Ready.Set.Midmarket! Podcast: The Midmarket's Tech Road Ahead In 2025
In this episode: AI and cybersecurity are red-hot issues this year for midmarket IT leaders. Here’s how they are approaching these technologies.
MES rolls out the inaugural episode of its new podcast, Ready.Set.Midmarket!
Featuring midmarket IT leaders, industry experts, MSPs and vendors focused on midsized companies, this podcast focuses on the latest news, insight, tips, and trends for midmarket IT leaders.
Co-hosted by Adam Dennison, VP of Midsized Enterprise Services (MES) at The Channel Company, and Samara Lynn, senior editor of MES Computing, this episode’s guests are Jason Frame, chief information officer of the Southern Nevada Health District, and Grant Walsh, head of IT security infrastructure and operations at Flow Control Group.
This episode focuses on the midmarket’s tech road ahead in 2025 including how midmarket IT leaders are using AI, their concerns about DeepSeek, cybersecurity strategies, AI customer service chat bots so realistic they are indistinguishable from human agents, and more.
The full episode can be watched on YouTube, heard on Spotify and Apple Podcasts.
Transcript
ADAM: Hello and welcome to the Ready,Set,Midmarket podcast for the latest news, expert insights, tips, trends for mid-market IT leaders. I'm Adam Denison, Vice President, Mid-Size Enterprise Services with the Channel Company. And joining me is my co-host, Samara Lynn, Senior Editor at mescomputing.com. Hello, Samara. And today's guest, we have two mid-market IT leaders. Have Jason Frame. He's the Chief Information Officer of the Southern Nevada Health District. Hello, Jason. And we also have Grant Walsh, Head of IT. Security Infrastructure and Operations at Flow Control Group. Welcome, Grant.
JASON and GRANT: Thanks Adam, good to be here.
ADAM: So, thanks so much for taking the time to join us. So, before we get started, Jason, why don't you go first and then follow by Grant, but just tell us a little bit about your role, your organization, what's some big things in the horizon for 2025.
JASON: I'm the CIO of Southern Nevada Health District. We're the local public health agency in the Las Vegas area. We do all the public health activities. We do all the restaurant inspections. So when the 50 plus million visitors come here, they know that they can eat safe food. We did the hotel room inspections. We look for bed bugs and those types of things. Besides the regulatory things that we do, we're also a federally qualified health care center. So we do primary care, generally serving underserved communities in the Valley. We have eight locations throughout all of Clark County. Most of them are in the, you know, general Las Vegas area, and we have about 840 employees. Some of the big things that we're working on this year, AI of course, we all talk about it. We hear it at every conference we go to. We are looking at a couple of AI initiatives, along with security, trying to enhance our security, you know, being both public sector and healthcare, we're one of the most targeted agencies out there, and we see a lot of different attempts.
GRANT: I'm the head of IT for infrastructure operations and security. We're a private equity-backed organization, primarily in the industrial distribution space. But we do have some organizational units around the automation, robotics side of things as well, from automated assembly lines and so on. We've got 105 different brands as part of the flow control group across the United States, Canada, Puerto Rico, and Dominican Republic. We are very big on the M &A side. We require 10 to 15 companies a year.
So, lot of what we do is really about bringing those organizations into the flow control group, assimilating them into the overall IT infrastructure and just the processes and policies with that. And then trying to take that load off those companies from a back end shared services standpoint, and now they can do what they need to do. For us in 2025, it's really the overall maturing process for cybersecurity, for infrastructure operations, trying to be as efficient as possible, as prudent as possible when it comes to spend and keeping those dollars down for right now. And then obviously trying to keep up with the AI. We are hearing some of that in certain parts of our business. Like everybody's talking about that today. But that's something we definitely still have on our roadmap for 2025.
ADAM: Got it. You can't go anywhere without hearing about AI. Been a number of years and it's still red hot. I actually saw a study that said 40 percent of B2B businesses will use AI or machine learning to enhance personalization for the summer journeys in 2025. You both mentioned AI. Can you tell us a little bit about kind of where you're at on that spectrum as far as early stages or rolling it out, what does that look like and who's involved in that decision making?
