MSP technology news headlines for the week of July 13, 2026
The Department of War’s surprise pause on CMMC Phase II requirements is leading this week’s headlines, while ConnectWise officially launches its long-awaited predictive IT platform and Cribl expands deeper into AI-powered security operations with its CardinalOps acquisition. Elsewhere, vendors are rolling out new tools for identity security, automation and agentic AI, while fresh research highlights everything from ransomware’s growing reliance on compromised identities to the challenges of governing AI in the enterprise.
If you’re ready for more of this week’s MSP news and partner program updates, scroll on down!
Forging the Arsenal of Freedom: Department of War suspends CMMC Phase II requirements
The Department of War announced the immediate suspension of Cybersecurity Maturity Model Certification Phase II requirements and launched a 60-day review of the program.
Key quote from the press release:
“In support of Secretary Pete Hegseth’s directive to reduce compliance barriers for small and medium sized businesses, we are today suspending the CMMC Phase II requirements and initiating a 60-day study of the future of this program. Robust cybersecurity and operational resilience remain critical to protecting American innovation and supporting warfighter readiness. We believe the DIB can achieve both, while we reduce unnecessary government red tape.” — Kirsten A. Davies, chief information officer, Department of War
Reken launches from stealth to build an internet safe for humans
Former Google and Shape Security leaders reveal breakthrough on-device AI security platform and its first platform app, designed to fight AI scams, fraud and deepfakes.
Key quote from the press release:
“The Internet is not safe, and is getting less safe every day because of AI. Traditional cybersecurity has failed to solve these problems, and increasing scams, fraud, and cybercriminal use of AI have accelerated this erosion of trust. We need a new architecture to prevent our critical online channels from becoming overwhelmed.” — Shuman Ghosemajumder, CEO, Reken
Research discovers vulnerable UEFI shims undermining devices’ Secure Boot

ESET researchers discovered 11 old, Microsoft-signed UEFI applications that allow bypassing UEFI Secure Boot on the majority of UEFI-based systems.
Key quote from the press release:
“What makes these old shims dangerous is not a novel vulnerability; it’s that no new vulnerability is needed to bypass UEFI Secure Boot. An attacker needs no complicated exploitation primitives — only a copy of an old, still-trusted but unrevoked shim binary and a basic understanding of how UEFI shims work. That is enough to bypass such an essential security feature as UEFI Secure Boot.” — Martin Smolár, researcher, ESET
Pax8 research finds small businesses all-in on AI with 2 in 3 projecting stronger competitive composure

As AI adoption stabilizes, a new divide emerges between businesses deploying AI and those struggling to move beyond testing.
Key findings from the report include:
- 61% of SMBs are actively using AI, consistent with 62% reported in the Q1 2026 Pulse, while another 29% are still experimenting.
- Nearly three times as many AI users say they are ahead of competitors on technology, 31% compared with 12% of non-users.
- 65% of AI users are very or extremely confident in business growth, compared with 56% of non-users.
- More than twice as many AI users increased technology spending over the past year, 53% compared with 24% of non-users.
- The share of SMBs saying they are interested in AI but have not started dropped from 9% to 1.5% in a single quarter.
Optro launches Optro Partner Connect to power global GRC ecosystem growth
New partner program offers flexible go-to-market options, enablement, certification, technical and co-marketing support, and a clear path for partners to expand services and drive customer outcomes.
Key quote from the press release:
“Partners are a critical growth engine for Optro, and Optro Partner Connect ensures our ecosystem’s experience matches the enterprise-grade quality of our platform. By moving away from transaction-only metrics and adopting a holistic evaluation of capacity and competency, we are giving our partners a clear blueprint to build highly profitable services practices around our GRC Intelligence Platform.” — Scott Whitlock, global VP of alliances and channels, Optro
Apricorn introduces massive 4TB Aegis Secure Key 3, providing fast encrypted storage in a flash drive format

New ASK3 meets and exceeds FIPS 140-3 Level 3 requirements and has been formally submitted to NIST CMVP for validation.
Key quote from the press release:
“Customers asked us for more capacity without giving up the convenience of carrying a secure drive in their pocket, and that is exactly what we built. The 4TB ASK3 combines the ruggedness customers expect from Apricorn with super-fast performance and a design that meets and exceeds FIPS 140-3 Level 3 requirements. Whether it is traveling between offices, supporting field operations or moving sensitive files in harsh environments, this device is built to go wherever the data needs to go” — Kurt Markley, Managing Director, Apricorn
Delinea launches new partner program to drive partner profitability and scale growth
Delinea Partner Advantage Program brings codified rules of engagement and AI-powered enablement to channel.
Key quote from the press release:
“Partners don’t care about your partner program. They care about technology that works, protected discounts, and a vendor that’s easy to work with. We built this program around what partners told us they actually need.” — Scott Goree, senior vice president of channel and alliances, Delinea
79% of ransomware attacks now originate from compromised identities, Sophos report finds

