{"id":215395,"date":"2026-05-18T01:59:00","date_gmt":"2026-05-18T05:59:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/18\/optiv-ai-is-reshaping-the-mdr-security-approach-for-partners\/"},"modified":"2026-05-18T06:50:23","modified_gmt":"2026-05-18T10:50:23","slug":"optiv-ai-is-reshaping-the-mdr-security-approach-for-partners","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/18\/optiv-ai-is-reshaping-the-mdr-security-approach-for-partners\/","title":{"rendered":"Optiv: AI is Reshaping the MDR Security Approach for Partners"},"content":{"rendered":"<p><a href=\"https:\/\/www.channelinsider.com\/security\/ai-mdr-cyber-operations-optiv-product-director\/\">Optiv: AI is Reshaping the MDR Security Approach for Partners<\/a><\/p>\n<p><a href=\"https:\/\/www.channelinsider.com\/security\/ai-mdr-cyber-operations-optiv-product-director\/\">https:\/\/www.channelinsider.com\/security\/ai-mdr-cyber-operations-optiv-product-director\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-18 01:59:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.channelinsider.com\">www.channelinsider.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.  Cybersecurity is fundamentally different today from many other industries being disrupted by AI.<\/p>\n<p>Defenders are constantly facing active adversaries, and AI has only intensified these threats. Many sectors are focused on AI-driven efficiency and automation, while cybersecurity teams must simultaneously defend against attackers who are rapidly adopting AI-powered tooling.<\/p>\n<p>In a conversation with Benjamin Spencer, product director at Optiv, we\u2019re seeing an acceleration of the \u201carms race\u201d between defenders and threat actors.<\/p>\n<p>   The AI arms race in cybersecurity\u00a0<\/p>\n<p>\u201cIn the cybersecurity industry, you still have that pressure, but on the other hand, you\u2019re also having the pressure of attackers who are like, \u2018Hey, I want to do harm to you and I want to do it in a manner that\u2019s gonna be AI-enabled,\u2019\u201d said Spencer.\u00a0<\/p>\n<p>\u201cIt\u2019s not that we\u2019re all doomed or there\u2019s not going to be security jobs anymore \u2013 the arms race has just gotten faster.\u201d<\/p>\n<p>AI is increasing in speed, scale, and sophistication of both attacks and defensive workflows. Organizations will now have to rethink their security operations approach.<\/p>\n<p>Why Optiv is still betting on human capabilities\u00a0<\/p>\n<p>Spencer argues that while AI can improve efficiency and reduce repetitive work, he argues that organizations still need experienced analysts capable of deep investigation and contextual reasoning.<\/p>\n<p>AI is more likely to shift analysts toward more complex investigative and forensic responsibilities, Spencer said, rather than eliminating human roles.<\/p>\n<p>\u201cBeing an analyst is not necessarily an easy job, and people absolutely make mistakes,\u201d Spencer explained. \u201cI can\u2019t tell you how many incidents I\u2019ve responded to where someone caught something and then it just never got raised or the escalation didn\u2019t happen right. There\u2019s always been some error rate in the system. Analysts have never been 100 percent correct.\u201d<\/p>\n<p>How AI lowers the barrier for attackers<\/p>\n<p>One of the greater concerns for Spencer is that AI has dramatically lowered the technical barrier required for cybercriminals to launch sophisticated attacks.<\/p>\n<p>Much as ransomware ecosystems and access brokers commoditized advanced attack techniques, AI-powered exploit generation, automation, and offensive tooling could enable less technically skilled attackers to conduct more advanced operations at scale.<\/p>\n<p>This creates additional pressure on defenders, who must determine how much they can trust AI-driven security tools while still maintaining human oversight over critical decisions.<\/p>\n<p>\u201cThe bar for attackers to do things is getting lower. The more you can make the tooling available to attackers and they don\u2019t have to be technically skilled \u2013 you\u2019re going to see more of those attacks,\u201d Spencer said.\u00a0<\/p>\n<p>\u201cAt the same time, defenders are trying to figure out where that line is between what they trust AI to do and what still requires a human.\u201d<\/p>\n<p>Companies are still in the early stages of AI-led transformation<\/p>\n<p>The current AI transition is not unlike many historical shifts in technological advancement.\u00a0<\/p>\n<p>Many organizations still treat AI as an add-on rather than fully reimagining their workflows around it. Simply inserting AI tools into existing security processes instead of redesigning operations from the ground up.<\/p>\n<p>\u201cIt\u2019s not just, \u2018Hey, we\u2019re able to do things faster.\u2019 It\u2019s that we built something different. People are still trying to figure it out,\u201d said Spencer. \u201cRight now, companies are basically bolting AI tools onto existing processes instead of rethinking the entire workflow.\u201d<\/p>\n<p>Spencer suggests the industry is still in an early experimental phase, where businesses have not yet fully understood the long-term operational changes AI will bring to cybersecurity programs.<\/p>\n<p>Why traditional MDR is becoming obsolete<\/p>\n<p>Traditional MDR services are becoming increasingly insufficient in the current AI-driven threat landscape. AI automation is rapidly commoditizing basic triage functions, making purely reactive MDR offerings less valuable.