Cork Report Asserts Need for Shift to Next-Gen IT Services

Cork Protection recently released its “SMB Cyber Defense 2026: Expert Strategies for Staying Ahead of Threat Actors” report, compiling market research and industry expertise with advice for MSPs and other providers seeking to build the next evolution of their business.

We spoke with Cork Protection CEO Dan Candee about the report and how he plans to support MSPs and their SMB clients across North America.

SMBs facing heightened financial risks as AI-powered security threats skyrocket

The report is the culmination of industry reports and insights from several channel leaders whom Candee says he reached out to because he knew they had important analysis to share with partners.

“I know my brain can only handle so much at a time, and our time and partners’ time is precious, so I sought out the people who I knew would have really important things to say and would be willing to share those insights,” Candee said.

“My hope in releasing this is that partners can operate with greater confidence as they drive financial conversations with customers, not just IT discussions,” Candee continued.

A portion of the report highlights the ongoing security risks to SMBs, particularly due to a lack of preparation for attacks, which is becoming increasingly common in the market.

“SMBs are still dangerously complacent about ransomware,” said Vimeo CISO Ryan Weeks in the report. “Too many believe they’re not a target, or that basic defenses are enough. That mindset is exactly what attackers exploit.”

The report also emphasizes that AI-enabled threats are driving more attacks at potentially a more concerning level than ever before. As threat actors unlock the same efficiency gains businesses seek through leveraging LLMs, agents, and other tools, SMBs face a new frontier.

“For years, we’ve discussed AI in the context of business efficiency and innovation. In 2026, we must confront its dual-use nature. The same large language models that draft marketing copy

can now generate flawless, context-aware phishing emails at a scale previously unimaginable. The cybersecurity challenge is no longer just about defending against human adversaries; it’s about defending against AI-powered adversaries operating at machine speed,” said Jon McNeill, the CEO of DVx Ventures, in quotes published in the report.

What cyberattacks really cost SMBs: revenue, trust, and compliance

At the same time, SMBs face potentially debilitating fallout after suffering an attack or security incident, and not just from paying out for ransomware-related issues. 

The report outlines the following as the key expenses facing small businesses:

• Lost Revenue: Direct losses from the inability to conduct business, process sales, or deliver services.
• Productivity Loss: Salaries paid to employees who are unable to perform their jobs.
• Recovery and Remediation: Costs associated with forensic investigation to determine the scope of the breach, rebuilding systems from scratch, and deploying new security measures.
• Reputational Damage: The long-term loss of customer trust, which can lead to significant churn and difficulty acquiring new business.
• Regulatory Fines: Increasingly stringent data protection laws, such as the EU’s General Data Protection Regulation (GDPR) and the Digital Operational Resilience Act (DORA) for the financial sector, impose severe financial penalties for breaches resulting from inadequate security.

“Modern business owners are trying to be more efficient, and they are trying to understand things like AI and cybersecurity, but they aren’t experts in any of those areas,” Candee said. “MSPs are the beacons of hope and intelligence for these businesses, and they need to be able to provide that expertise to clients.”

Why security services now dominate the IT channel

The result, experts say, is a new definition of cyber resilience—one that moves beyond prevention toward continuous protection, recovery, and financial survivability. The report urges MSPs to integrate security, business continuity, and risk management into a unified service framework. 

“Cybersecurity is no longer a checkbox for SMBs,” said Jay McBain, chief analyst at Canalys, in the report. “The providers who embrace security as the foundation of their services are capturing the market’s growth.”

That shift is also redefining the economics of the channel. Citing Canalys data, the report notes that the managed services market will reach $595 billion in 2026, with managed security services growing fastest at 15% year-over-year. 

For every dollar of hardware or software sold, channel partners generate two dollars in high-margin services, a dynamic positioning that positions security-focused MSPs as the most profitable players in the ecosystem.

“The MSP model has shifted in recent years, and 2026 is likely to see a greater push towards MSP 3.0… The complexity of the new delivery model encompasses not just technology, whose scope is increasing to include cybersecurity as standard (rather than as an add-on to IT support), but also compliance, regulation, and vertical expertise,” McBain continued.

Why MSPs need to evolve to meet the needs of customers and remain competitive in market

MSPs that master security frameworks, compliance readiness, and recovery orchestration are capturing the high-value segment of the market. Those that remain reactive risk being pushed to the commodity end—competing on price instead of protection.

“Your end users need you to be the source of truth on technologies that are safe and appropriate. This is all about your maturation as the source of truth on where and what technologies are right for your clients,” said Pax8 CVP of Community and Partner Experience Rob Rae.

How Cork and peers are powering the MSP business model shift

The report names this evolution the next “great pivot” for MSPs who are no strangers to changes in their business models. To Candee and several of his peers, vendors will also need to evolve into more strategic partners for their partners, be that through technological innovation or simply through understanding the needs of the market as they change.

“When you look at the MSP solutions on the market today, they’re practically ancient. The legacy players have been around for decades. The tech hasn’t evolved much in all that time, so we saw a real opportunity to hit the reset button and build something exponentially better,” said Austin McChord, founder and CEO of Slide, in the report.

For Cork, that means doubling down on the business goals Candee established when he took the helm in 2024. The company offers a variety of warranty options and provides partners with the tools they need to assist customers in making decisions on cyber insurance, next-generation tooling, and more.

“Cork Protection has evolved into a company that provides service providers the tooling they need to have and lead business risk conversations with their customers,” said Candee.

“We’ve seen real payouts that saved businesses from closing their doors. That’s the difference Cork brings, proof that cyber protection can be both measurable and financially meaningful,” said Chris Hutton, CFO of Cork Protection.

The end of the report details a number of factors MSPs should consider as they evolve their businesses, including:

• Building a security-first culture
• Engaging with clients in the boardroom on business goals, not just IT needs
• Developing compliance and regulatory expertise to offer a holistic approach to resiliency
• Leveraging tooling to increase visibility across tech stacks and client needs