Exploited vulnerabilities are no longer the primary root cause of ransomware attacks as cybercriminals prioritize malicious emails and phishing campaigns.
Key findings from the report include:
- 79% of ransomware attacks started with compromised identities.
- Malicious email and phishing were the top root causes of ransomware attacks, at 26% and 24%, respectively.
- 67% of ransomware victims confirmed their ransomware incident was also their most significant identity attack.
- 56% of ransomware attacks succeeded in encrypting data, including 16% where data was both encrypted and stolen.
- 48% of organizations whose data was encrypted paid the ransom, bringing the four-year average payment rate to 50%.
Cynet releases v4.33, unveiling a new cross-site dashboard and enhanced SIEM capabilities

New platform updates give security teams unified visibility across managed environments, faster investigation workflows, automated response, and deeper integration with existing operational tools.
Key updates from the announcement include:
- Cross-site profile management: Enables administrators to reuse and manage security profiles across different levels of the organizational hierarchy, reducing the need to recreate individual site configurations.
- Improved visibility into alert status, remediation activity, and investigation context, while standardizing how alert information is displayed throughout the console.
- SIEM events page: Centralizes and unifies Cynet’s SIEM capabilities, making it easier for security teams to access, manage, and configure SIEM functionality, displaying a time-bound graph of events over time.
- Custom XDR rules creation: Allows for administrator creation and management of custom detection rules created directly from SIEM data and events.
Cribl acquires CardinalOps to expand its AI platform into security operations
Acquisition brings agentic detection engineering to Cribl, helping customers improve threat coverage, reduce security data costs, and replace legacy SIEM architectures.
Key quote from the press release:
“Security teams do not need more disconnected tools. They need a better way to turn telemetry into effective detections and outcomes. CardinalOps strengthens our AI Platform for Telemetry by adding deep detection engineering capabilities to the open data infrastructure our customers already rely on and serves as the foundation for a complete, open alternative to the SIEM stack they’ve outgrown.” — Clint Sharp, co-founder and CEO, Cribl
Radware introduces cloud-augmented protection for DefensePro X, debuting with Web DDoS Defense
New cloud-augmented protection architecture designed to strengthen detection of sophisticated application-layer attacks while keeping mitigation on premises.
Key quote from the press release:
“As application-layer attacks become more sophisticated, security teams need broader visibility without sacrificing operational control. By extending DefensePro X with cloud-augmented protection, Radware gives customers access to cloud-powered intelligence while helping to preserve the speed, privacy, and control of inline enforcement. Cloud Web DDoS Protection is designed to help organizations strengthen application security without requiring them to redesign their security architecture or expose sensitive encryption keys.” — Gabi Malka, chief operating officer, Radware
JumpCloud launches Workflows to empower IT teams with secure and simple automation

Designed with pre-built or custom automations that scale security and create a seamless bridge to the AI agent era.
Key quote from the press release:
“Workflows have been easy to build with. I’ve got a few running tasks that handle the boring audit stuff for me: empty group cleanup, duplicate user detection, and notifying managers when their team gains admin access. It all ticks away in the background and frees up time for more interesting security work.” — Joseph Cunningham, head of IT security and support, OOONO A/S
Keeper Security closes the standing privilege gap in cloud identity with Keeper Privileged Cloud
New just-in-time access capability within KeeperPAM ensures privileged credentials are granted only when needed and revoked automatically when a session expires.
Key quote from the press release:
“The challenge with standing privileges is that removing them requires coordination across multiple systems that were never designed to work together. Most JIT access tools are added after the fact, as a layer on top of systems that were never built to revoke access automatically.
Because Keeper Privileged Cloud was built into KeeperPAM from the ground up, rather than layered on afterward, access governance, credential protection and audit all live in the same zero-knowledge architecture. That is the only way zero standing privilege holds up at scale, instead of becoming one more system to maintain.” — Craig Lurey, CTO and co-founder, Keeper Security
Threat Spotlight: how text salting confuses AI-powered email defenses
Barracuda researchers found more than 1 million retail-themed phishing attacks using hidden text to evade traditional and AI-powered email security systems.
Key findings from threat spotlight include:
- Barracuda researchers have detected more than 1 million phishing attacks using text-salting techniques since April.
- The attacks use hidden benign text to dilute suspicious language and manipulate how traditional filters, machine learning models and LLM-based security tools classify emails.
- Generative AI makes text-salting campaigns cheaper, more scalable and more varied by automatically producing large amounts of normal-sounding filler text.
- The campaigns often use compromised legitimate websites or lookalike domains configured with DKIM to appear more trustworthy.
- Attackers use CSS, zero-font techniques and hidden off-screen text to show phishing content to users while presenting different content to security tools.
Arrow Electronics earns Microsoft Azure Virtual Desktop specialization
Specialization validates Arrow’s expertise in deploying, scaling and securing virtual desktop infrastructure on Azure.
Key quote from the press release:
“Achieving the Microsoft Azure Virtual Desktop specialization is a significant milestone for Arrow. It reinforces our commitment to supporting channel partners in delivering modern workplace solutions that drive productivity and security. Through ArrowSphere, we enhance the channel partner experience by simplifying cloud management and enabling seamless delivery of multi-vendor solutions in one unified platform. As one of the leading hybrid cloud and AI aggregators in the channel, Arrow will continue to provide the tools, expertise, and resources channel partners need to succeed in the AI-native cloud era.” — Sophie Daval, global director of public cloud for Arrow’s enterprise computing solutions business, Arrow Electronics
1Password and Anthropic bring secure credential access to Claude, letting an AI agent use approved credentials without exposing the secret to the model

