Solution Provider Association Founder Protests Trump CISA Changes

‘We’re just asking for four things—reinstate the CISA advisory committees, limit the reductions in CISA that keep us secure, maintain their scope so that our clients can be secure, and, of course, don’t move them to the Department of Transportation, which has been proposed,’ says Karl Palachuk, author and founder of the National Society of IT Solution Providers.

The channel has operated for a long time without much federal or state-level oversight, but new legislation and cost-cutting activities by the Trump administration could affect how solution providers do business and interact with their customers.

Take, for example, recent changes the 47th president has made to the Cybersecurity and Infrastructure Security Agency, Karl Palachuk, an author and founder of the National Society of IT Service Providers, told a room of solution providers Sunday at XChange March 2025, hosted by CRN parent The Channel Company and being held this week in Orlando, Fla.

Removing some of the duties performed by CISA arguably makes technology users less secure, Palachuk said. And so his association—whose members includes MSPs and VARs—has protested the changes.

“No matter how you voted, it’s OK to say, ‘I’m a taxpaying citizen, I’m a business owner, and this is what I want my government to do,’” he said. “We’re just asking for four things—reinstate the CISA advisory committees, limit the reductions in CISA that keep us secure, maintain their scope so that our clients can be secure, and, of course, don’t move them to the Department of Transportation, which has been proposed.”

MSP Legislation

At the legislative level, federal and state regulations of solution providers are inevitable, said Palachuk.

Solution providers can either have a seat at the table or wait in line without a reservation. “It takes more licenses to cut your hair or your lawn than it does to manage a $10 million computer operation,” he said. “There should be some requirements. There should be some guidelines about what we are as an industry. … It’s going to happen whether you participate or not.”

Wayne Roye, CEO of Staten Island, N.Y.-based solution provider Troinet, told CRN in an interview that he would like to see a framework defining what it means to be an MSP and what it means to be an MSSP.

“Right now, it’s the wild, wild west,” Roye said. “Everybody is everything.”

Legislating the channel is already happening, although it is slow going, Palachuk said. About 20 states dictate privacy policies for the websites of solution providers and their customers, as an example.

“This is the tip of the iceberg,” Palachuk said. “This will happen more and more. … Whether you like it or not, you will be regulated.”

State legislatures have been looking at ways to add new policies on protecting consumer rights in the AI era and regulating AI deepfakes, he said.

Palachuk also shared two business opportunities for solution providers leveraging public funding —states looking to improve access to data centers and federal efforts to increase broadband access in rural areas of the U.S.

For broadband access, he recommended solution providers get in contact with local representatives to make sure they are fighting for a share of that funding.

“All the money for 2024 got spent,” he said. “The money for 2025 hasn’t been allocated yet, but there’s great potential here.”