Share
Executive Summary:
The IT services sector is entering a new growth cycle defined by strong investment tailwinds, primarily driven by AI adoption, rising cloud complexity, and persistent cybersecurity needs. Grant Thornton Stax has observed that value is shifting toward providers that offer specialized, recurring, and outcome-based services rather than traditional reselling or labor-driven models.
AI is both expanding demand and reshaping service delivery, while cybersecurity has become a non-discretionary, embedded requirement across IT environments.
At the same time, multi-cloud adoption and evolving hyperscaler ecosystems are increasing complexity and pushing providers toward higher-value advisory and integration roles. Managed service providers are particularly well positioned due to their recurring revenue and exposure to these growth areas, with success increasingly tied to automation and operational sophistication.
The global IT services market is undergoing a structural transformation. Driven by the convergence of artificial intelligence, accelerating cloud complexity, and an unrelenting cybersecurity threat environment, the sector is entering a new growth cycle that is materially different from the expansion wave of the previous decade. For private equity investors and corporate acquirers, understanding where value is being created, and where it is being eroded, has never been more consequential.
With the global IT services market forecast to grow at approximately 8–9% CAGR to reach $1.9 trillion by 2026, and managed services outpacing the broader market at 10–11% CAGR, the sector offers a rare combination of scale, recurring revenue models, and structural demand tailwinds. The challenge for investors is not whether to participate, but how to identify the sub-segments and business models best positioned to capture disproportionate value.
The sector is also attracting a new wave of software-oriented investors seeking to leverage their technology expertise while side-stepping near-term uncertainty around AI's impact on software business models. As this capital rotation accelerates, deal competition in the highest-quality assets is likely to intensify.
Is AI a Driver, Catalyst, or Delivery Disruptor?
Artificial intelligence is simultaneously the most significant demand driver, the largest infrastructure catalyst, and the most consequential delivery disruptor in the IT services market. For investors, each dimension carries distinct implications.
On the demand side, the AI readiness gap has become the single largest near-term opportunity for resellers, IT consultancies, and systems integrators. Gartner forecasts worldwide AI spending to reach $2.5 trillion in 2026, up 44% year-on-year. Critically, 76% of enterprise AI use cases are now purchased rather than built in-house, up from 53% in 2024—a decisive shift that validates the role of external IT services providers in AI deployment. Enterprises require rare specialist skills in data readiness, model governance, change management, and workflow redesign, and very few possess these capabilities internally.
On the infrastructure side, the hyperscaler capital expenditure super-cycle is generating enormous downstream services demand. The four largest US hyperscalers—Microsoft, Alphabet, Amazon, and Meta—are on course to spend a combined $650–700 billion on capital expenditure in 2026, a year-on-year increase of more than 60% and roughly triple their collective spend from just two years ago. These commitments are creating demand for architecture design, migration, and ongoing optimization services across compute, networking, storage, and data engineering—work that flows primarily to providers with established hyperscaler partnerships and certified infrastructure capabilities.
On the delivery side, AI automation is beginning to reshape the economics of IT services itself. Significant efficiency gains are achievable across software development, IT service desks, infrastructure operations, and security operations center functions. Over time, this will put pressure on traditional time-and-materials billing models as clients demand productivity gains—but in the near term, it represents a margin expansion opportunity for providers who deploy AI in their own delivery operations ahead of competitors.
Cyber is Everywhere: Non-Discretionary, Structural, and Evolving
Cybersecurity has transcended its status as a discrete technology category to become an embedded requirement across infrastructure, cloud, applications, and data. This shift has profound implications for IT services providers: security is no longer a project or a product but an ongoing managed outcome, and it is one of the few areas of enterprise IT spending that is genuinely non-discretionary.
IBM Security data indicates that one in five organizations has experienced a breach linked to shadow AI—a statistic that illustrates how the AI expansion is simultaneously creating new threat vectors at scale. Meanwhile, the global cyber skills shortage remains acute, with nearly half of organisations citing a lack of AI-security expertise as a major operational barrier. This scarcity dynamic sustains premium pricing for managed security services, MDR/XDR capabilities, and cyber consulting engagements.
The delivery model for cybersecurity services is evolving rapidly. AI-powered platforms are beginning to automate basic analyst functions, while raising demand for higher-order services: architecture design, identity management, cloud security, and continuous control validation. The vendor ecosystem is consolidating around platform models—a dynamic that shifts value away from point-product resellers and toward partners capable of delivering integrated, outcome-based security services.
Cloud Complexity and the Channel in Transition
Cloud adoption has moved well beyond the initial migration wave. According to the Flexera 2025 State of the Cloud Report, approximately 70% of enterprises now operate hybrid cloud strategies, with the average enterprise using 2.4 public cloud providers simultaneously. This complexity is not diminishing—it is intensifying. Approximately 41% of enterprises report repatriating at least some data from public cloud due to cost, performance, or compliance concerns, according to Kyndryl's 2025 Cloud Readiness Report. Sovereign cloud requirements are adding a further layer of complexity, with Gartner forecasting global sovereign cloud IaaS spending to reach approximately $80 billion in 2026, a 35.6% increase year-on-year.
