Episode #799 of the MSPi PrimeCast
Wilfredo Santiago’s path into cybersecurity didn’t begin with security tools or platforms. It started with signals intelligence—analyzing radio frequencies, network traffic, and communications in the Navy—and later expanded into working alongside intelligence agencies and cybersecurity roles.
That background shapes how he views cybersecurity today. It’s not positioned as a product or a stack, but as an understanding of how systems communicate, how behavior can be interpreted, and how quickly things change.
1. Cybersecurity Builds on Networking Fundamentals
Wilfredo started as a signals analyst, working with radio frequencies and network traffic, learning how communication moves across systems.
That foundation translated directly into cybersecurity later in his career.
MSP Action: Ensure your team understands how networks and traffic function before relying on security tools.
2. Cybersecurity Is a Combination of Core Skills
He described cybersecurity as a culmination of multiple disciplines—networking, programming, and operating systems—not a single skill set.
That combination enabled his transition into cybersecurity roles.
MSP Action: Develop your team across core technical areas, not just security-specific platforms.
3. Threat Techniques Are Not New
Wilfredo pointed out that many of the techniques used in cybersecurity today mirror what he saw in intelligence work—understanding and leveraging communication.
The difference is in who is using those techniques and for what purpose.
MSP Action: Train teams to think in terms of how systems can be used or misused, not just how they are configured.
4. The Environment Changes Constantly
He described cybersecurity as something that evolves daily, with new threats, actors, and technologies continuously emerging.
There is no static state.
MSP Action: Build continuous learning and review into your operations instead of treating security as a one-time setup.
5. Threat Actors Are Driven by Incentives
Wilfredo explained that attackers are often motivated by financial gain and operate in environments where enforcement is limited.
That creates consistency in how attacks are carried out.
MSP Action: Help clients understand that attacks are intentional and ongoing, not random events.
6. AI Is Expanding Capabilities on Both Sides
He discussed how AI is making it easier to scale operations and reduce the need for deep expertise in some areas, while still requiring human validation.
This applies to both defenders and attackers.
MSP Action: Use AI to improve efficiency, but ensure decisions are reviewed and validated by experienced team members.
7. Accessibility Matters During Incidents
Wilfredo emphasized the importance of being able to reach a SOC analyst immediately during an incident, rather than waiting for delayed responses.
That accessibility changes how incidents are handled in real time.
MSP Action: Evaluate partners based on responsiveness and direct access to expertise, not just their feature set.
8. Discipline Impacts Performance
He highlighted that cybersecurity work often involves long, sedentary hours and requires discipline to maintain performance and consistency.
This applies both personally and professionally.
MSP Action: Establish routines and processes that support consistent execution across your team.
What This Means for MSPs
Cybersecurity, as described here, is not centered around tools or categories—it is built on understanding how systems operate, how communication flows, and how behavior can be interpreted. Wilfredo’s experience shows that strong fundamentals, combined with exposure to real environments and consistent execution, create a more reliable approach to security. For MSPs, this reinforces the need to move beyond tool-driven strategies and focus on building teams that understand what they are seeing, can adapt to change, and can respond with clarity when situations evolve.
Catch the full conversation on MSPi PrimeCast Episode #799 and connect with Wilfredo at https://www.linkedin.com/in/infosecfredo/
