Latest news with #CISA
Forbes
8 hours ago
- Politics
- Forbes
Sean Plankey, Trump's CISA Pick, Takes Center Stage In Cyber Showdown
Sean Plankey will testify on June 5 as President Trump's nominee to lead the Cybersecurity and ... More Infrastructure Security Agency. His confirmation hearing comes amid heightened cyber threats and political scrutiny of the agency's future. A United States Senate committee will convene Thursday to determine the future of America's top cyber defense agency. Former Coast Guard officer Sean Plankey, President Trump's nominee to lead the Cybersecurity and Infrastructure Security Agency, will testify before the Homeland Security and Governmental Affairs Committee. If confirmed, he won't just inherit a title, he'll inherit an agency in turmoil. From aggressive Chinese cyberattacks to sweeping internal layoffs and a political crossfire threatening its very existence, CISA is at a crossroads. The stakes are high. The threats are real. And the clock is ticking. Plankey is no political unknown. With two decades of military service and senior cyber roles at the Department of Energy and National Security Council, he's built a career at the intersection of infrastructure, intelligence and cybersecurity. He's respected in both public and private sectors, particularly for his expertise in operational technology in systems such as pipelines, power grids and ports. His resume checks all the right boxes. But stepping into the director's chair at CISA means more than credentials. It means navigating one of the most politically charged and strategically vital agencies in the U.S. government. CISA was born in 2018 out of necessity as a rising tide of cyberattacks on America's most vital systems demanded a central agency to defend federal networks and critical infrastructure. Its first director, Chris Krebs, gained national recognition for leading efforts to secure the 2020 election. But after publicly pushing back on claims of election fraud, he was dismissed by President Trump. Under President Biden, Jen Easterly was asked to take a broader approach. She expanded the agency's mission to include ransomware defense, supply chain resilience and public-private coordination. CISA's headcount grew to over 3,400 employees and its budget rose to $3.1 billion, making it a ripe target for political scrutiny and budget cuts. But it was Easterly's push to counter disinformation on social media, especially around elections, that drew the most controversy. Critics saw it as mission creep, arguing that the agency was drifting from its core infrastructure protection role into politically sensitive territory. Easterly defended the initiatives by pointing out that election infrastructure had been officially designated as critical infrastructure following past foreign interference attempts. Following President Trump's return to office in 2025, Easterly stepped down. The timing was notable just as the administration moved to cut CISA's funding and dismantle advisory panels. The administration also laid off hundreds of CISA employees and terminated contracts supporting red team operations and election security. According to reports in The Wall Street Journal and The Register, these moves have raised concerns about the agency's ability to meet its mission at a time when cyber threats from nation-state adversaries are escalating. Now, CISA stands leaderless and politically vulnerable right as America's enemies are stepping up their game. The numbers are telling. The Trump 2025 budget proposal cuts CISA funding by nearly $500 million. Employees have been laid off. Veteran leadership has exited in droves. Cybersecurity professionals both inside and outside the agency are sounding alarms. Meanwhile, China-linked adversaries operating under names like 'Salt Typhoon' and 'Volt Typhoon' have penetrated American telecom networks, exploiting long-ignored vulnerabilities. These are not theoretical threats. They're live intrusions into the infrastructure that powers everything from hospitals to air traffic control. And if that weren't enough, the agency's mandate is under political attack. Senator Rand Paul has floated plans to defund or dissolve CISA altogether, arguing that it has infringed on civil liberties. Department Of Homeland Security secretary Kristi Noem echoed similar criticisms, accusing the agency of silencing conservative voices under the guise of cybersecurity. Despite the turbulence surrounding CISA, Sean Plankey's nomination has drawn an unusually wide and bipartisan base of support. Michael McLaughlin, co-author of Battlefield Cyber, praised Plankey's 'deep commitment to strengthening our national security' and noted his 'firsthand experience' securing critical infrastructure. Tatyana Bolton, along with the Operational Technology Cybersecurity Coalition, endorsed the nomination as well, citing Plankey's cross-sector experience and his ability to bridge public-private divides. A formal letter of support co-signed by the Association of U.S. Cyber Forces, Cyber Threat Alliance, McCrary Institute and others, urged the Senate to confirm him without delay. Mark Montgomery of the Cyberspace Solarium Commission called him 'a great hire' with the 'interagency savvy' required to navigate today's complex threat landscape. Even his predecessor, Easterly, lent her voice: 'Sean will bring great cyber expertise, private sector creds, a warrior spirit and steady leadership to Team CISA.' The loudest opposition comes from Senator Ron Wyden, a Democrat from Oregon, who has placed a hold on the nomination, though his objection is not personal. Wyden is demanding the public release of an unclassified 2022 report that allegedly outlines years of cybersecurity negligence by major U.S. telecom companies. He accuses CISA of suppressing the report to avoid exposing systemic vulnerabilities. Wyden argues the document is essential to understanding how Chinese threat actors gained a foothold in U.S. infrastructure and insists that Plankey's confirmation should be delayed until the full facts are made public. While his move may not target Plankey directly, it could stall the confirmation process. Despite the hold, Plankey's chances remain strong. With Republican backing and industry support, a pathway to confirmation exists. But it may require compromise either through redactions or supplemental briefings to appease Wyden's demands. The June 5 hearing will be a pivotal moment. If Plankey performs well, momentum may shift toward a swift vote. If confirmed, Plankey must move quickly and decisively. His top priorities should include: Plankey didn't create the challenges facing CISA but if confirmed, he'll be tasked with stabilizing an agency under immense pressure. He brings the right combination of credentials, bipartisan support and mission clarity. But success will require more than technical know-how. It will take political finesse, steady leadership and a return to disciplined, quiet execution. In cybersecurity, the best leaders aren't the loudest. They're the ones who keep the lights on and the threats out without making headlines. June 5 will tell us whether Plankey gets that chance. America's cyber defense may hang in the balance. If and when he is confirmed, let's work together as an industry to make cybersecurity boring again.
