On Tuesday night, President Donald Trump fired Chris Krebs, who was one of the government’s most senior cybersecurity officials. Trump fired him—by tweet—because Krebs had thoroughly debunked election disinformation, much of which came from the White House itself.
Trump had appointed Krebs director of the Cybersecurity and Infrastructure Security Agency (CISA) in 2017. CISA is charged with protecting American critical infrastructure, a vast domain ranging from elections technology to vaccine manufacturing and government systems. Many of the United States’ most sensitive networks fall under CISA’s purview. With Krebs out and Trump’s presidency ending, where does that leave one of America’s most important cybersecurity agencies?
A years-long bipartisan effort to remake the way the US government works in cyberspace could soon push CISA into an elevated role as the nation’s lead cybersecurity agency with a bigger budget, a strengthened position, and louder White House support. The future role of CISA will be key as the transitioning American government tries to sort out its strategy in increasingly combative cyberspace.
“I think CISA is in a very strong position,” says Suzanne Spaulding, Krebs’s predecessor and a person whose name has been floated as a potential secretary of homeland security in a Biden administration. “Chris Krebs’s principled stand and departure adds to CISA’s stature and reputation. There is strong bipartisan support for strengthening CISA’s role.”
The agency’s new acting director, Brandon Wales, is a career civil servant who can’t easily be fired by the president—though he could be moved to another position. Wales, a 15-year Department of Homeland Security veteran, has been widely praised by current and former colleagues.
In an interview last month with MIT Technology Review, Wales spoke about CISA’s important role in debunking domestic disinformation. Employees at CISA say that so far, work has continued on as normal, exactly as Wales promised—except with a decrease in morale. Trump has also said he will move another official, Sean Plankey, to a senior post at CISA, a move that is reportedly “imminent.”
But as Trump’s presidency comes to a close, eyes are turning to CISA’s long-term future.
Spaulding worked on the Cyberspace Solarium Commission, a bipartisan congressional project established in 2019 to chart the future of American strategy in cyberspace. The commission made enhancing and empowering CISA one of its top priorities.
Chaired by the independent senator Angus King and the Republican congressman Mike Gallagher, Solarium aims to make the CISA the lead cybersecurity agency for the federal government and private companies in the US. King is reportedly a leading candidate for Biden’s director of national intelligence.
The Solarium recommendations include bolstering CISA’s resources, facilities, and authorities. The commission wants CISA to lead the government response to major cyber incidents in both the public and private sectors and to have the authority to hunt cyber threats across the entire government outside of the military—which, they note, boasts a much larger cybersecurity budget at about $9.6 billion and growing, compared with approximately $2 billion for CISA.
“Significant breaches that we've seen in the past in government could have been mitigated and more rapidly dealt with” with a fully-realized CISA, says Mark Montgomery, Solarium’s executive director. “And we haven’t had, for example, a significant attack on the electric grid or water system yet—the kind of attack that would make us wish for a stronger CISA. We’re hoping we can get CISA ready before those happen.”
As Biden’s presidency approaches, members of both parties are hoping for a bigger budget for the agency and a strong signal from the new White House that CISA is the primary way the US government protects critical infrastructure that’s mostly run by private companies, whether in the domain of elections, finance, or energy. CISA’s mandate includes managing cybersecurity issues but also defending against other kinds of threats, like terrorism, weather disasters, and sabotage. To support that expansive mission, Spaulding says, the agency needs significantly more funding.
The Biden-Harris transition team did not respond to questions about CISA’s future.
The irony of Trump’s sudden interest in CISA is that his White House has done little or nothing to help the agency and its partners at the National Security Agency and the Federal Bureau of Investigation in their work of securing elections. To an unprecedented extent, the White House abdicated its responsibility for coordinating the work of different agencies on this major national security issue.
“What’s interesting is that somehow these departments and agencies have found a way to coordinate among themselves without the traditional coordination function at the White House,” says Tom Bossert, Trump’s former homeland security advisor, whose office would normally have taken the lead on that task. “Krebs, [cyber command and NSA director] Paul Nakasone, [FBI director] Chris Wray, and the director of national intelligence have found a way to integrate their operations without somebody sitting in the head chair at the table. There’s no precedent for this in the modern presidency.”
While the agency’s long-term trajectory is increasingly clear, the short-term future of CISA remains an open question. Krebs was fired in large part for creating a Rumor Control web page that combated disinformation in real time. So far, the page has stayed up and unchanged. Brandon Wales is well respected but could theoretically be moved out of the agency, so his fate continues to be tied to the president’s whims.
“He’s a brilliant analyst,” says Spaulding, who was Wales’s boss during the Obama administration. Wales “should help keep things on track at CISA as long as he’s allowed to stay in that position,” she says. “The challenge, of course, is that they are likely to continue to find themselves saying things that the White House doesn’t like.”
Russia hacked an American satellite company one hour before the Ukraine invasion
The attack on Viasat showcases cyber’s emerging role in modern warfare.
Chinese hackers exploited years-old software flaws to break into telecom giants
A multi-year hacking campaign shows how dangerous old flaws can linger for years.
Transforming the automotive supply chain for the 21st century
Cloud-based tech solutions are helping manufacturers manage a new ecosystem of suppliers with greater agility and resilience.
Energy-hungry data centers are quietly moving into cities
Companies are pushing more server farms into the hearts of population centers.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.