{"id":25814,"date":"2026-01-20T11:38:28","date_gmt":"2026-01-20T16:38:28","guid":{"rendered":"https:\/\/www.sherweb.com\/blog\/?p=25814"},"modified":"2026-01-20T11:38:28","modified_gmt":"2026-01-20T16:38:28","slug":"5-cybersecurity-trends-msps-2026","status":"publish","type":"post","link":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/","title":{"rendered":"Top 5 security priorities for MSPs in 2026"},"content":{"rendered":"<p><span data-contrast=\"auto\">It\u2019s\u00a0officially 2026 and\u00a0it\u2019s\u00a0the season of reinvention, new\u00a0goals\u00a0and #NewYearNewMe posts on social media. For\u00a0MSPs\u00a0though,\u00a0it\u2019s\u00a0a time\u00a0to refocus our efforts on security and risk management for our clients.\u00a0The threat landscape has evolved rapidly, and <a href=\"https:\/\/www.sherweb.com\/blog\/security\/msp-security-trends\/\">the tools and tactics that worked last year<\/a> may not be enough to protect against today&#8217;s attacks.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">With that in mind, here are the top\u00a0five\u00a0cybersecurity\u00a0trends and\u00a0considerations\u00a0that\u00a0MSPs\u00a0must focus on in 2026\u00a0to stay ahead of emerging threats and deliver the protection clients expect.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><span data-contrast=\"none\">1. AI and agentic AI: It\u2019s here. Embrace it.<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559685&quot;:360,&quot;335559738&quot;:160,&quot;335559739&quot;:80,&quot;335559991&quot;:360}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">AI and agentic AI are now embedded across SIEM, EDR and identity tools, and customers expect AI-assisted detection and response as table stakes rather than a \u201cnice to have.\u201d At the same time, giving AI the ability to trigger actions (agentic AI) creates new attack surfaces if oversight, human-driven decision making and permissions are not tightly scoped.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">How MSPs should respond<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Start with education and use-case design for your internal team, focusing on concrete problems such as:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Alert triage<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Email classification<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Ticket summarization\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Identity anomaly detection.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Map those solutions to clear SKUs (for example, \u201cAI-assisted MDR\u201d or \u201cAI-enhanced ITDR\u201d) so clients understand they are buying outcomes, not technology experiments.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{&quot;335559685&quot;:0}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Next, inventory which log sources, identity events\u00a0and ticket data AI systems will see, and align data handling with your existing compliance model and retention policies. Many organizations underestimate the sensitivity of SIEM and identity logs; treating these as regulated data reduces surprises around privacy and contractual obligations.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">From there, you can begin building agentic workflows where AI proposes actions in your RMM, ITSM and SOAR platforms, but humans approve anything high-risk. Over time, as confidence grows, some actions, like low-risk enrichment or ticket creation, can be automated, yielding measurable improvements in mean time to detect and respond.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Throughout, track ROI in terms of reduced analyst fatigue, faster response and better signal-to-noise, while also watching for misclassifications, hallucinations and blind spots in identity-focused detections. Done well, this becomes a margin-protecting differentiator rather than a cost center.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><span data-contrast=\"none\">2. Vendor risk\u00a0management: Beyond SOC\u00a0reports<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559685&quot;:360,&quot;335559738&quot;:160,&quot;335559739&quot;:80,&quot;335559991&quot;:360}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Vendor risk is no longer just a compliance checkbox. Regulators, insurers and customers ask pointed questions about how you vet, monitor and contractually govern your technology partners. Supply-chain style compromises have made it clear that one weak SaaS or security vendor can undermine an otherwise solid MSP stack.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">MSPs now carry reputational and legal exposure\u00a0for\u00a0the vendors they select and manage on behalf of clients, making\u00a0vendor\u00a0risk a strategic function rather than paperwork.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Building a practical vendor risk plan<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">A major pitfall is overreliance on SOC reports, which\u00a0runs the risk of\u00a0only\u00a0covering\u00a0a subset of systems and\u00a0providing\u00a0limited insight into incident response maturity, secure development\u00a0practices\u00a0and real-world testing. Treat SOC reports as one data point rather than a proxy for security, and fill gaps with questionnaires, targeted technical\u00a0questions\u00a0and ongoing monitoring.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">A practical vendor risk plan for an MSP starts with classification:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Group\u00a0vendors by data sensitivity and privilege<\/span><\/b><span data-contrast=\"auto\">\u00a0into tiers that drive how much scrutiny is\u00a0required<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">High-impact vendors<\/span><\/b><span data-contrast=\"auto\">\u00a0should provide not only independent attestations, but also documentation around MFA, logging, encryption, incident\u00a0handling\u00a0and vulnerability management.