AI and identity-first attacks reshape MSP security landscape

Per Channel Insider, a new report highlights how artificial intelligence and identity-first attacks are fundamentally altering the threat landscape for managed service providers (MSPs) and the small businesses they serve.

Guardz's 2026 State of MSP Threat Report indicates that AI has rendered traditional phishing tactics obsolete, enabling attackers to craft highly personalized and contextually relevant threats at an unprecedented scale. The report reveals a significant rise in compromised passwords, with approximately 31% of users experiencing such issues monthly, as attackers leverage AI to optimize password lists. Business email compromise (BEC) incidents are also proving costly, ranging from $140,000 to $1.5 million. Ransomware has evolved, showing a 190% surge in behavioral detections, often utilizing legitimate IT tools like remote monitoring and management (RMM) software, with 26% of endpoint threats now involving RMM abuse.

Furthermore, non-human identities (NHIs) such as service principals and API keys now outnumber human users by a 25:1 ratio, presenting a vast, often overlooked attack surface. Predictions for the latter half of 2026 include a rise in session hijacking, cloud-based ransomware targeting services like SharePoint and OneDrive, and increased attacks on Google Workspace environments. The report emphasizes that the convergence of AI-driven offensive and defensive tools is narrowing the gap between attackers and defenders, necessitating MSPs to adopt AI for detection and response to maintain client trust.

Source: Channel Insider