Latest news with #SeanPlankey
Forbes
11-06-2025
- Business
- Forbes
Trump's ONCD Nominee Sean Cairncross Awaits Pivotal Senate Vote
As cybersecurity threats multiply, from ransomware and AI-enhanced espionage to supply chain breaches, the United States stands at a critical crossroads. Both the strategic and operational heads of America's cyber defense infrastructure remain vacant, even as a sweeping new Executive Order From President Trump resets federal cybersecurity priorities. The nomination of Sean Cairncross to lead the Office of the National Cyber Director comes at a pivotal moment, but his confirmation remains pending. So too does the nomination of Sean Plankey to lead the Cybersecurity and Infrastructure Security Agency. At a time when America needs coordination, clarity and capability, there is no confirmed leadership in either role. In June 2025, President Trump issued a landmark cybersecurity Executive Order that reverses or revises several Biden-era initiatives. It eliminates centralized federal digital ID programs and mandatory open-source software frameworks. In their place are a tighter geopolitical posture toward adversaries like China. The order favors decentralization, autonomy for federal agencies and a realignment of cyber priorities around economic and national resilience. The ONCD will be responsible for interpreting and coordinating this directive across the federal landscape. Without a confirmed leader, implementation is on hold. The ONCD, is one of the most consequential yet least known policy entities in the federal cybersecurity ecosystem. Created by the National Defense Authorization Act for Fiscal Year 2021, it was born from the recommendations of the Cyberspace Solarium Commission, a bipartisan panel led by Senator Angus King (D) and Representative Mike Gallagher (R). The ONCD officially launched on January 1, 2021. It is housed in the Eisenhower Executive Office Building and statutorily tasked with advising the President on national cybersecurity strategy, coordinating agency efforts and building consensus on international cyber norms. Although Congress authorized up to 75 staff positions, it initially failed to appropriate funding. Only after passage of the Infrastructure Investment and Jobs Act in late 2021 did the ONCD receive its first operating budget of $21 million. In March 2023, the office published the Biden administration's National Cybersecurity Strategy, positioning itself as the federal government's central policy engine for cyber coherence. Since then, it has worked to align defense, civilian and private-sector efforts under one strategic umbrella. Current senior staff include Deputy Director Harry Wingo, Chief of Staff Michael Hochman, Acting Principal Deputy Jake Braun and deputies including Chris DeRusha, Drenan Dudley and Camille Stewart Gloster. However, the top role of National Cyber Director remains vacant as the Senate weighs Cairncross's nomination. Both ONCD and CISA are essential to the United States cyber defense posture. One sets the strategy. The other executes it. These roles are complementary, not redundant. CISA is the operational backbone of federal cybersecurity. It defends critical infrastructure, supports incident response and provides tools and advisories to state, local and private-sector partners. It operates under the Department of Homeland Security. The ONCD, by contrast, is strategic. It resides in the Executive Office of the President and focuses on national coherence, budget alignment and executive-level coordination across agencies. The two work in close collaboration. They jointly released the Cybersecurity Playbook for Infrastructure Grants and updated the National Cyber Incident Response Plan. Still, without confirmed leaders at either agency, the bridge between policy and execution is fragile. Sean Cairncross was nominated in February 2025 to serve as National Cyber Director. A seasoned political and government leader, he previously served as CEO of the Millennium Challenge Corporation, Deputy Assistant to the President, and Chief Operating Officer of the Republican National Committee. The Millennium Challenge Corporation is an independent U.S. government agency established by Congress in 2004. It provides time-limited, large-scale grants, known as 'compacts', to developing countries that meet strict standards for good governance, economic freedom, and investments in citizens, as measured by 20 independent policy indicators During the first Trump administration, he also supported the White House through overseas missions, including a 2019 trip with advisor Ivanka Trump to Morocco where he accompanied her to promote the Women's Global Development and Prosperity initiative, met with local leaders and toured olive groves and land empowerment programs. He holds degrees from NYU Law, Cambridge University and American University. While lacking formal technical cybersecurity credentials, Cairncross has emphasized that the National Cyber Director role is about strategic coordination, not engineering: 'If ONCD tries to do everything, it will be ineffective,' he said during his June 5 confirmation hearing. His nomination has received bipartisan support, including a letter from 24 cybersecurity and national security experts backing his appointment. 