MSSPs and MSPs are being stretched thin as a shortage of skilled cybersecurity talent meets rising client expectations to act as trusted advisors who can reduce risk and guide security planning.
Cynomi's vCISO Platform is a solution that embeds the decision-making logic and other CISO skills that MSSPs and MSPs could access through the platform. It was a way for Cynomi to address the rapidly growing demand for virtual CISO capabilities among service providers, which
last year reached 96%, according to the company’s
2025 State of the vCISO Report.
This week, Cynomi executives introduced agentic AI into the mix. Until now, their CISO expertise has been incorporated into the platform. With its new AI Insights and co-worker agents, such expertise – Cynomi’s CISO Intelligence – is automated and more widely available throughout an MSSP’s and MSP’s workforce.
Cynomi’s AI Insights and co-worker agents are designed to ease the strain of a limited workforce by handling much of the day-to-day work. At the same time, they make it easier for service providers to deliver the kind of CISO-level expertise customers now expect, according to Cynomi founder and CEO
David Primor.
Manual Production to Expert Validation
“Our vision is autonomous security delivery, where MSPs define the scope and Cynomi continuously generates and updates assessments, remediation plans, policies, and reports ahead of every client interaction,” Primor told MSSP Alert. “This shifts the model from manual production to expert validation, enabling teams to focus on strategic advisory instead of creating deliverables.”
By the end of the year, Primor expects this will be the way partners work – setting parameters and approving autonomous, client-facing outputs.
Intelligence Layer and AI Agents
Cynomi’s AI push includes a unified intelligence layer that addresses both the delivery of security capabilities and the go-to-market operations of MSSPs and MSPs.
Then there are the agents, each armed with a specific capability to essentially make up a virtual security team. The CISO agent brings strategic prioritization and senior judgment to every client engagement, while the Auditor agent ensures that compliance requirements are addressed.
Meanwhile, the Analyst agent builds the plans to be executed while the Executive Communicator agent translates the security findings into language that boards of directors and company executives can understand.
The agents are embedded into workflows and, with AI Insight, can explain risks, priorities, and next steps, generate policies and remediation plans, and create executive reports tailored for each client. Additionally, the security activity is directly connected to business and revenue outcomes.
Agentic Expertise
“Ultimately, it means MSPs are no longer limited by how many experts they can hire, because the expertise is encoded into the system and available across every engagement,” Primor said. “To get there, providers need trust in their platform of choice, in the quality of AI outputs, and in the consistency of results. There’s a lot of AI fatigue in the market today, but purpose-built, use-case-specific agents that deliver real outcomes will cut through that.”
It also should make it easier for service providers to not only adopt AI but to optimize it in their operations. The CEO said among Cynomi users, about 75% have adopted the technology for standard efficiency workflows, but fewer than 25% are operating at an expert level.
“What we’re seeing is that when AI is embedded directly into how services are delivered, adoption becomes much more practical and impactful,” he said. “We see agentic AI as a shift from automating tasks to embedding decision-making into security workflows, turning AI into an intelligence layer that applies the judgment of an experienced CISO at scale.”
The GTM Academy
The introduction of AI Insight and the accompanying agents came a day after Cynomi announced its Go-to-Market (GTM) Academy aimed at helping MSSPs and MSPs be more successful with bringing security services to market and scaling them, which will help them move from simply offering services to building scalable and repeatable security businesses.
The GTM Academy is a modular and operator-led program designed by both cybersecurity experts and GTM professionals that includes frameworks, tools, and insights for everything from selling services and pricing and packaging offerings to proving value and marketing. MSSPs and MSPs can deliver security, Primor said. It’s the packaging, positioning, and selling that can be a challenge.
The GTM Academy helps service providers “make that shift from reactive services to strategic advisory and build a repeatable revenue engine,” he said. “It’s about turning cybersecurity into a scalable business model, not just a technical capability.”
It also complements what the vendor is doing with AI Insight and the agents. The new AI tools enable consistent and scalable service delivery via expertise embedded into workflows. In parallel, the GTM Academy helps MSSPs and MPSs package, position, and sell their services.
“Together, these releases reflect our core brand promise: combining operational scale with go-to-market maturity,” he said, adding that partners are now armed with “a complete system that helps partners both deliver at a high level and turn that delivery into predictable, sustainable revenue growth.”