Vancord logo
Vancord CyberSound Podcast
Episode
116

AI in Managed Security: Unpacking Its True Impact on MSSP Services | CyberSound Podcast by Vancord | Ep 116

In this episode of CyberSound, Vancord’s Cybersecurity Podcast (2024), experts Jason Pufahl, Steve Maresca, and Dan Kaupp dive into how artificial intelligence (AI) is revolutionizing managed security service providers (MSSPs). Discover how AI is enhancing automation, improving communication, and empowering strategic roles like vCIO and vISO to deliver greater value to businesses.

Learn why private AI models are essential for safeguarding sensitive client data and how AI-driven solutions identify gaps, streamline ticket resolutions, and elevate client interactions—all while maintaining trust through ‘conscious restraint.’ Tune in to explore how AI is reshaping cybersecurity services while prioritizing data security, privacy, and efficiency.

Jason Pufahl, Steven Maresca and Dan Kaupp discuss about AI in Managed Security

Episode Transcript

Steven Maresca  00:01

This is CyberSound, your simplified and fundamentals-focused source for all things cybersecurity.

 

Jason Pufahl  00:11

Welcome to CyberSound. I’m your host,Jason Pufahl, joined as often by Steve Maresca, I’m changing it up today, and Dan Kaupp, our Vice President of Professional Services. We’ve had a bunch of conversations around AI. We’ve covered sort of privacy, we’ve covered legislative issues, we’ve covered things like deep fake, what we haven’t discussed, really, is how AI is influencing or impacting or emerging in the MSSP, the MSP, MSSP space, right the space that we work in, we have conversations from clients who ask if we’re leveraging it. I feel like they want us to say, oh, boy, we’re heavily utilizing it. But I think today’s probably a good chance to have an honest discussion around you know, in what way has AI been impactful to us, and in what ways are we or are we not using it? So I’m gonna, I’m gonna quickly turn it over, I think, to start with Dan, to talk about whether or not we’re using it, yeah,

 

Dan Kaupp  01:15

So I’ll, I could jump in on that, but I think I’ll back up for a second, because I think customers, in my experience, customers do want to talk about AI. They want to believe that we’re sort of leading the charge for all things technology related. But I do wonder if customers actually want us to be using AI. And I know Steve has some opinions on this, you know, I think where, where we’re using AI, and it doesn’t directly affect a customer. And, you know, maybe depends on the customer, depends on what industry, depends on a bunch of things. But I think anywhere that we can enhance the customer experience, or at least not take away from the customer experience and leverage AI, it helps us, maybe more than it helps the customer. You know, I’m interested in efficient, efficient resolution of all of their issues, and however I get to that is good for me, but I’m very mindful of not affecting, negatively affecting the customer experience, right? So do customers want us to use AI?

 

Jason Pufahl  02:32

So, actually, let me I want to jump and respond to that real quick, so I think maybe it’s an internal and external perspective, right? You talked a little bit about a knowledge base, and can you get information to your staff more efficiently, more quickly? But you wouldn’t want to implement, I don’t think, an externally facing chat bot where you’re making a client engage in an AI driven and Question and Answer thing. I’m kind of thinking that’s where your head is at.

 

Steven Maresca  02:59

Let’s let’s pause and get to that in a minute. So do customers want AI? I think it’s very appropriate to say that some of them are skittish. I don’t know that they do. If they’re asking us about it, they want to know that we’re approaching the subject appropriately, diligently and in a way that benefits them, not adversely affects them. That’s part of their questioning. Some of them don’t care. They want us to be efficient. They want to know that we’re on the leading edge. But right? Both of those are simultaneously true, I think, yeah,

 

Jason Pufahl  03:36

I think, but I think that’s why they’re asking, sort of like they want to get a sense of, are we? Are we forward thinking or not? And I think, in a way, that is that barometer for them, sure?

 

Dan Kaupp  03:46

Yeah, I think of to the one of the points Steve just made, you know, customer feedback when we implemented something as simple as automation, right? So we have alerts coming out of all of our systems that allow our text to address something that isn’t affecting customers or the end user experience yet, and in some cases, our system is able to automatically fix that and then, essentially, you know, update the ticket and give the customer a clean bill of health. And anytime we talk about that with customers, and I remember a couple cases in particular where the customer was sort of negative about it, like they were like, oh, so you you fix this thing without actually making any effort to fix this thing. You know that that doesn’t really help me that much.

