Those of you familiar with Microsoft's history, or old enough to have lived through some of it, probably know the term “riding the bear.” It’s how Bill Gates and Steve Ballmer, early in the PC era, described the difficult process of staying closely aligned with industry giant IBM’s sometimes hostile, sometimes helpful strategy shifts in the knowledge that their best shot at prosperity was to let Big Blue’s success fuel their own.

These days, Microsoft (with a market cap roughly 15x of IBM’s) is the bear, and vendors who serve SMBs through MSPs would be wise to ride it if they wish to retain a future, according to Michael George, CEO of managed services software maker Syncro.

“It’s a Microsoft world that we live in,” he said last week during an interview recorded at the MSP Summit in Orlando for a future episode of the podcast I co-host. It’s likely to remain one for the foreseeable future too, he adds, whether we like it or not.

“I still am amused when people talk about, ‘hey, I don’t want to put all my eggs in one basket,’” George says. “If you’re in managed services in the small to medium business market, you’re already in the Microsoft basket. You have no choice.”

Which is why, as you’ve read here before, Syncro is betting its future on Microsoft and building its portfolio accordingly. My interview more recently with George, along with a strangely underreported MSP-related announcement by Microsoft, have helped me better understand why Syncro made that wager, how it’s playing out in practice, and why riding the Microsoft bear isn’t easy.

First, some context. Syncro sees five reasons why Microsoft, which already commands an overwhelming share of the PC market, will only loom larger in the lives of MSPs and their vendors going forward:

1. It’s huge in AI, cloud computing, and to a degree that might surprise you, security. Microsoft was pocketing $20 billion of security revenue annually as of about 18 months ago, when it last reported that number. CrowdStrike, for purposes of comparison, wowed investors this week by projecting $20 billion in revenue 11 years from now.

2. It’s intent on getting huger in all three segments. As a chart in a recent blog post by channel chief Nicole Dezen makes exceptionally clear:

3. It needs the channel and especially MSPs to realize its ambitions, particularly in artificial intelligence. “They’re betting the company on AI,” George (pictured left) says. “They’ve been very clear about that, and they need the MSP to deliver that to the small to medium business market.”

4. It doesn’t offer the tools MSPs need to help Microsoft sell more AI, cloud, and security. Yes, there’s Lighthouse, acknowledges Dee Zepf (pictured center), Syncro’s chief product officer, but it doesn’t really count. “It has a limited set of capabilities,” she says. Intune is far more robust, but single tenant only. Microsoft, according to Zepf, is well aware of how big a roadblock that is.

“They’re more than willing to express that the lack of an approachable kind of multitenant management layer makes it challenging for an MSP to navigate into Microsoft,” she says.

5. It’s not averse to knocking one-time partners to the floor in pursuit of its objectives. Indeed, more and more often in more and more product categories, “they will Sherlock third parties out,” George predicts, invoking a term historically associated with Apple but not limited to it. Just look at Salesforce, George notes, which once happily partnered with a veritable room full of e-commerce vendors.

“Then they turned around and went and bought Demandware and got in the e-commerce business and emptied the room,” George says. Eventually, he continues, Microsoft will do the same to a lot of vendors in a lot of segments.

“It doesn’t mean they’re going to empty the entire room out,” he says. “They’re not going to be great at things like enablement and training and teaching people how to sell and market.” But the future is “not so bright, candidly” for anyone selling something that Microsoft might logically tack onto M365, Defender, or Copilot.

Hence Syncro XMM, which is exactly the Microsoft first and only toolset you’d build for MSPs if you wanted to ride a prowling bear eager to dominate cloud, security, and AI but lacking in multi-tenant management.

Yes, there’s SaaS management, but strictly for Microsoft 365. Sure, there’s security functionality, but optimized for Microsoft Defender and Entra ID. And absolutely, as of last Tuesday there’s cloud backup functionality, but the one and only cloud XMM backs up is the one and only cloud that matters, as George sees it, which is Microsoft’s.

Syncro, in sum, is cultivating a symbiotic relationship with Ursa Microsoft. Feed alongside the bear when you can, make yourself useful to the bear where you can, and otherwise stay safely out of the bear’s way.

“We’ve made a very conscious decision to be part of the contraction and the consolidation that is going to occur in this market,” George says.

As it happens, however, Microsoft made clear just how hard it is to ride a bear within hours of Syncro Cloud Backup’s debut when it essentially named inforcer (who you read about here last month) and Nerdio (who you’ve read about here most recently in April) its go-to partners for Intune multi-tenancy.

