{"id":3461,"date":"2025-06-05T16:37:43","date_gmt":"2025-06-05T16:37:43","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=3461"},"modified":"2025-06-05T16:37:43","modified_gmt":"2025-06-05T16:37:43","slug":"top-us-cyber-officials-face-divergent-paths-after-senate-confirmation","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=3461","title":{"rendered":"Top US cyber officials face divergent paths after Senate confirmation"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Since the start of the Trump administration, the US federal government\u2019s two top cybersecurity leadership positions have been vacant, but those roles are finally on the path to being filled.<\/p>\n

The first job is the director of the Cybersecurity and Infrastructure Security Agency (CISA), which has been vacant since former director Jen Easterly left on Jan. 20. The second slot is the national cyber director, a role in the Executive Office of the President, last held by Harry Coker<\/a>, who moved on to become the State of Maryland\u2019s Commerce Secretary.<\/p>\n

President Trump nominated<\/a> cybersecurity newcomer Sean Cairncross<\/a> on Feb. 11 to succeed Coker and, a month later, named cybersecurity veteran Sean Plankey<\/a> for the CISA position.<\/p>\n

Tech and cybersecurity leaders have sent Senators glowing endorsements of Plankey<\/a> and Cairncross<\/a>. Both candidates were slated to testify at a confirmation hearing<\/a> today, but Plankey\u2019s testimony was inexplicably canceled the day before this hearing. Although Cairncross did testify at this hearing, he will also face another confirmation hearing<\/a> before the same committee on June 12, when Plankey is again scheduled to testify.<\/p>\n

The only lawmaker opposing either candidate is Senator Ron Wyden (D-OR), who is trying to hold up<\/a> Plankey\u2019s nomination to force CISA to release a report related to the Chinese threat actor Salt Typhoon. A spokesperson told CSO that Sen. Wyden\u2019s original statement on the hold still applies.<\/p>\n

\u201cBoth of these Seans are good leaders,\u201d Mark Montgomery, senior director of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies, told CSO. \u201cPlankey, in particular, has broad expertise on the issue. Cairncross has leadership experience with the White House team. These two confirmations will set the Trump administration up for cyber success if it chooses to take it.\u201d<\/p>\n

However, both candidates will face significant challenges once they assume their positions. The administration will be forced to play catch-up after largely overlooking most critical cyber policy issues due to turmoil caused by chaotic DOGE-induced job reductions<\/a> and transitional disorientation typical of any new administration.<\/p>\n

Workforce and funding challenges<\/h2>\n

The biggest challenge that Plankey will face at CISA is a dramatically reduced workforce. One report suggests that the agency has already lost 1,000 employees<\/a>, or around 30% of its workforce, through buyouts, firings, and voluntary departures amid DOGE job slashing<\/a> and still-lingering partisan scorn<\/a> of the group\u2019s brief work on misinformation efforts years ago.<\/p>\n

The pain of the staff cuts is compounded by the loss of experience and expertise held by staffers who have left. On May 22, CISA\u2019s new No. 2 employee, Madhu Gottumukkala, sent a memo to staff saying<\/a> that the heads of three of CISA\u2019s six main divisions \u2014 cybersecurity, infrastructure security, and integrated operations, which oversees regional offices \u2014 were all leaving at the end of May, along with the deputy head of a fourth.<\/p>\n

The memo further said the leaders of most regional offices are also leaving, along with the top CISA officers for finance, strategy, human resources, and contracting.<\/p>\n

Some observers suggest that the staff reduction CISA has already experienced meets the estimated 1,000 CISA job cuts the administration has planned for the agency in its FY2026 budget proposal<\/a>, obviating the need for any further job cuts.<\/p>\n

Montgomery, however, isn\u2019t so sure, given the loss of leadership and rare talent. \u201cSome of the people who\u2019ve left, they have to replace,\u201d he said. \u201cMy gut reaction is that they have to hire 150 people with specific skill sets, which means they may still go find another 150 to get rid of.\u201d<\/p>\n

