Frederick Bendzius-Drennan and Tim Oelkers unpack what ‘Managed Intelligence’ means in the current technical landscape and offer practical strategies to help MSPs develop valuable (but realistic) Copilot offerings.
Unpack what ‘Managed Intelligence’ means in the current technical landscape and gain practical strategies to develop valuable (but realistic) Copilot offerings.
Frederick Bendzius-Drennan
Hi everyone. We will go ahead and get started. We have a few introduction slides, so if anyone joins a little late, they will not miss too much. Welcome to this webinar focused on managed intelligence providers and strategic approaches for MSPs.
Today, we will cover essential concepts and market trends. We will also talk about AI adoption phases, the risks associated with them, and actionable strategies for success, transformation and service delivery.
Frederick Bendzius-Drennan
We are following a deliberate schedule today. We will start by defining what a managed intelligence provider, or MIP, actually is and what it is not. Then we will look at the market forces driving urgency for MIPs, including customer behaviour and AI adoption trends. From there, we will move into risk, specifically the reality of Shadow AI today.
The latter half of the session will focus on the foundation beneath all of this: security, data governance, service evolution and what MSPs can do immediately before diving fully into the MIP space. This is not a demo-focused session. It is a strategic and operational framework for making AI deployments successful rather than reactive.
Frederick Bendzius-Drennan
To start, what is a real managed intelligence provider? It is not just an AI reseller, and it is not a one-off Copilot rollout manager. A real MIP helps customers think holistically about AI. That includes understanding which business problems they are trying to solve, ensuring the environment is ready and secure, governing how AI interacts with data, and providing continuous guidance as capabilities evolve over time.
The emphasis is on managed. Intelligence, especially with AI, is not something you turn on and forget. It needs to be continuously monitored and managed. It needs oversight, guardrails and governance, much like security and compliance today. This does not require MSPs to reinvent themselves. It requires reframing existing expertise through an AI readiness lens.
Frederick Bendzius-Drennan
The MSP landscape has evolved through several major shifts. Every shift has followed a similar pattern: customer behaviour changed, risk increased and MSPs adapted. Break-fix gave way to managed services. Cloud adoption changed the security perimeter. Identity replaced the network as the central point of control. Security became foundational. AI fits directly into the same evolutionary arc.
The difference is speed. AI accelerates the visibility and impact of existing issues. It does not make the MSP role obsolete; it makes that role more critical. The move from MSP to MSSP was focused on users, identity and securing a changing environment. AI is the next evolution of that journey.
Three trends are converging. First, identity is the perimeter. AI makes identity and access decisions much more consequential. Second, compliance has moved from periodic effort to ongoing obligation as data usage expands. Third, AI usage is already happening inside organisations, whether it is sanctioned or not. AI is not introducing complexity in isolation; it is magnifying trends that MSPs have already been navigating for years.
Frederick Bendzius-Drennan
An easy way to think about this is to compare it to protecting a physical office building. You would not leave doors unlocked, windows open or let everyone look through filing cabinets and HR folders. The same applies to the digital office. Strong security measures inside the tenant protect valuable information from unauthorised access and cyber threats.
Because AI amplifies existing posture, the role of an MIP becomes clear. A real managed intelligence provider helps customers understand which problems AI should and should not be used to solve. They assess the environment honestly, remediate foundational gaps and support AI adoption as an ongoing, governed capability. It is not about deploying intelligence quickly. It is about deploying it responsibly and sustainably in a way that protects the customer and reinforces the MSP’s role as a trusted adviser.
Tim Oelkers
We have heard the term managed intelligence provider for a little while now, and one question often comes up: why now? Is now the opportunity to jump in? Many organisations are waiting to see how this plays out. But if we look back at the timeline from break-fix to managed services and then managed security services, managed security was the most recent wave many of us remember.
The move to managed security often meant adding tools to the stack, thinking about margin and working out how to resell those tools to customers. The difference with AI is that this is about tailwinds versus headwinds. In the security journey, every tool or discussion about security posture often added another check, another verification step or another hoop for customers to jump through. MSPs spent a lot of time educating customers on why security mattered, while balancing security and productivity.
AI is different because productivity is not just increasing; it is increasing exponentially. That is exactly what customers want to see. They are asking how to get the most from what they use today. The gap for MSPs will widen because customers’ AI journeys are moving faster than governance and readiness strategies. It is no longer about being early in front of the wave. The wave is already here, and MSPs cannot afford to be late.
