What MSPs Need to Know About Artificial Intelligence

[00:00:00] Welcome to the Powered Services Podcast, your one-stop shop for all the information,

[00:00:09] strategies and insights you need to supercharge your MSP. Get ready to hear from other MSPs

[00:00:19] and industry experts in the trenches and behind the scenes to help you change the future of your MSP

[00:00:27] and increase your MRR. Now, here's your host, Dan Tomaszewski.

[00:00:34] Greetings everybody, welcome to another episode of the Powered Services Podcast.

[00:00:39] We're so excited to have everybody along with us today. This is going to be an awesome topic.

[00:00:45] As always, I've got my co-host, Will Bishop, and we're going to dive into the topic

[00:00:51] we're seeing on just about every forum, I don't know forum conversation we're having,

[00:00:58] which is AI. And I think we brought in the right guy to talk to you, right? Well, absolutely.

[00:01:07] So it's been a while since we've recorded one together and this is good. I forgot how good the intro music was.

[00:01:12] I'm all fired up ready to go now. That doesn't get you anymore fired up. I don't know what will.

[00:01:17] That's it. But hey, let's jump in. So our guest today is a repeat guest. You know, he did such a good job the first time around we've asked him back.

[00:01:27] But you know, kidding aside, I've had several conversations with Tony Rootsie who's our guest today around AI

[00:01:34] because Tony is, I'll let him talk about it a bit more, but he's in the field doing pen tests and things like that

[00:01:39] and he's talking to a bunch of MSPs and asking them what they're seeing and kind of what they're experiencing with AI.

[00:01:44] So I wanted to get him in the studio, get the mic on and pick his brain a little bit. So Tony, welcome to the welcome to the podcast.

[00:01:51] Well, thanks guys. Thanks for having me back. I appreciate it. Yeah, absolutely. Yeah.

[00:01:57] So let's dive in. You know, we mentioned that you're out your pen testing. You're meeting a bunch of MSPs all across the country.

[00:02:04] Tony, you know, what what ways are you seeing that these guys and guys at MSPs are interacting with AI, how's it affecting their cybersecurity operations?

[00:02:14] Like what's going on? Yeah, you know, full disclosure. I'm not an MSP myself. And a lot of people mistake me for MSP a lot of times because I do have a lot of conversations with them.

[00:02:25] And a lot of that is a result of, you know, when you're doing pen tests or in service fonts, either proactive or recovery for the elite folks, a lot of it ends up being a referral to an MSP somewhere.

[00:02:37] You need to have somebody help you with your managed services. And so that drives that interaction and that conversation. And so ever since, you know, we began talking about this and putting this program together, our topic together.

[00:02:50] I've been talking more and more with the MSPs. And it's just blown my mind learning more. I thought I knew a lot of what their challenges were because it's some of the challenges I'm hearing or I heard from the clients themselves on how their MSPs have changed and began adopting or not adopting, you know, any AI interfaces

[00:03:13] and not allowing it in a lot of cases. But it's a good mix of, you know, positive and negative that I'm hearing from, you know, some case examples are, you know, think about the ticketing.

[00:03:30] You know, there's such pressure on the help desk staff to be able to push tickets out and close tickets out there. And they began leaning on some of the earlier versions and not all of them are subscribed to, you know, the chat GPT plus or some of the premium services. So they're getting legacy old versions of the AI and the chat GPT which only caps out about, you know, 2000, 2000.

[00:03:59] And 2021 is when that data is capping out. So what they're referencing is legacy data already, when they provide solutions to, you know, a user and how to remediate a problem.

[00:04:16] And they can't find any vulnerabilities in that that are, you know, 2022, 2023. So that becomes a problem for them because they're giving erroneous solutions providing an out and that's come back to the bottom of few times design or stand.

[00:04:31] But, you know, some of the pros being able to do some real time and some quick analysis, especially if you're, if you're fighting an ongoing attack or you're looking through lots of log data, being able to leverage a lot of the AI plugins to be able to, you know, drive through that data quickly and seamlessly and be able to develop those trend analysis that they are so important to be able to start.

[00:04:59] And you know, remediating those attacks. So there's some pros definitely but, you know, we're seeing a bit of mix.

