The Gately Report: Cybercriminals with AI Daunting for TD Synnex Partners

Channel Futures: What are some of the latest ways TD Synnex can help partners, including MSPs and resellers, optimize their cybersecurity offerings?

Ed Morales: I think it’s just being aware of what's out there as far as portfolio because the threat landscape is continuing to grow. In addition, the Cyber Defense Matrix is one of the things we incorporated into our Practice Builder portfolio. It shows a partner … where there are gaps, and then allows us to be able to help mitigate those gaps with other products and solutions. So you're starting to see that, in addition to the introduction of AI and the introduction of cloud security, all the new high-growth areas of security. You see some leveling of things like network security sales, but data security, cloud security and application security are growing. So we're trying to get them up to scale in that regard, as well as mapping the right products and solutions for them. So that's how we’re trying to accelerate that for them.

CF: Shawn Ardiel, TD Synnex’s vice president of high-growth solutions, said TD Synnex’s vendor portfolio is second to none. What does that mean in terms of partners and their cybersecurity needs?

EM: I think it allows them the right catalog. And in order to understand what they need to offer, they have to understand the gaps based on their end customers' needs. As they start doing this analysis with the Cyber Defense Matrix, they start to see they may not have the portfolio that they thought. If you talk to any vendor, they feel like they have everything covered. That's not necessarily reality. So we want to make sure that we use an agnostic approach when we engage our partners, and then be a consultant to be able to find out where those gaps are and mitigate them through alignment with the right vendors and the solutions, and the enablement to actually help accelerate that adoption.

CF: We’ve talked about TD Synnex’s 2023 Direction of Technology MSP Special Report and how MSPs are focused on new high-growth solutions. What sort of progress has taken place in terms of MSPs embracing and expanding through high-growth solutions?

EM: We’ve realized that not every MSP is created equally so we have to do an assessment, because you have different types of MSPs that have engaged. You have the infrastructure guys who are moving into cloud, and those who are hybrid cloud who are moving into different disciplines of security and analytics. So it's a matter of being able to understand their customer base and mapping the technologies back. That's one reason why we created MSP Evolve, so they have access to that whole value add to help them up their game.

CF: TD Synnex’s 2024 Direction of Technology Survey is now open for responses from resellers. What are you looking forward to learning from that?

EM: There's been a lot more interest in that report. ... We're thinking we’re going to see some validation of our strategy. It's going to be great to start seeing that there is a cross-pollination happening with these high-growth technologies, that there are some unique needs that these partners are having, and that we're going to find out that what we're building is hopefully matching that need. Hopefully it also provides us insights on where we could actually improve and enhance.

We always want to be at the forefront of delivering high value in this model because things are moving so fast. In the old days, you could probably get away with a couple of years, but now it's on a six-month trajectory, so this information allows us to course-correct or course-enhance in our delivery of value to the market. Interestingly enough, it used to be regionally based, but you can talk to a partner in Europe, Latin America, Asia and North America, and the needs and the wants are essentially the same. That's what makes it interesting and that's why we can scale globally. So what you're going to see in North America, you're going to be able to see in other regions shortly.

CF: We’re constantly hearing about AI and cybersecurity. What makes TD Synnex stand out in this area?

EM: We were first to market with a whole go-to-market around Destination AI maybe two years ago because we've had a robust digital analytics practice for years. This was the next iteration of that. And because we work with some of the largest major vendors like IBM and Microsoft, and others in this space, we've gotten such insights with them that we're able to build those enablers. So because we had what I would consider a very aggressive head start, it allows us to now expand that to the other disciplines of cloud and security.

It was virtualization in the early 2000s, and then everything was cloud, and everything was IoT, and right now everything is AI. We've got to be very clear on what AI truly is and what it's not. Part of it's not only telling them what it is, it's also gleaning what it's not as well. I think because we've had this almost two years of a head start, I believe we're second to none when it comes to the AI enablement in the channel.

CF: What is AI not?