Tim Oelkers
Demand is already here. Customers want to use AI to offload administrative tasks and busy work. They want to be more efficient and do more with what they already have. Competition is heating up, and we are starting to see the entrance of managed AI providers and the emergence of thought leaders in that space. Waiting to see how this plays out is not a winning strategy. It is not even a survival strategy.
There are two sides to SMB AI adoption. At the executive leadership level, the focus is outcomes. Leaders want to know how AI will drive profitability, increase efficiency, improve competitiveness and control costs. They are not thinking about prompts, permissions or data governance until someone raises it with them. They are asking how to get the most value from an AI model because they are trying to stay competitive.
That creates pressure on IT teams and MSPs to make AI work. If you start building the plane while it is already flying, it becomes difficult to put structure in place after the fact. The opportunity is to get in front of that conversation, be proactive and bring it to customers before they bring it to you.
Tim Oelkers
At the employee level, people are asking how AI can make their jobs easier. They want help creating documents, producing content, handling administration, taking repetitive work off their plate and becoming more efficient. In many cases, there is no malicious intent when employees use AI. People are trying to get work done.
The risk is that visibility of information is not always clear to the user. When AI is introduced, it can expose information that has not previously been visible or obvious. That is where Shadow AI becomes important. Demand has outpaced governance and readiness, and many organisations are now asking how to limit or block Shadow AI. Blocking Shadow AI only solves half the problem. It may limit exposure, but organisations also need to present a responsible alternative. That means building the governance and security posture required to support responsible AI in the workplace.
Tim Oelkers
Microsoft has used the term frontier firm to describe organisations seeing exponential gains from AI. What these organisations have in common is that they are not treating AI strategy like the Wild West. They invested early in identity, data protection, data governance and operational maturity. AI was layered on top of that maturity rather than forced into an immature environment.
AI is not a silver bullet. Customers are at different stages of adoption and have different goals. Treating every customer the same is not a successful strategy. MSPs need to understand what each customer is trying to achieve, what problems they need to solve and what organisational goals are driving the strategy. AI will not solve poor data quality, broken processes or weak governance. It will amplify those issues and bring them to light much faster.
Tim Oelkers
The opportunity is now. Competition for MSPs is heating up, just as it did during the managed services and managed security waves. If you are not having AI conversations with customers, someone else probably will. If another MSP establishes themselves as the AI adviser, that position can be difficult to reclaim.
Frederick Bendzius-Drennan
That point leads straight into Shadow AI. AI usage is already widespread, whether an organisation acknowledges it or not. The reality is not that we failed to prepare soon enough; it is that AI usage is inevitable, and governance must exist alongside it. Even if Copilot licences have already been deployed without data governance being fully ready, the important question is what we can do now and how we prepare correctly in future.
When AI contributes to data exposure, compliance failure or misinformation, organisations do not blame AI in the abstract. They trace the problem back to access decisions, data governance decisions, oversight and the gaps that allowed AI to surface the issue. AI amplifies what was already wrong.
Shadow AI is a risk, but it is also a signal of use. It shows unmet demand and missing structure inside customer organisations. The real choice is not control versus productivity; it is unmanaged risk versus governed enablement.
Frederick Bendzius-Drennan
Security and data governance are sometimes described as friction in AI conversations, but in practice they are what enable confident adoption over time. Every AI capability operates on top of identity, permissions and data. If those foundations are weak, AI outputs can be unreliable or dangerous. If those foundations are strong, AI becomes predictable and valuable.
This is not new work for MSPs. It is existing expertise made more visible by AI. The readiness pyramid is a useful way to think about this. At the base are use cases and ROI. If you cannot articulate why Copilot matters to the business, nothing above it will hold. Once that clarity exists, security becomes purposeful. You are not locking things down for the sake of it; you are protecting something that creates value.
Data governance follows naturally. Once you know what problem you are solving, you know which data matters and can govern it intentionally rather than as an afterthought. Technical readiness comes next because you are not just patching gaps; you are preparing the environment for something the customer has committed to. Finally, deciding who gets Copilot first becomes a strategic decision rather than a lucky draw.
Frederick Bendzius-Drennan
AI also creates new attack surfaces. Traditional threat vectors still exist: identity, network, cloud and applications. AI adds agents, generative prompts, responses, plugins, models and web data feeding into those models. Each of these needs governing. This is not only a revolution; it is also an evolution of technology. If you have built strong foundations in the traditional areas, you are already more than halfway there. The question is whether you are ready to extend those controls upward.
