People should be ‘outraged’ by efforts to shrink federal cyber teams, former CISA head says

SAN FRANCISCO — Chris Krebs, the former Cybersecurity and Infrastructure Security director who defied President Donald Trump’s baseless claims of election fraud in 2020 and was subsequently fired, said on Monday that the cybersecurity community should be outraged at changes the second Trump administration is making to cybersecurity staff in the federal government.

“Cybersecurity is national security. We all know that, right? That's why we’re here,” he said while speaking to a room of security practitioners on a panel at the RSAC Conference in San Francisco, California. 

“That’s why we get up every morning and do our jobs. We are protecting everyone out there. And right now, to see what’s happening to the cybersecurity community inside the federal government, we should be outraged, absolutely outraged,” he added, which was met with applause across the room.

Trump’s second term is redefining federal cybersecurity, with leadership shakeups and budget cuts raising alarms about weakened defenses and growing foreign threats, even in core security agencies like CISA and other national intelligence offices. The NSA has recently seen major leadership changes that many fear will lead to the signals intelligence titan becoming more politicized.

Krebs empathized with the White House’s goals to streamline the size of government but said “when you’ve got Volt Typhoon, Salt Typhoon, Flax Typhoon, whatever, every day, knocking on our door — we are not moving forward.” He was referring to Chinese government-tied hacking units that have accessed a range of U.S. critical infrastructure, including telecom networks and government facilities.

“We have to continue moving forward. We need more Cyber Command warfighters. We need more folks in the NSA collecting intel. We need more frontline defenders, threat hunters, red teamers, folks that are just doing [system administration], the basics,” he said. 

“We need more of that, not less. So, that’s my pitch: Make CISA great again.” He was met with more applause.

Krebs is still vilified by the Trump administration. The president signed an executive order earlier this month calling for the Justice Department to investigate the former top cyber official and directing the head of every relevant federal agency to revoke his security clearance. 

The directive also suspended any active security clearance held by individuals at entities associated with Krebs, including at SentinelOne, where he recently resigned as the firm’s chief intelligence and public policy officer to more freely fight pressures from the Trump administration.

The Electronic Frontier Foundation on Monday released a letter with dozens of signatories demanding the president stop pursuing action against Krebs.

CISA has drawn vast criticism from both Trump and other members of the GOP for its past efforts to combat mis- and disinformation posted about the 2020 election, COVID-19 and other flashpoint issues on social media.

Conservative legal challenges argued that the government’s role in flagging posts deemed misleading or false resulted in the suppression of politically conservative viewpoints. That dynamic has continued into Trump’s second administration, where Homeland Security Secretary Kristi Noem has vowed to curtail the size and scope of CISA.

Two senior CISA advisors who helped lead the agency’s Secure by Design initiative resigned last week. Hundreds of staff at CISA were notified recently that the agency discontinued one cybersecurity threat hunting tool and is preparing to retire another, Nextgov/FCW reported earlier this month.

The cybersecurity industry was also sent into a tailspin in April after an internal memo from MITRE leaked on social media indicating that CISA would no longer support its flagship CVE Program, used worldwide to track and catalog cybersecurity vulnerabilities. Hours later, CISA reversed course and extended the contract by about 11 months.