JASON: We are kind of in early stages. Have one AI project that we're working on right now. We're in the implementation stage and it's a no-show predictor for our clinics and looking at different environmental aspects along with patient history and different things, trying to figure out what's the likelihood of a no-show rate. And it's more machine learning than gen AI. But for us, making sure that we have enough people coming in is a big thing when it comes to health care. Making sure those appointment slots are full. And another thing that we're looking at is more for the CX area and for patient experience, helping reach out to people using AI to verify if they're going to make their appointment or not. And if not, if they're not able to, help them reschedule right then. Because we know if we just let them walk away and they'll reschedule later, it's unlikely that they won't. So, we want to make sure that we're rescheduling and giving them those options. So those are some of the AI things that we're looking at in the clinical area. Our department, we don't really have a call center, but what we look at, we have a number of calls coming in. We have front desk person who answers our calls.
And we're looking at an AI-based IVA to help answer every call that comes in and then triage it. A lot of the questions that come in can be answered by a bot. We saw this during COVID where we got all these questions that people ask, you know, like, it safe to come to Vegas? Is it safe to go to a hotel? And that doesn't need a trained person to answer. So we're looking at how we can use AI through an IVA to answer those. And that would be more of a gen AI solution to answer those questions. And our biggest concern is, you know, eliminating any hallucinations.
ADAM: You talk about the no show rate there, but what effect does that have on your organization specifically when you're monitoring that? that playing to your staffing and what does that look like?
JASON: It does plays into the revenue because that's something that you can't resell. Once that time slots gone, we can't fill that up with appointments. So, it really hurts with our revenue. Plus, we have people that are waiting for a long time. So, if we can find a spot that's open, we can get them in a little bit faster. So, it's an improved customer experience, but also improved revenue.
ADAM: Got it. And Grant, what are you folks doing over on the AI side of things?
GRANT: Yeah, I think we're still in the early stages of that. There's a couple different parts there. We do have some more advanced employees that would like to use the co-pilots, the chat GPTs of the world, but from an organizational maturity standpoint, we're not really ready yet. From a data labeling, data classification standpoint, you're still trying to hold back some of those folks there. But there are other opportunities, more so from the executive suite, trying to understand the data. Like I mentioned, we have so many different brands and so many different companies, parts of our organizations.
We have a lot of shared customers, lots of shared similar products. So how can we understand that data we have to help us guide us where we need to go in terms of, what if we take this and we change that particular model, or reach out to these type of customers? What will that do to our revenue over the next year, two years, three years? So kind of playing that data-related warehouse standpoint, tying AI into that to kind of give those hypothetical situations that may take a person an extremely long amount of time to do, but now you just take AI to kind of give you that roadmap ahead of time.
Samara, did you have a question earlier?
SAMARA: I just want to follow up with Jason: Jason, you mentioned AI for what you should say, IVR interactive voice response.
JASON: And I they call it an IVA in the CX world now. It's an interactive virtual agent I've seen some amazing examples a few different companies that that come on and you can barely tell that you're talking to a robot I was actually at customer contact week and there was a one of the boost they had a game you picked up It's an old handset phone you listen to it and you had to listen to the message and determine whether it was a person or an AI And I went through 50 of them. think I got 12 or 13 right and I was number ... I was number two in the contest. was very hard. It was almost impossible to distinguish a real human from these new VR.
ADAM: How long is the discussion to be able to try to tell the difference?
JASON: Like one or two sentences. It would be basically like if you're calling someone just, you know, a quick introduction or whatever. And the bots said the same thing the humans did. You know, couldn't distinguish based on words. It was just trying to pick up on accents, pick up on cadence, all those different types of things. And it was scary how good it was.
ADAM: Do the bots clear their throats or not?
JASON: Some of them do. Yeah, you can program that into some of them where it'll have those pauses or when it's looking up something, it's like, okay, I'm typing this in, I'm looking this up right now. Just what a human would say. They've really mimicked the human experience in the call centers or in the service agencies.