EM: People confuse AI with machine learning (ML). With IoT, there are a lot of things that are deployed on an IoT level that are more enhanced predictive analytics and predictive motion, but it's not using the full breadth of an AI portfolio. So there are different levels of it. Qhen I say things are when they're not, it's just making sure that you mitigate the noise. I'm not saying that ML is not a very valuable asset and tool, but there are certain purposeful things that are designed at each different level of AI, including ML, that we've got to be able to delineate so we don't confuse the market. Because a lot of times you hear everybody's got AI, but really how is AI being leveraged and what does that really mean?

CF: What are you hearing from partners in terms of success stories and what can other partners learn from them?

EM: In some of the courses where we've engaged them, we've heard a number of testimonies where partners have actually transformed their businesses. The partners have to be very clear in where and how they place their bets because they only have so much investment that they can do. The fact that we've gone through this many times, we’ve seen what the best practice is for the development of a practice, which is why TD Synnex actually created these enablements to help scale and accelerate the success of our partners. We hear that a lot from those who have actually executed a Practice Builder with us.

Additionally, what we've been hearing about lately are the advancements of our platform … so those kinds of things relative to a delivery mechanism where they see success. What we're trying to do is amplify what they need to do to go to market. At the same time, we take the costs out of their inefficiencies and help them accelerate growth in new areas of technology. So I think that's in essence what we try to do on a daily basis. One of the things we don't do a lot is amplify or talk about, or boast about what we are able to do, and we want to be able to do that with a voice for our customers. We’re collecting this information from our customers, and what we're actually finding out is we have a lot of customers worldwide that are seeing success, and we're actually going to curate that. Hopefully we'll be able to share something like that within the next six months that will validate everything that we just presented here. We already hear it just by having discussions with partners all the time, and now we want to capture that information and share it.

CF: What do you find most disturbing about the current threat landscape?

EM: When you hear about these things where they're using the voices of their loved ones in kidnappings or even in businesses is one thing. But when you see that personal thing happening and the use of AI to get into people's accounts to be able to basically rob them of their life savings, that is scary. And I think our job as an industry is to empower the customer and the person at the local level. It's not just about companies, it's about the people who are in the companies individually, inside a company or outside. So I think that knowledge transfer, the ability to enable of our partners and leveraging our vendors to deliver security at every level, is very key for us. So that's the scary thing, but that's the opportunity. And I want to be one of the good guys. I want to make sure that our good guys are beating all the bad guys out there. That's our vision and our hope in this world that keeps changing every day.

CF: Looking ahead, what can partners expect from TD Synnex beyond everything announced?

EM: You’ll start seeing the vision of what we're offering in this convergence of these technologies. What you're going to start seeing is the delivery of that at scale with our partners. We have discreet practices around cloud, security, AI and analytics, and then AI is kind of that conduit that's supporting all of it. We still have our enablement around each of the discrete practices, but now we have this overarching one that incorporates this cross-pollination.

One thing that is extremely key is in all of our high-growth areas, the underpinning of that is the infrastructure, the modern infrastructure. What we're seeing is extensive growth of storage and servers as well, almost at the same rates as the high-growth technologies. So it's about the data center. It's about building this whole ecosystem of solutions. You used to see these discrete practices being built out and now you're seeing the convergence of it. And then the inclusion of the infrastructure so that when we engage a partner, no matter where they're at in that ecosystem or that hierarchy, they're going to get insights on what's available to them so they can then start to grow their business. Because of the way we're structured now, that allows us to engage at scale and allow more of our partners to participate in this trillion-dollar market around digital transformation. We want to make sure that our partners are getting more than their fair share of that. So you're going to start seeing a lot of the things that we talked about employed for sure, and not only in North America, but globally. This is something that's going to be scaled across all regions.

In other cybersecurity news …

Kaspersky has identified ransomware attacks using Microsoft’s BitLocker to attempt encryption of corporate files.

BitLocker is a full-volume encryption feature included with Microsoft Windows. It is designed to protect data by providing encryption for entire volumes.

According to Kaspersky researchers, the threat actors remove the recovery options to prevent the files from being restored and use a malicious script with a new feature that can detect specific Windows versions and enable the BitLocker accordingly.