[00:05:11] You know, one of the things that you know, you're talking about like, you know, the paid and like, you know, not having the right data and how that can impact them there. But how do you see it evolving in the near future and how that will impact MSPs?

[00:05:25] So I mean, we're seeing AI continuing to evolve. I mean, I was watching the news, you know, the other day they're saying AI and making ransomware in different things.

[00:05:36] So like, just what's your thoughts on how it's going to continue to evolve and what do you think it's going to do to the MSPs?

[00:05:42] God, you know, I really think there's going to be a point where we have a bit of a crash on the love of it here.

[00:05:57] I mean, right now you've got lots of love of being think about it. I mean, this, this is blown up since November, I guess, of last year's when it really came out in public and there's more users in the first five days than most of these other social media platforms have had, you know, in their growth in a lot of cases.

[00:06:18] And everybody's on board with it and everybody's trying to leverage it. But I think what's going to happen is we're going to get to a point that there's so much unintended capability in it that we're going to find some systems crashing and, you know, you mentioned yourself, Dan, you talked about with ransomware.

[00:06:39] And where we're already seeing people try to, and some of these chat forms that I'm in, we're seeing people ask a lot of questions of, hey, I'm trying to to prompt GPP or my platform to build the next level ransomware from whatever family of ransomware they're taking.

[00:07:00] They're talking about it openly, which means there's lots more who are dealing with this, you know, on their workshop not talking about it because we're going to start seeing it. I haven't seen any yet that shows me any indicators that, you know, it was pure AI developed or modified.

[00:07:20] But I think that's on the horizon and we're going to feel the impact of it pretty quickly. And that's going to start taking down the problem is, you know, if I'm a guy writing code, ransomware code, I know once I cypher, you know, I've got the cypher keys and I've got the ability to exchange back and be able to give them their data back.

[00:07:41] If it's autonomously written, you know, how do we know that it's going to work when they try to decipher it? Yeah, that's kind of a great unknown. There's a lot of unknowns and, you know, it's kind of like the real botch taken over the world in some of the Doomsday scenarios. You know, that's a big fear factor for folks, you know, kidding, we're not.

[00:08:03] It's, you know, you see a lot of traffic on that. Yeah, I know you're out there doing we've talked about it. You're doing a lot of assessments, a lot of pen testing. Are you seeing any vulnerabilities or new attack vectors that exist because people have implemented AI and maybe not done such a great job of doing it thoughtfully?

[00:08:22] Yeah, I think so. And we're seeing it where they just go out and how do I, how do I configure this firewall and I throw a brand of firewall in there and it's pulling up a configuration script from 2019.

[00:08:42] And again, it comes back to are you a paid user? Are you buying the premium or plus and they're like, no, I just, you know, you're getting legacy data in there. And they, they just build it because they're not a firewall guy. And that's what they, they leaned on. And when we go in and scam, we're finding all kinds of, you know, misconfigurations with, with regards to that. Now, in all fairness, it hasn't happened many times.

[00:09:12] But, you know, when we, there's no broad indicator that it was done, you know, through, through AI, it's when we interface with the system administrator and the network engineers and they go, yeah, you know, that's, that's what I did. Don't put that in the report, but you have to because that's, that's what they're, they're leveraging as opposed to, you know, those validated resources.

[00:09:36] Go ahead, we'll let you keep, I know you got a couple more on this that you wanted to kind of keep going in. I'll let you go and then I'll follow up with after you.

[00:09:46] Yeah, absolutely. So kind of a follow up there, Tony. So I hear what you're saying kind of old attack vectors but new ways to kind of screw it up on the, on the human side with a little assistance, right? But so, I mean, what advice would you give to folks that are, they're implementing AI, you know, different different types of data.

[00:10:05] You know, different different ways. But how do you do it correctly? Like, how do you check and balance yourself and make sure that you're getting solid solutions in place?

[00:10:13] A lot of it is, is really coming back to rolling back to the basics of doing what you ought to be doing anyway whenever you configure something, you know, do a self assessment, do it, do it, you know, outside and check inside out kind of things but have somebody else come and take a look at it as opposed to, you know, just, just run it and and putting it out.