 

Steven Maresca  04:42

There’s a perception of value that a person is in the mix because they’re hiring us for expertise, not caring necessarily about our automation ability. So that, yeah, it’s, it’s simultaneously on top of mind, right?

 

Dan Kaupp  04:57

It’s sort of a weird paradox. And, you know, I think it’s back to my, my earlier point about any efficiencies gained. Customers don’t necessarily care, because they don’t see that in, you know, specifically uptime for them, or their their employees being up at work, or, you know, they, a lot of people don’t look at it that way.

 

Steven Maresca  05:18

I think it’s simpler. Is there a better outcome for me, the customer, then sure, show me how you’re getting there. And maybe AI is a component. I think that’s probably the better way of framing this.

 

Jason Pufahl  05:28

Yeah. And that better outcome is twofold. One is maybe a quicker resolution of a problem, and the second is an engineer with more time to have a substantive conversation now with the company around future IT initiatives. So I think there’s a variety of ways that this, that this provides greater value to a client. Maybe it’s not AI, right? I think automation is probably the completely appropriate term for that. You would argue, I have no doubt that automation and AI are often conflated.

 

Steven Maresca  06:02

I think automation and integration, though they share the same, starting letters are not AI, but are framed as such from a marketing standpoint, that’s that’s an industry problem, that’s separate. It’s a perception problem too. I think that, on the one hand, you know, being more efficient from an automation integration perspective is one thing. AI tools like it may help, but that’s just freeing up more time to do the more specialized, expertise oriented work that we’re engaged to provide, and that, I think, is the more interesting aspect of this discussion, potentially, because what does AI enable us to do uniquely, better, more completely, more creatively, than it might without its presence. That’s key to this, in my opinion.

 

Dan Kaupp  06:54

Yeah, yeah, it’s like AI on top of automation, is probably where the real benefit begins, right?

 

Steven Maresca  07:05

Or, you know, revealing linkages between things that might not otherwise be apparent to obviously an engineer that’s bouncing between 10 different customers that day. That’s the type of thing, suggestion oriented, guided attention.

 

Dan Kaupp  07:20

Yes, maybe let’s spend a minute on, I guess, some of the other pieces that we can as at Vancord, we’ve started to dig into automation and actually have a bunch of automation implemented. What we were talking about before is, where can, where can we, short, sort of shore up, you know, in our case, it’s a lot of automation just to shore up maybe some of the lighter suits of our technicians, right? What are our technicians not good at? What are the what are they sort of default to? And you know, when under pressure, right? Because the technicians on the service desk are under pressure quite a bit when they’re under pressure. What is it? What is it that we can help them sort of do better, right? Knowledge management was mentioned before. You know, sort of solving those easier things to solve, or helping them solve the easier things to solve so they can move on to the more complicated things. Maybe we can spend a minute on some of that and thoughts, thoughts around that.

 

Steven Maresca  08:33

One of the biggest challenges in IT, in any sort of information industry, is providing enough context to make a good decision, right? Some of that might be on the behalf of a customer. Some of that might be purely internal for us, while we’re trying to understand a customer’s problem. And the other part is something that gives information to a customer so that they can make the right decisions themselves. Sort of a three horned approach to it, AI and other data analysis type tools that we have at our disposal can do that type of thing, recognizing that there’s a system that might be failing in a subtle way that doesn’t have an error, recognizing that there are a couple of pieces of documentation that have not been fully fleshed out, but are missing a component that engineer could be prompted to then augment. Those are good examples, in my opinion.

 

Dan Kaupp  09:30

And so what’s the what’s the differentiation between what you were talking about, automation and the AI? Where does it go from automation to AI?

 

Steven Maresca  09:41

Automation at the end of the day is structured use of an API to take input and produce a single output or a particular outcome. AI doesn’t presume that there’s a clean path between A and B, right? That’s a differentiation, right? So you can automate certain tasks using AI, without a doubt, filling out a form like that’s one of the adversarial uses of AI that we encounter sometimes with MFA bypass, for example, that is a situation where there’s a pool of data associated to the processing tool that can fill out that form or to create a document, it needs to be given structure, but the prescriptive output is not necessarily known. That is where we differentiate from pure automation.

