DEV Community

Auton AI News
Auton AI News

Posted on • Originally published at autonainews.com

Ingram Micro Warns MSPs on Escalating AI Information Risks

#ai #aisecurity #cybersecurity #informationrisk

Key Takeaways

  • Generative AI shifts security risk from traditional endpoints and networks to the “information layer,” creating new blind spots for Managed Service Providers (MSPs).
  • MSPs must evolve their security focus beyond device controls, emphasizing information governance, data classification, and robust policy implementation for AI workflows.
  • Addressing the talent gap and increasing complexity of AI-driven threats requires MSPs to pivot towards more advisory roles, enhanced client engagement, and specialized training in AI security. Ingram Micro has issued a stark warning to managed service providers: the perimeter security model that’s protected businesses for decades is now fundamentally broken. Generative AI has shifted the primary attack surface from networks and endpoints to the “information layer” — where sensitive data flows freely through AI tools, often bypassing traditional security controls entirely. This isn’t just another security update; it’s a complete paradigm shift that demands MSPs rethink how they protect clients.

Navigating the Evolving Landscape of AI-Era Information Risks

Traditional MSP security stacks were built around perimeter controls and endpoint protection, extended with VPNs and cloud tools for hybrid workforces. This approach worked when data stayed within corporate networks accessed via managed devices. But generative AI shattered that model. When employees use AI tools for summarization or drafting, sensitive information gets processed outside conventional corporate controls — and it looks completely legitimate to existing monitoring systems.

Sevag Tamoukian, Solutions Architect at Ingram Micro Australia, points out that most security incidents exploit legitimate access rather than brute-force breaches. Business email compromise, identity fraud, and account takeovers succeed because attackers target everyday workflows and trusted credentials. Generative AI amplifies these vulnerabilities significantly — AI-generated content can perfectly mimic legitimate communications, making advanced phishing campaigns and automated business email compromise attacks far more sophisticated and harder to detect.

The numbers tell a compelling story. Recent surveys show 66.7% of MSPs already leverage AI for IT monitoring, and 54.4% use it for automated ticketing and incident management, with many reporting substantial service revenue increases. However, threat actors are weaponizing AI just as quickly, developing advanced malware and launching sophisticated attacks that complete in under a minute and successfully leak sensitive data in 90% of cases.

The Information Layer: A New Battleground for Security

Ingram Micro’s assessment identifies the information layer as the new risk concentration point. Data flows fluidly across applications, collaboration platforms, and various AI services, often bypassing security controls designed for static, network-contained information. This creates blind spots that traditional security models simply can’t cover.

The challenge extends beyond identifying new threats to fundamentally reconceptualizing security service delivery. MSPs must shift from solely hardening infrastructure to understanding what data is critical, how it’s used, and where it can safely interact with AI workflows. This requires stronger emphasis on information governance, data classification, and developing clear, enforceable AI usage policies.

Accountability becomes murky when data exposure occurs through authorized but unmonitored AI activity. Clients may view this as security oversight failure, blurring lines between technical controls and governance practices. This erosion of trust demands that MSPs engage clients in deeper conversations about their data value and AI interaction risks.

The rise of “shadow AI” compounds the problem. Productivity-seeking employees adopt unauthorized AI tools, introducing poorly secured applications and sharing data with untrusted sources. MSPs need regular IT audits and application discovery tools to identify and manage these unsanctioned applications.

Skills Shortages and Operational Constraints

The cybersecurity skills gap presents an escalating challenge for MSPs navigating this AI-transformed landscape. Fortinet’s cybersecurity research indicates that while nearly all organizations plan to use AI-driven security technologies, almost half of IT leaders lack internal expertise for effective implementation.

This shortage forces under-resourced teams to prioritize triage and incident response, leaving little time for crucial training and process improvement. The result: technology adoption increases workload rather than reducing it, and even AI-driven security tools fail to offset practitioner scarcity when foundational processes and skilled teams are lacking.

Demand for AI-literate security personnel adds further pressure to an already strained labor market. Managed security service providers must fill these gaps, necessitating significant training and expertise investment.

Security conversations must evolve beyond tool sales. Future managed security services will rely heavily on client engagement, with providers acting as proactive security advisors rather than technical implementers. This shift emphasizes advisory work, aligning security controls with business objectives and regulatory requirements, and establishing clear rules for handling sensitive information in AI workflows.

Even major technology distributors face these risks. Ingram Micro itself experienced a ransomware attack that compromised over 42,000 employees’ and job applicants’ personal data, underscoring the pervasive nature of cyber threats across the industry.

Strategic Imperatives for MSPs in the AI Era

Ingram Micro advises MSPs to adopt several strategic imperatives for thriving in the AI era:

  • Shift to Information Governance: Move beyond traditional perimeter and endpoint security to focus on the information layer. Implement robust data classification, comprehensive information governance frameworks, and clear policies for data-AI tool interactions.
  • Enhance Advisory Services: Transition into consultative roles, engaging clients in deep conversations about data sensitivity and safe AI usage. Help clients approve and monitor AI use across business functions, especially concerning “shadow AI” adoption.
  • Invest in AI Security Expertise and Training: Address the skills gap through specialized AI security training. Understand new attack vectors unique to large language models — prompt injection, data poisoning — and leverage AI-powered risk management tools for proactive threat neutralization. Programs like Ingram Micro’s “Xvantage Enable | AI” provide AI Maturity Assessments and Growth Tracks to help partners build expertise.
  • Adopt a Proactive and Integrated Security Posture: Implement proactive, multi-layered defense strategies integrating AI-driven tools with vulnerability assessments, advanced threat detection, and thorough reporting. Validate AI-generated outputs for accurate threat detection and effective response.
  • Consolidate and Streamline Security Toolsets: Capitalize on customer demand for consolidated security tools by offering integrated, comprehensive solutions from fewer vendors, simplifying management and reducing client complexity.
  • Focus on Client Education and Awareness: Educate clients about risks of exposing sensitive data to AI platforms and dangers of AI-powered phishing and deepfake threats. Security awareness training for end-users becomes more critical than ever.

The rise of generative AI represents a significant inflection point for cybersecurity. Ingram Micro’s warning serves as a wake-up call for MSPs to evolve their security models, moving beyond traditional infrastructure-centric approaches to embrace a holistic, information-centric security paradigm. This adaptation is vital not only for protecting client data but also for sustaining profitability and relevance in an increasingly AI-driven business environment. For more analysis on enterprise AI strategy, visit our Enterprise AI section.

Originally published at https://autonainews.com/ingram-micro-warns-msps-on-escalating-ai-information-risks/

Top comments (0)