For IT services providers, rising cloud complexity is a structural demand tailwind for advisory, FinOps, migration, integration, and managed cloud operations. Providers with genuine multi-cloud capabilities and regulatory expertise are well positioned to capture a disproportionate share of this demand.
At the same time, the channel through which IT services are delivered and procured is undergoing significant structural change. Hyperscaler marketplaces—AWS, Azure, and Google Cloud—are becoming major procurement channels for software and services, and vendors are reshaping partner economics to emphasise co-sell and services-led engagement models. Traditional reselling margins are under pressure. Value is migrating toward solution integration, advisory services, and lifecycle management tied to hyperscaler ecosystems. Providers who fail to make this transition risk being disintermediated.
Where Private Equity Value Is Being Created
Against this backdrop, not all parts of the IT services value chain are equally attractive. Grant Thornton Stax's analysis identifies managed service providers as the most compelling sub-segment for private equity investment, a view that should continue to hold—and strengthen—as the market evolves. MSPs combine recurring revenue (ideally above 60% of total revenue), high customer retention, and exposure to the high-growth domains of cybersecurity, cloud, and AI enablement. The sub-sector remains fragmented, offering significant buy-and-build potential for investors with the appetite and capability to build scaled platforms.
For investors, value creation in the sector is best understood through two lenses: the demand pockets driving top-line growth, and the operational levers enabling margin expansion.
Revenue Drivers: Where Demand Is Concentrated
AI readiness is the single most significant near-term demand driver. Enterprises need external support across the full adoption lifecycle—from data foundation services (including master data management, data quality, and governance), which establish the foundations without which AI deployment fails, through tool selection, implementation, and ongoing governance. MSPs converting AI advisory into durable managed services relationships, SIs embedding MDM and data readiness into broader transformation mandates, and VADs building structured AI advisory practices are all capturing this demand. Those that can demonstrate measurable real-world outcomes are establishing defensible positions; those that cannot are competing on price.
Cybersecurity remains the other structural revenue engine. Non-discretionary spend, a persistent skills shortage, and AI-generated threat vectors sustain premium pricing for managed security, MDR/XDR, and cyber consulting across MSPs, SIs, and VADs alike—particularly those with established European positions where consolidation is accelerating. Value-added resellers growing managed security revenue are genuinely interesting; those dependent on a single vendor's incentive programme face structural risk as channel economics are reshaped.
Cloud complexity is a durable third tailwind. Multi-cloud sprawl, repatriation activity, and sovereign cloud requirements are sustaining demand for advisory, FinOps, migration, and managed cloud operations well beyond the initial migration wave—with SAP timelines extending SI demand through 2027. IT consultancies remain the highest-risk segment regardless: discretionary billing models and AI-driven margin compression create headwinds that only firms with proprietary IP or productized offerings are likely to withstand.
Margin Expansion: The Operational Value Creation Lever
The less covered opportunity lies in AI-driven delivery automation. Tooling that automates monitoring, ticketing, and Tier 1 support in MSP operations; migration execution in cloud practices; and first-line analyst functions in security operations centres is enabling providers to expand margins without proportionate headcount growth. EBITDA trajectory is increasingly a function of operational sophistication, not just revenue mix—and providers who have made deliberate investments in automation tooling should command valuation premiums over peers with comparable revenue but more labour-intensive delivery models. This remains an underweighted dimension in many PE diligence processes.
Strategic Implications: Where to Focus, What to Watch
The IT services sector is entering one of its most dynamic periods in a generation. The convergence of AI adoption, cloud complexity, and cybersecurity demand is creating durable, structural growth that will sustain deal activity and premium valuations in the most attractive sub-segments for years to come. But selectivity is essential.
Investors should focus on providers with high recurring revenue, genuine multi-domain capabilities, and strong hyperscaler partnerships—the businesses best positioned to capture the downstream services demand generated by the AI infrastructure super-cycle. They should monitor vendor channel programme changes closely, particularly from Microsoft, Palo Alto Networks, CrowdStrike, and Broadcom/VMware, as these have the potential to reshape partner economics significantly. And they should treat AI-driven service delivery automation not as a risk to margin but as an operational value creation lever—one that the most sophisticated MSPs and managed security providers are already deploying to material effect.
The question for PE investors is not whether the IT services sector warrants capital allocation. It demonstrably does. The question is whether the assets they are evaluating are positioned on the right side of the structural shifts reshaping the market—and whether the management teams running them have the clarity to navigate the transition from product distribution to outcome-based services.
To learn more about our IT and Cyber expertise, visit our Insights page or contact us directly.
Read More
