ESET’s Tony Anscombe on the cybersecurity trends MSPs can’t ignore in 2026

Описание: Tony Anscombe, chief security evangelist at ESET


Tony Anscombe (  / tonyanscombe  ) , chief security evangelist at ESET, returns to the podcast for a wide-ranging conversation about the cybersecurity landscape in early 2026. From the emergence of AI-powered malware to familiar weak points that keep showing up in breach after breach, Tony shares practical insights for MSPs advising their customers on security strategy this year.



The conversation opens with a look at major incidents from the past year, including the Jaguar Land Rover cyberattack (https://www.cyfirma.com/research/inve...) that disrupted thousands of supply chain businesses and led to a £1.5 billion UK government loan guarantee (https://www.bbc.com/news/articles/cgl...) , the Ingram Micro ransomware incident (https://www.securityweek.com/42000-im...) , and breaches affecting Salesforce (https://www.cybersecuritydive.com/new...) and Oracle (https://cloud.google.com/blog/topics/...) . Tony shares a striking insight from a cyber insurer: open VPN servers without MFA have overtaken RDP as the leading driver of claims.



The discussion moves to shadow AI risks, with real-world examples of what goes wrong when companies deploy AI tools without security guardrails, and why MSPs have an opportunity to embed themselves as trusted advisors by being the security voice in the room.



Tony also walks through the emergence of AI-powered malware, including ESET’s research on PromptLock (https://www.welivesecurity.com/en/ran...) , the first documented AI-powered ransomware – originally a proof of concept from NYU researchers (https://engineering.nyu.edu/news/ai-p...) that ended up in the wild – and PromptSpy (https://www.welivesecurity.com/en/ese...) , the first Android malware to use generative AI at runtime.



The conversation closes with Tony’s advice for MSPs to stop talking about “cyber risk” and start talking about “business risk” – framing security in terms of downtime, continuity, and financial impact rather than technical threat statistics.



Read Full Transcript



Robert Dutt: Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, still editor at ChannelBuzz.ca, and your host for the show.



Cybersecurity is one of those areas where the threats never stand still, and lately the pace of change seems to be even faster. As we head further into 2026, factors like artificial intelligence, global geopolitical tensions, and increasingly organised cybercrime are reshaping what risk looks like for businesses of all sizes.



Today we’re stepping back from the day-to-day headlines to talk about what’s coming next, what really matters beneath the noise, and what IT service providers and resellers should be paying attention to as they advise their customers.



My guest is Tony Anscombe, chief security evangelist at ESET, and a frequent flyer on the podcast. Tony spends his time analysing emerging threats, talking with security teams around the world, and translating complex security trends into practical guidance.



This conversation is focused on thought leadership and the big picture trends shaping cybersecurity this year, from AI-driven attacks and mobile threats to ransomware and the impact of global events on the digital world Canadians rely on every day.



It’s a great conversation, so let’s get right into it. My chat with ESET’s Tony Anscombe.



Tony, thanks once again for taking the time.



Tony Anscombe: Oh, it’s always a pleasure to chat with you, Rob.



Robert Dutt: I just wanted to take this opportunity to kind of take a look at where we’re at in cybersecurity in the early part of 2026 and get your thoughts on what to expect this year, sort of help our listeners, the VARs and MSPs of the world, get an overall feeling for where things are at, where they’re going. I guess to throw things open, when you look ahead at this year, what feels genuinely different about the threat landscape compared to, say, a year ago? I was going to say a year or two, but I think even a year in this rapidly changing place is plenty.



Tony Anscombe: Well, I think you’ve seen some pretty big incidents last year. None of them, I would say, are a catastrophic incident, whereas the year before we saw the likes of Change Healthcare and there was the CrowdStrike update and things that affect hundreds of millions of people all at the same time. But you had Jaguar Land Rover with a significant issue. You saw the Salesforce ransomware, the Oracle zero day that was e...