[00:10:34] Yeah, I mean they're, they're coding in production, you know, and writing code in production which is pretty scary thing anyway. But I get it. A lot of a lot of the folks, especially in some of these rule cities and townships and counties, they're one up.

[00:10:52] And they may be the only person who can spell IT, you know, independent of their, their external IT support. Maybe it's an MSP or somebody who's providing them remote services that might be 300 miles away. So they're not getting out there very often.

[00:11:08] And they're the only person there so they've got no way to really look at them. But what they need to do is, is have somebody, you know, come in and just take a look or you can just point them to that device and have the MSP or whoever their IT service provider, you know, just come give you a second look.

[00:11:27] I mean, that's, that's common sense. But it is embarrassing a lot of times and a lot of the younger IT folks won't do that. They just want to kind of fly by the sea of their pants and God bless them until it goes sideways.

[00:11:43] Yeah, I hear you because you can find a lot of resource. You can find a lot of resources out there in the internet. Just don't throw it into a chat session with, you know, chat GPT and say,

[00:11:55] here's my firewall, you're a firewall expert. Configure it. Boom. And you'll spit out a script for you. And if you apply it, man, you're gonna go broke.

[00:12:07] Yeah, one of the questions I wanted to ask you is, you know, we do hear though. I mean, we are. I mean, I'm sure you're hearing you, I mean, you said earlier you're talking to a lot of MSPs that are implementing AI into their business in a lot of different ways.

[00:12:23] Can you maybe go into some of the risk that like, hey, if you start to adopt AI too quickly and you're not thinking about certain things, those risks that you mentioned, like one earlier, like old data, things like that.

[00:12:36] Are there more risk that an MSP should be looking at in considering?

[00:12:41] Yeah, I mean, if you let it make changes autonomously to your configuration and your stack, who knows which way it's gonna start traveling?

[00:12:53] Which rabbit trail it starts rolling down. And if it has a pipe, a pathway that it can't pass traffic, it may open up.

[00:13:06] You know, the big fear for a lot of folks in MSPs is their firewalls drop configs and they resort back to any, any.

[00:13:16] And holy mackerel, if you're AI component did that for you and you weren't alerted, you didn't have the right monitoring on there.

[00:13:27] But you know, to the same discussion kind of flip flop in that back, there is so much value that, you know, when you've got some of these tools that are doing that continuous monitoring and you've got the alerting on your, on your IPS and things like that.

[00:13:42] It can go back and review previous instances and previous IPs and kind of those trends that you saw before, that you flagged that were okay.

[00:13:54] And they were, you know, okay, let's go ahead and let's white list it and let's let it pass.

[00:13:58] It can see that much quicker than you could going through that old traffic when you had to review that. And so that's a huge plus and it's helping lower the, the temperature, I guess on your, on your alerting in a lot of cases.

[00:14:13] And as you're training it, you've got to go back and, and revisit it in the early stages until you build that comfort level. But just don't, don't set it and forget it.

[00:14:25] That's usually the big mistake adopting it too quickly and just, you know, falling on your sword with it.

[00:14:32] Hey, Tony, I got a, I got a big long rambling question for you or a big wrong, long rambling answer. I'm sure.

[00:14:38] I know you do. That's all you do.

[00:14:41] No, I'm picking it's going to be broad, but I get this a lot. I have a lot of people ask say, hey, how can I tell if content has been generated by an AI?

[00:14:50] You and I had a discussion about copyright for products that's been written by me.

[00:14:55] And you start looking at it and it actually doesn't the product doesn't do the things that the AI is written about it.

[00:15:01] And I speak to that a little bit and then the rambling part just in general. How do you tell?

[00:15:06] If, if output you're getting from an AI engine is free from bias or discrimination, or if it does have a lean one direction or the other, how do you kind of pick that apart and know what you're dealing with?

[00:15:17] Yeah, I mean, there's a, there's a handful of those, you know, those output detectors, GPT two output detector is one of them that, you know, book market.

[00:15:30] And just Google that and book market because that's a really good one. And it's pretty solid.

[00:15:36] And, you know, as you look at some content or you look at an email, you can almost start seeing the trends now from at least some of the free chat GPT content.

[00:15:53] You can see the format and the flow that it that it spits out. And you can copy and paste that and you can throw it in and it'll, it'll tell you within, you know, some some pre distinct analysis, you know, whether that was real or is that fake content developed by a robot kind of thing.

