Hello, Cyber Builders 🖖
In recent months, I’ve looked at how cloud, SaaS, and now AI are changing cybersecurity go-to-market strategies. This post wraps up that series, and it’s the one that matters most.
This isn’t just another round of new features. There’s a real shift in how cybersecurity value is built, delivered, and sold. The lines between software vendors, system integrators, and MSSPs are fading. At the same time, AI is starting to automate work that used to require skilled people—like tuning detections, triaging alerts, running investigations, and making recommendations.
As product and service lines blur and AI automation grows, every business model in cybersecurity has to adapt. Software vendors are acting more like service providers. Service companies are increasingly looking like product companies. Everyone—from startups to global integrators—needs to decide what people should build, what models should handle, and where they can stand out.
In this piece, I want to zoom out and look at that bigger picture. How exactly is AI changing the nature of protection and detection? What happens to traditional service models when growth is no longer tied linearly to headcount? And how should MSSPs, system integrators, and other service-oriented businesses respond if they don’t want to wake up and find themselves displaced by AI-native competitors or aggressive roll-ups?
I’m not here to add more AI hype. My aim is to lay out the real changes I see ahead—from how products are built and delivered to how services are packaged, priced, and scaled. If you’re running a cybersecurity business, these shifts are real. They’ll affect your go-to-market strategy, hiring, margins, and your market position.
AI isn’t just another feature to add to products. It will change core protection and detection, and it will shape how users experience solutions. Most importantly, it will decide which tasks machines do and which stay with people. This is a key shift everyone needs to understand.
The line between products and services is blurring fast. In the past, software vendors hired developers and sales teams to build strong software for their customers and industries.
System integrators bought off-the-shelf software and focused on installing, configuring, and supporting it for customers. They were the last-mile partners for vendors, especially in security, with products such as Palo Alto, Fortinet, and Stormshield in Europe.
Today, cloud and managed services have already changed this setup, and AI is speeding up the shift. We’re seeing more mergers and acquisitions as big software companies buy service providers.
Yet, AI’s impact will go much deeper. Technologies that empower AI models to But AI’s impact goes further. Tools powered by AI aren’t just about automating repetitive work.
Instead of spending hours configuring a tool, you could review the documentation, follow clear steps, ask a few questions, or check with your network. The product, likely cloud-based, would be installed, and AI would handle the expert tasks SOC analysts used to handle.
It is like the Industrial Revolution. In the past, skilled professionals developed their own tools, as artisans do. Their output was limited, even if they knew exactly what needed to be done. Mass production was the challenge.
I see the same thing in big enterprise SOCs and MSSP teams. Talented engineers build custom rules and playbooks, and share their insights online. But even when they know what needs to be done, scaling up is still hard.
What does this shift mean for service companies?
First, business growth won’t depend on hiring more people. Service companies used to rely on engineers and consultants to deliver value.
With AI and automation, you don’t need to grow your team just to serve more customers.
You can design services that are partly automated and partly digital, so you can scale without adding headcount. It’s like moving from artisans to a factory model.
Second, service companies can’t just rely on expert-driven audits. In cybersecurity, the first step was often an audit, including a report and an action plan (or a wish list, as many don’t get applied!).
But customers want more than a snapshot.
They want ongoing, steady improvement. If your service doesn’t help them get better over time, it’s not enough. Services should work like modern software: deliver value right away, then add more as needed. A one-time audit doesn’t cut it.
Third, service companies need to think like product companies. In software, product managers look at trends, customer needs, and feedback to plan for the future.
In services, this kind of product mindset is often missing. Service companies do not have product managers.
MSSPs have done well with managed services, but their approach is usually reactive. Many customers chose MSSPs because they couldn’t run 24/7 security teams. At first, each SOC was custom, but now the model is more shared.
Still, only a few companies, like Arctic Wolf, have really taken a product-driven approach to managed services.
It’s a tough moment for service company CEOs. Will they use AI and build AI-enabled managed services before customers ask for them, or risk being replaced by startups or AI-driven roll-ups?
The roll-up model is worth watching. Big venture funds like General Catalyst are buying established service businesses in fields like legal, accounting, IT support, and cybersecurity. They’re rebuilding these services with AI, replacing work that used to need large teams of junior staff with AI agents. These are the AI roll-ups I mean.
If you want to discuss this further, feel free to reach out.
