MSPs know they’re needed, but new cyberthreat research from two channel companies in the know—SonicWall and Guardz—shows just how much small and medium businesses need help with cybersecurity. See highlights from the research below for some good talking points for your customer and prospect conversations. Also, find out which vendor got some big funding this week and which providers are making progress in the compliance realm (if you missed this week’s story on Kaseya’s FIPS initiative, read it here). Plus, we have the latest product announcements and highlight some new perks for a partner program, and more. Be sure to read to the end, though, to find out what familiar channel face is taking on a bigger role. Happy reading!
By the Numbers
SonicWall: SMBs Under Attack and Need MSPs More Than Ever
Sixty-eight days. That’s the average length of time companies were under critical cyber attack—the type of attack most likely to deplete business resources—in 2024, according to new research from SonicWall. The 2025 SonicWall Annual Cyber Threat Report reveals a continued onslaught of cyberattacks on small and midsized businesses (SMBs).
Consider this: Ransomware continues to rise, increasing 8% in North America and surging 259% in Latin America. In 2024, the average ransomware payment reached $850,700, with total related losses often exceeding $4.91 million when factoring in downtime and recovery costs. Also, malware spiked 8% year-over-year, while IoT attacks jumped 124% and encrypted threats climbed 93%.
“Threat actors are moving at an unprecedented pace, exploiting new vulnerabilities within days, while we’re observing that it takes some organizations 120 to 150 days to apply a critical patch,” said SonicWall President and CEO Bob VanKirk, in a press statement. “Now more than ever, businesses need the expertise of an MSP/MSSP backed by with real-time threat monitoring and SOC capabilities. Legacy security solutions are no longer enough, businesses must adopt a new mindset to stay ahead of modern cyber threats.”
Other key findings from the SonicWall cyberthreat research include:
- Nearly one-third of all reported cyber events were business email compromise (BEC) attacks, up dramatically from only 9% in 2023.
- 61% of the time hackers exploit new vulnerabilities within 48 days.
- SonicWall detected 210,258 ‘never-before-seen’ malware variants – 637 each day
- Identity, cloud, and credential compromise accounted for 85% actionable alerts.
- IoT attacks targeting IP cameras have become a major target. In 2024, SonicWall prevented more than 17 million attacks on IP cameras, ranging from 750,000 to 1.8 million attacks each month.
Bad Guys Are Using AI Too
The research also finds that AI automation tools are lowering the barrier to entry for cybercriminals. For instance, these tools are making it easier to locate unpatched systems, evade detection, and create workflows for lateral movement. Notably, server-side request forgery (SSRF) attacks, in which a threat actor essentially tricks the server into making a request to potentially sensitive internal services within an organization, increased 452% in 2024.
The Takeaway
The report concludes: “With threat actors exploiting vulnerabilities within days, businesses need an MSP that can proactively monitor, detect, and respond to threats before they escalate into costly breaches.”
Clearly, there’s plenty of threat evidence to talk about with your prospects and current clients.
Guardz Uncovers Rising Dark Web Threats Targeting SMBs
Guardz, a cybersecurity company, reports that it has uncovered alarming dark web activity targeting small businesses. A recent investigation by the Guardz Research Unit (GRU) found dark web listings selling stolen credentials, exploiting unpatched vulnerabilities, and offering ransomware-as-a-service (RaaS).
For example:
- Over 15% of the hundreds of dark web listings analyzed by Guardz offered access to organizations through vulnerabilities that were disclosed years ago. This includes the EternalBlue flaw in Windows’ Server Message Block protocol, disclosed in 2017 and still unpatched on many devices.
- Dark web forums listings advertise access to small business networks through compromised RDP and VPN credentials.
- Ransomware as a service now features double extortion methods, threatening to release sensitive data if ransoms are not paid.
“Cybercrime has become an industry of its own, and enterprises are no longer the sole or main targets; small businesses are their new favorite victims—whether they realize it or not. For just a few hundred dollars, hackers can gain and share access to company systems, hold data hostage, or disrupt operations, putting entire livelihoods and businesses at risk,” said Dor Eisner, CEO and co-founder of Guardz, in a press statement.
Guardz’s latest findings underscore the urgent need for regular patch management, implementation of strong credential policies, and the use of multifactor authentication. The research also noted that partnering with trusted MSPs is essential.
Products
GoTo Launches Workforce Engagement Solution for GoTo Connect Contact Center
GoTo, a cloud communications and IT management provider, introduced AI Quality Management, a workforce engagement management (WEM) offering for GoTo Connect Contact Center. AI Quality Management is designed to simplify agent coaching and training through automated AI-powered reporting and analysis.
AI Quality Management for GoTo Connect Contact Center automatically evaluates all inbound queue calls within minutes, providing actionable insights, according to the company. Contact center managers can now pinpoint opportunities for improvement, take corrective action, and collaborate with their teams to enhance performance and drive customer satisfaction.
The workforce engagement solution automates the review of 100% of queue calls instead of manually spot checking, backed by minimal setup and configuration. It also empowers supervisors with insights to highlight agents who excel at customer service and help improve the performance of those who need coaching.
Trend Micro Rolls Out AI Agent
Trend Micro launched an AI Agent called Trend Cybertron, which combines the reasoning capabilities of Agentic AI with 35 years of data, threat intel, and human expertise.
The specialized cybersecurity large language model (LLM) is designed to drive proactive security outcomes. Using local risk assessments and global threat intelligence in the industry, the new AI engine predicts and prevents threats across an organization’s entire attack surface in any environment, according to the company.
More than a standalone LLM, Trend Cybertron will leverage all of the core technologies in Trend Vision One—threat data, analytics, engines, and beyond—to provide a complete solution for organizations’ entire cybersecurity workload.