ADAM: So let's shift gears a little bit from a security standpoint. You both mentioned that security has also been red hot for a number of years. It's obviously extremely important. But what kind of new things are you looking at from a security front? Are you looking at new vendors out there as well? Are you trying to go deeper with the ones that you currently have?
GRANT: I think you always look for new opportunities. If you get in the security side of things, I mean, you signed maybe a three-year agreement, a year agreement, depending on what you're looking at, if you're looking at your core tools. But even then, the technologies continue to change. As you mentioned with the AI, with the way it's mimicking human activity and human behavior, and just the talking, the way that the email attacks continue to change, that that leverages AI more fishing, more for MFA bypass. It's just...continues to get stronger and stronger. As security practitioners, you have to continue to act with the tools. Are the tools that you have today the ones that two years or three years from now? Sure. At the rapid pace, we're seeing AI develop. we talk about DeepSeek, and the way it came out as quickly as it did, and how much cheaper it is to use AI. Whether that's true or not is a piece that has to be looked at. Because if it is actually a cheaper alternative to check PPTs, we'll be demonizing the world.
What does that do for the attackers? And giving them a cheap tool that can really throw a lot at organization. Now, if you're not in an organization that has a ton of money to throw at it, you've got to find the right tools that can expand your teams, that can give you the capabilities to stand up against those attackers that are just using nonstop, cheap alternatives to humor the organization. it's a constant, I mean, it's a constant term. As soon as you think you have a great tool, I think that tool gets violated, you know, gets... has an incident per se in their environment. And I was like, crap, I got to find somebody else. So it's just a constant turn on the security side.
ADAM: Are you seeing a lot of newer vendors out there that are really kind of pushing the envelope and coming up with very innovative, interesting ways from a security standpoint or is there a lot of noise out there right now?
GRANT: I mean, I don't think I've talked to any vendor that doesn't say AI or have an XDR, X this, X that, some level of AI. Whether it's actually truly AI or not is to be done through POV and digging into it. But I, they're getting better. Mean, the tools that are out there are better. From a data analytics standpoint, to go through the laws, go through the alerts that are coming in and be able to highlight those and take action ... kind of defines that. ... Some tools are doing it. Now there are some that are big hitters that have been running for a while that are slowly getting to that. I think you see that from folks who were prior security on-prem vendors and now they're trying to catch up more on the AI cloud space. It's a tougher turn as opposed to folks who are launching directly in the cloud. They are centering their security around that and really leveraging AI to that. So yeah, there are some out there. mean, if you're in IT, you're not getting enough calls on LinkedIn or... email for new tools, you're doing something wrong.
ADAM: So, talk about that from a vendor standpoint when they're pushing AI, whether they're a security vendor or not, do you care that they have it or is it more marketing speak? You're not out there looking for tools that have AI in it, I assume, but they certainly are pressing that envelope some.
JASON: Yeah, they are. think it is a lot of marketing speak. think, you know, everyone says they have AI now and they try to make it like it was new, even if it was just machine learning. That's been around for so long and it's been in a lot of products. I do think I do look for some AI when, you can take a security product where it can triage some of those threats that are coming in, some of those messages that are coming in. Cause if you can use AI to do that and not have it go to a SOC analyst or, you know, another person, it's going to have immediate ROI. And then now it's just...
I had like, you know, several years ago when they finally put backup cameras in all the cars that they made like it's a big deal, but everybody had it. It's okay. It's a big deal but ... unless you're a large company and you have a large SOC and large, large security team, I need tools that allow my team to flex out and appear and operate bigger. So, to Jason's point, really the AIs that do that really give me that point where they can do some of the manual labor, if you will, in terms of kind of analyzing the data. I can't roll about that, but.
SAMARA: Yeah, I think from some of the market studies we've covered on mescomputing.com, most of mid-sized businesses are using AI mostly for customer user experience or as you mentioned, grant for remediation, like helping them analyze logs and security logs and to help with their cybersecurity. I think those are the two main functions that mid-market IT leaders' kind of are leaning towards right now.