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Build a cadence<\/span><\/b><span data-contrast=\"auto\">\u00a0to review critical vendors annually or after a major incident<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Ensure contracts codify expectations<\/span><\/b><span data-contrast=\"auto\">\u00a0around incident notification, data\u00a0handling\u00a0and minimum-security controls<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Continuous monitoring matters as much as\u00a0initial\u00a0due diligence, especially in a landscape where breaches and product changes happen\u00a0frequently.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">You can then\u00a0showcase\u00a0this to clients as part of your efforts to strengthen the supply chain you helped create.\u00a0This drives intrinsic value to what you do for them.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><span data-contrast=\"none\">3. ClickFix and context phishing: The new social engineering<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559685&quot;:360,&quot;335559738&quot;:160,&quot;335559739&quot;:80,&quot;335559991&quot;:360}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\"><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/08\/21\/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique\/\">ClickFix and other context-aware phishing techniques<\/a> exploit users\u2019 desire to \u201cfix\u201d security problems, piggybacking on browser updates, CAPTCHAs and Cloudflare-style checks rather than sending obviously malicious attachments. Traditional awareness training, focused mainly on bad links and fake invoices, is not enough to stop these more adaptive social engineering campaigns.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">How\u00a0ClickFix\u00a0works<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">ClickFix\u00a0and similar techniques show how attackers have shifted from \u201ctrick users into opening a file\u201d to \u201ctrick users into running commands to fix a problem.\u201d Campaigns often abuse legitimate services or compromised sites to present users with familiar-looking CAPTCHAs, update\u00a0prompts\u00a0and security checks.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">In recent cases, victims were guided through fake troubleshooting flows that ended with copying and pasting a command into a\u00a0command prompt\u00a0or PowerShell, giving attackers the ability to execute arbitrary code under the user\u2019s context. Because this execution is\u00a0user-initiated\u00a0and often occurs after a chain of redirects involving trusted brands, traditional filters and signatures are less effective.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Mitigating\u00a0ClickFix\u00a0attacks<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Mitigation starts with privilege management:\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Limit\u00a0local admin rights<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Enforce\u00a0just-in-time elevation\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Restrict\u00a0the use of powerful scripting tools on endpoints\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Application control and hardened PowerShell policies reduce the chance that a single misguided \u201cfix\u201d turns into a full compromise.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{&quot;335559685&quot;:0}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Browser and OS hardening should also be a baseline,\u00a0leveraging\u00a0built-in URL reputation checks, safe browsing\u00a0features\u00a0and advanced anti-phishing engines. Combined with secure browser or\u00a0SASE-style\u00a0tools, this gives you visibility into web activity that would otherwise be opaque.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Finally, user awareness programs must be updated to showcase ClickFix-style scenarios, emphasizing that unsolicited prompts instructing users to run commands, install updates outside normal channels or bypass browser warnings are high-risk. Simulating these techniques in your phishing tests helps you measure resilience and adjust training content accordingly.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><span data-contrast=\"none\">4. Identity-first security and ITDR <\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559685&quot;:360,&quot;335559738&quot;:160,&quot;335559739&quot;:80,&quot;335559991&quot;:360}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\"><a href=\"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/\">Identity-based attacks<\/a> now dominate modern cybercrime, with valid credentials used in a large share of intrusions. This reality has pushed identity threat detection and response (ITDR) to the forefront as a distinct control layer alongside EDR and SIEM.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Data over the past two years shows that identity-based attacks are at the heart of many intrusions. At the same time, data breach reports reveal continued growth in identity exposure, underscoring how many credential sets and personal data records are already in circulation.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p aria-level=\"3\"><b><span data-contrast=\"none\">What is\u00a0ITDR?<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:281,&quot;335559739&quot;:281}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Identity Threat Detection and Response (ITDR) has\u00a0emerged\u00a0to close gaps left by traditional IAM and SIEM, focusing on monitoring identity systems for anomalies, risky\u00a0sign-ins\u00a0and privilege changes. For MSPs, managed ITDR services that integrate with Entra ID, Okta\u00a0and similar\u00a0SSO\u00a0platforms are becoming as important as managed EDR.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><span data-contrast=\"none\">5. Infostealers: The front of the kill chain<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559685&quot;:360,&quot;335559739&quot;:0,&quot;335559740&quot;:240,&quot;335559991&quot;:360}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Infostealers like Lumma increasingly sit at the front of the kill chain, silently exfiltrating credentials, cookies and browser data that later enable business email compromise, fraud and ransomware. Even as specific families are disrupted, new variants such as Vidar 2.0 rapidly fill the gap with more efficient and evasive stealing capabilities.