Like their larger brethren, SMBs are racing to tap the promise of AI for faster response, sharper detection, leaner operations, and the MSPs that serve their IT needs area at the center of this evolution. According to OpenText Cybersecurity’s third annual Global Managed Security Survey, 92% of MSPs say AI interest is fueling current growth, and 96% expect that pace to continue this year.
There’s a catch, though. Only about half feel prepared to guide SMBs on deploying AI tools, and fewer than half have built or deployed AI cybersecurity agents for customers. That contrast tells a telling story about the current state of AI: Demand is booming, but delivery models have been slow to meet that demand.
The readiness dip also represents a very significant change from last year, when 90% of MSPs felt ready to meet AI-related security needs. It’s another indication that customer expectations (and risk) are outpacing service maturity. Tool sprawl, staffing constraints, and the challenge of standardizing services across diverse customer environments are preventing faster deployment of AI-driven services.
“MSPs are under pressure to match the pace of AI adoption by their SMB customers,” notes Michael DePalma, Vice President of Business Development at OpenText Cybersecurity. “They need security partners who can deliver integrated, scalable services that reduce tool fatigue and simplify operations.”
Simplicity over cost is the new model
Security buying criteria are shifting. The share of customers who cite cost savings as a primary challenge has fallen for three straight years (from 28% in 2023 to 17% in 2025). That’s clearly not a key detractor at this point – and it shouldn’t be, given the critical nature of cybersecurity. Rather, SMBs want outcomes with less operational friction, which means bundled, integrated services are seeing more success than the traditional model of selling multiple disparate tools or services. In fact, 70% of SMBs prefer all-in-one prevention/detection/response bundles, with nearly half also opting for endpoint, network, and email bundles. For MSPs, this reinforces the need to shift their models and to standardize on an integrated security platform that allows them to monetize repeatable “good, better, best” bundles with clear service tiers and SLAs.
MSPs confirm that perspective, with 78% saying ease of integration is now “extremely important,” outranking vendor count. Unified, consolidated cybersecurity has built an edge over more traditional best-of-breed strategies. Again, it’s about quality over cost, with 44% of MSPs noting that solution strength is the top purchasing factor – as opposed to the 8% for whom price is the top priority. In other words, it’s safer and more profitable to sell outcomes (time-to-detect, dwell time, containment window, recovery RTOs) than lists of SKUs.
Where does AI fit in?
Even as customer-facing AI agents may not yet be the norm for MSPs, providers are deploying AI internally to enhance their operations.
- 67% use AI for customer support
- 66% is AI for technical support and ticket triage, and
- 58% us AI for threat detection and response.
These use cases create the on-ramp to more standardized, customer-facing AI-driven solutions that are inevitable – because customers demand them. They give MSPs the experience and expertise with AI they desperately need. They next step is to bring AI to their clients.
With 95% of MSPs planning to expand managed offerings and 57% actively building new services, packaging is a key growth factor. The survey provides a roadmap based on MSPs’ priorities: Integrate across tools (38%); high attach-rate to core services (18%); and broad applicability across SMB verticals (16%). What that means practically is MSPs should look to create service bundles where security rides alongside what their customers already buy (e.g., endpoint/device, M365/Google Workspace, connectivity, etc.)
Here are a few additional considerations for MSPs to ensure their AI and security services deliver quality outcomes.
- Platform first, then plugins – Anchor services to a unified primary security platform (XDR + EDR + email + identity + data),and use curated AI capabilities inside the platform before adding niche agents on top.
- Productize AI responsibly – Define where AI makes the call and where it only recommends actions and follows a human-in-the-loop strategy. Customer-visible audit trails will be important.
- Standardize data and deployment – Ship a reference architecture for identity controls, endpoint hardening, mail hygiene, DNS filtering, and backup/DR. Also include minimum logging and retention baselines and look to eliminate one-off stacks that add complexity and potentially risk.
- Measure outcomes that matter – Track MTTD/MTTR by severity; percent of incidents auto-contained; phishing resilience uplift; backup success and restore test cadence. Tie bonuses and renewals to these outcomes, not ticket counts.
- On pricing, lead with value metrics, not strictly flat-rate per-tenant fees, and publish target service-level objectives and the automation used to achieve them. For AI-infused services, “explainability on demand” will be important (i.e., the ability to show, in plain language, why a model flagged an event and what evidence it used).
Remember, AI has become increasingly important and now ranks as the third most important MSP attribute for SMBs. Sitting right behind threat prevention and 24/7 support, it gives MSPs an opportunity to kill three birds with one stone, so to speak: Build an AI competency that drives positive threat mitigation and increases support efficiency and you have a repeatable and profitable model.
Edited by
Erik Linask
