Leadership changes at top cyber agency raise national security concerns

The departure of the three of the Department of Homeland Security’s top cybersecurity officials over the past week is leading experts and officials to voice concerns that the United States has been left vulnerable to attacks in cyberspace, with national security potentially compromised. 

The concerns come after President TrumpDonald TrumpGOP-led Maricopa County board decries election recount a 'sham' Analysis: Arpaio immigration patrol lawsuit to cost Arizona county at least 2 million Conservatives launch 'anti-cancel culture' advocacy organization MORE fired Christopher Krebs, the director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), and after both CISA Deputy Director Matthew Travis and top cybersecurity official Bryan Ware resigned following pressure from the White House.

These changes left the nation’s key cybersecurity agency without Senate-confirmed leadership in the last months of Trump’s presidency, amid a shakeup of major government officials following a contentious election. 


“Today, cybersecurity and disinformation threats are among the most significant risks our nation confronts,” Sen. Mark WarnerMark Robert WarnerSenators offer bill to allow remote online notarizations Second suspected 'Havana Syndrome' case near White House under investigation: report Warner: Hack-reporting law 'one of the few areas left where there's broad bipartisan support' MORE (D-Va.), vice chairman of the Senate Intelligence Committee, told The Hill in a statement Friday. “For that reason, it’s enormously disturbing that the president has paired an unwillingness to begin an orderly transition with a zeal to gut key national security agencies of their senior-most leadership.”

CISA, established by legislation signed into law by Trump in 2018, describes itself as "the nation’s risk advisor,” and leads efforts to secure critical infrastructure against foreign and domestic cyber threats. 

The agency was heavily involved in coordinating with state and local officials to shore up election security ahead of this year’s general election, and has spearheaded efforts to defend all sectors against attacks.

The agency, and its leadership, had been widely viewed as stable and bipartisan by officials on both sides of the aisle, a rarity in an increasingly polarized capital city.

But with the change in leadership, Warner is not the only current or former official concerned about the potential destabilizing influence for federal cybersecurity objectives. 

“Abruptly losing multiple senior officials would be challenging for any organization, let alone one expected to respond to national security threats,” Michael Daniel, the president and CEO of Cyber Threat Alliance, told The Hill Friday.


Daniel, who previously served as special assistant to President Obama and cybersecurity coordinator on the National Security Council staff, noted that if an adversary were to attack the U.S. in cyberspace over the next few months, the ability of the U.S. to respond would be kneecapped. 

“Heading crises off proactively becomes almost impossible without permanent leadership,” Daniel said. “By stripping CISA of its well-respected, capable leadership and acting irresponsibly with respect to the transition, this administration has increased the likelihood that an adversary will try to take advantage of the situation.” 

Adversaries have increasingly shown their willingness to hit the U.S. in cyberspace, most famously through targeting election infrastructure. CISA was among the agencies that responded to recent successful efforts by Russia and Iran to gain access to U.S. voter registration data in three states.

Kiersten Todt, who served as executive director of former President Obama’s Commission on Enhancing National Cybersecurity, described the situation as “dangerous,” but emphasized that CISA itself had a “strong infrastructure” to continue to confront threats. 

“From a strictly national security level, it’s not ideal, but we’re okay,” Todt said. “From a political perspective, it doesn’t seem like it was necessary."

Other Democratic members of Congress have also spoken out this week about concerns over national security, including Sen. Angus KingAngus KingSenators shed masks after CDC lifts mandate DC statehood bill picks up Senate holdout Senate panel deadlocks in vote on sweeping elections bill MORE (I-Maine). King caucuses with Democrats and is reportedly under consideration by President-elect Joe BidenJoe BidenBiden's quiet diplomacy under pressure as Israel-Hamas fighting intensifies Overnight Defense: Administration approves 5M arms sale to Israel | Biden backs ceasefire in call with Netanyahu | Military sexual assault reform push reaches turning point CDC mask update sparks confusion, opposition MORE to serve as director of national intelligence.

“By firing Mr. Krebs for simply doing his job, President Trump is inflicting severe damage on all Americans – who rely on CISA’s defenses, even if they don’t know it,” King said in a statement after Krebs was fired. 