ADAM: What are your internal policies around AI? That's a big topic right now. About a year ago, I'd be at a round table and most people didn't have any policies around that. I think our organization, Samara, we just rolled ours out about eight months ago. Some people follow it, some don't. What are your policies around in your organization?
JASON: We're still early ... do have some policies that in there haven't been fully adopted yet, but we're working through them. I've had a lot of requests to use chat GPT and cloud or whatever to do different things. And, you know, the question is, is this public data or is it, you know, is it private data? And as long as it's public, one of our groups in our environmental health is rewriting some of the regulations for solid waste and storage. It's all going to be public. So I'm helping them use it to help guide their writing on it, help, you make it a little bit easier so they don't have write this whole thing out. And so, we're kind of flexible in that way. We did have to look at one and there was a, I don't want to name the name here, but there's a tool that really looks at your writing, your emails and your word documents and all that, and gives you suggestions on how to clean it up and make it better. The problem is if you read their EULA, basically anything they use becomes part of their organization they use any way they want. Well, we did have people like our compliance officer who wanted to use it and people in our clinical space wanted to use it to write emails.
Well, that becomes a now a potential breach where if they were to put protected information in, now it's a HIPAA breach. And so, with us, we have to be very cautious of what data goes into AI and what, you know, what we allow or not allow. So, we talked to that group and basically to get a HIPAA compliant version, you had to have a hundred licenses. And we had like 20 people that wanted to use it. So, it really wasn't cost effective for us, you know, with HIPAA being a big thing. And I met another company and honestly, I can't remember their name right now, but they do DLP for AI.
So even if you tried to paste something in a browser and attach GPT, it would catch it and block it. And so that's what I'm trying to do, put safeguards around so we don't have a breach. We don't put proprietary information or protected health information in, which ends up costing us a lot of money.
GRANT: It's the cross stage, you will, in terms of getting this out. Mean, it's legal, and so they have a say in the actual policies. Trying to understand where you're not restricting the business to prevent what they want to do and innovate and drive some of the innovation they need to. With their customers, it's a tough challenge because there are a lot of tools out there that do a lot of cool things and try to find the ones that we know are not the best in terms of originations.
DeepSeek, mentioned earlier, was one that we block outright just because of where it comes from and where the data goes. But overall, it's a struggle because you do want to innovate and allow folks to use these new tools. At the same time, you've got to then either A, have people to help out or, to Jason's point, you got to have a tool to kind of balance out the tool you want to put on. So, I want to turn on AI, but I need some other tool that has AI to balance that AI. It's a struggle and it's really on smaller teams. If you're a small team or midsized team, it's hard to keep up with that as well as keep the lights on for everything else that's going on.
ADAM: I'm going to shift gears a little bit. Talk about the vendor-buyer relationship and kind of how that plays out in 2025. I saw a report from Gartner. They're forecasting in 2025, 80 percent of all B2B transactions will happen digitally. Obviously, growing preference of self-service channels and things along those lines. What does that 2025 vendor-buyer relationship look like from your perspectives? How often are you interacting with your vendors, how often are you doing things from a digital standpoint and not interacting with a sales rep or a customer service person?
GRANT: We've been fortunate to have a kind of a trusted advisor, if you will, in terms of partner that I don't have that kind of shelter, you know, kind of shelters us from all the vendors. deal with a lot of our partners when it comes to different software tools and solutions. We'll deal with them. We'll go out and we'll meet here and there. We'll have discussions about renewals, that fun stuff. I have a partner kind of in between that knows our organization, knows our business, knows our roadmap, knows where we're going. Then when we have something come up on the roadmap that is for security or infrastructure related, whatever.
They already know our organization so we can kind of shelter ourselves. Now the only digital component there really is the doc you sign at end of the day for the agreement that we're signing into. But the rest of it is really still in person. For us, it's been a big believer. need that relationship. I need that partnership. If I'm going to deal with you day in, day out so that when something goes sideways with this tool that I signed on to for two or three years, need somebody I can call and say, is going on with your tool? So, I don't want to go fully digital, don't want to be in our entire conversation, relationship is strictly on Teams because that's... not personal. Need to know you. Need know you got my back, and I got your back because something will go sideways at some point.