'We, the undersigned, strongly endorse the nomination of Sean Cairncross for the position of National Cyber Director,' wrote former director Chris Inglis and 23 other former cyber and national security officials. 'As a group of senior national security experts with decades of experience in both the public and private sectors, we believe his ability to coordinate across federal agencies and execute strategy makes him the right choice,' the letter added. Still, some lawmakers expressed concern. Senators Elissa Slotkin and Andy Kim challenged him on his lack of technical depth and his defense of proposed budget cuts to CISA. Despite these reservations, the Senate Homeland Security and Governmental Affairs Committee is expected to advance his nomination on June 12th to a full Senate vote, where confirmation appears likely barring broader political complications. Cairncross is not the only cybersecurity leader awaiting Senate confirmation. Sean Plankey, nominated to lead CISA, also remains unconfirmed. A U.S. Coast Guard veteran and former DHS official, Plankey brings operational cyber expertise that complements Cairncross's policy credentials. CISA protects civilian infrastructure from attack. If the administration's directive is to streamline and refocus the agency, that initiative still requires leadership. Regardless of one's political view, the absence of confirmed leaders at both ONCD and CISA is unsustainable. Merging the two offices might someday be debated in the interest of efficiency, but that conversation is premature without stable leadership in place. Cybersecurity is no longer a future problem. It is a current and persistent national security challenge. Threats from hostile states, AI-enabled attacks, cloud infrastructure breaches and election interference are all converging. The new EO provides a policy blueprint, but the blueprint is only as strong as the builders tasked with executing it. The Senate must now decide whether to confirm Cairncross and Plankey or leave the country's cyber leadership in a state of prolonged uncertainty. These decisions should be guided by pragmatism, not partisanship. Leadership matters. Strategy matters. Coordination matters. The ONCD may not be a household name, but its influence extends from the Situation Room to hospital networks to the servers powering small businesses across the country. It is time to staff it accordingly.
Forbes
31-05-2025
- Politics
- Forbes
Sean Plankey, Trump's CISA Pick, Takes Center Stage In Cyber Showdown
Sean Plankey will testify on June 5 as President Trump's nominee to lead the Cybersecurity and ... More Infrastructure Security Agency. His confirmation hearing comes amid heightened cyber threats and political scrutiny of the agency's future. A United States Senate committee will convene Thursday to determine the future of America's top cyber defense agency. Former Coast Guard officer Sean Plankey, President Trump's nominee to lead the Cybersecurity and Infrastructure Security Agency, will testify before the Homeland Security and Governmental Affairs Committee. If confirmed, he won't just inherit a title, he'll inherit an agency in turmoil. From aggressive Chinese cyberattacks to sweeping internal layoffs and a political crossfire threatening its very existence, CISA is at a crossroads. The stakes are high. The threats are real. And the clock is ticking. Plankey is no political unknown. With two decades of military service and senior cyber roles at the Department of Energy and National Security Council, he's built a career at the intersection of infrastructure, intelligence and cybersecurity. He's respected in both public and private sectors, particularly for his expertise in operational technology in systems such as pipelines, power grids and ports. His resume checks all the right boxes. But stepping into the director's chair at CISA means more than credentials. It means navigating one of the most politically charged and strategically vital agencies in the U.S. government. CISA was born in 2018 out of necessity as a rising tide of cyberattacks on America's most vital systems demanded a central agency to defend federal networks and critical infrastructure. Its first director, Chris Krebs, gained national recognition for leading efforts to secure the 2020 election. But after publicly pushing back on claims of election fraud, he was dismissed by President Trump. Under President Biden, Jen Easterly was asked to take a broader approach. She expanded the agency's mission to include ransomware defense, supply chain resilience and public-private coordination. CISA's headcount grew to over 3,400 employees and its budget rose to $3.1 billion, making it a ripe target