 

Jason Pufahl  10:35

Yeah, with automation, it’s basically you feed in information and you can you basically know what the outcome is going to be, right? You’re providing a specific path.

 

Steven Maresca  10:44

Yeah, there’s a value inserted into a particular field, or there is a command run like, very, very, very, highly specific thing,

 

Dan Kaupp  10:52

Yeah, so one of the things that we’re doing right now, right from a service management standpoint, right? We so we take in thousands of tickets a month, and our systems apply some logic to the tickets so that we can set, you know, type of ticket it is right against ITIL framework and all that, right? Is it a problem? Is it an incident? You know, those sorts of things. And then even apply priority based on keywords in the in the ticket. So a next step from that, like a way to actually, so if we were to do an AI implementation, right, and so all the privacy, all the customer sort of feelings aside, you know, what would the next sort of step of evolution be in that?

 

Steven Maresca  10:53

So today we have explicit, hard coded keywords to help with priority assignment. Tomorrow, using a tool like this, it might be something that infers tone and sentiment using the the actual words, not the keywords. They’re not prescribed, the language, the language to suggest, hey, this person’s particularly agitated, perhaps bump up the priority. That’s, that’s where I see it.

 

Dan Kaupp  12:04

Take that and stick it in a technician’s queue to, actually, hey, this needs to, I would recommend you call this user right, as opposed to, right, you know, type of results, flagging things appropriately, absolutely.

 

Steven Maresca  12:16

Or, you know, maybe there’s a piece of information about what the organization does that changes how to interpret a ticket.

 

Jason Pufahl  12:24

And if, and going back to the word context that you used before, a lot of our clients, we have for many years, right? Five years, 10 years, if you collect enough data, you can then say, work, we just got a ticket from this user, and the tone is different than normal. You should call them like, like, that’s where the context, right? The more data you collect, the more value,

 

Dan Kaupp  12:46

Or even a system like that, compared to previous tickets with that user, with other users, and identify a trend overall, right? Yeah, yeah.

 

Jason Pufahl  12:55

I mean, that’s that, and that’s great, but we’re not there yet.

 

Dan Kaupp  12:58

Yeah, the use cases are endless, once you start to think about it,

 

Steven Maresca  13:01

And I would argue many mssps are not here yet, but these are possibilities, right, right? But beside that, though that there are deliverables that we produce for our customers that are more of a narrative basis. These are roadmap type capabilities. These are charting the path into the future. This is a really good example where AI could help, because there might be gaps perceived in technical controls that only are only really evident if you run things through a tool to tell you where there’s a standout deviation from the norm. We do that work, of course, on a much more granular level, but some AI document generation, some AI suggestion tools, may actually be very helpful to guide some of those conversations. In my opinion, you have, you have people who are new to customers, and that might be the customer staff, that might be our staff. Anything that closes that gap to make a more productive conversation is a benefit, all right?

 

Dan Kaupp  14:06

Sort of what we were talking about earlier with onboarding of new customers, right? And I know this gets sort of back into privacy comfortability, you know, and, and, and we were talking earlier about sort of private implementations of AI in order to address that. You know, I think we should probably spend a minute on that. I’m not sure where to go with that well.

 

Steven Maresca  14:36

So in my practice in particular, we work with a lot of privileged documents right with our customers. We’re talking about audit findings. We’re talking about assessments, sensitive employee separations. These types of materials should never really be used in a way that could be consumed in a public um, venue, it would be a dangerous idea for an entity like us to place that information into a ChatGPT or a Copilot or within reach of something that’s public, because that means that it might have data exposure risks that are far beyond what we consider acceptable, and certainly far beyond what a customer might consider acceptable. A private model means that we can control the sanctity and safeguard the confidentiality of all the documentation while still giving additional value to the customer with their authorization to proceed that way, it might just be, hey, you’ve had 10 successive financial audits. They’ve all been fairly uneventful. Your new auditor is asking some pointed questions, what inferences can we make about the adverse findings that they’re going to put out in eight months from now? Is there something we can do with the documentation that we have to get ahead of them? Is there something that we can do on behalf of our customer to find a gap in some of their documentation that they themselves haven’t produced yet, synthesis of the information and then helping to produce something the customer can feel together with us able to complete, rather than feeling like it’s a mountain too high to climb. Like those are some of the opportunities I’m interested in.

