I spoke recently with Veeam for the first time in too long, and the conversation left me with a nagging question: what do the words “AI security” really mean these days?

Something badly needed and much wanted, certainly. 20% of companies in the S&P 500 now include AI-related cybersecurity incidents on their mandated list of material risks in financial disclosures, according to The Conference Board, and 66% of C-level executives surveyed by consultancy BCG included data privacy and security on their top three list of AI dangers.

Relatedly, 46% of the C-suite leaders surveyed by Ponemon Institute on behalf of OpenText last summer said they were developing a data security program to make safe AI deployment practical, even as 53% called reducing AI security and legal risks—via data security programs or anything else—very or extremely difficult.

Which it is, for reasons we’ve discussed here at Channelholic before ranging from “shadow AI” to leaky protocols to the mysterious doings of increasingly autonomous and numerous agents.

So, yes, forecasts like this one and this other one are unlikely to become reality unless a lot of people devote a lot of time, attention, and money to AI security. But what exactly does AI security mean, what does it do, and who’s going to clean up the biggest selling and supporting it? What do we actually know about AI security?

Surprisingly little at the moment, it seems. For example, though Forrester loosely points to “emerging technologies such as generative AI” as one reason global cybersecurity spending will climb from $174.8 billion this year to more than $300 billion 2029, I at least have had no luck so far coming up with authoritative market size figures.

Knowledge gaps like that help explain why I was pleased to learn recently that Richard Stiennon (pictured), a fellow Substacker and CEO of analyst firm IT-Harvest, is currently three weeks and 57,000 words into writing a book about AI security that will undoubtedly bring much needed clarity to the topic once it’s ready for our enjoyment.

Until then, though, allow me to share a few observations about AI security inspired by a helpful conversation with Stiennon two days ago.

1. A lot of businesses want to sell it to you. Stiennon, who maintains the most comprehensive database of security vendors I know of, is currently tracking 313 companies dedicated specifically to AI security. That’s out of a total population exceeding 4,000 vendors, so still a modest figure, but it’s growing fast, Stiennon says.

2. It comes in a lot of different forms. Some solutions focus on governance, as in setting and enforcing policies. Others help businesses set and enforce “guardrails” regarding what tools their employees use and how they use them. Others still stop data leakage to LLMs. And these two solutions, both of which are less than a month old, tackle the many scary security risks associated with MCP.

3. Name-brand vendors with deep pockets, faithful customers, and lots of partners are getting in on the act. Trend Micro and Fortinet have added AI security solutions to their portfolios just within the last few weeks, for example, while Palo Alto has spent close to $30 billion buying AI security vendors this year alone.

4. Despite all that vendor interest, AI security products for SMBs and MSPs are pretty scarce. Stiennon puts the portion of pure-play AI security vendors targeting SMBs at about 20% currently, and I’m aware of just a few companies with products meant specifically for MSPs or that, if nothing else, are multi-tenant.

5. It’s a market ripe for convergence. MSPs, we know, love platforms, especially in security. Take that fact and add in the difficulty of turning a bunch of point solutions into an integrated stack and it seems safe to conclude that consolidated, multi-function AI security platforms will someday dominate this space.

“Guardrails and governance are coming together for sure,” Stiennon predicts. “Then DLP.”

6. That said, AI will eventually make AI security platforms obsolete. Actually, AI will eventually make all security platforms obsolete, according to Stiennon, mostly because it will eventually know enough about a given business to secure itself and everything else in IT.

“You’ll have an ability to automatically do all the things that you need to do in security,” Stiennon predicts, without needing security software to do it.

Veeam extends data protection to AI data

If he’s right, one of the companies affected will be Veeam, the company I referenced back at the beginning of this post, which is very much a platform provider.

Though not exactly a security platform provider. Veeam offers a “data resilience” platform designed to protect data left of boom and restore it when necessary right of boom. Augmenting the backup and recovery software Veeam’s still best known for with all the other capabilities entailed in that undertaking has been a long, patient process, according to Rick Vanover (pictured), Veeam’s vice president of product strategy.

“The Veeam of today is way different than what we would have had, say, two or two and a half years ago,” he says.

As it happens, that’s pretty much exactly when I first noticed that Veeam was starting to add security to its capabilities. Since then, the company has rolled out inline ransomware protection, added anti-malware functionality, and linked its software to over 60 third-party SIEM, SOAR, EDR, and other security solutions.

“Anything that the market is using, Veeam has an integration or an interoperability with,” Vanover says. Last April, meanwhile, the company acquired Coveware, an incident response vendor with proactive threat detection software as well.