In addition, the administration\u2019s budget expects CISA\u2019s other spending outlays to drop by $535 million, or 20%. On the other hand, according to the budget, the much smaller Cyber Director\u2019s budget should decrease by 10%, while personnel levels will stay level at 85 full-time equivalent employees.<\/p>\n

In addition to their own budget cuts, both officials will have to grapple with the fallout from reduced cyber functions across the entire federal government, from the NSA<\/a> to the FBI. The FBI has recently been forced<\/a> to divert resources from cybersecurity to handling immigration and border control issues.<\/p>\n

\u201cThis administration has decided to disinvest in cybersecurity and to do so in a way that is particularly damaging to the workforce,\u201d Michael Daniel, president and CEO of the Cyber Threat Alliance, told CSO. \u201cThat\u2019s being mirrored across the government. A lot of other agencies are also facing reductions.\u201d<\/p>\n

He added: \u201cBoth of these individuals are going to be facing a lot of internal challenges of these cuts that have been made without necessarily a whole lot of analysis. They\u2019re going to have holes in the workforce because it hasn\u2019t been planned out.\u201d<\/p>\n

Divergent strategies moving forward<\/h2>\n

The road ahead appears paved with opportunity for Cairncross, while Plankey faces a narrower path of contraction and clean-up at CISA.<\/p>\n

\u201cThis is a perfect opportunity for the NCD [national cyber director] position to work,\u201d Center on Cyber and Technology Innovation\u2019s Montgomery said. \u201cYou have a National Security Council focused on the offensive side. You have CISA, which is focused on internally reorganizing itself. Cairncross is the first NCD to find himself in the position of having the running room to make the job work.\u201d<\/p>\n

Montgomery emphasized, \u201cNow is the time for Cairncross to very pointedly and aggressively go work to establish the NCD\u2019s role as the coordinator of domestic cyber incident response to ensure that federal agencies are executing the president\u2019s policies and budget and appropriations properly, and to work with the Hill to get whatever authority and appropriation changes are needed.\u201d<\/p>\n

Plankey, on the other hand, is going to have to look inward to reorganize a reduced and demoralized agency. \u201cHe\u2019s not going to be able to change the administration\u2019s mind in the short term about reducing the overall size of CISA,\u201d Cyber Threat Alliance\u2019s Daniel said. \u201cThat\u2019s not going to happen. He\u2019s going to have to take that as a given.\u201d<\/p>\n

Daniel advised, \u201cHe should try to say [to the President], \u2018Okay, give me the latitude to get to the targets you want, but let me work with the CISA leadership. Let me work with [Homeland Security Secretary Kristi Noem]. Let me figure out how to get there.\u2019\u201d<\/p>\n

One certainty for both agencies is that \u201cneither of them is going to get the opportunity to fix the influence operations problem,\u201d Montgomery said. \u201cWe have China, Russia, and Iran running aggressive influence operations against us. For whatever reason, the Trump administration has decided that it\u2019s censorship of Republicans. That is a false analogy, but it\u2019s taken root. Not much we can do about it.\u201d<\/p>\n

Despite the sunny prospects for Cairncross and the hope that Plankey can stop CISA\u2019s downward spiral, it\u2019s also clear that the current government\u2019s cybersecurity policy environment is uncharted territory. \u00a0<\/p>\n

\u201cIt\u2019s a very, very different environment than anybody that\u2019s been working in cyber for the last 20 years has faced,\u201d Daniel said. \u201cWe haven\u2019t seen a government or private sector company that has said, \u2018We\u2019re going to walk away from a lot of the cyber capability and disinvest in it and abandon that capability.\u2019 We just haven\u2019t seen that.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Since the start of the Trump administration, the US federal government\u2019s two top cybersecurity leadership positions have been vacant, but those roles are finally on the path to being filled. The first job is the director of the Cybersecurity and Infrastructure Security Agency (CISA), which has been vacant since former director Jen Easterly left on […]<\/p>\n","protected":false},"author":0,"featured_media":3462,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3461","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3461"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3461"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3461\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/3462"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3461"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3461"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3461"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}