joined Sophos in taking the pledge since its introduction, and not just “small-time players,” Wisniewski observes. “It’s Microsoft. It’s Cisco. It’s Palo Alto. It’s all of the heavy hitters, which is who you want to have on board.”
Moreover, there’s been progress by vendors on clearing the pretty low standards Secure By Design set two years ago. Buy yourself a router at Best Buy for example, Wisniewski notes, and it probably won’t come with a default password anymore. “That minimum bar, to me, is not nearly high enough,” Wisniewski says, “but raising that minimum bar really does matter.”
The question, however, is whether Secure By Design deserves any of the credit for accomplishments like that. Chris Henderson is skeptical.
“I’m in a group with about 1,500 other CISOs, and it is very rarely discussed,” says Henderson, chief information security officer at inaugural pledge signer Huntress (which has had Easterly on its strategic advisory board since August). Secure By Design has raised awareness of measures every software maker should have had in place long ago, he continues, and that’s not nothing. But how much impact the program has had beyond that is hard to say.
“I think what you’re seeing are the companies that signed it had pre-existing practices in place that made it a relatively low lift in order to meet some of the principles of the pledge, as opposed to companies that are lacking in some of these using this as a pledge to drive changes within their organization,” Henderson says.
Still, while a lot of companies may not have thought much about Secure By Design since signing it, 40 signatories have taken it seriously enough to issue progress reports. Sophos is one of them, and Wisniewski’s pretty sure the company’s commitment to the program (which it calls out in product announcements these days) is paying off.
“I think it’s a genuine competitive advantage for us,” he says. “We certainly are winning business by having done this.”
All the more reason, perhaps, for the hundreds of signers that are not serious about Secure By Design and the thousands of vendors that never signed at all to consider embracing the program’s relatively simple best practices even if CISA itself has lost interest in promoting them.
Also worth noting
Channel Program has spun out BetterTracker, which you read about here before, as an independent all-in-one subscriptions, renewals, and spend monitoring tool for MSPs.
Integris, which unlike a lot of MSPs, isn’t afraid of compliance, has launched new CMMC managed services alongside governance, risk, and compliance vendor IntelliGRC.
HP’s CES offerings include a new line of business premium notebooks and the world’s first AI PC built into a keyboard.
HP also announced a new HP Workpath app that integrates Microsoft 365 Copilot directly into multifunction printers.
Dell, meanwhile, revived the XPS notebook brand and launched the world’s first 52-inch 6K display.
Lenovo unveiled some ready-for-use consumer notebooks and some pretty wild proof-of-concept laptops.
Lenovo also announced new inferencing servers for AI workloads.
Acer unveiled a new lineup of premium Swift AI Copilot+ laptops powered by Intel Core Ultra Series 3 processors.
Exabeam has introduced a connected set of AI-driven security workflows to protect organizations from the risks of AI usage and AI agent activity.
Speaking of AI, here’s a frightening stat from ManageEngine given how early we are in the agentic era: organizations already manage 100 machine identities for every human one.
Speaking more of AI, Microsoft has a host of new agentic AI capabilities for the retail industry.
Scott Manchester, formerly VP of Windows 365 and Azure Virtual Desktop at Microsoft, is now chief product and technology officer at Nerdio.
Avery Moon is the new CTO at Pax8.
Shane Deegan is the new CRO at Cynomi.
Michael Volanoski is the new president and CRO at Keyfactor.