“Our claim is that we have the most comprehensive end-to-end detection and response capabilities in the ransomware space,” says Vanover, pointing to the recently released v13 of the Veeam Data Platform as the latest proof.

That launch occurred about a month after Veeam signaled where it’s extending data resilience next by announcing an agreement to acquire Securiti AI, a data security posture management vendor with functionality in many of the emerging AI security categories we just reviewed.

Specifically, the company’s software includes functionality not only for data discovery and classification but for data privacy, governance, and real-time loss prevention too. Those are logical issues for a data protection vendor like Veeam to concern itself with now that AI is the biggest thing in IT and data leakage is one of the biggest AI-related security risks.

“If you think of AI as a brain and you can’t unteach it anything, it’s pretty imperative that you have an ability to understand what you put into it,” observes Shiva Pillay, Veeam’s Americas GM and senior vice president, quoting something Securiti AI CEO Rehan Jalil likes to say.

Which raises the question of whether or not we should include Veeam among the hundreds of AI security vendors in Stiennon’s database. The answer, as I hinted at the start of this week’s post, depends on how you define AI security. It also holds little interest for Pillay. Veeam remains now what it has long been, he says: a protector of data wherever it is and however it’s used.

“It’s not like a pivot in strategy,” he says of adding AI data protection to that mission. “The strategy’s been the same: we solve for our customers’ needs. Those needs have evolved.”

Follow Me on LinkedIn

Happy New Year! Fully automated attacks are coming your way thanks to AI.

Speaking of AI and security, WatchGuard exec Corey Nachreiner predicts that a threat actor will use the former to compromise the latter on a fully automated, start-to-finish basis for the first time in 2026 during the latest episode of MSP Chat, the podcast I co-host.

“There’s going to be a breach where it’s a fully autonomous agentic AI that does the entire kill chain,” he says.

Listen to the whole interview for more sneak previews of what WatchGuard believes the new year holds in store for us in security.

News flash: networks and endpoints still exist

As the prior discussion underscores, SMB technology is veering so sharply toward AI and security that it’s easy to believe there’s little runway ahead for the on-prem network and endpoint infrastructure services MSPs have long specialized in. Just don’t try selling that story to Steven Frank, strategic partner executive for MSPs at Lansweeper.

“I was in the copier business,” he says. “I worked for Toshiba many years ago, and everybody always told us, ‘oh, we’re going to be done with paper.’”

Yeah, right. “You can’t eliminate those types of things,” says Frank of old school IT.

“Traditional technology is going to evolve to adapt to AI and continue to grow with it, but you can’t get rid of traditional technology.”

Still, the older that old school tech gets, the harder it becomes to find people trained to support it. That’s grown especially true today in networking, according to Frank, who says MSPs are investigating Lansweeper and its heavily automated IT asset management platform in growing numbers as a result.

“It’s very easy to set up,” he says, and capable of building a complete, detailed network topology on its own. “Within a very short period, you have all of this information at your fingertips.”

AI functionality that Lansweeper’s currently building into the system then scrutinizes that information, inventories security gaps and other issues, and suggests next steps based on what MSPs have done successfully under similar conditions in the past.

“The AI will actually go through and say, ‘this is what MSPs of your similar stature did to remediate this vulnerability,’” Frank explains.

Network management vendor Auvik is using AI to bridge LAN skills gaps too. “For example, we have a really powerful custom alert engine,” says Mark Ralls (pictured), the company’s president. “At a lot of our partners, frontline staff aren’t necessarily comfortable creating custom alerts, but they are comfortable typing into an AI tool and saying, ‘hey, I need to create an alert.’”

The endpoint network monitoring feature Auvik added to its platform early this year similarly helps MSPs with limited network expertise and limited remote visibility figure out the root causes of sluggish connections and other common end user complaints.

“We’re not an RMM and we’re not trying to be an RMM, but what we identified in talking to our partners is there was a real gap in understanding performance all the way to the endpoint, particularly in a heavily remote and hybrid world,” Ralls says. Auvik has recently introduced an unlimited endpoint licensing option for the solution designed to make adopting and pricing endpoint monitoring simpler, he adds.

Nile, a networking vendor turned networking and security vendor since the introduction of its first product three years ago, similarly relies on simple, entirely subscription-based pricing to lower adoption barriers.

“It’s an as-a-service model, not a box sale,” says Shashi Kiran, the vendor’s chief go-to-market officer and CMO. “What would take a partner maybe eight to twelve months to close, they can do at a much faster velocity” because there’s no capex involved for the networking hardware.