Frederick Bendzius-Drennan
Microsoft has been building toward a comprehensive approach that covers both traditional and AI-specific threats. The security stack spans data security and compliance, threat protection and posture management, identity and access, and AI governance and safety systems. These areas reinforce each other. You cannot have strong AI governance without strong identity, and you cannot have meaningful data security without compliance built in.
The AI workloads underneath include Copilot, AI agents, AI apps and broader AI platforms and cloud infrastructure. The security layer sits around those workloads. For clients, that means they do not need to evaluate a dozen different vendors and hope they integrate. Microsoft Purview, Defender, Entra and AI safety systems are built around the same data model, signals and control plane. That is a strategic advantage MSPs can offer today.
Frederick Bendzius-Drennan
Tenant security is the soil that everything else grows in. If the soil is poor, it does not matter how good the seeds are. Copilot, agents and AI apps all depend on a secure, well-configured Microsoft 365 tenant to operate safely. Tenant security and data governance are not separate disciplines; they are part of the same conversation.
When Copilot searches a customer’s SharePoint, it sees what the user sees. If permissions are wrong, AI outcomes will be wrong. That is why AI readiness cannot be separated from security readiness. We have seen what happens when organisations skip this step. Copilot can surface data users technically have access to but were never expected to see. Overly broad sharing permissions, sensitive files in ungoverned Teams channels and forgotten data structures become visible quickly.
For MSPs, this is important because the work is familiar. Auditing policies, conducting risk assessments, enforcing MFA and conditional access, and setting up continuous monitoring are services many MSPs already provide. The message to clients is simple: the security work already being done is the same work that makes AI safe to deploy.
Frederick Bendzius-Drennan
If tenant security is the soil, data governance is the structure: the shelves, filing systems and labels. Without that structure, tools like Copilot can find information but cannot be trusted to surface the right information safely. Copilot is only as useful as the data it can access. If critical information is stored in personal OneDrive accounts, shared drives or old email threads that were never migrated, Copilot cannot help with it.
Data needs to be organised and accessible inside Microsoft 365. Every SharePoint site and Teams workspace should have a clear owner and purpose. If you cannot answer who owns it and who it is for, that is a governance gap. Permissions are often the area that catches organisations out. Broad access, external sharing that was never revoked and groups that became too large were latent risks before Copilot. With Copilot, they become active risks.
Microsoft Purview sensitivity labels are an important safety net. Even if Copilot can access a confidential document, the label helps ensure protection follows the data wherever it goes. This is non-negotiable for regulated industries and good practice for most organisations. Governance work before AI is not about slowing things down; it is about making sure AI delivers value rather than risk.
Frederick Bendzius-Drennan
The shift from MSP to MIP is not about tools. It is about reframing services around readiness, governance and ongoing oversight. This aligns naturally with the long-term customer relationships MSPs already have.
A common question from MSPs is where to start. The positive answer is that, regardless of maturity level, you have already started. Every security assessment, conditional access policy, MFA configuration and sensitivity label is AI readiness work; it just may not have been packaged that way yet.
This is not about becoming an AI company overnight. The MSPs winning in this space are taking a deliberate, trusted, step-by-step approach. Customers already trust you, and that trust is the most valuable asset as you move into an AI advisory role.
Frederick Bendzius-Drennan
The key is to design AI services around real customer problems, not around what is trending. Ask what takes up the most time, what information is hard to find and where decisions slow down. Use those answers to create Copilot and AI use cases.
A simple framework is assess, remediate and advise. First, assess where the customer is today: security posture, data governance maturity, Microsoft 365 adoption and business use cases. This can be a billable consulting engagement, not a free discovery call.
Second, remediate the gaps. This is where existing services fit naturally: MFA, conditional access, sensitivity labels, permission cleanup and similar work. It is bread-and-butter MSP work, now positioned as AI enablement.
Third, advise on adoption. Once the foundation is built, you can guide use case selection, rollout strategy and ROI measurement. Customers that skip assessment and remediation and move straight to Copilot deployment are the ones most likely to see underwhelming projects or security incidents.
Frederick Bendzius-Drennan
When assessing Copilot readiness, the first step is understanding where the client actually is, not where they think they are. Many companies believe they are further along on security and governance than they really are. A readiness assessment closes that gap.
