Trump fires CISA Director Christopher Krebs; Chief of Staff confirms who's next in line

Image courtesy of CISA

President Donald Trump announced late on Tuesday that he had "terminated" Christopher Krebs, who served as the first director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). Trump claimed that Krebs' statement that the 2020 election was one of the most secure was "highly inaccurate."

Shortly after Trump's announcement, Krebs tweeted: "Honored to serve. We did it right. Defend Today, Secure Tomorrow. #Protect2020."

"I'm proud of the work we did at CISA," Krebs told NBC News on Tuesday night. "I'm proud of the teammates I had at CISA. We did it right."

As Director, Krebs oversaw CISA’s efforts to defend civilian networks, manage systemic risk to national critical functions, and work with stakeholders to raise the security baseline of the Nation’s cyber and physical infrastructure.

Krebs joined DHS in March 2017, first serving as Senior Counselor to the Secretary, where he advised DHS leadership on a range of cybersecurity, critical infrastructure, and national resilience issues. Prior to coming to DHS, he was a member of Microsoft’s U.S. Government Affairs team as the Director for Cybersecurity Policy, where he led Microsoft’s U.S. policy work on cybersecurity and technology issues.

Before Microsoft, Krebs advised industry and federal, state, and local government customers on a range of cybersecurity and risk management issues. He had previously served as the Senior Advisor to the Assistant Secretary for Infrastructure Protection and playing a formative role in a number of national and international risk management programs.

Brian Harrell, former Assistant Director at CISA, who currently serves as the Vice President and Chief Security Officer (CSO) at AVANGRID, commented on the news: "Based on experiences from 2016 and 2018, CISA was ready for the worst on Election Day with better mechanisms to share threat information with our state and local officials, law enforcement, and intelligence partners. While we now have citizens better educated on the risks of election influence and dis-information, the professionals at CISA and Chris Krebs deserve a ton of credit for keeping a watchful eye on our nation-state adversaries."

He added, "It’s a shame, that in this Administration, you can be fired for safeguarding the American people and faithfully doing your duties."

POLITICO reported that CISA's Chief of Staff, Emily Early, told employees, “A change in leadership is not a change in mission and it is essential that we do not lose focus on the important work we collectively undertake on behalf of the American people. Fortunately, we have the best workforce in all of government and I know we can count on each of you to continue the excellent work you do every day as we all work together to Defend Today and Secure Tomorrow.”

In her email, Early confirmed that Trump had designated CISA Executive Director Brandon Wales as the agency’s new acting director. Matthew Travis, CISA’s deputy director, would have been next in line, but he submitted his resignation under White House pressure, a person familiar with the matter told POLITICO.

Joseph Carson, chief security scientist and Advisory CISO at Thycotic, a Washington D.C. based provider of privileged access management (PAM) solutions, says, “Christopher Krebs is an exceptional leader who closed the gap between industry and government, bringing security experts together to protect the US from cyberattacks. Governments must have talented leaders like Krebs on the team and in the room to ask tough questions, speak the truth and be transparent with the citizens he serves. The CISA has become an important cybersecurity intelligence source under Krebs leadership and went well beyond the requirements they set. During this time of transition, the loss of an important cybersecurity leader puts the U.S. at risk from cyberattacks and damages the relationship between the industry experts and the government. Krebs was bridging the gap which is now void.”

Heather Paunet, Senior Vice President at Untangle, a San Jose, Calif.-based provider of comprehensive network security for SMBs, notes, “Despite the CISA position being in transit, this announcement once again brings cybersecurity into the media spotlight. We continue to see an increase in malicious attempts this year as cybercriminals continue to take advantage of businesses transitioning to working from home quickly, overloaded hospitals, or school districts implementing distance learning."

Paunet adds, "Bringing cybersecurity to the spotlight again today will hopefully keep it as a focus for all business and organization leaders. As many are closing out the 2020 fiscal year, hopefully this news, in addition to the news of constant cyberattacks, will go a long way as businesses consider their 2021 IT security budgets.”

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.