MSPs, SaaS, and AI: It’s All Getting Real

👋 Welcome to the grind

Hey, John here—back again with your Friday ritual. If you’re in the MSP community, you know the drill. Each week, I’m breaking down what I’m seeing in the industry—from LinkedIn takes to event recaps to the tools that are actually helping MSPs win.

Same goal as always: help you think bigger, move faster, and cut through the noise. Let’s get into it.

Welcome to the AI House! Building AI-Ready Teams Without Being a Tech Expert with Ashley Pyle (GadellNet)

Can you lead AI initiatives without being overly technical? Absolutely. In this Coffee Chat, Ashley broke down how growth mindset, business acumen, and structure beat code.👇

🔍 What we learned:

AI readiness isn’t about mastering code—it’s about cultivating the right mindset, policies, and internal structures. Ashley set out to get back just 16 minutes a day when she first started. Ashley believes any team member can become a systems thinker if they focus on learning, strategy, and accountability. From acceptable use policies to task forces, the conversation mapped out how to move from exploration to real adoption in a trusted, scalable way.

💡 Biggest takeaways:

• Three Traits of an AI-Ready Leader: Growth mindset, business acumen, and a non-technical but strategic approach are the core of AI-ready teams.
  

• Structure Beats Hype: Internal AI task forces, acceptable use policies, and project plans create real momentum.
  

• Share, Train, Normalize: Organizations should openly share use cases, run all-company training, and create AI committees to normalize and democratize innovation.

• Create Fences, Not Walls: AI sandboxes (“playgrounds”) with clear rules (“fences”) help teams explore safely while staying aligned with policy, ethics, and responsibility.

✅ Recommendations:

• Start with an AI readiness checklist: assess policies, people, and organization maturity.

• Form an internal AI task force to identify high-value use cases and meet monthly to drive project accountability.
  

• Shift the mindset from fear to curiosity: share success stories and emphasize that even small wins matter.
  

• Prepare for the future now: explore tactical use cases like RFP responses, SharePoint agents, and ticket automation to reclaim time for creativity.

Thanks to Ashley for the deeply practical and motivating conversation on what it

🤖 SaaS Is the Modern Attack Surface — So Why Aren’t MSPs Treating It That Way?

I’ve been saying this for years: the modern SaaS delivery model is the new attack surface, and it’s quietly enabling cyber attacks in ways many aren’t even tracking. So when I saw Patrick Opet, Chief Information Security Officer at JPMorgan Chase, call this out in an open letter to software suppliers, it felt like a long-overdue acknowledgment. He put it plainly: SaaS is creating “substantial vulnerabilities that are weakening the global economic system.”

The core of his message? Software providers need to stop prioritizing flashy features over security. We need to rethink how we architect our security frameworks to optimize for SaaS and minimize risk. And more importantly, we need to work together as a community to prevent the abuse of interconnected systems.

But here’s where I think the letter falls short: it doesn’t go deep enough into the visibility problem. Yes, software vendors need to do a better job at securing their platforms, but how are organizations actually managing all of this SaaS sprawl? Shadow IT is one thing, but what about the critical systems? What about the SaaS most businesses rely on every single day? How are those being monitored and protected?

SaaS isn’t some fringe issue anymore. It’s the core of modern business infrastructure. And with that shift, identity has become the frontline of cyber attacks. Authentication, misconfigurations, permissions, they’re all under fire. So while it’s great to see JPMorgan pushing for higher standards from suppliers, we also need to ask: how are MSPs handling this growing attack surface?

This should be a call to action for MSPs. The focus can’t just be on endpoint vulnerabilities anymore. It’s time to zoom out and start analyzing the full supply chain of client SaaS environments. We can’t just rely on managing 365 or Workspace. What about the dozens (or hundreds) of other apps running in the background?

Opet makes a powerful point that “secure and resilient by design” can’t just be a slogan. It needs to be baked into the way providers build and deliver software. And I’d argue that SMBs (who often have no procurement oversight or internal security leadership) are going to be the highest-risk group moving forward. They’re entirely dependent on SaaS, with little to no legacy infrastructure in place. That’s a fragile foundation if no one’s paying attention.

So what’s it going to take? How many vendor breaches and supply chain attacks have to hit before MSPs realize that SaaS isn’t a side concern.

SaaS management platforms are coming, whether the market is ready or not. In the future MSP landscape, I believe they’ll be as ubiquitous as RMMs or PSAs. The question isn’t… it’s when. And as industry leaders like Patrick Opet continue to raise the alarm, and as regulations tighten, it’s going to be fascinating to see which MSPs step up and lead in this space.

🎙️ I’m Live Next Week

How do you build real, lasting relationships that actually move the needle in your career and business?

That’s the question I’m diving into with Jason Ulm, Global VP at Capgemini. Jason’s led global teams, built high-trust partnerships, and knows what it takes to connect with people in a way that creates momentum. In this chat, we get into what it means to pour into people—and how to do it with purpose, consistency, and impact.

Why this conversation matters:
Relationships aren’t just a “nice to have”—they’re a real advantage. Here’s what I took away from our conversation:

• How to build trust quickly, even under pressure

• Why investing in people leads to better results and retention

• Habits that create stronger culture and loyalty—internally and with clients

• How to lead with empathy without letting go of accountability

🎧 Register here

🔗 Stuff Worth Clicking

• Proofpoint To Acquire Microsoft 365 Specialist Hornetsecurity For $1 Billion

• What happens when 27 years of IT infrastructure walks out the door?

• Weird News: New smartphone cases allow you to “touch grass” without hassle of going outside

📬 Hit Me Back

That’s it for this week. If your team’s already experimenting with AI—or if you’re still figuring out where to start—hit me back. What’s working? What’s getting in the way? I want to hear how you’re thinking about both AI readiness and the SaaS security landscape.

Let’s keep the conversation going.