 

Jason Pufahl  16:30

That’s interesting. So I feel like we’ve just segued from how is does it? How does an MSP utilize it, to what do clients want to use? Or how do you implement some of these technologies in a way that provides privacy?

 

Steven Maresca  16:43

I am straddling the line, but this is a way that an MSSP can use it to better support their customers in a in a particular area of MSSP that is more strategy oriented, right? That’s where the tools that we’re talking about Excel. The automation side of the equation. It’s not AI that right. So it’s why I’m spending time on it here, that the private model, just to go back to that point, is the way to do all of what I just talked about safely without exposing information in a way that violates a customer arrangement. And I think there are some MSPs out there that are playing a little fast and loose with some of the public Gen AI tools, not quite understanding the implications of sharing some documentation with those platforms.

 

Dan Kaupp  17:35

I think what you were just talking about, really is a segue into like, vCIO, right? Or a way to support vCIO or vISO, vCIO, I think, resonates in the industry a bit more. Yeah. Let’s come back full circle to, you know, what? One of the things that I started with, right, things that we can help the technicians with, you know, from an AI perspective, you know, one of the things that we have talked about, and maybe this starts to get at pitfalls, a little bit of AI or, you know, automation, or whatever, but communication, right? So engineer is heads down working a problem, you know, for the longest time, you know, three, four hours pass, the customer has no idea what’s happening. Nobody knows what’s happening. This guy’s really close to solving it, and that’s not great, right? So what can we do? What can AI do to sort of close that communication gap, right? Whether it’s to a customer or to keep the customer up to date on what’s happening, or inter departmental internally, you know, again, getting information out of engineers sometimes not the easiest task.

 

Steven Maresca  18:51

Engineers are famously, they struggle famously with communicating with a written context. If a set of prompts can be pre made to cut the structural overhead out of writing the communication to update a customer. That might be a massive benefit, because an engineer, when they transition away from the technical work, spends a lot of time just wondering about structure, how to introduce the problem, how to conclude it, how to order the things that they need to convey, candidly a prompt in any sort of Gen AI to write a particular email update on a sensitive subject, along with 10 other examples that could the problem better than writing a novel, yeah, from scratch, yeah, that’s a hugely interesting potential use, in my opinion.

 

Dan Kaupp  19:44

Yeah, the prompts is, is specifically AI, right? Because we’ve already within our ticketing system have automated response, right? But they’re templates, and it doesn’t, yeah, and a lot of times it’s viewed as not valuable to a customer like. Like your technicians working on your problem. Yeah. Nobody wants that, right? Cool, yeah. That’s the third one, yeah.

 

Steven Maresca  20:05

This gets from a templatized response to a customized, yeah, a customized, personalized communication that is easier to write from the mouth of someone who would otherwise have a hard time. Yeah. It’s not a negative. That’s just, it’s just the job. They’re hired for different purposes.

 

Dan Kaupp  20:25

So what if we spent a little bit of time on, you know, all of the things aside, what are some really cool AI use cases, MSP, maybe MSSP specific. You know, we’re all MSP people here, so probably could talk to that a little bit better. You know, to start it off, one of the examples that we that I had earlier, was just taking all of the data that we’ve gathered over the course of the 20 years we’ve been in business, and pointing AI at that and allowing it to, you know, draw inferences, or whatever, based on all that customer data. Right to go back to the service ticket. Service tickets incoming. If we were able to take an incoming service ticket and then run that against all of the data that we have, all the notes on service tickets for that customer, for all customers, what could we derive from that? Right? So over to you guys. Cool things.

 

Jason Pufahl  21:30

It’s funny. As you were talking, I was thinking about how Amazon tries to summarize every user review into a four sentence bullet that I’m supposed to then feel that I’ve gotten all the information I need from without reading the user reviews. That would be my fear. It comes back down to context again. We don’t want to, we don’t want to take all of this data and distill it so much that you lose sort of the flavor of a client, or you lose sort of that the essence of all the things you’ve done over 10 years. So you still have to be engaged enough to say, I’m willing to look at three page summary, or I’m willing to look at a variety of data that gives me context, but you don’t lose it. And I think that’s the one thing we have to be mindful of implementation like that.