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559685&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240,&quot;335559991&quot;:0}\">\u00a0<\/span><\/p>\n<p aria-level=\"3\"><b><span data-contrast=\"none\">Why infostealers matter<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:281,&quot;335559739&quot;:281}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Infostealers are a critical part of the identity attack story, functioning as the collection arm that feeds identity-driven attacks. Lumma Stealer, for example, has been heavily used to harvest credentials, cookies and browser data, often with advanced evasion and fingerprinting to avoid detection.<\/span><\/p>\n<p><span data-contrast=\"auto\">Even as law\u00a0enforcement and community pressure disrupt portions of\u00a0Lumma\u2019s\u00a0infrastructure, successor families like Vidar 2.0 step in with faster and more efficient data theft capabilities. For MSPs, it is safer to assume that any\u00a0high-value\u00a0environment has already had some credentials exposed and build detection and response around that assumption.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p aria-level=\"3\"><b><span data-contrast=\"none\">Defending against infostealers<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:281,&quot;335559739&quot;:281}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Mitigations\u00a0must prioritize monitoring and protecting data flows rather than just blocking binaries, which is where Data Loss Prevention (DLP) can help detect and stop unauthorized exfiltration. MDR or SOCasaService offerings should explicitly focus on behaviors typical of infostealers\u00a0such as:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"7\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Suspicious browser activity<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"7\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Credential dumping tools<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"7\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Anomalous outbound connections.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Cloud monitoring platforms such as <a href=\"https:\/\/www.sherweb.com\/blog\/microsoft-ecosystem\/office-365\/microsoft-defender-for-smbs\/\">Defender for Cloud<\/a>, paired with secure browser or <a href=\"https:\/\/www.sherweb.com\/blog\/security\/sase-strengthens-edge-device-security\/\">SASE-like tools<\/a>, add visibility into SaaS and cloud workloads where stolen credentials are most often abused. Combined with ITDR, this gives MSPs an integrated way to watch for impossible travel, atypical API usage, and other signs of identity misuse.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">The MSPs that will stand out in 2026<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">For 2026, the MSPs that stand out will be those that can tell a coherent, identity-first story: AI-assisted detection, vendor-aware risk management, ClickFix-ready defenses, and a clear strategy for infostealers and credential-driven threats.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Security is no longer about checking boxes or deploying the latest tool. It&#8217;s about building a cohesive strategy around the latest cybersecurity trends that addresses the threats your clients face today and prepares them for what&#8217;s coming next. The MSPs that take this approach will not only protect their clients better, they&#8217;ll also differentiate themselves in a crowded market.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Want to\u00a0learn more about identity threats?\u00a0<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Join the\u00a0<\/span><a href=\"https:\/\/info.sherweb.com\/cybermsp-community\"><span data-contrast=\"none\">CyberMSP Community<\/span><\/a><span data-contrast=\"auto\">\u00a0to chat with peers and experts about the latest\u00a0identity threats\u00a0and get answers to any other questions you might have related to cybersecurity for MSPs.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>It\u2019s\u00a0officially 2026 and\u00a0it\u2019s\u00a0the season of reinvention, new\u00a0goals\u00a0and #NewYearNewMe pos","protected":false},"author":188,"featured_media":25817,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[753],"tags":[919,935,1031,1071,1128,1137,1198],"class_list":["post-25814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-cybersecurity","tag-cybersecurity-trends","tag-identity-and-access-management","tag-ai","tag-vendor-risk-management","tag-msp-security-trends","tag-agentic-ai"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>5 cybersecurity trends MSPs must know in 2026 | Sherweb<\/title>\n<meta name=\"description\" content=\"From AI-assisted detection to identity-first security, here are the 5 cybersecurity trends that MSPs must focus on in 2026.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"5 cybersecurity trends MSPs must know in 2026 | Sherweb\" \/>\n<meta property=\"og:description\" content=\"From AI-assisted detection to identity-first security, here are the 5 cybersecurity trends that MSPs must focus on in 2026.