SAN FRANCISCO — Homeland Security Secretary Kristi Noem told a crowd of hundreds of cybersecurity practitioners Tuesday that, despite headlines about significant cuts being levied against the Cybersecurity and Infrastructure Security Agency, the cyber community should look forward to new changes that will make the nation’s cyber defense agency more robust.
“I know the press has covered the role of Homeland Security and what we have done in CISA — as far as some of the reforms and efficiencies and some of the initiatives and task forces and advisory councils that were changing — as a bad thing,” she said in a speech at the RSAC Conference in San Francisco, California, adding she would “encourage” the cyber community to “just wait” to “see what we’re able to do, that there are reforms going on that’s going to be much more responsive.”
Several recent CISA efforts have sought to reduce the agency’s workforce, in addition to dissolving the Critical Infrastructure Partnership Advisory Council and other bodies like the Cyber Safety Review Board. The moves have been widely criticized by former officials.
“Instead of just talking about cybersecurity, we’re going to do it,” she said, adding that her staff are conducting a broad reassessment of the office with the aim of getting it back on mission and away from work focused on tapering false information online.
CISA has drawn vast criticism from both President Donald Trump and other members of the GOP for its past efforts to combat mis- and disinformation posted about the 2020 election, COVID-19 and other flashpoint issues on social media. Its former director, Chris Krebs, is still an active target of the Trump administration after Krebs in 2020 defied baseless claims that the election that year was rigged against the president.
Legal challenges, raised in 2023, argued that the government’s role in flagging posts deemed misleading or false resulted in the suppression of politically conservative viewpoints. That viewpoint has prevailed in Trump’s second term, where Noem has vowed to curtail the size and scope of CISA.
More cyber-focused priorities will be outlined in the coming days in Trump’s federal budget proposals, Noem said. Around $10 million has already been “saved” from activities cut within the cyber agency, she noted.
She also told the conference audience that DHS will demand more secure products that have baseline security baked into them by default, in a nod to earlier CISA Secure by Design efforts. How that plays out is not entirely clear, as two senior CISA advisors who helped lead the agency’s Secure by Design initiative resigned last week.
Hundreds of staff at CISA were notified recently that the agency discontinued one cybersecurity threat hunting tool and is preparing to retire another, Nextgov/FCW reported earlier this month. In February, CISA employees focused on countering disinformation, misinformation and related influence operations were recently put on administrative leave.
The cybersecurity industry was also sent into a tailspin in April after an internal memo from MITRE leaked on social media indicating that CISA would no longer support its flagship CVE Program, used worldwide to track and catalog cybersecurity vulnerabilities. Hours later, CISA reversed course and extended the contract by about 11 months.
“I would ask all of you to not just think about what we haven’t done well in the past, but give us a vision for ways that you think that we can be much more efficient and accountable to the people in this country,” she told the audience.