Axios
2 days ago
- Business
- Axios
SentinelOne says services restored after hours-long outage
SentinelOne says its services have been restored following an hours-long outage today that took down its commercial customer consoles — the interface security teams use to monitor and manage protections across their networks. Why it matters: Without console access, teams were effectively flying blind — unable to view threat telemetry, assess incidents in progress, or take manual response actions. Yes, but: While security teams didn't have visibility, the products continued working in the background to block malicious activity. Security teams just couldn't see what was being blocked or flagged during the outage. The intrigue: One of SentinelOne's biggest competitors — CrowdStrike — suffered a major global outage last summer that knocked about 8.5 million Windows devices offline. SentinelOne has not yet disclosed the root cause of Thursday's outage, but said its early internal data suggests it was not caused by a malicious cyberattack. "We apologize for the inconvenience," the company wrote in a blog post Thursday during the outages. Driving the news: The outage came just one day after SentinelOne lowered its 2026 earnings forecast and missed expectations for quarterly annual recurring revenue in its latest earnings report. The company has also been in the spotlight in Washington this year after President Trump signed a memo calling for an investigation into former CISA Director Chris Krebs, who at the time was a top executive at SentinelOne. The big picture: SentinelOne is a publicly traded cybersecurity company that uses artificial intelligence to detect, prevent and respond to malicious activity across a company's devices, like a laptop or server.
Business Wire
2 days ago
- Business
- Business Wire
ISACA's CISM Named Best Professional Certification Program in 2025 SC Awards
SCHAUMBURG, Ill.--(BUSINESS WIRE)--ISACA is proud to announce that its Certified Information Security Manager (CISM) certification was named Best Professional Certification Program by the 2025 SC Awards. The SC Awards recognize outstanding innovations, organizations and leaders that are advancing the practice of information security. The awards are evaluated by a panel of CISOs, cybersecurity practitioners, and industry experts representing a wide range of sectors. ISACA's CISM named Best Professional Certification Program in 2025 SC Awards Share 'We are honored that SC Media has recognized CISM with this award,' said Kirsten Lora, Vice President of Product Management at ISACA. 'This recognition highlights the vital role CISM plays in advancing information security careers and underscores ISACA's long-standing commitment to building a skilled, future-ready workforce that champions trust and innovation in technology.' CISM was recognized for its pivotal role in preparing cybersecurity professionals for leadership in an increasingly complex threat landscape. CISM has been earned by more than 100,000 professionals since its inception in 2002. Last year, CISM became approved for use with the U.S. Department of Defense DoD Manual 8140.03 Cyberspace Workforce Qualification and Management Program. ISACA's Certified Information Systems Auditor (CISA) certification was named a finalist for the same award. Both CISM and CISA were recently included in Skillsoft's list of the top-paying IT certifications, along with three additional ISACA credentials. This year, ISACA will be releasing a new security certification, Advanced in AI Security Management (AAISM), a first-of-its-kind credential that can be earned by professionals who hold a CISM or CISSP certification. A similar certification for auditors— Advanced in AI Audit (AAIA) —launched in May. Learn more about CISM at More information about ISACA's other credentials can be found at About ISACA ISACA ® ( champions the global workforce advancing trust in technology. For more than 55 years, ISACA has empowered its community of 185,000+ members with the knowledge, credentials, training and network they need to thrive in fields like information security, governance, assurance, risk management, data privacy and emerging tech. With a presence in more than 190 countries and with nearly 230 chapters worldwide, ISACA offers resources tailored to every stage of members' careers—helping them to thrive in a rapidly changing digital landscape, drive trusted innovation and ensure a more secure digital world.
