COMMENTARY: SAN FRANCISCO — The nation has undertaken a dangerous dismantling of the Cybersecurity and Infrastructure Security Agency (CISA), undermining America's cybersecurity at a critical time when our cyber defenses are most needed.
Homeland Security Secretary Kristi Noem presented a
keynote at the RSAC on Tuesday to call for a realignment of CISA, sharply criticizing the agency’s past work.
[
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
Noem’s message at
RSAC was crafted to put our cyber defense concerns to rest. Instead, it has amplified our collective fears and provoked a dialog that we must continue despite the pervasive fear of reprisals that most organizations and executives have about speaking out in disagreement.
How did we get here?
Technology is a weapon, AI is a weapon, and we live in a world with very powerful enemies. In this modern era, where cyber threats are as perilous as physical attacks, the Trump administration’s decision to weaken CISA should alarm every U.S. citizen.
Actions by this administration,
including significant staff reductions, with more planned, and the elimination of important cybersecurity and cyber defense programs, will undeniably leave the nation more vulnerable to escalating cyberattacks from adversaries, including China, Russia, and North Korea. These are enemies that have already stolen trillions of dollars worth of intellectual property and financial assets. And these are not hypothetical threats we are speculating about: they are verified damages that have already been inflicted on the U.S. and will expand, and at a much faster rate with fewer defenses.
National defense should not be a political pawn
The politicization of CISA's functions will lead this nation to detrimental consequences. Former CISA Director Chris Krebs, whose organization was instrumental in safeguarding the 2020 elections among other priorities,
faced investigations, had his security clearance revoked, and had his private sector employment attacked as retribution for publicly contradicting unsubstantiated claims of election fraud. The man was simply doing his job. This is unprecedented in American history and sends a chilling message to cybersecurity professionals and erodes the integrity of agencies tasked with protecting the nation.
Today’s geopolitical climate is fraught with increasing tension, not only from escalating cyberattacks like the Russian state-sponsored breach of
American email systems, but also from mounting trade wars and a resurgence in territorial conflicts across the globe. As nations compete for technology supremacy and contest disputed regions, the digital domain has become both a weapon and a battlefield.
Diminishing CISA's resources leaves us increasingly less protected and more vulnerable to cyberattacks, and it handicaps our national defense in a world where economic warfare, land disputes, and cyberattacks are increasingly intertwined. Now’s the worst possible moment to weaken the agency that stands at the intersection of these threats.
The argument that we must weaken CISA because the savings are just too attractive to pass up strikes me as a specious one that ignores what economists call negative externalities. The hundreds of millions of dollars of savings possible from slashing CISA’s staff and programs will result in downstream losses in the billions of dollars.
Modern warfare has become just as reliant on cyber warfare as the physical. Those with a knowledge of the history of global conflict understand that the winners in global conflict have consistently had a technological advantage, be it in weapons, code breaking, and other areas. A strategy based on gutting the nation’s cyber defenses and relegating this to the states makes as much sense as disbanding the nation’s military and returning this responsibility to the states and the private sector.
What could go wrong?
John Gunn, chief executive officer, TokenSC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