Now to be clear, Syncro wasn’t passed over for inclusion on that list. “Deeper Intune integration is a roadmap item for us,” Zepf explains, so it wasn’t really a candidate.

But still. Syncro is very close to Microsoft. George and Zepf both meet with senior counterparts at the company weekly, a privilege few vendors enjoy. And yet having been with them both at the MSP Summit when the Microsoft news broke, I can tell you from direct experience they each knew roughly as much about that announcement as I did. They also each know there’s almost nothing they can do to avoid more such surprises in the future. Bears are unpredictable.

More worryingly, they have ravenous appetites too. What's to keep Microsoft from Sherlocking Syncro? George thinks that's unlikely, because Microsoft has no appetite for the kind of pain that Syncro competitors have endured when threat actors weaponized their products.

“They will not have an RMM because that’s a dangerous place for a company like Microsoft to be for security reasons,” he says.

I’d point to another potentially insulating factor that the folks at Nerdio have long understood: the endpoint management tasks that RMM solutions like Syncro’s are designed to perform matter less and less in the age of commodity hardware, and are therefore probably not bear bait. Everything Syncro builds going forward, according to George, will similarly aim to steer clear of where Microsoft is headed.

“We’re very deliberate about continuing to develop the things that we know are in a safe zone that they’re not going to do and stay away from the things that we think they could even inadvertently roll over and sort of take out of the market,” George says.

Why you hate private equity

I’ve never seen an opinion poll measuring how partners of vendors owned by private equity feel about private equity, but I suspect that if one's ever taken the results won't be pretty. Broad generalization, I know, but MSPs by and large hate private equity.

Why MSPs hate private equity was the first question George tackled during a main stage Q&A at the MSP Summit conducted a little after our podcast interview. And it turns out, he said, that as hard as it is to believe now there was once a time when you didn’t hate private equity.

“You all loved private equity until you didn’t,” George said.

Those happier days were maybe 10 to 15 years ago, when PE firms, having just discovered managed services, began pouring money into managed service software makers. George remembers that time well. In 2011, when PE firm Summit Partners bought Zenith Infotech’s RMM business, it named George CEO of the business subsequently named Continuum, and gave him plenty of capital to spend on R&D.

“Our financial partner invested a lot,” George recalls. “They didn’t really focus on profits. They focused on us driving, leading the market, and coming out with very innovative things, which we did.”

So did a lot of other PE-owned vendors back then, which is why if you were an MSP at the time you probably, whether you realized it or not, loved private equity.

You may well have loved private equity back then too if you sold a smaller managed services vendor to a larger one, as lots of smaller vendors did during an era from the Great Recession through Covid when the Federal Reserve, fearing economic collapse, kept interest rates at 0%.

“Money was free,” George observes, and managed services were hot, so why not spend borrowed money on acquisitions? The answer became apparent early in 2022, when the Fed’s chief concern shifted from stagnation to inflation, and interest rates began climbing.

“When money’s free, that’s great, but now you’re paying 9½, 9¾, nearly 10%,” George says. Kaseya borrowed $4 billion to buy Datto, he adds, which means it “has to throw off $400 million of free cash flow just to service the debt.” ConnectWise, which according to George was sitting on $1.7 billion of debt when interest rates started rising, is in a similar boat, per this slide from his deck:

The upshot, George says, is that the money you pay ConnectWise, Kaseya, and everyone else private equity bought cheap in the go-go days isn’t driving innovation anymore. It’s paying down debt.

“Don’t think the CEOs don’t want to innovate. They do. They just don’t have any capital to do it,” George says. “That’s why you don’t like private equity.”

It’s worth noting that the view from inside private equity, on debt and many other things, is a little different, and that the CEOs of at least some private equity-owned businesses have nuanced takes on the topic too. You’d be hard pressed, though, to find anyone in the audience of an event like the MSP Summit looking to cut private equity many breaks.

Follow Me on LinkedIn

Speaking of ConnectWise, is anyone else hearing it has layoffs coming soon?

I’m talking a lot of layoffs, and potentially very soon. Can’t verify that this is for real, unfortunately, but trust me when I say I’m not just passing along standard-issue show floor rumors. Credible people say there’s something big coming, possibly in conjunction with a separate bombshell involving the ConnectWise Marketplace.

Time will tell, but write me if you know something.

Syncro plans to sell end user AI solutions. Or maybe just give them away.