Yahoo
2 days ago
- Business
- Yahoo
ISACA's CISM Named Best Professional Certification Program in 2025 SC Awards
CISM has been earned by more than 100,000 information security professionals since inception SCHAUMBURG, Ill., May 29, 2025--(BUSINESS WIRE)--ISACA is proud to announce that its Certified Information Security Manager (CISM) certification was named Best Professional Certification Program by the 2025 SC Awards. The SC Awards recognize outstanding innovations, organizations and leaders that are advancing the practice of information security. The awards are evaluated by a panel of CISOs, cybersecurity practitioners, and industry experts representing a wide range of sectors. "We are honored that SC Media has recognized CISM with this award," said Kirsten Lora, Vice President of Product Management at ISACA. "This recognition highlights the vital role CISM plays in advancing information security careers and underscores ISACA's long-standing commitment to building a skilled, future-ready workforce that champions trust and innovation in technology." CISM was recognized for its pivotal role in preparing cybersecurity professionals for leadership in an increasingly complex threat landscape. CISM has been earned by more than 100,000 professionals since its inception in 2002. Last year, CISM became approved for use with the U.S. Department of Defense DoD Manual 8140.03 Cyberspace Workforce Qualification and Management Program. ISACA's Certified Information Systems Auditor (CISA) certification was named a finalist for the same award. Both CISM and CISA were recently included in Skillsoft's list of the top-paying IT certifications, along with three additional ISACA credentials. This year, ISACA will be releasing a new security certification, Advanced in AI Security Management (AAISM), a first-of-its-kind credential that can be earned by professionals who hold a CISM or CISSP certification. A similar certification for auditors—Advanced in AI Audit (AAIA)—launched in May. Learn more about CISM at More information about ISACA's other credentials can be found at About ISACA ISACA® ( champions the global workforce advancing trust in technology. For more than 55 years, ISACA has empowered its community of 185,000+ members with the knowledge, credentials, training and network they need to thrive in fields like information security, governance, assurance, risk management, data privacy and emerging tech. With a presence in more than 190 countries and with nearly 230 chapters worldwide, ISACA offers resources tailored to every stage of members' careers—helping them to thrive in a rapidly changing digital landscape, drive trusted innovation and ensure a more secure digital world. View source version on Contacts communications@ Emily Ayala, +1.847.385.7223 Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Associated Press
3 days ago
- Business
- Associated Press
As Congress Meets Cyber Experts in Silicon Valley, Centraleyes Delivers a Platform for Efficiency and Collaboration
At Stanford, lawmakers and tech leaders weigh upstream accountability, smarter compliance, and the future of cyber threat sharing. 'While policy shifts are debated in Washington and beyond, we see organizations already moving toward smarter and more connected risk management.'— Yair Solow NEW YORK, NY, UNITED STATES, May 28, 2025 / / -- On May 28, the House Homeland Security Committee will hold a field hearing at Stanford University's Hoover Institution, bringing together lawmakers and leading voices from companies like Google Cloud and Palo Alto Networks to examine the future of U.S. cybersecurity. One key question on the table: how can we 'flip the economic model' of cybersecurity? That phrase, now circulating in D.C. and industry circles, reflects a growing call to rethink how responsibility is shared. The idea is to shift more responsibility upstream to those who build and deploy digital infrastructure. In legacy models, end users absorb the bulk of the operational and financial risk. But that imbalance is drawing fresh scrutiny. And it's not just about who pays for security. It's about how information flows and how responsibility is distributed across the cybersecurity lifecycle. Which is why this hearing couldn't come at a more pivotal moment. Congress is also considering whether to renew the Cybersecurity Information Sharing Act (CISA), a 2015 law that allows private companies and government agencies to share cyber threat intelligence without legal risk. Without it, that flow of information could dry up right when we need it most. The hearing's bipartisan panel includes Chair Mark Green (R-TN) and Rep. Bennie Thompson (D-MS). Experts from Google Cloud, Palo Alto Networks, and Stanford will be in the conversation as well. Expected themes include stronger alignment between regulators and innovators, regulatory streamlining, and secure modernization of public systems. The Centraleyes AI-powered GRC platform reflects this market evolution. It enables public and private organizations to: - Map and track regulatory frameworks in real-time. - Identify and quantify risks using autonomous AI-driven registers. - Automate remediation workflows across internal teams and external vendors - Share risk insights and evidence across frameworks, regions, and reporting bodies A shift is underway in how cybersecurity is being governed, implemented, and understood. No longer confined to IT departments or regulatory checklists, cybersecurity is becoming a matter of national resilience. As regulatory expectations evolve and cyber threats grow more complex, both government and industry are being challenged to rethink the foundations of collaboration. About Centraleyes Centraleyes provides the underlying infrastructure organizations need to manage cybersecurity risk and compliance in a more connected, accountable ecosystem. As the focus shifts toward upstream responsibility and smarter regulation, the platform supports this transition with tools for real-time risk visibility, regulatory tracking, and cross-team coordination. It's used by public and private sector teams to keep pace with evolving standards and to build security programs that are both agile and auditable. The company's approach reflects a broader industry trend: less complexity, more automation, and better collaboration between the systems and people responsible for security. Jacob Zakay Centraleyes email us here Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