 

Steven Maresca  22:22

This is where most organizations and engineers struggle with AI in particular. Well, you just articulated, I can turn on its head and say, this is an opportunity, not to produce a summary, but to say, hey, based on all the material you’ve collected over 20 years, what in the incoming ticket? What context is missing here to help us analyze this? That would be useful. Would be useful a summary on something that’s inadequate might not be, I made that argument with you know how I’ve been able to use Gen AI for suggesting code implementations on libraries I’ve built like I know them end to end. I know when it’s hallucinating and telling me something that’s not realistic. That type of use case is turning one of the common deficiencies of the of Gen AI into a benefit. So I would say that’s better reframed other ways about your suggestion here would be to interpret the potential resolutions, just a suggested set of known resolutions from the past that may or may not apply that would be a really good way of maybe giving a suggestion about how a technician might proceed. Doesn’t mean they have to, but it is a potential path to resolution. Anything that shortens mean time to resolution, potential benefit, right? That’s how I interpret this, discrete things.

 

Jason Pufahl  23:49

So when we started, we’re at like 25 minutes, right? So being mindful of the fact that we’re probably above our normal time, anyway, we should consider a little bit of a an honest assessment of where we are, where we think the industry is right, because when we were planning for this, was really interesting conversation that we debated, you know, in what way is, is what we’re doing? Is it AI? Is it not AI? Is it automation? And I think we all we came to a common agreement there. I think there’s a bit of an expectation from clients that we’re starting to explore and utilize AI more, while also being concerned about how that data is being used and the privacy that might be, you know, the privacy implants to that. So you’ve got this sort of split where there’s a bit of an expectation that we’re using it. We, from a day to day standpoint, probably haven’t derived a ton of value from it yet, and yet, we know that we have to really keep our finger on the pulse of where the industry is going potentially even develop a couple of remote applications to provide data internally to make the customer experience better. I mean, I feel like that’s where, that’s where all our conversation has been. That a decent summary?

 

Steven Maresca  25:12

I think so.

 

Jason Pufahl  25:12

Does that make any sense?

 

Dan Kaupp  25:14

A great summary, yeah, you know. And to be fully transparent, all of our implementations to date are automation, which would, I think, benefit, in some cases, from some AI overlay to sort of take that next step.

 

Steven Maresca  25:33

It would be appropriate to say that we have multiple engineers that are experimenting, so sure, exploring the possible paths ahead. I’ve, I know, maybe trotting on a phrase the two of you find common, but the conscious restraint aspect of this is necessary. We have to do the right thing while not getting ahead of ourselves. As long as we’ve acted accordingly, then our customers will see the value and we can articulate that we’ve done the right thing to think on their behalf, right? I think there’s a lot of possibility,

 

Jason Pufahl  26:04

And it’s, let’s face it, it’s top of mind, right? We keep coming back to it here on the podcast. We’re talking about it here because we’re having conversations outside of this room with clients. We’re having conversations internally, just like everybody, like everybody’s trying to get their head around what is AI in? What way is it risk in? What way is it a benefit? We will, I think, would you say conscious restraint, conscientious restraint both? Yeah, we will exercise that. Because we’re not looking at putting anybody’s data at risk. We are looking, though, at making the service that we deliver more efficient and that if we can achieve that outcome using AI, then those are places that will explore it no better. Okay, I appreciate the time that we spent on this. I think we could probably do the same podcast again, spend another 25 minutes and have a complete of all the opportunities, if anybody is interested in talking more about ways to potentially utilize AI in your business, if you want to explore a little bit more how we might be using it, if you’re thinking about MSSP services, we’re happy to dive into it. Just reach out to us. We can get Dan on, we can get Steve on, and we’re always happy to have a conversation. But as always, we appreciate everybody listening, and we hope you got some value out of today’s conversation. Thank you. Thanks guys.

 

27:25

We’d love to hear your feedback. Feel free to get in touch at Vancord on LinkedIn, and remember, stay vigilant. Stay resilient. This has been CyberSound.

Request a Meeting

Episode Details

Hosts

Categories

Work with a Partner You Can Trust

Our goal is to provide an exceptional experience to each and every client. We learn your business and protect it as if it were our own. Our decades of experience combined with our expert team of engineers and security professionals provide you with guidance, oversight, and peace of mind that your systems are safe and secure.

Cybersecurity Tips In Your Inbox.

Get notified when we have something important to share!

Related Episodes