Every year brings a new wave of IT industry reports, but Auvik’s 2026 IT Trends Report – titled “Beyond the Hype: The Real State of IT in 2026” – lands as something of a reality check. The headline finding is striking: while 67% of IT professionals say they are optimistic about AI’s potential, only 5% say it is actually core to their daily operations. That gap between ambition and execution is what Auvik is calling the “Maturity Mirage.”
The governance picture is even more telling. Auvik’s research found that 76% of IT leaders believe their organization has an AI policy in place – but only 42% of frontline help desk staff agree. That disconnect isn’t just a communications problem. It’s the open door through which Shadow AI enters the environment, and Auvik’s own platform telemetry counted over 100,000 shadow AI applications discovered in customer networks in 2025 alone.
In this episode of In The Channel, Steve Petryschuk, vice president of product and market strategy at Auvik, joins Robert Dutt to dig into what the data actually means for Canadian MSPs. They discuss why documentation is the unglamorous foundation that any real AI readiness strategy has to be built on, what the MSP execution advantage looks like in the numbers, and how the “Maturity Mirage” framing can help partners have more honest – and more productive – conversations with clients about where they actually stand.
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | Android | iHeartRadio | Youtube Music | RSS
Read Full Transcript
Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last sixteen years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show.
Every year we look to the major vendor reports to see where the industry’s head is at, but Auvik’s 2026 IT Trends Report, titled “Beyond the Hype,” feels a little different this time around. It’s a bit of a reality check for the AI era. We’ve been hearing about the AI revolution for some time now, but Auvik’s data shows a massive gap between what leadership thinks is happening and what’s actually hitting the help desk.
We’re talking about a world where 76% of executives swear they have an AI policy, while more than half of their frontline staff have never even seen it. That disconnect isn’t just a communications problem. For an MSP, it’s a massive opening for shadow AI to walk in through the front door.
To dig into this maturity mirage and what it means for your service desk – and your bottom line – I’m joined today by Steve Petryschuk. Steve is vice president of product and market strategy at Auvik, and he’s been at the center of translating this data into a roadmap for partners. We talk about why documentation is actually the most important AI tool, the rising risk of competency debt in junior techs, and why the Canadian mid-market might actually have an execution advantage over the big enterprise players.
Let’s get right into it. My chat with Steve Petryschuk.
[MUSIC]
Robert Dutt: Steve, thanks for taking the time. I appreciate it.
Steve Petryschuk: Thanks so much for having me.
Robert Dutt: The report highlights a significant gap in AI policy awareness – something we’re seeing across multiple industry reports. In this case, 76% of leaders believe they have a solid AI policy in place, while only 42% of frontline staff agree that policy even exists. Is that a communication failure, or is the policy just not mapping to how people are actually doing the work?
Steve Petryschuk: I think it’s a bit of both. I’d start with communication failure as the primary driver. We don’t always have visibility into when policy violations are occurring, so how do you enforce that policy – or even communicate that enforcement – without that visibility? It starts with just making sure people know the policy exists, and then building some implementation around enforcement.
Robert Dutt: Only 5% of respondents say AI is core to their operations today, despite plenty of optimism in the data. What are the specific readiness hurdles keeping AI in the pilot phase for so many MSPs?
Steve Petryschuk: This is probably one of the most interesting findings in the report – that disconnect between enthusiasm around AI and how little has actually been operationalized. I think it starts with trust. Most MSPs don’t yet have the trust to let AI operate solo, and that makes sense, because we’re the ones managing the client relationships and the consequences when things go wrong. Until we build that trust, we’ll remain at that pilot stage.
So I see it as a phased approach. You start in areas where humans remain in the loop – at least for now – so you can build comfort with the system. But equally important is ensuring you’re giving AI good inputs, because this is still very much a garbage-in, garbage-out situation. If your inputs aren’t clean, your outputs won’t be either, and that’ll hold you back from ever making AI a core part of operations.
Robert Dutt: Does the fact that most tools MSPs are using today are either adding AI functionality or on the roadmap to do so – does that help build that trust, or does it require something more fundamental?
Steve Petryschuk: There are a lot of vendors adding AI on top of their tools, but I think the more useful question is: how do you embed AI into the existing workflows your team is already using? Rather than treating it as a bolt-on, think about the processes you’re already familiar with – can AI assist you within those workflows and demonstrate value day to day? That’s how you start to build trust incrementally. Once you see it working in familiar territory, you can expand from there.
Robert Dutt: And as you build that trust – once you’ve got those first steps working the way you want – how does an MSP move from having an AI policy on paper to implementing the technical controls a client or auditor can actually verify?