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/\" \/>\n<meta property=\"og:site_name\" content=\"Sherweb\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Sherweb\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-20T16:38:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/Hero_1200x480-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"960\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Roddy Bergeron\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:site\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roddy Bergeron\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/\"},\"author\":{\"name\":\"Roddy Bergeron\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"headline\":\"Top 5 security priorities for MSPs in 2026\",\"datePublished\":\"2026-01-20T16:38:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/\"},\"wordCount\":1451,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/Hero_1200x480-1.jpg\",\"keywords\":[\"Cybersecurity\",\"Cybersecurity Trends\",\"Identity and Access Management\",\"AI\",\"Vendor Risk Management\",\"MSP security trends\",\"Agentic AI\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/\",\"name\":\"5 cybersecurity trends MSPs must know in 2026 | Sherweb\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/Hero_1200x480-1.jpg\",\"datePublished\":\"2026-01-20T16:38:28+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"description\":\"From AI-assisted detection to identity-first security, here are the 5 cybersecurity trends that MSPs must focus on in 2026.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/#primaryimage\",\"url\":\"\\\/blog\\\/wp-content\\\/uploads\\\/Hero_1200x480-1.jpg\",\"contentUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/Hero_1200x480-1.jpg\",\"width\":2400,\"height\":960,\"caption\":\"5 cybersecurity trends MSPs must know in 2026\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/5-cybersecurity-trends-msps-2026\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Top 5 security priorities for MSPs in 2026\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\",\"name\":\"Sherweb\",\"description\":\"More than a cloud marketplace\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\",\"name\":\"Roddy Bergeron\",\"description\":\"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\\\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/roddy-bergeron-cissp-ccsp-csap-33432573\\\/\"],\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/author\\\/roddy-bergeron\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"5 cybersecurity trends MSPs must know in 2026 | Sherweb","description":"From AI-assisted detection to identity-first security, here are the 5 cybersecurity trends that MSPs must focus on in 2026.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/","og_locale":"en_US","og_type":"article","og_title":"5 cybersecurity trends MSPs must know in 2026 | Sherweb","og_description":"From AI-assisted detection to identity-first security, here are the 5 cybersecurity trends that MSPs must focus on in 2026.","og_url":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/","og_site_name":"Sherweb","article_publisher":"https:\/\/www.facebook.com\/Sherweb","article_published_time":"2026-01-20T16:38:28+00:00","og_image":[{"width":2400,"height":960,"url":"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/Hero_1200x480-1.jpg","type":"image\/jpeg"}],"author":"Roddy Bergeron","twitter_card":"summary_large_image","twitter_creator":"@SherWeb","twitter_site":"@SherWeb","twitter_misc":{"Written by":"Roddy Bergeron","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/#article","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/"},"author":{"name":"Roddy Bergeron","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"headline":"Top 5 security priorities for MSPs in 2026","datePublished":"2026-01-20T16:38:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/"},"wordCount":1451,"commentCount":0,"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-1.jpg","keywords":["Cybersecurity","Cybersecurity Trends","Identity and Access Management","AI","Vendor Risk Management","MSP security trends","Agentic AI"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/","url":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/","name":"5 cybersecurity trends MSPs must know in 2026 | Sherweb","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/#primaryimage"},"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-1.jpg","datePublished":"2026-01-20T16:38:28+00:00","author":{"@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"description":"From AI-assisted detection to identity-first security, here are the 5 cybersecurity trends that MSPs must focus on in 2026.","breadcrumb":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/#primaryimage","url":"\/blog\/wp-content\/uploads\/Hero_1200x480-1.jpg","contentUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-1.jpg","width":2400,"height":960,"caption":"5 cybersecurity trends MSPs must know in 2026"},{"@type":"BreadcrumbList","@id":"https:\/\/www.sherweb.com\/blog\/security\/5-cybersecurity-trends-msps-2026\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sherweb.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.sherweb.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Top 5 security priorities for MSPs in 2026"}]},{"@type":"WebSite","@id":"https:\/\/www.sherweb.com\/blog\/#website","url":"https:\/\/www.sherweb.com\/blog\/","name":"Sherweb","description":"More than a cloud marketplace","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795","name":"Roddy Bergeron","description":"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.","sameAs":["https:\/\/www.linkedin.com\/in\/roddy-bergeron-cissp-ccsp-csap-33432573\/"],"url":"https:\/\/www.sherweb.com\/blog\/author\/roddy-bergeron\/"}]}},"tag_names":["Cybersecurity","Cybersecurity Trends","Identity and Access Management","AI","Vendor Risk Management","MSP security trends","Agentic AI"],"_links":{"self":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/users\/188"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/comments?post=25814"}],"version-history":[{"count":1,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25814\/revisions"}],"predecessor-version":[{"id":25815,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25814\/revisions\/25815"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media\/25817"}],"wp:attachment":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media?parent=25814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/categories?post=25814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/tags?post=25814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}