for political scrutiny and budget cuts. But it was Easterly's push to counter disinformation on social media, especially around elections, that drew the most controversy. Critics saw it as mission creep, arguing that the agency was drifting from its core infrastructure protection role into politically sensitive territory. Easterly defended the initiatives by pointing out that election infrastructure had been officially designated as critical infrastructure following past foreign interference attempts. Following President Trump's return to office in 2025, Easterly stepped down. The timing was notable just as the administration moved to cut CISA's funding and dismantle advisory panels. The administration also laid off hundreds of CISA employees and terminated contracts supporting red team operations and election security. According to reports in The Wall Street Journal and The Register, these moves have raised concerns about the agency's ability to meet its mission at a time when cyber threats from nation-state adversaries are escalating. Now, CISA stands leaderless and politically vulnerable right as America's enemies are stepping up their game. The numbers are telling. The Trump 2025 budget proposal cuts CISA funding by nearly $500 million. Employees have been laid off. Veteran leadership has exited in droves. Cybersecurity professionals both inside and outside the agency are sounding alarms. Meanwhile, China-linked adversaries operating under names like 'Salt Typhoon' and 'Volt Typhoon' have penetrated American telecom networks, exploiting long-ignored vulnerabilities. These are not theoretical threats. They're live intrusions into the infrastructure that powers everything from hospitals to air traffic control. And if that weren't enough, the agency's mandate is under political attack. Senator Rand Paul has floated plans to defund or dissolve CISA altogether, arguing that it has infringed on civil liberties. Department Of Homeland Security secretary Kristi Noem echoed similar criticisms, accusing the agency of silencing conservative voices under the guise of cybersecurity. Despite the turbulence surrounding CISA, Sean Plankey's nomination has drawn an unusually wide and bipartisan base of support. Michael McLaughlin, co-author of Battlefield Cyber, praised Plankey's 'deep commitment to strengthening our national security' and noted his 'firsthand experience' securing critical infrastructure. Tatyana Bolton, along with the Operational Technology Cybersecurity Coalition, endorsed the nomination as well, citing Plankey's cross-sector experience and his ability to bridge public-private divides. A formal letter of support co-signed by the Association of U.S. Cyber Forces, Cyber Threat Alliance, McCrary Institute and others, urged the Senate to confirm him without delay. Mark Montgomery of the Cyberspace Solarium Commission called him 'a great hire' with the 'interagency savvy' required to navigate today's complex threat landscape. Even his predecessor, Easterly, lent her voice: 'Sean will bring great cyber expertise, private sector creds, a warrior spirit and steady leadership to Team CISA.' The loudest opposition comes from Senator Ron Wyden, a Democrat from Oregon, who has placed a hold on the nomination, though his objection is not personal. Wyden is demanding the public release of an unclassified 2022 report that allegedly outlines years of cybersecurity negligence by major U.S. telecom companies. He accuses CISA of suppressing the report to avoid exposing systemic vulnerabilities. Wyden argues the document is essential to understanding how Chinese threat actors gained a foothold in U.S. infrastructure and insists that Plankey's confirmation should be delayed until the full facts are made public. While his move may not target Plankey directly, it could stall the confirmation process. Despite the hold, Plankey's chances remain strong. With Republican backing and industry support, a pathway to confirmation exists. But it may require compromise either through redactions or supplemental briefings to appease Wyden's demands. The June 5 hearing will be a pivotal moment. If Plankey performs well, momentum may shift toward a swift vote. If confirmed, Plankey must move quickly and decisively. His top priorities should include: Plankey didn't create the challenges facing CISA but if confirmed, he'll be tasked with stabilizing an agency under immense pressure. He brings the right combination of credentials, bipartisan support and mission clarity. But success will require more than technical know-how. It will take political finesse, steady leadership and a return to disciplined, quiet execution. In cybersecurity, the best leaders aren't the loudest. They're the ones who keep the lights on and the threats out without making headlines. June 5 will tell us whether Plankey gets that chance. America's cyber defense may hang in the balance. If and when he is confirmed, let's work together as an industry to make cybersecurity boring again.