Steve Petryschuk: It starts with visibility. Before you can enforce a policy, you need to uncover all the AI tools in the environment – both sanctioned and shadow. As shadow IT has evolved into shadow AI, that discovery step is critical. From there, you can move toward real-time policy reminders before committing to more active, automated guardrails. Eventually, you get to a point where you’re blocking non-sanctioned AI tools and allowing sanctioned ones. Most MSPs I talk to are still a long way from that, but they’re at least starting with the visibility angle – and that’s the right starting point.
Robert Dutt: On that topic, Auvik’s telemetry found over 100,000 shadow AI applications in customer networks last year. Is shadow AI replacing shadow IT as the primary risk, or is it effectively the same problem in a new form?
Steve Petryschuk: It’s a problem that’s evolved. Shadow IT and shadow AI are directly related, but you can’t just do a find-and-replace on the terminology – the risks aren’t identical. A lot of the core concerns are the same: understanding what applications are in use, where data is going, what’s being ingested. But the business impact of shadow AI gone wrong is significantly higher. Think about LLMs being trained on data you didn’t know was out there, or agents with access to multiple systems inadvertently moving sensitive client data – or worse, surfacing Client A’s data in a report for Client B. The risks aren’t entirely new, but the consequences of something going wrong are considerably greater.
Robert Dutt: That’s an interesting angle – it’s not just that the data is out there, but that it can be actively executed against you. The accidental cross-contamination between clients is a particularly pointed example for MSPs.
The report also found that around 60% of IT teams discover unauthorized SaaS at least monthly. From a visibility standpoint, does this signal that the perimeter approach is effectively dead? And if so, what does a modern visibility strategy look like for an MSP managing, say, 50 clients?
Steve Petryschuk: The traditional perimeter has been eroding for a while. Work happens at the endpoint now, and that’s where visibility needs to focus – continuous discovery of the applications end users are running day to day. It doesn’t mean you’re auditing every minute of every day, but it’s not a point-in-time snapshot either. It’s an ongoing picture that gives you something useful whether you’re responding to a support ticket or walking a client through a QBR – “here’s all the shadow AI we’ve uncovered.” That discovery needs to happen as close to where work is actually getting done as possible: within the applications being used, and on the endpoints where people are working.
Robert Dutt: Interestingly, despite all the shadow AI conversation, MSPs in the report still ranked shadow IT as the number one underestimated risk. Why do you think business leaders continue to miss the gravity of it, even as sensitive data flows into AI tools?
Steve Petryschuk: I think it’s one of those areas where it’s easier to turn a blind eye until there’s a triggering security incident. Until something actually happens to you, it’s always someone else’s problem. You hear about it, you read about it, but “it’s not going to happen here.” The honest version of that is: it hasn’t happened here yet. And until you’ve had that personal experience where shadow IT – or shadow AI – bites you, the tendency is to underestimate the risk.
Robert Dutt: There’s an interesting budget paradox in the data – almost half of IT teams said their budgets were growing, but a similar proportion cited lack of time as their biggest blocker. Where’s the money going if it’s not buying back time for staff?
Steve Petryschuk: It’s a great question, and the report didn’t specifically dig into the causes of that disconnect. But based on conversations with partners and broader industry trends, I think a lot of those budget increases are simply going to maintain the status quo – salary increases, rising tooling costs, price increases still catching up from the inflation cycle of a couple of years ago. The budgets are growing, but that growth is being absorbed by keeping the lights on: keeping the tools running, keeping the teams intact. The magnitude of the increases isn’t enough to fundamentally change how work gets done, and without changing how you work, you won’t get that time back.
Robert Dutt: Here’s one where MSPs can take a bit of a victory lap – corporate IT teams are apparently half as likely to be making new investments compared to MSPs. Does that suggest the managed services model is structurally better at converting budget into operational progress, or is this more of a “you have to automate to survive” story?
Steve Petryschuk: Part of it is the MSP’s willingness to adapt and experiment – we tend to be a little ahead of the curve on new technology adoption. But I also think it’s a macroeconomic confidence indicator. Historically, MSPs tend to hold up better – and even do well – in times of broader economic uncertainty. So when there’s turbulence around them, MSPs are more likely to say, “We’ve seen this before, we’ll be okay,” and that confidence translates into a willingness to make new investments even when others are pulling back.
Robert Dutt: And there’s something to be said for the maturity of the managed services model at this point – you can look at a rough environment, recognize the pattern, and not panic.
Steve Petryschuk: That’s exactly right.
Robert Dutt: The report found that just over 50% of IT teams are still spending ten or more hours a week on basic user tickets. What role do you see AI playing in actually moving that needle – going from hyped solution to genuinely freeing up technician time?