AI functionality in the platform accelerates deployment and ongoing management after the sale as well. “We compress a lot of what typically takes a fair amount of time and steps,” Kiran says. “It allows our partners to service a lot more customers as a result because they don’t need to be manpower-heavy.” Merging security with networking in an integrated package further makes supporting end users at scale easier, he continues.

“We don’t believe that you can have a connectivity conversation without it being a secure connectivity conversation,” Kiran says, which is why Nile has added security features normally associated with wide-area networks to its local-area network solution.

“It’s SASE for the LAN,” he says.

Easy-button security on the LAN and beyond is a big part of Absolute Security’s appeal, according to Gene Kim, the company’s VP of MSPs. Thanks to partnerships with Dell, HP, Lenovo, and 25 other hardware makers, some 600 million endpoints currently in use worldwide have Absolute Security firmware pre-installed in a tamper-proof corner of the BIOS and ready to help technicians quickly tackle a variety of otherwise extremely difficult challenges.

Like removing the kernel-level flaw in a CrowdStrike sensor update that shut down thousands of businesses last year, including an estimated one-fourth of the Fortune 500. “We can actually manage a device before it boots into the operating system,” Kim notes, which makes fixing problems like that relatively painless.

The CrowdStrike incident actually inspired a recently introduced feature in the company’s Absolute Resilience solution called Rehydrate that automates the recovery of devices compromised by bad patches, cyberattacks, and other problems, remotely, with one click and in what Absolute says is typically a half hour or less.

On a more routine basis, users can employ Absolute’s software to ensure that dozens of widely used security applications are up, running, and functioning properly. “They can look at the security posture of those devices and whether those security applications specifically are within the compliance framework that they should be in,” Kim says. A new, MSP-ready edition of the product designed to align purchasing, provisioning, and management workflows with an MSP’s business model, he adds, is coming shortly.

“It’s just around the corner.”

Share

Also worth noting

• Way too much announced at AWS re:Invent last week to list here, but the addition of new safety features to Amazon Bedrock AgentCore is worth calling out.

• So are Amazon’s new “frontier agents” for software development—Kiro autonomous agent, AWS Security Agent, and AWS DevOps Agent.

• Tons of partner news from re:Invent too, including word that Salesforce and AWS have introduced Agentforce 360 for AWS.

• Rubrik has introduced an edition of Rubrik Agent Cloud for Amazon Bedrock AgentCore.

• SentinelOne has introduced new integrations with AWS Security Hub and Amazon CloudWatch and added Purple AI MCP Server and Observo AI data pipeline to AWS Marketplace.

• Speaking of marketplaces, AppDirect’s acquisition of hyperscale marketplace Tackle.io is its latest step toward creating an “everything store” for B2B commerce.

• Syncro and CyberDrain have launched Snapshot, a free Microsoft 365 security assessment tool.

• Rewst has a new integration with CIPP that uses multi-tenant Microsoft 365 data to automate common MSP tasks.

• Good news for NinjaOne partners in Texas with public sector clients: NinjaOne for Government has earned Texas RAMP Level 2 certification.

• LogicMonitor’s acquisition of Catchpoint, the company says, will help it create an AI-powered observability platform unifying infrastructure, internet, and digital experience data.

• Wasabi has launched Covert Copy, a patent-pending cloud storage feature that creates a hidden, immutable, logically air-gapped copy of data.

• HPE has unveiled an expanded AI-native networking portfolio and “self-driving networks” strategy.

• It’s also announced new GreenLake, Morpheus, Alletra, StoreOnce, and financing enhancements designed to modernize virtualization and strengthen AI-ready data protection.

• CIS, Astrix, and Cequence are partnering to extend the CIS Critical Security Controls into AI and MCP environments.

• A third of security pros surveyed by ISC2 say their teams aren’t adequately staffed. 29% say they can’t afford to hire staff with the skills they lack.

• CrowdStrike has added a real-time detection engine, expanded indicators of attack, and automated response workflows to its cloud detection and response system.

• Version 3.7 of Coro’s solution features a redesigned Actionboard, enhanced ticketing, unified data-type ticketing, AI-driven GlobalView summaries, and more.

• Cato Networks now feeds SASE telemetry into Stellar Cyber’s AI-native SecOps platform to provide unified edge-to-cloud visibility and AI-driven threat detection, investigation, and response capabilities.

• Beachhead’s BeachheadSecure for MSPs platform has completed ConnectWise’s security certifications and is now integrated with ConnectWise PSA.

• Keeper Security has named Tim Strickland its new CRO.

• Sumo Logic has equipped its Dojo AI platform with new agentic AI capabilities designed to reduce alert fatigue, speed investigations, and integrate external AI systems.