The incidents with this ransomware, dubbed ShrinkLocker, and its variants were observed in Mexico, Indonesia and Jordan. The perpetrators targeted companies in steel and vaccine manufacturing, as well as a government entity.

The name ShinkLocker highlights the critical procedure of partition resizing, which was essential for the attacker to ensure the system booted correctly with the encrypted files.

“What is particularly concerning about this case is that BitLocker, originally designed to mitigate the risks of data theft or exposure, has been repurposed by adversaries for malicious ends,” said Cristian Souza, incident response specialist at Kaspersky’s Global Emergency Response Team. “It’s a cruel irony that a security measure has been weaponized in this way. For companies using BitLocker, it’s crucial to ensure strong passwords and secure storage of recovery keys. Regular backups, kept offline and tested, are also essential safeguards.”

According to Kaspersky’s Global Emergency Response Team, the threat actors are using VBScript – a programming language used to automate tasks on Windows computers – to create a malicious script with previously unreported features to maximize the damage of the attack. The novelty is that the script checks the current version of Windows installed on the system and enables the BitLocker features accordingly. In this way, the script is believed to be able to infect new and legacy systems back to Windows Server 2008.

If the OS version is suitable for the attack, the script alters the boot settings and attempts to encrypt the whole drives using BitLocker. It establishes a new boot partition, essentially setting up a separate section on the computer’s drive containing the files for booting the operating system. This action is aimed at locking the victim out at a later stage. The attackers also delete the protectors used to secure BitLocker’s encryption key so that the victim can’t recover them.

The malicious script then sends information about the system and the encryption key generated on the compromised computer to the server controlled by the threat actor. Afterward, it covers its tracks by deleting logs and various files that might aid in investigating an attack.

As a final step, the malware forces a shutdown of the system – a capability facilitated by the creation and reinstallation of files in a separate boot partition. The victim sees the BitLocker screen with the message: “There are no more BitLocker recovery options on your PC.”

Barracuda Networks has unveiled a new AI assistant in the Barracuda partner portal, bringing partners new search and enablement capabilities.

Barracuda AI Assistant will enhance the partner experience and ease-of-use of the partner portal, and it will help partners save time and improve productivity, the company said. This addition makes Barracuda one of the first security vendors to harness the capabilities of AI within a partner portal to provide this level of support.

Using the Barracuda AI Assistant, partners can look for information about Barracuda solutions, the Barracuda Partner Success Program and resources available in the partner portal, helping them to more quickly access the tools and resources they need to support their customers and drive success.

Partners can also use Barracuda AI Assistant to get their product questions answered in real time, 24/7. These can include questions that will help them have more impactful sales conversations with customers and prospects.

Barracuda's Jason Beal

"We are excited to bring partners this cutting-edge tool, one of the first of its kind for channel partners, to up-level enablement and help them more quickly and easily find the most up-to-date information about Barracuda's solutions and services offerings, certifications, sales tools and more, and get additional support for successful sales conversations," said Jason Beal, Barracuda’s vice president of worldwide partner ecosystems.

Barracuda Networks has unveiled a new AI assistant in the Barracuda partner portal, bringing partners new search and enablement capabilities.

Barracuda AI Assistant will enhance the partner experience and ease-of-use of the partner portal, and it will help partners save time and improve productivity, the company said. This addition makes Barracuda one of the first security vendors to harness the capabilities of AI within a partner portal to provide this level of support.

Using the Barracuda AI Assistant, partners can look for information about Barracuda solutions, the Barracuda Partner Success Program and resources available in the partner portal, helping them to more quickly access the tools and resources they need to support their customers and drive success.

Partners can also use Barracuda AI Assistant to get their product questions answered in real time, 24/7. These can include questions that will help them have more impactful sales conversations with customers and prospects.

Barracuda's Jason Beal

"We are excited to bring partners this cutting-edge tool, one of the first of its kind for channel partners, to up-level enablement and help them more quickly and easily find the most up-to-date information about Barracuda's solutions and services offerings, certifications, sales tools and more, and get additional support for successful sales conversations," said Jason Beal, Barracuda’s vice president of worldwide partner ecosystems.