When the Heritage Foundation’s nearly 1,000-page Project 2025 report was published earlier this year, cybersecurity experts focused on its radical suggestion to drastically diminish the Cybersecurity and Infrastructure Security Agency (CISA) and other reimagining of cybersecurity policy. But despite the buzz the report has caused in Washington cybersecurity circles, interviews with five former senior Trump administration officials demonstrate a much more moderate vision for cyber if he wins a second term. BTW - Trump claims he knows nothing about Project 2025.
Five cyber security experts recently reported that they would be open to serving again and said they foresee several changes at CISA, if Trump is reelected, but believe gutting it is likely not part of the playbook. Other priorities cited include filling cyber gaps at the Department of Energy (DOE), creating more business-friendly cyber policies, implementing a Cyber Force and more. Most of those interviewed portrayed the Trump administration as faster moving than Biden’s and as having a more muscular national security approach than what the current administration has shown. All of them said Trump has personally invested a lot of thought and time in cybersecurity policy. “For all the misinformation and disinformation on President Trump’s goals, our cybersecurity positions are not radical,” said Sean Plankey, the former top cyber official at the Department of Energy under Trump. “Use cyberspace operations strategically and tactically to achieve US national security goals. This is how you effectively protect the interests of America and if this is radical then the disinformation campaign has won,” Plankey added.[1]
Nick Andersen - “[CISA] grew so fast, and it grew so large, that it kind of became like Mikey in those old cereal commercials. ‘Give it to Mikey, Mikey will eat anything,’ all the random problems got dumped on CISA… So many of the things they have done have resulted in absolutely nothing the last couple of years.” Playing offense - “We understand we need to not just be a defensive player, but offensive players as well. Something significant is going to happen in the next couple years. [Going on offense] is going to involve raising the bar, raising the standard with our critical infrastructure providers and the owner operators. But it's also going to mean engaging with technology service providers to have honest conversations about what our vulnerabilities are.”
Anderson on a faster pace - “Irrespective of the policy area, I think there was a lot of ‘Trump is bad, therefore the administration was bad, therefore their policies are all bad. Let's toss everything and start over’ [inside the Biden administration]. [Under Trump] there was no patience whatsoever for somebody who was not going to be 100% committed to both operationally accomplishing the day to day that had to happen and also moving forward on significant, big priority issues that were strategic in nature, like addressing IaaS identity verification to make sure malicious cyber actors couldn't take advantage of US cloud providers. If you allow the bureaucracy to take its time to examine the problem, it will working group itself to death.” [Referring to the fact that it took the Biden administration nearly two years to appoint an Assistant Secretary of Defense for Cyber, a new position].
Brian Harrell - Making cyber policy work for CISOs. “2.0 is going to be very focused on reducing regulation, removing a lot of the burdens that you see on the private sector… I don't get a sense from talking with my private sector friends, other CSOs and CISOs, that [industrial controls and operational technologies] have been given the needed emphasis in the current administration.” More threat vulnerability detection - [Trump will] “likely emphasize threat vulnerability detection. Having a better capability to detect threats in real time or near real time will go a long, long way. I think that comes in the form of sensors and real, timely, actionable intelligence for CISOs to go out and reduce risk with. On threat detection response capabilities, enhancing some of that coordination between state and local governments is obviously important. Greater initiatives aimed at industrial control systems [ICS]. I can tell you, from an energy sector perspective, it's ICS, it's operational technologies. These are truly the crown jewels of critical infrastructure. So we really need to, under a 2.0, focus on industrial control systems, period.”
Harrel on a more focused CISA - “I'm less worried about headcount and more focused on providing value to the private sector… I'm looking to see something that is more tailored to all 16 critical infrastructure sectors. Right now, it's all very 80,000-foot. Rather than the shotgun approach of pushing out a bunch of different items per day and littering everyone's inbox, [CISA] should be more thoughtful in terms of the value that they're bringing."