<\/p>\n<p>\u201cA lot of MDR providers lived in that initial triage space \u2013 handling the influx of work and telling customers if something happened in their environment. I think that model is going to go away fairly quickly,\u201d said Spencer.<\/p>\n<p>According to Spencer, the future of MSSPs and MDR providers will revolve around proactive, continuous security operations rather than simple alert management.\u00a0<\/p>\n<p>Automated patching and monitoring services become more important<\/p>\n<p>He predicts that service providers will increasingly take on responsibilities such as automated patching, continuous threat exposure management, automated penetration testing, supply chain monitoring, and proactive vulnerability remediation.<\/p>\n<p>The goal will ultimately be to deliver measurable security outcomes rather than identifying threats after compromise. AI will be an enabler for this shift, allowing providers to scale proactive services more efficiently.<\/p>\n<p>\u201cI think we\u2019re moving beyond just the initial detection and response piece,\u201d Spencer said. \u201cYou\u2019re going to start seeing more full-service providers coming in and doing things like patching systems, automated pen testing, and proactive threat hunting. The expectation now is to provide actual outcomes that improve security, not just alerts.\u201d<\/p>\n<p>AI and the growing insider threat problem<\/p>\n<p>Data governance and insider risk are underappreciated as AI security challenges, Spencer told us.\u00a0<\/p>\n<p>Many organizations struggle with poor data hygiene, excessive permissions, and unstructured information scattered across platforms like SharePoint and internal logging systems.<\/p>\n<p>AI search and retrieval capabilities could unintentionally expose sensitive financial, operational, or customer information to employees who previously would not have easily discovered it.<\/p>\n<p>Why internal data capabilities pose risks<\/p>\n<p>However, Spencer thinks the largest risks may come less from public AI model leakage and more from internal misuse of AI-powered enterprise search capabilities.<\/p>\n<p>\u201cA lot of companies have never done anything to clean up SharePoint or their logging environments. When you implement an AI tool and say, \u2018Go search this,\u2019 that can become really bad from a data loss standpoint,\u201d said Spencer. \u201cI think the real damage is insider threats using AI tools to surface sensitive data they shouldn\u2019t have access to.\u201d<\/p>\n<p>\u201cGoing forward, we\u2019ll see a greater focus primarily on data governance. The government is going to be most interested in protecting the wider citizenry, and that\u2019s going to come down to what customer data can potentially be exposed by these big tools,\u201d Spencer continued.\u00a0<\/p>\n<p>\u201cCompanies are realizing they don\u2019t want to store massive amounts of unnecessary data if it creates legal liability.\u201d<\/p>\n<p>Optiv\u2019s positioning in AI security transformation<\/p>\n<p>Optiv\u2019s role is to help organizations operationalize AI securely rather than simply sell AI products.\u00a0<\/p>\n<p>Spencer told Channel Insider that Optiv is focused on helping customers identify the right AI strategies, securely implement AI-enabled security tooling, and build managed security services that combine proactive protection with AI-assisted operations.<\/p>\n<p>This includes advisory services, managed detection and response evolution, and helping organizations understand how to safely configure access controls, workflows, and governance around AI systems.<\/p>\n<p>Spencer positions Optiv as a partner helping organizations close the gap between rapidly evolving attackers and defensive readiness.<\/p>\n<p>\u201cWhat we\u2019re trying to do is help companies implement AI securely and figure out the best fit for their organization,\u201d said Spencer.\u00a0<\/p>\n<p>\u201cWe\u2019re not just saying, \u2018Buy this AI product.\u2019 The idea for Optiv is to provide a meaningful jump toward using AI in security ecosystems while helping organizations catch up with attackers who are doing the exact same thing.\u201d<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Optiv: AI is Reshaping the MDR Security Approach for Partners https:\/\/www.channelinsider.com\/security\/ai-mdr-cyber-operations-optiv-product-director\/ Publish Date: 2026-05-18 01:59:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":215397,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.channelinsider.com\/uploads\/2026\/05\/Untitled-design-6.png?f=jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,27],"class_list":["post-215395","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215395"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=215395"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215395\/revisions"}],"predecessor-version":[{"id":215401,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215395\/revisions\/215401"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/215397"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=215395"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=215395"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=215395"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}