[00:16:10] And that creates a big challenge for, you know, think about anybody in education, all the students, you know, people aren't learning.

[00:16:19] The students aren't learning because they're going to chat GPT right me, you know, a 20 page report, boom, and they don't learn anything on that content and it's drag and drop.

[00:16:29] And some of the teachers are savvy, some of the school districts are savvy. Some of the school districts are leaning back on their IT and their MSPs who are running, you know, think about it for district office and MSP at a district office is running probably 10, 15 schools and they have to deal with it all levels from K 12.

[00:16:48] And some of their challenges are, hey, we got kids who are submitting reports and we know their chat GP. We want you to disallow that we want you to put some kind of content filtering in the system that when they upload it to us, it automatically detects it, holy mackerel, that's a hell of a burden on them.

[00:17:05] And right now, I don't know of any, and I'm not heard of any content filtering that is, you know, able to read those packages and determine that to that degree yet.

[00:17:18] They do have other content filters we're looking for, you know, threat data and that kind of stuff. But that's a big challenge and that really falls on my opinion.

[00:17:28] I'm probably not the right guy to ask about that, but you know, on the teachers themselves and the professors because it's happening at all levels all the way up in college level as well.

[00:17:38] Those are huge challenges for them, but there's lots of different detectors and hell just since we've been on this recording here, there's probably been two or three of them that had just popped out and developed today during this period because man so many apps are coming out.

[00:17:55] I had that number a couple days ago and I wanted to remember it, but I came remember they said AI driven apps that there are plugins to chat GPT.

[00:18:07] I mean, it was in the thousands that just came out just in March alone or April along.

[00:18:14] And I mean, it may have been 20,000. I don't know, but that number is just phenomenal to me because it's growing so quickly and nobody can keep up with it.

[00:18:26] Yeah, and so I mean, there's so much that you're talking about here and like I think we could carry this on for another hour. So what I think we would both like to do is bring you back here, you know, not too far from now.

[00:18:41] Let's talk about more let's get into it like really get into the weeds today. We kind of really hit on some of the, you know, the processes of what are happening things we should be considering as MSPs as we're adapting AI into the business and some risk but you also mentioned some rewards.

[00:18:57] And I think maybe the next time we can really get into the meat of it, maybe around like the detection and response and all of that. I mean, would you be willing to come back and be on with us again?

[00:19:07] Yeah, sure. I'm all for it. I mean, it'll probably a completely different landscape if we wait 30 days. I'll tell you, it's crazy. Right.

[00:19:16] But yeah, I'm all for it. Yeah, appreciate it.

[00:19:19] Yeah, I mean, we'll let's definitely will bring him back on and that's we'll want to get into this and keep this going because I think our listeners are going to want to continue to learn and see where it's going.

[00:19:29] So Tony, as we wrap this up, how do people get a hold of you if they want to talk to you about like the forensics and things like that is there a way for people to get in touch with you?

[00:19:38] Oh, my website is TonyRucci.com and Tio and why are you CCI dot com?

[00:19:45] And you know, Tony at TonyRucci dot com is my email.

[00:19:49] Be glad to reach out. I do work all over the country and overseas and I kind of live at airports. It seems kind of like yourself.

[00:19:57] And you're always seems like you're at an event every week. That's where I'm at putting out a fire or hopeless. Maybe proactive.

[00:20:05] Well, Tony, we appreciate you being on and look forward to having you back and talking about how this is evolving. This is definitely something that we're all interested in and appreciate you taking the time to be with us today.

[00:20:16] Well, thank you guys. I appreciate you having me.

[00:20:19] Yeah, thanks, Tony.

[00:20:20] All right, everyone. That's another episode of the Powered Services podcast until next time have a great day.

[00:20:27] Thank you for listening to the Powered Services podcast with Dan Thomas-Chefsky.

[00:20:33] We're dedicated to giving you practical information, tactics and strategies that you can use to supercharge your MSP.

[00:20:44] If you liked today's episode, leave us a rating and review on Apple Podcast and be sure to subscribe so you never miss an episode until next time.

[00:20:53] This is the Powered Services podcast signing off.

[00:21:03] Thank you.