Steve Petryschuk: Let’s set aside the panacea of fully automated ticket resolution for now – the scenario where a ticket comes in and no one ever touches it. Maybe we get there eventually, and for simple things like password resets, some level of automation is already feasible. But the more realistic near-term win is using AI to gather all the context a technician would normally have to collect manually. Agents can pull together that background information and surface a recommended next action, so that by the time a technician picks up the ticket, their job is less “figure out what to do” and more “confirm this is the right call and execute.” That’s an easier step, it’s probably already happening in some service desks today, and it starts to build trust in AI recommendations over time – which feeds back into that adoption flywheel we talked about earlier.
Robert Dutt: And as those recommendations get better, you get more comfortable with the idea that yes, that’s the right answer for this type of issue – and eventually that trust extends further.
Steve Petryschuk: Exactly.
Robert Dutt: On the workforce side, the report showed a hollowing out of the hybrid model in favour of office-first or remote-first. From a network management perspective, does office-first actually make IT any simpler, or is distributed support just the permanent baseline now?
Steve Petryschuk: I think distributed support is the permanent baseline. For MSPs, it doesn’t really matter whether the client is in the office or working from home – we’re still supporting them remotely either way. Network complexity doesn’t change much. And even in a fully return-to-office environment, users are still moving around, travelling to events, going on the road.
Looking at the Canadian context specifically – we’re still laggards in the office-first shift compared to some of our global peers, despite what you hear in the media. There’s still a significant amount of distributed work happening here, and I think the problem of managing that distributed environment is a long way from going away.
Robert Dutt: You’ve framed AI as a “senior IT associate in your pocket” for junior techs – which is a much more interesting way to look at it than “it’s going to eliminate entry-level jobs.” But even with that framing, is there still a risk of competency debt? Where the next generation of technicians ends up leaning so heavily on AI diagnostics that they lose the ability to evaluate whether the recommended action is actually right?
Steve Petryschuk: The risk is absolutely there. But it’s not entirely a new problem – technology has always built on previous technology, and skills evolve accordingly. How many technicians today can troubleshoot at the processor level? Not many. The craft changes.
What matters is teaching junior technicians the right fundamentals for the AI era: basic problem-solving skills, the ability to recognize a plausible answer from an implausible one, and how to use AI tooling effectively. The actual knowledge base evolves, but you still need a baseline of IT competency to function well. And that pipeline from junior to senior really matters – if we hollow out the junior tier, we’ll eventually run out of senior technicians too.
Robert Dutt: Since we’re both flying the Maple Leaf – did you see anything specifically Canadian in the data? Anything unique or peculiar to the Canadian market?
Steve Petryschuk: The survey data doesn’t specifically break out geographies, but based on conversations with MSPs across Canada, the US, and Europe, I don’t think we’re significantly ahead or behind on AI adoption – we’re facing many of the same governance challenges. Policies aren’t always making it to day-to-day operations, and visibility into which AI tools are actually in use remains a challenge for most.
Where I do see a Canadian distinction is in the regulatory and legal landscape. I was recently at an event for professional engineers in Ontario where AI regulation came up – and the picture is interesting. The EU is taking an aggressive regulatory stance; the US is moving toward a more relaxed one. Canada, unsurprisingly, is finding its way somewhere in the middle. That’s probably the most Canadian answer I can give.
Robert Dutt: Hopefully the middle ground lands well. Last question – looking at all the data, if an MSP owner can only fix one thing in their operations this year, what yields the biggest ROI?
Steve Petryschuk: Documentation. You need an up-to-date source of truth, because that’s what AI has to build on to operate effectively in your environment. Visibility actually improves when documentation improves – they’re closely related. But if you don’t have a solid, well-maintained source of truth, you’re going to get that garbage-in, garbage-out scenario no matter how good the AI tools are. So if there’s one thing to focus on, it’s making sure you know what your sources of truth are, and that they’re accurate and up to date. That gives you the foundation everything else builds on.
Robert Dutt: I appreciate that bit of advice. Steve, thank you for taking the time and walking us through the numbers.
Steve Petryschuk: Thanks so much for having me on.
[MUSIC]
Robert Dutt: There you have it – Steve Petryschuk from Auvik. I’d like to thank Steve for his time. And honestly, I think “AI as a senior associate in your pocket” is going to be the quote of the month.
The big takeaway for me is that we need to stop thinking about AI as a cool project and start treating it as a documentation problem. If your source of truth is a mess, your AI is just going to be a very fast, very confident hallucination machine.
For those of you running MSPs in Canada, the maturity mirage is your best sales tool right now. If you can show your client that their budget increase is being swallowed by reactive noise because they don’t have visibility, you’ve moved from being a vendor to being a business advisor.
Thanks for spending some time with us today. If you found this conversation useful, you can find more in the full show notes at ChannelBuzz.ca. You can find the podcast on Apple Podcasts, Spotify, YouTube, and pretty much everywhere you get your audio. If you have a moment, leaving a rating or review really does help us reach more of the community.
Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.