House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonCapitol riot fuels debate over domestic terror laws Lawmakers roll out legislation to defend pipelines against cyber threats Lawmakers reach agreement on bipartisan Jan. 6 commission MORE (D-Miss.) and cybersecurity subcommittee Chairwoman Lauren UnderwoodLauren UnderwoodIn honor of Mother's Day, lawmakers should pass the Momnibus Act McAuliffe holds wide lead in Virginia gubernatorial primary: poll HHS expands Medicaid postpartum coverage for Illinois mothers up to a year after giving birth MORE (D-Ill.), put out a joint statement accusing Trump of “making America less safe” through firing Krebs. 

They said that Trump’s decision did “nothing to defend our state and local governments and critical infrastructure against malicious cyber campaigns from Russia, China, and Iran."

One key increasing threat to U.S. critical networks during the COVID-19 pandemic has been debilitating ransomware attacks on hospitals and cyber targeting of groups involved in vaccine research. 

Sen. Gary PetersGary PetersSenators shed masks after CDC lifts mandate Hillicon Valley: Global cybersecurity leaders say they feel unprepared for attack | Senate Commerce Committee advances Biden's FTC nominee Lina Khan | Senate panel approves bill that would invest billions in tech Senate panel approves bill that would invest billions in tech MORE (D-Mich.), the ranking member of the Senate Homeland Security and Governmental Affairs Committee, accused Trump of not doing enough to respond to this threat, and of making the situation worse by gutting CISA's leadership.

“While I have full confidence in the dedicated workforce at CISA to continue to execute their mission despite your actions, the removal of these individuals invites attacks from our adversaries based on a perception of instability, rather than prevent them,” Peters wrote in a letter to Trump. 


Some GOP members of Congress have pushed back against Trump in the days following Krebs’s ouster, though most have stuck to praising Krebs’s work to advance the nation’s cybersecurity defenses. 

“I think what he was trying to do in an unprecedented way was to connect with every state in the country, and give them what they needed to protect and have a firewall in place to protect against cyberattacks,” Sen. Rob PortmanRobert (Rob) Jones PortmanSenators shed masks after CDC lifts mandate Bipartisanship has become a partisan weapon Carper urges Biden to nominate ambassadors amid influx at border MORE (R-Ohio), a member of the Senate Homeland Security Committee, told CNN earlier this week. 

In an email obtained by The Hill and confirmed by a CISA spokesperson, CISA Executive Director Brandon Wales — who stepped in as acting director of the agency following the departures of Krebs and Travis — sought to reassure employees. 

“A change in leadership is not a change in mission,” Wales wrote in the email, sent to CISA employees last week. “It is vital for all of us to remain focused on our mission. At a critical time in the response to COVID-19, with a potential vaccine around the corner, we must continue to support healthcare systems and vaccine manufacturers in their defense against ransomware attacks and foreign adversaries.”

Wales emphasized that as long as he led the agency “we will maintain a laser focus on our mission to Defend Today and Secure Tomorrow.”

Beyond CISA, cybersecurity leadership at the federal level could be threatened by moves against leaders of other agencies as well.


Trump has reportedly been considering firing both FBI Director Christopher Wray and CIA Director Gina HaspelGina Cheri HaspelCIA chief threatened to resign over push to install Trump loyalist as deputy: report Biden announces veteran diplomat William Burns as nominee for CIA director Meet Biden's pick to lead the US intelligence community MORE as he continues to make sweeping changes to leadership following the election. Both agencies have cybersecurity missions, with Wray one of the key leaders working to enhance election security over the past four years.

“If those firings do happen, I think it’s irresponsible leadership on the part of the president, it certainly puts this nation in a less than desirable position,” Todt said. 

Despite this, she noted that she had confidence in the federal workforce to help carry the country’s cybersecurity mission forward until Biden takes office in January.

“You just hope that doesn’t happen all at once, but if it does, I have confidence in the civil workforce, and hopefully they won’t have to carry the water too long before we see a transition happen,” Todt said.