One last thing about Syncro.

Per earlier writing, XMM is designed to be seamless, simple, and AI automated—Syncro expects the system to do 30% of the work a typical Level 1 or Level 2 technician performs autonomously by the end of next year, and 50% by the end of 2027. The idea is to let MSPs spend less time on the most commoditized aspects of managed services so they can spend more time building high-margin, industry-specific, outcome-oriented solutions for their clients instead.

“We call it the golden ticket,” George says. “This is the new opportunity for an MSP to have a completely different relationship, a truly trusted business partner relationship, with their end customer that’s not just around technology. It’s actually around their business.”

Needless to say, AI generally and agentic AI specifically figure prominently in Syncro’s vision for this different relationship. Knowing that most MSPs have little experience building in AI, the company plans to give them a head start by providing a series of ready-made, customizable solution templates for customers in the healthcare, financial services, legal, construction, and non-profit verticals, among others.

“They’re not finished products. They’re really kernels and they’ll serve as usable examples,” George says.

When they begin arriving is TBD but probably next year, George says, adding that Syncro doesn't yet know if partners will have to pay for them or not.

“Some of the business model things are yet to be determined, candidly,” George says.

An MCP for MSPs?

Safe to say that whenever Syncro’s forthcoming agentic solutions arrive, they’ll be a whole lot more useful to people if they can communicate with everyone else’s agentic solutions, which common sense further tells us is more likely to happen if all those solutions share a common vocabulary.

“How do you describe an asset? How do you describe a threat? How do you describe a file? How do you describe a user in order to really properly and quickly take advantage of agentic AI?” asked Mike Adler (pictured), N-able’s chief technology and product officer, during an MSP Summit conversation. “If we can all talk the same way, our ability to teach the AIs and train the AIs to take actions in each other’s systems to automate workflows and to make better decisions about data is going to exponentially accelerate.”

The thing about languages, though, is that you can’t create one (that anyone wants to speak, anyway) on your own. “So what we decided to do was to create a standards body,” Adler says.

That was early this year, but the world didn’t hear about it until early this month, when N-able officially announced the Consortium for AI Terminology for MSPs & IT Pros, aka CAT-MIP, a collection of vendors writing a vendor-neutral dictionary designed to ensure that when my agent asks yours to open a port, your agent doesn’t think I want to build a harbor. N-able spearheaded the initiative but doesn’t own it.

“We put some dollars around sponsorship and making sure that it can exist, but it is not within our control,” Adler says. “There’s a board.” Auvik Networks, Dell, HaloPSA, SecurityBiaS, ScalePad, and SPINEN are all members, with other vendors Adler declined to specify set to join soon.

As are additional unnamed vendors more commonly associated with the enterprise, according to Adler. In much the way that Anthropic’s (very different) MCP protocol slowly gained traction as more and more technology companies realized how useful it is, CAT-MIP’s schema is apparently building momentum too.

“Parties who are in IT but outside of our traditional MSP industry have already reached out and are very interested because of the connectivity that it could bring to entire workflows,” Adler says.

Size does not matter in AI

A typical MSP probably needs help designing agentic solutions. XTIUM doesn’t.

But then again, at nearly $250 million a year in revenue and growing, XTIUM isn’t a typical MSP. It’s a mega MSP that like fellow mega New Charter and VC-funded rollup Titan has plenty of AI expertise on staff. In XTIUM’s case those experts have been building agents that offer real-time coaching to sales and customer service reps, do automated QA on help desk calls, and collect background information on service issues.

“We’re expecting around an 80% increase in the velocity of being able to solve tickets,” says Russell Reeder (pictured), XTIUM’s CEO.

That obviously will save the company a lot of money, but XTIUM’s now using skills it honed using AI internally to make money building agentic solutions for its clients as well.

“Implementing AI agents throughout our entire organization was really the first step. “Now we’ve taken our success out to our client base,” Reeder says.

Not every MSP has the resources to follow precisely in XTIUM’s footsteps, Reeder concedes. “Scale matters in this.” But scale won’t be what determines whether you’re among the winners in the emerging market for AI consulting or one of the losers.

“The gap is going to be those that stay educated on where the technology is versus those that don’t,” Reeder says. “Even the small MSPs will be able to learn and focus on the value of agents.”

Using off-the-shelf products of the kind Pax8 is developing and Syncro plans to offer, they’ll be able to build agentic solutions for customers too, even if they don’t have as many AI coders on staff as XTIUM does.