Partner Programs
Bitwarden Expands Benefits for Its MSP Program
Bitwarden, a password, passkey, and secrets management vendor, is expanding its MSP program.
Enhancements include:
- Partner of the Quarter program: Recognizes MSPs that drive business growth through client onboarding, training, and secure password management.
- Not-for-resale (NFR) licenses: MSPs gain free internal Bitwarden usage after meeting customer seat thresholds.
- Flexible licensing model: Removes minimum license requirements, enabling MSPs to scale based on client demand with a seat-based billing structure.
In addition, Bitwarden’s MSP team now has a dedicated presence in Europe.
Investments & Funding
NinjaOne Secures $5 Billion Valuation and $500 Million Funding
NinjaOne, an RMM platform company, announced $500 million in Series C extensions at a $5 billion valuation. Investors included ICONIQ Growth and CapitalG.
The company says the money raised will fund R&D focused on autonomous endpoint management, autonomous patching and vulnerability remediation, and expanded IT use cases that improve employee experiences with devices. The funding will also go toward customer support as well as the pending acquisition of Dropsuite.
NinjaOne said it has no debt and remains a founder-led and controlled business after the Series C extensions. According to the company, co-founders Sal Sferlazza and Chris Matarese remain the biggest equity holders in NinjaOne, have majority control of the board of directors, and hold a majority of the company’s voting power.
Compliance
N-able Announces Commitment to CMMC 2.0 Readiness for N-central
N-able, an MSP platform provider, announced its commitment to Cybersecurity Maturity Model Certification (CMMC) 2.0 readiness for N-able N-central during the second half of 2025.
The CMMC 2.0 level 2 ready version of N-central will help partners with an accelerated path towards meeting CMMC 2.0 requirements. The release will also include a descriptive deployment guide to help ensure compliance with separated hosting requirements.
N-able also outlined some other secure-by-design milestones:
- The configuration of Alma Linux as N-central’s new operating system in accordance with the Center for Internet Security (CIS) benchmarks—a set of best practices designed to enhance security by reducing vulnerabilities and hardening the system against potential threats.
- Audit logging security enhancements with flexible SIEM integration for advanced monitoring and analysis. Additional audit data will be coming in future releases, furthering N-able’s commitment to the CISA Secure by Design Pledge.
“CMMC 2.0 readiness is a journey we are committed to as we seek to help our partners grapple with growing security complexities and needs within their increasingly regulated customer base,” stated Mike Adler, N-able CTPO. “We will be taking additional steps in the coming months to include NIST 800-171 attestation and increasing FIPS encryption standards adoption, and are providing hands-on support for our partners looking to embark on their own readiness journeys. This initiative is just one of the ways we are working alongside our partners to help build a more secure environment across the full global supply chain.”
N-able already holds key attestation reports for SOC 2 Type II and HIPAA Type 1 across its core products and an ISO 27001 certification with respect to its information security management systems.
Cisco Achieves FedRAMP Authorization for Meraki Cloud Networking Platform
Networking and security provider Cisco has received FedRAMP authorization at the Moderate Impact Level for its Cisco Meraki for Government solution under the sponsorship of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). FedRAMP is a U.S. government program that promotes the adoption of cloud technologies across the federal government by providing a standardized approach to validating security and risk controls for cloud-based products and services.
The Cisco Meraki FedRAMP authorization complements its existing StateRAMP certification, which is the highest level of authorization for IT providers offering solutions to state and local governments.
Community
Pass It On! Scholarship Nominations Now Open for Female High School Seniors Interested in STEM Career
The Global Technology Industry Association (GTIA) and The ChannelPro Network are taking applications for the annual Cecilia Galvin Scholarship, a $5,000 USD award dedicated to supporting aspiring tech professionals. This scholarship honors the memory of Cecilia Galvin, former ChannelPro Network executive editor and a passionate advocate for women in technology.
The scholarship can be applied to a two- or four-year college program, trade school, or professional certification and training program in the technology space within the United States.
The application deadline is March 21, 2025. If you know of an eligible applicant, have her apply here.
People
ConnectWise appointed Sean Lardo as the new vice president of communities. For the past three years, Lardo has led and been the face of ConnectWise’s annual PitchIT contest. Prior to that, he was VP of partner development at OIT … OpenText appointed Chadwick Westlake as EVP and CFO, effective March 5, 2025, to succeed Madhu Ranganathan. Westlake previously served as the CFO of EQB, a digital financial services company … Zyxel Networks, a cloud networking solution provider, appointed Ken Tsai as the new president, effective February 2025. Tsai brings 19 years of experience from the Zyxel Group, having held key positions across various strategic operations and product management units.
Distribution & Marketplaces
Alvaka, a global provider of ransomware remediation solutions, will offer Ingram Micro channel partners and their clients in the U.S. prioritized access to its remediation and recovery services. “The increase in ransomware attacks is putting channel partners nationwide on high alert to find more ways to enhance their cybersecurity measures and better protect against and improve upon their response strategies in an ever-evolving threat landscape,” said Adam Bellows, U.S. executive director, networking and security, Ingram Micro, in a press statement. “This new relationship with Alvaka will help empower our customers with a direct line to the emergency response services they need when they need them.”
Rewst, a low-code automation platform for MSPs, is now available on the Sherweb marketplace. “Even before this partnership, we were seeing growing demand from MSPs to integrate Sherweb into Rewst workflows,” said Charlie Tomeo, CRO at Rewst, in a press statement. “Now, MSPs have the flexibility to purchase Rewst through Sherweb’s marketplace as well as automate purchasing and reconciliation of Sherweb licenses using our platform. The potential business value for MSPs is substantial.”