Security and governance evaluation should look at tenant security posture end to end, conditional access policies, MFA coverage, sensitivity label usage and whether SharePoint is structured and governed. These are not tick-box questions; the answers determine whether Copilot will be safe and effective in that tenant.
Microsoft 365 adoption also matters. If a customer is not consistently using SharePoint, Teams or OneDrive, Copilot has less to work with. Understanding adoption helps set realistic expectations and identify quick wins. Business use cases are what get clients excited. Where does the team spend time searching for information? Where are decisions slowed down? Where can Copilot deliver immediate, visible value? Identifying two or three strong use cases before rollout makes the business case for everything that follows.
Tim Oelkers
I want to add something on identifying business use cases. We have a customer taking an interesting approach as part of their assessment strategy. They meet with people in each department, often on site, and ask practical questions: what repeatable tasks do you do, what are your day-to-day responsibilities and where would AI help in a perfect world?
They gather that information from each department and use it as part of the scope. That lets them be prescriptive and explain where efficiency can be improved and where time spent on mundane tasks can be reduced. What they are doing well is asking good questions. The mindset is to seek to understand what you are solving for and then advise whether Copilot can help.
Readiness has two sides: security and governance, and truly understanding the customer. MSPs often know their customers intimately, including their objectives, strategy and how technology aligns to those things. This is no different.
Frederick Bendzius-Drennan
Once readiness is understood, the next step is remediation. Every gap identified becomes a project. Much of this is work MSPs already do, especially during onboarding: conditional access, device and identity posture, Defender for Business, Defender for Endpoint, Entra ID and conditional access.
The goal is to ensure that healthy, compliant devices can access Copilot. We recommend a formal pre-deployment security gate and checklist sign-off before Copilot licences are assigned. That protects the client, protects the MSP and creates a clear milestone for remediation.
Frederick Bendzius-Drennan
The third stage is AI advisory and ongoing partnership. This is where the relationship transforms. You have built the foundation, secured the environment and can now guide customers through adoption and working with Copilot. The use cases should be specific, measurable and tied to real business pain. Summarising meeting notes is a feature; reducing time spent preparing client reports by a measurable amount is a use case.
Start with a pilot group rather than rolling out to everyone at once. Ideally, choose enthusiastic early adopters who can generate success stories. As the programme progresses, the goal is to transition from project-based engagement to a recurring AI advisory retainer. That can include quarterly business reviews, ongoing governance monitoring and new use case identification as Copilot capabilities evolve. That is the MIP model: recurring, high value and differentiated from what many MSPs offer today.
Tim Oelkers
To wrap up, let’s talk about things you can put into practice today. When we ask audiences who has an AI strategy, many hands go up. When we ask who believes they have perfected that strategy, many hands go down. Everyone is learning together.
There are three pillars to a successful AI strategy: technology, people and process. We have talked a lot about technology, data governance, security gates and AI tools. But tooling is not the only piece. There has to be equal investment in people and process. That includes enabling customers through awareness and training, but also enabling your own people.
Tim Oelkers
One practical step is to start using Copilot internally. At inforcer, leveraging AI and Copilot in day-to-day work is a major initiative across roles. It becomes part of team meetings and organisational initiatives. That matters because customers will ask about AI, and it is powerful to be able to share real examples of what you have done internally and how it has impacted the business.
Practice what you preach. Use AI internally, identify Shadow AI in your own environment and think about where Copilot is genuinely useful. The long game is building a service around it: not just delivering AI, but continuing to align customer strategic initiatives with the technology being delivered.
Tim Oelkers
Building internal use cases creates confidence for the team. Examples might include training and enablement, sales coaching or other internal workflows. The point is to create real, tangible examples: the problem you were solving, the result and the impact on the business.
Each customer will be at a different point on the AI journey. Some are at the beginning, and others are moving quickly. Meet them where they are, establish the path forward and align your services to it. For some, that means starting with what they should think about over the next six, 12 or 18 months. For others, it may mean slowing down and putting structure around what success looks like.
The opportunity is now. You do not have to rush straight to autonomous AI agents, but you should be proactive about bringing the conversation to customers rather than waiting for them to ask how they can use AI more effectively.
Frederick Bendzius-Drennan
We have time for questions. If anything comes up afterwards, please reach out through the follow-up contact. Thank you all so much for joining. I hope you have a great rest of your week, and hopefully we will all be in touch soon.
Tim Oelkers
Thanks everyone. Take care.