“We’re not trying to land on Mars,” Reeder says. “These are just normal solutions that people can learn within a matter of weeks.”

Provided, that is, they don’t let fear keep them from getting in on a market for AI products and services that will be worth a whopping $1.5 trillion globally this year alone, according to Gartner.

“I’ve spoken to many CEOs of smaller MSPs and have heard things like, ‘it’s always wrong’ or ‘it hallucinates,’” Reeder says. “They need to keep up with the pace of change or they’ll be left behind.”

Share

Want to hear more of my interview with Michael George?

The next episode of the podcast I co-host, MSP Chat, contains the whole thing. In the meantime, the latest episode features an interview with Arlin Sorensen of ConnectWise about the easily overlooked importance of legacy planning. Available on demand right here.

Also worth noting

• Proofpoint’s new Human Communications Intelligence solution aims to replace post-incident compliance with real-time, AI-powered risk reasoning, detection, and prevention.

• A whole lotta CrowdStrike this week. The fall release of its Falcon platform is designed to unify and operationalize security across human and machine-based intelligence.

• CrowdStrike has also launched a new “agentic security workforce” along with a no-code platform for AI agent development.

• CrowdStrike’s new Falcon Data Protection updates are designed to provide real-time, unified security across endpoint, cloud, SaaS, and GenAI environments.

• CrowdStrike’s latest Falcon Next-Gen Identity Security features are designed to protect human, machine, and AI identities with phishing-resistant MFA and new automated protection features.

• CrowdStrike announced Threat AI, an agentic threat intelligence system that uses autonomous agents to automate complex analyst workflows.

• CrowdStrike’s Falcon for IT Risk-based Patching combines AI-powered risk prioritization and patching in one unified platform.

• Rubrik has expanded integration with CrowdStrike Falcon Next-Gen Identity Security, allowing customers to detect, roll back, and recover from malicious identity changes.

• CrowdStrike and Meta have introduced CyberSOCEval, a suite of open-source benchmarks designed to evaluate and improve the performance of AI systems in real-world SOC workflows.

• N-able has added Anomaly Detection as a Service (ADaaS) to its Cove Data Protection platform, offering proactive, always-on threat detection for backup environments.

• N-able’s inaugural Cyber Resilience Summit takes place online on October 16th. Registration is free.

• Who needs AI to commit cyber crime when ordinary misconfigurations fueled over 9.5 million attacks in the first half of the year alone, according to SonicWall.

• The latest updates to BeyondTrust’s Identity Security Insights platform are designed to provide visibility into AI agents and securely orchestrate their actions.

• The new detection rules and cloud-delivered content in ManageEngine’s Log360 SIEM solution are designed to reduce SOC alert fatigue and false positives.

• Arctic Wolf’s Threat Intelligence Plus service now lets organizations deploy curated, SOC-proven threat feeds directly into existing security tools.

• No rest for the weary: Arctic Wolf’s 2025 Security Operations Report reveals that over half of alerts now occur outside working hours.

• Deep Instinct has launched DIANNA, a generative AI companion for its DSX Brain that gives security teams analysis of zero-day and unknown threats in under ten seconds.

• Gurucul’s AI-Insider Risk Management platform seeks to converge AI-powered behavioral analytics, identity intelligence, and automated response.

• 1Password is partnering with Perplexity to provide integrated credential management, secure autofill, and access controls in the new Comet AI-powered web browser.

• New enhancements to LogicMonitor’s LM Envision platform are designed to enable predictive resilience, reduce incidents, and provide observability across hybrid infrastructure.

• Check Point is acquiring agentic AI security vendor Lakera.

• Seceon has introduced aiCompliance CMX360, a new compliance solution that uses existing security telemetry to achieve up to 80% readiness across more than 20 regulatory frameworks.

• Druva’s new Dru MetaGraph and DruAI Agents aim to turn backup data into a real-time, intelligence layer for decision-making across security, compliance, and operations.

• NinjaOne’s endpoint management platform for government has achieved FedRAMP Authorization at the Moderate Impact Level.

• Patch management vendor Action1’s MSP Partner Program offers premium support, exclusive pricing, new revenue opportunities, and certification benefits.

• Google has announced the Agent Payments Protocol (AP2), a new, open framework for enabling agent-led payments and transactions across platforms.

• Zensai has launched its AI-powered learning and adoption platform in the Pax8 Marketplace.

• Vultr and FluidCloud have formed a partnership to accelerate and simplify instant cloud migration.