Guardz 2026 State of MSP Threat Report: AI and cybersecurity landscape

Guardz outlines how AI is influencing cybersecurity, with the report highlighting identity-related issues and vulnerabilities affecting MSPs, based on findings from its latest threat report.

  • Wednesday, 29th April 2026 Posted 2 months ago in by Sophie Milburn

Guardz has released its 2026 State of MSP Threat Report, outlining how artificial intelligence (AI) is changing the cybersecurity landscape. The report highlights vulnerabilities in identity, authentication, and cloud security that attackers are actively exploiting.

Based on SMB environments, the report notes that while AI has increased the speed and scale of cyberattacks, underlying security gaps remain. It highlights that attackers are exploiting weaknesses in identity and authentication systems, as well as misconfigured cloud environments.

Key findings of the report:

  • Identity compromise: 89% of SMBs had users with confirmed credential compromises.
  • Session hijacking: A 23% increase in session hijacking incidents, with attackers bypassing security measures such as MFA.
  • Rise of non-human identities: Machine identities exceed human identities in some environments, creating additional attack vectors.
  • Ransomware and fileless attacks: A 190% increase in ransomware detections, with a shift towards “living-off-the-land” techniques.
  • Business Email Compromise (BEC): BEC incidents continue to result in significant and increasing financial losses.

The report also highlights Managed Service Providers (MSPs) as being increasingly exposed, as their attack surface expands across multiple clients. It notes that misuse of remote monitoring and management (RMM) tools has become a leading endpoint threat vector, enabling potential unauthorised access across client environments.

According to the findings, attackers are increasingly focusing on maintaining and extending existing access, using techniques such as session-based attacks and OAuth misuse. The report states that traditional defences alone may not be sufficient, and discusses the role of AI in supporting detection and response at scale.

The report concludes that security entry points remain vulnerable and are being actively targeted. It also states that for MSPs, AI is becoming an important part of cybersecurity infrastructure in responding to evolving threats.

As AI continues to influence cybersecurity approaches, the report emphasises the importance of identifying and addressing security gaps within MSP environments.

Wasabi Technologies launches a new initiative, Impact Circle, aimed at partners and MSPs to reduce...
Arrow Electronics has received Veeam’s 2026 EMEA Aggregator of the Year award, recognising its...
Evolve IP's recent session in Rotterdam brought UK and Dutch partners closer to foster...
Exploring the shortcomings in AI governance and the potential avenues for managed service providers...
Cynomi’s “What MSPs Are Actually Asking About AI” report reveals the real questions shaping...
NAKIVO teams up with ICOS to distribute its data protection solutions across Italy, aiming to tap...
RETN named Top Reseller for European and North American Networks in LINX awards.
MSP GLOBAL 2026 returns to PortAventura, blending business and festival vibes for a networking...