JASON: Yeah, I think for us those numbers are probably reversed from what you're seeing. We're probably 20 percent digital, 80 percent working with the person. Stuff like, you know, if we need more Microsoft licenses, yeah, we just go into the portal and we add licenses. We need more laptops from Dell we go into the portal and order those. We don't need our Dell rep to do that. But any of the other stuff, I have a number of trusted vendors and I really, you know, I like, I look for that, the value-added part of the bar and let them come in. So I say, this is what we're looking at: we're looking at a new desktop management system. Go find the best five or six of them.
I put a lot of that back on to our partners and then they'll come and bring different solutions to us at times. We've been very kind of out front and innovative in some of the stuff. Some of my vendors know that. So, they'll bring startups to me because a lot of government agencies won't work with them. So, hey, we heard about this. You might want to at least look at it. And so, my partners are bringing in some good technologies and we're learning what's out there from them.
ADAM On an annual basis, how many new vendors will you typically bring on board?
JASON: I think it really fluctuates in various for us, depends on what's going on and what we're looking into. have basically three or four main bars that we work with and a lot of them are local. I'm a big believer in the channel, but I'm also a big believer in keeping the money local where I can, rather than going to some of the larger ones. We do work with some of the big ones too, but that's mainly for transactional purposes. I try to keep the money in our area for the other stuff. think on average, probably like four to five vendors a year is what we're actually adding.
ADAM: Got it. What's that look like for you Grant?
GRANT: And then for the transactional stuff, hardware licenses, that stuff goes to some of the big guys just because it's volume-wise. But we do have one local bar that we use, like I the trusted buyers. That's right there with us. And it really depends on where we're the roadmap. When I joined two years ago, we had to build everything out from infrastructure operations. The entire security stack had to be built. So we bought a lot in the first two years. Now this next year, it'll be a few less. It also drives more so to the CIS compliance standpoint from security. So if that roadmap changes or develops, then we get new controls, new safeguards that need to continue to develop and to be able to meet those. So it just depends on the year. I mean, there's really no year we go into like, we want to do all this. I will say, you know, the executives at times think, okay, we've got this point, you're good. And I got to come back and say, no, we're not going this. We're going keep on constantly evolving landscape area. need a new tool this year.
ADAM: Yep. Well, we're getting close to the to our time here. Samara, you have any final questions for these guys?
SAMARA: Just want to add on just with the vendor relationships, a couple of the midmarket IT executives that we have in the MES community, as you probably know, they said that they really value their relationships with their partners, the bars, the resellers, but they still want that access to the vendor when they need it, when they require it.
GRANT: I've got our adviser, but I have direct numbers to all my vendors. Even when we're all down to a telco provider, I don't want to able to pick up the phone and call somebody if I can't get this. I'll work the escalation path as we should, as an email through customer service, but if I can't get the right answer and take that traction, I need to be able to pick up the phone and call a VP or somebody that high-enough level who actually can make something.
Yeah, we work with our partners a lot, but we do have those vendor relationships too. And a lot of the solutions that we do, it's our VAR bringing in our vendor contact. And so, we have good relationships with our manufacturers and our VARs. And there are times, I think I'm a little bit more impatient than Grant, where the normal escalation to get started and I'm texting our relationship right then, hey, we just put this in and can you make sure it gets the highest precedence? Because I want to make sure that they're on top of it.
ADAM: Well, I think you're both, I believe I saw you're both registered to be at MES Spring down in Orlando. Hopefully we're gonna bring you some new vendors to get in touch with down there. We have quite a few new ones that are interested in getting to the mid-market. But on behalf of Samara, I just wanna say thanks again, Jason and Grant, taking the time out today to join us on Ready, Set, MidMarket.
Hope you have a phenomenal rest of your week. And again, thank you so much. And we'll see you in a few weeks down in Orlando.
[JASON, GRANT] Sounds good. Thank you.