Klint Walker believes so much in helping businesses with their security posture that he took a pay cut from the private sector to work in the federal government. Walker is a cybersecurity advisor with the Cybersecurity and Infrastructure Security Agency (CISA), a go-to agency for security preparedness.
Many MSPs aren’t aware of the range of resources it offers at no cost, Walker shared. So, he recently sat down with ChannelPro to explain how MSPs can take advantage of its offerings. He also offered his perspectives on what’s most exciting and most challenging in cybersecurity right now.
ChannelPro: What does your role as a cybersecurity advisor at CISA entail?
Walker: Our role is incredibly fulfilling. … We serve as a no-cost resource offering cybersecurity advice for public and private sectors, critical infrastructure, and state and local governments. Our primary focus is helping organizations prepare for potential incidents through training, awareness, and vulnerability assessments. We assist during and after an incident, helping organizations recover and reestablish their baseline operations.
ChannelPro: For MSPs that may be limited by budget, time, or staff, which CISA resources would you say are most helpful but perhaps underutilized?
Klint Walker
Walker: I always recommend starting with our Cyber Resilience Review (CRR). It’s a comprehensive, 8-hour assessment covering all 10 domains of cybersecurity. Many companies are hesitant, thinking they might not be ready, but that’s the point — it’s about understanding where your organization stands. The CRR helps you see the bigger picture, which is essential because cybersecurity often feels like trying to solve a puzzle without knowing what the completed image looks like. This assessment is the first step in tailoring the right services and tools for your company’s needs.
ChannelPro: Compliance is a big concern for many businesses. How does CISA’s cybersecurity advisor program address compliance issues?
Walker: Compliance is a frequent topic in our conversations. My response is always, “Compliance with what?” I estimate that around 70% of organizations haven’t chosen a cybersecurity framework, which is fundamental to guiding their efforts. Our assessments are framework-agnostic, meaning they can align with any framework your organization chooses or requires for the industry or geography they serve. The CRR helps you map out your cybersecurity strategy once you’ve chosen a framework.
ChannelPro: What excites you about cybersecurity right now?
Walker: Our industry needs more talent to continue advancing, so I’m thrilled by the growing interest among young people, and more companies offering internships. Interns can be a low-cost resource, helping with entry-level tasks so that more experienced staff can focus on higher-level work. The internships give them the experience they need when most cybersecurity employers won’t risk hiring somebody without experience. They also help build a pipeline of skilled professionals who often stay with the company or become valuable assets in the industry.
ChannelPro: What’s the biggest challenge MSPs should be wary of, and how can they address it?
Walker: The biggest challenges are:
- The mindset that they can handle cybersecurity on their own.
- That breaches and attacks won’t happen to them.
- Not recognizing that if they aren’t secure, customers aren’t either.
A disruption to your operations can ripple through your entire ecosystem, so it’s essential to think beyond your own organization. Information sharing is crucial, and CISA offers programs to facilitate this, such as our Known Exploited Vulnerabilities Catalog and Automated Indicator Sharing.
ChannelPro: What final advice can you share about using CISA’s resources?
Walker: Don’t be intimidated by cybersecurity. Reach out to your cybersecurity advisor or local community groups like InfraGard or BSides. We can connect you with the right partners, mentors, or resources for your needs and budget. For example, if you’re pursuing a SOC Type 2 certification, we can help you find others in your industry who’ve gone through the process and can share their experiences. CISA’s role is to facilitate these connections and help you navigate your cybersecurity journey.
ChannelPro’s Anjali Fluker contributed to this article.
Image: DALL-E