The Office of the National Cyber Director cutting regulations - “ONCD’s role in a Trump 2.0 White House will be… reducing burdensome regulation in the cyber landscape. Industry feels like they are regulated three ways to Sunday. ”
Mike Klipstein- On the CISA/ONCD dynamic. “I think ONCD needs to be in charge. CISA needs to be radically reformed so it has more technical people inside as opposed to people who have nothing but a policy background. There are risk management sector agencies for a reason. CISA is not the one stop shop for everything, for everyone, and it has started to become that way, especially under this administration.” What’s wrong with the national cyber strategy - “It told industry what they should do, but industry is not beholden to the federal government for most purposes, unless you put a regulation behind it and an enforcer. The strategy produced by ONCD should have focused on the actions the federal government can actually take to improve the [cyber] conditions for the nation, both the public and industry… harmonizing regulations because there are a lot of duplicative and contradictory regulations out there.”
Klipstein on confronting adversaries - “The Trump administration was very much about offsetting China, Russia, Iran and North Korea. I think that would double down [in a second administration].” He adds that a DoD Cyber Force is needed. “Looking at the military services right now, it's a very duplicative effort in some ways and at the same time, it's very disjointed … If there's one service, you can have one standard of training across everyone. The Army and Marine Corps are the only services with full spectrum cyberspace operations career fields and not one-off roles or military occupational specialties that are focused on building, operating and maintaining networks. It's one of the big issues. We broke it down as far as personnel, training and equipping one common chute across the board instead of having each service trying to do their own thing.”
Lucian Niemeyer - The emphasis on cybersecurity in Trump’s platform. “The fact that there is a clear line [in the Republican platform] on the need to protect our critical infrastructure from cyberattacks is perfect. Trump had a personal hand in that. He cut [the platform] down and the fact that he left that in there is good for our country.” The private sector can’t lead the cyber fight [alone]. “We should use national security resources, particularly with US CYBERCOM, to deploy capabilities to protect our homeland’s critical infrastructure alongside our critical infrastructure owners. That would require changes to statute or other some type of national action … but we need to start having that conversation. General Nakasone in his final Congressional testimony gave praise to the private sector for discovering the Volt Typhoon attacks. To me, that's just an abdication of our responsibility to protect our citizens and our homeland… We have to ask ourselves — are we comfortable with the private sector critical infrastructure owners being the first line of defense against nation state cyber attacks?”
Sean Plankey - Trump’s focus on cybersecurity. “The President was definitely supportive of cybersecurity issues. We did receive a good amount of airtime. Know Your Customer [a push to force cloud companies to do more to identify their buyers] was an extremely complicated and difficult issue, but it needed to be done. It was the leading source of nation state attacks… It's Trump’s signature [on the executive order]. I think that under President Trump we will see more pointed measures at our adversaries, where there's more delineation between competitive nations versus adversarial ones.”
Plankey on reciprocity - “The other thing that was big was reciprocity. That seems to be somewhat, I would argue, abandoned [now] and the next [Trump] administration will I'm sure bring it back. Just like [Trump] did for NATO. ‘Hey, you’ve got to pay your fair share of defense spending.’ We're not going to let China have unrestricted access to our internet, US critical infrastructure, while they subsequently ban our companies from access.”
The corrupted supply chain - “We didn't buy tanks from the Germans during World War II. So why do we think we can buy critical infrastructure from the Chinese? I can imagine a Trump administration would take a focused look at further security for the American supply chain. The US government could do more assessments of critical infrastructure for transformers in the energy sector, for cars, trucks, bridges, trains and airplanes.”
Restoring the Energy Department’s top cyber official - “They don’t have a Senate confirmed Assistant Secretary in CESER [the Cybersecurity, Energy Security and Emergency Response Office at the Energy Department], which is supposed to be the cybersecurity and physical security arm for energy … so oil and gas, power generation, transmission, distribution. It just demonstrates that the current administration isn't as serious on cyber as the previous administration.”
Time will tell who wins the US Presidential elections. Cyber Security direction hangs in the balance.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424
[1] https://therecord.media/former-trump-cyber-officials-on-what-a-second-term-would-mean/
Comments