Forbes
22-04-2025
- Business
- Forbes
The Wiretap: Trump's Cybersecurity Agency Avoided A Near Disaster
The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here. getty An essential, constantly-updated database of cybersecurity vulnerabilities almost went offline last week. Run by Mitre, the Common Vulnerabilities and Exposures (CVE) database has become vital to all manner of digital defenders, from those on enterprise IT teams to those keeping tabs on national security threats. It's proven particularly helpful in understanding the severity of a software or hardware flaw, determining whether it's actively being exploited by hackers, and assessing whether a fix is urgently needed. Mitre had warned users that funding for the CVE project, which came via the DHS Cybersecurity and Infrastructure Security Agency (CISA), was going to run out on Wednesday April 16. In a last minute reprieve, though, CISA confirmed it would continue to provide financial backing for it. Inside CISA, staff told Forbes it was a whirligig week where, within 24 hours, the agency had gone from causing a disaster to averting one. 'It would have been devastating for defenders,' said one CISA employee. 'What a mess,' said another. Beyond saying that 'the CVE Program is invaluable to the cyber community and a priority of CISA,' the agency is yet to offer any kind of explanation for the brinksmanship. CISA is currently without a permanent director, with Sean Plankey, Trump's nominee, yet to be approved by Congress. The sooner the agency has some stability, the less likely such snafus come close to causing catastrophic damage to American cybersecurity. Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964. Getty Images Palantir, the $20 billion surveillance company, is upping its work with Immigration Customs Enforcement (ICE) via contracts asking it to build a 'complete target analysis of known populations,' reports 404 Media. A subsequent leak of internal Palantir communications revealed that it's going to be helping locate people in the country illegally, while planning for a backlash externally and internally. Staff have been given guidance on the ethics of working on such large-scale work with an agency like ICE, showing how Palantir is worried about the optics of the contracts. Read the whole story here. Cops across America are starting to utilize AI agents to help spy on social media, according to a Wired and 404 Media report. Among the agents advertised to cops by providers were a fake college protester and a potential child sex trafficking victim. Pedestrian crosswalks were hacked in Seattle last week to have a fake Jeff Bezos start spouting tongue-in-cheek pro-billionaire spiel. 'Please, please don't tax the rich. Otherwise, all the other billionaires will move to Florida too,' it said, referencing the Amazon founder's residency change that saved him an estimated $1 billion. A draft bill currently in the Florida legislature would, if it passed, require social media companies to build backdoors that would allow law enforcement to decrypt messages. Secretary of Defense Pete Hegseth has all but confirmed new reports suggesting he shared sensitive information about U.S. attack plans in Yemen in a second Signal group chat. Forbes 30 Under 30 Europe list was launched last week. One lister was a Ukrainian cybersecurity startup, LetsData. Launched in 2022, it's an AI-driven company that claims it can spot and tackle disinformation campaigns. Michael McMahon, a retired NYPD sergeant turned private detective, has been sentenced to 18 months in prison for his part in harassing and stalking a Chinese expatriate named Xu Jin, who is wanted by his homeland's government. It's alleged McMahon helped his client even though he knew it appeared to be part of a Chinese government plot to get Jin to return to China.
Washington Post
11-03-2025
- Politics
- Washington Post
Cybersecurity executive tapped to lead agency that protects voting systems
President Donald Trump has nominated a cybersecurity executive to lead the agency that works to protect the nation's critical infrastructure, one that has faced Republican criticism in recent years over its involvement in elections. Sean Plankey, who retired from the U.S. Coast Guard in 2023, was nominated Tuesday to lead the U.S. Cybersecurity and Infrastructure Security Agency, known as CISA. He worked in the first Trump administration as a director for cyber policy at the National Security Council and then as a principal deputy assistant secretary at the U.S. Department of Energy.
