Jordan Polasek · Founder, BVTech LLC · June 4, 2026 · 16 min read
Every so often a security topic jumps the fence from the research world into ordinary conversation. In 2026, data poisoning is one of those topics — and it is the rare one where the small player, the solo artist, the one-person shop, gets to be the one setting the trap instead of bracing for the hit. But it is only part of the picture. I kept fielding the same questions from clients, family, and people who just saw a headline, so I did the thing I do: I wrote it all down — data poisoning, the year's real breaches, the new world of AI agents that can act on your behalf, and the plain-English defenses that actually work. The result is a free 67-page field manual, and this post is the short version of why it matters.
Our 2026–2027 Cybersecurity & MSP Field Manual — featuring data poisoning, the year's real incidents, and AI defense — is 67 pages of plain-English, do-it-yourself protection plus the proactive managed-security model. No email wall. No catch. Built to be passed around.
⬇ Download the Free Report (PDF)Every AI model learns from examples. A model that recognizes cats has seen millions of cat pictures; the quality of what comes out depends entirely on the quality of what went in. Data poisoning is the deliberate act of slipping carefully crafted "garbage" into the data a model learns from, so the finished model behaves wrong in ways someone chooses. The clever part: the poison is usually invisible to humans. A poisoned image looks completely normal to your eye — only the machine, reading the raw numbers behind the pixels, sees the trap.
It wears two hats, and which one matters enormously. As an attack, a criminal poisons data a company relies on so the model makes decisions in the attacker's favor; the defense there is data provenance — knowing and validating where your training data comes from. As a shield, you poison your own work so that anyone scraping it without permission learns the wrong lesson. You are not breaking into anything. You are seasoning your own cooking, and if someone steals it anyway, that is their problem.
Researchers at the University of Chicago, led by Professor Ben Zhao, built two free tools that have since been downloaded by millions of creators. Glaze is the defensive cloak: it makes subtle, invisible changes so a model trying to imitate your style sees something different from what is actually there. Nightshade is the offensive counter-strike: it alters an image so a model learns the wrong content entirely, and used across many images it actively degrades the model that scraped them. The team recommends creators use both — cloak the style, poison the content. Both are free, released by a university research project rather than a company.
I want to be honest about the limits, because anyone who tells you a tool is magic is selling you something. This is an arms race: researchers have already demonstrated techniques (one is called LightShed, presented at a 2025 security conference) that try to detect and strip these protections back out. Poisoning raises the cost and uncertainty of scraping your work — it does not make your work permanently untouchable. Use it as one layer, alongside content-provenance metadata, watermarks, and clear terms of use.
If poisoning your art is a clever shield, tarpitting is a clever trap. In early 2025 a programmer fed up with crawlers ignoring his site's wishes released Nepenthes, named after the carnivorous pitcher plant. When a misbehaving crawler hits it, it is served an endless, self-referential maze of auto-generated pages — sometimes filled with grammatically plausible nonsense — burning the operator's time and, if the nonsense gets ingested, poisoning the model that swallowed it. Cousins followed, including Iocaine and the managed, one-click Cloudflare AI Labyrinth that even free-plan sites can switch on without hurting their search ranking.
Then there is the honeypot — my favorite low-effort, high-value defense for a small business. A honeypot is a deliberate fake: a decoy file, account, or credential that has no legitimate reason to ever be touched, so the instant something touches it, you know you have an intruder. Zero false positives, and you catch them early. Free "canary token" services let you generate a tripwire file or fake credential in seconds that emails you the moment it is triggered. Drop a few in your most sensitive folders today.
Turn on MFA for your email. Install a password manager. Install Privacy Badger and uBlock Origin. Generate a free canary token for your most sensitive folder. Set automatic updates everywhere. That is an evening's work and it puts you ahead of most organizations your size. The full report walks through each step.
Data poisoning is the headline, but it sits inside a bigger shift I keep writing about in these weekly intel posts: attackers got cheaper and faster thanks to AI, defenders got new tools (including poisoning), and the line between do-it-yourself and needing-a-partner moved. AI now writes flawless phishing in any language and clones voices for fraud calls. The old advice to "watch for bad spelling" is dead. The defenses that still work are layered: MFA everywhere, monitored endpoint protection, tested backups, trained people, and patched edge devices.
That is the difference between reactive and proactive, and it is the throughline of the report. A break-fix shop sells you the extinguisher and quietly profits from fires. A proactive MSP is paid to keep things working — so preventing the problem is a shared win. A honeytoken that fires into an empty inbox at 2 a.m. caught the intruder but did not stop them; the trap is only as good as the response behind it. That is the case for having someone watch the screens so you do not have to.
The full 67-page manual covers all of the above in depth — a month-by-month look at the year's real breaches, Glaze and Nightshade workflows, RAG-poisoning and how it threatens business AI, the anti-crawler toolbox, honeypots, securing Alexa and the smart home, browsers and VPNs and Privacy Badger, passwords and passkeys, AI on both the attacker's and defender's side, the agentic-AI attack surface, AI governance and the OWASP LLM Top 10, cyber-insurance, zero trust, the proactive MSP model, the security stacks we build with partners like Guardz, Huntress, and SentinelOne, two case studies, and a 30-day action plan with a tear-out checklist. It is free, and you are encouraged to share it.
⬇ Download the BVTech 2026–2027 Cybersecurity & MSP Report (PDF)
Questions about where your business stands? Call BVTech at (210) 538-3669 or email [email protected]. The first conversation is always free, whether or not you ever become a client — a better-defended Texas is good for all of us.
— Jordan Polasek is the Founder and Managing Partner of BVTech LLC, the award-winning, El Campo-based managed IT services provider he founded in 2013. Jordan Polasek is an AWS-certified cloud architect with ethical-hacker-level security training, 13+ years of hands-on experience, and a 4.0 GPA in his Cloud Computing degree. He was named SuperOps Solo MSP of the Year in 2023. Connect with Jordan on LinkedIn or at jordanpolasek.com.
EN
ES