1Password for Claude introduces Agentic Mode and a zero-exposure security framework that lets AI agents authenticate without ever seeing secrets.
Key quote from the press release:
“We need a new security model that is purpose-built for agents, not just humans. The answer isn’t handing agents your secrets. It is to let a user give an agent permission to use a credential without letting the agent see it. Claude knows it used your login; it does not need the password or one-time code in its context. That distinction is where trust in agents starts and the foundation we’re building with Anthropic.” — Nancy Wang, CTO, 1Password
Liquid Instruments puts first AI-powered instrument creation in the hands of every engineer
GenInst Studio redefines testing with agentic AI; delivers application-specific instruments in minutes, not months.
Key quote from the press release:
“The convergence of agentic AI and reconfigurable hardware creates something genuinely new — the ability to build exactly the instrument you need, simply by describing what you want. That’s something our industry has never seen before.” — Daniel Shaddock, CEO and co-founder, Liquid Instruments
New Drata research finds only 13% of GRC professionals are fully confident in their AI visibility
The State of GRC in the Age of AI uncovers the gap between expectations and reality of AI in governance, risk, and compliance.
Key findings from the report include:
- Only 13% of IT and security professionals said they have full visibility into the AI tools active within their organization.
- 71% of organizations reported that an AI tool used for GRC has led to a failed audit or lapsed regulatory standard at least once.
- 86% of teams agreed that many GRC-focused AI tools are not enterprise ready.
- 83% said they are not fully prepared to handle the coming wave of AI integration.
TD SYNNEX selected as global distributor for Fortinet
Global engagement model strengthens TD SYNNEX’s ability to simplify complex, multi-country Fortinet engagements through centralized support and coordinated execution.
Key quote from the press release:
“Multinational customers increasingly need partners that can deliver Fortinet solutions consistently across regions while navigating local market requirements and operational complexity. TD SYNNEX’s global scale, cybersecurity expertise, and strong regional capabilities make it well positioned to help eligible partners coordinate these engagements more efficiently and support customer outcomes across multiple geographies.” — Landon Scott, VP North America Channel, Fortinet
More headlines from Fortinet:
➡️ Fortinet Expands FortiEndpoint with New Capabilities for the AI Era
Identity management found to be critical gap in agentic AI deployments, according to survey of C-level and IT leaders by technology analysts

90% of respondents say they need identity-management improvements to address AI-related risks, including the surge of non-human identities gaining always-on access to corporate data.
Key quote from the press release:
“AI is fundamentally changing how organizations operate, make decisions, and manage risk. But many organizations are discovering that the systems designed to govern people are not prepared to govern a growing population of AI agents, machine identities, and autonomous workflows. Identity is a critical Tier 0 application and has a pivotal role to play in an organization’s confidence in a clean recovery.” — Vidya Shankaran, field CTO, Commvault
The reactive support era is over: ConnectWise Platform is now live, empowering partners in journey to predictive intelligence
The industry’s first purpose-built MSP System of Action unifies PSA, RMM, remote access, cybersecurity, automation, orchestration, AI Agents and ecosystem integrations.
Key quote from the press release:
“The old MSP model is out of runway. The ConnectWise Platform gives this industry a new operating model — one where fragmented tools give way to connected intelligence, automated execution and measurable business impact. This is built to help our partners reduce complexity, move faster, and deliver stronger outcomes for their customers as they enter the era of Predictive IT.” — Manny Rivelo, CEO, ConnectWise
DNSFilter and Blumira help organizations stay ahead of accelerating threats
DNSFilter and Blumira are integrating DNS-layer threat protection with detection and response workflows to help organizations spot malicious activity earlier, reduce investigation time and strengthen defenses against faster-moving attacks.
Key info from the blog post includes:
- The integration is designed to combine DNSFilter’s DNS threat intelligence with Blumira’s detection and response capabilities.
- The joint approach helps security teams identify suspicious domain activity earlier in the attack chain.
- The companies position the partnership as a way to improve visibility, speed response and reduce security complexity for lean IT and security teams.
As ChannelPro’s online director and tech editor for over a decade, Matt Whitlock has spent years blending sharp tech insight with digital know-how. He brings more than 25 years’ experience working in the technology industry to his reviews, analysis, and general musings about all things gadget and gear.
Images: ESET, Pax8, Apricorn, Sophos, Cynet, JumpCloud, 1Password, IDC











