A return to cyber security tasks

Kristi Noem is ready to shake up the country’s cyber defense agency. In his Senate confirmation hearing on January 17, 2025, the South Dakota governor outlined a bold vision for the Cybersecurity and Infrastructure Security Agency. She promised to strip away its controversial ventures into political disinformation and election interference and refocus it on its technical cybersecurity roots. But as the Biden administration’s last-minute executive order expands CISA’s mission, the question arises: Will Noem’s changes strengthen America’s defenses — or expose critical vulnerabilities during this transition?

CISA’s Mission: A Technical Cybersecurity Powerhouse

CISA was created in 2018 during President Trump’s first term to address escalating cyber threats against critical US infrastructure. Its original mission was clear: to act as a technical hub to secure the power grid, water supplies and other vital systems, while providing expertise to federal, state and private partners.

CISA quickly became indispensable and excelled in highly technical areas such as:

• Malware Analysis: Neutralization of viruses, ransomware and Trojans.
• SQL Injection Mitigation: Protecting databases from malicious code designed to steal sensitive data.
• Vulnerability scanning: Identifying vulnerabilities across critical infrastructure.
• Incident response: Deploying expert teams to recover from cyber attacks.
• Network Forensics: Tracking and Attributing Digital Threats.

Over the past four years, CISA has also tackled new challenges with remarkable success:

• Ransomware mitigation: Leading initiatives like the Ransomware Vulnerability Warning Pilot that identifies thousands of vulnerabilities.
• Federal Cyber ​​Security Standards: Improving defenses following the devastating SolarWinds attack under Executive Order 14028.
• AI security measures: Development of protocols for securing artificial intelligence integration in critical systems under executive order 14110.
• National Cyber ​​Security Strategy: Working with the private sector to address persistent threats.

But as CISA’s role expanded to include disinformation and election interference, its focus began to blur.

Noem’s plan: Back to basics

Noem’s vision for CISA is simple: return to core competencies and avoid politically charged controversies. She suggests a streamlined focus on:

• Defense of critical infrastructure: Securing essential systems such as electricity grids, water networks and transport.
• Provision of technical expertise: Serves as a cybersecurity consultant for federal agencies and private companies.
• Coordination of cyber policy: Communicating actionable threat intelligence and best practices to stakeholders.

“Determining what is or is not election interference is not CISA’s mission, nor is it their expertise,” Noem said at his hearing. She has argued that functions such as countering disinformation should be handled by agencies such as the Federal Bureau of Investigation and the Central Intelligence Agency, which are better equipped for such roles.

Her plan also aligns with broader government efficiency initiatives under the Department of Governmental Efficiency, better known as DOGE, led by Elon Musk and Vivek Ramaswamy. In this climate, eliminating non-core functions such as misinformation enforcement can streamline CISA while protecting it from potential budget cuts.

However, critics warn that this reset could create dangerous gaps. Hybrid threats such as state-sponsored propaganda and extremist recruitment by groups such as ISIS and Al-Qaeda require a coordinated response. Removing CISA from that equation, they argue, could weaken the nation’s ability to counter these digital threats.

Biden’s Last-Minute EO Move: A Test for Trump and Noem

Adding to the tension is President Biden’s latest executive order, issued just days before his term ends. This order expands CISA’s responsibilities to include combating misinformation and assessing the risks associated with new technologies.

How Noem and the incoming Trump administration will handle this executive order remains to be seen. Will they change it to match Noah’s vision, scrap it entirely, or find a middle ground? The decision may significantly affect CISA’s role in shaping the country’s cyber security strategy going forward.

Terror threats loom: Will the US be ready?

The urgency of this debate is underscored by FBI Director Christopher Wray’s recent warning about the rapid radicalization of terrorists, both foreign and domestic. These actors utilize digital platforms to recruit, incite violence and plan attacks, as evidenced by the New Year’s Eve attack in New Orleans.

While Noem argues that such threats are best handled by intelligence and law enforcement agencies, some worry that removing CISA from disinformation surveillance could leave critical gaps in the nation’s defenses. The question is whether a leaner, more technically focused CISA will be able to work effectively with the FBI, CIA and other agencies to address these evolving threats.

A new chapter for CISA

Kristi Noem’s leadership at the Department of Homeland Security is poised to reshape CISA. With the rumored appointment of Sean Plankey as CISA’s next director, the agency is expected to reflect Trump-era priorities with technical focus and streamlined operations.

But Noem faces significant challenges. Balancing her vision with the expanded responsibilities outlined in Biden’s executive order will require careful navigation. Furthermore, the growing threat of hybrid warfare—where cyberattacks merge with propaganda and extremist activity—requires a nuanced strategy that ensures no gaps are left in the federal response.

CISA’s transformation under Noem’s guidance will shape the nation’s cyber security strategy for years to come. Whether her plan strengthens US defenses or leaves vulnerabilities for adversaries to exploit remains to be seen. One thing is certain: the stakes have never been higher in the increasingly digital battlefield of national security.