A return to cyber security duties

Kristi Noem is ready to shake up the nation’s cyber defense agency. At her Senate confirmation hearing on January 17, 2025, the Governor of South Dakota outlined a bold vision for the Cybersecurity and Infrastructure Security Agency. It vowed to shed its controversial ventures into political disinformation and election meddling, refocusing it on its technical cybersecurity roots. But as the Biden administration’s last-minute executive order expands CISA’s mission, the question arises: Will Noem’s changes strengthen America’s defenses — or expose critical weaknesses during this transition?

CISA’s mission: A powerhouse for technical cybersecurity

CISA was created in 2018 during President Trump’s first term to address growing cyber threats to US critical infrastructure. Its original mission was clear: to act as a technical hub to secure power grids, water supplies and other vital systems, providing expertise to federal, state and private partners.

CISA quickly became indispensable, excelling in highly technical areas such as:

• Malware analysis: Neutralization of viruses, ransomware and trojans.
• SQL injection mitigation: Protecting databases from malicious code designed to steal sensitive data.
• Vulnerability scanning: Identifying vulnerabilities in critical infrastructure.
• Incident response: Deploying expert teams to recover from cyber attacks.
• Network forensics: Tracking and Attributing Digital Threats.

Over the past four years, CISA has also tackled new challenges with notable success:

• Ransomware Mitigation: Leading initiatives like the Ransomware Vulnerability Alert Pilot, identifying thousands of vulnerabilities.
• Federal Cyber ​​Security Standards: Enhancing defenses after devastating SolarWinds attack under Executive Order 14028.
• AI safeguards: Development of protocols to ensure the integration of artificial intelligence into critical systems under Executive Order 14110.
• National Cyber ​​Security Strategy: Partnering with the private sector to address ongoing threats.

But as CISA’s role expanded to include disinformation and election interference, its focus began to blur.

Noem’s plan: Back to basics

Noem’s vision for CISA is simple: return to core powers and avoid politically charged controversy. It proposes a simple focus on:

• Protection of Critical Infrastructure: Provision of essential systems such as energy networks, water networks and transport.
• Provision of Technical Expertise: Acting as a cybersecurity consultant for federal agencies and private companies.
• Cyber ​​Policy Coordination: Dissemination of threat intelligence and best practices to stakeholders.

“Determining what is or is not election interference is not CISA’s mission, nor their expertise,” Noem said during her hearing. She has argued that functions such as combating disinformation should be handled by agencies such as the Federal Bureau of Investigation and the Central Bureau of Investigation. Intelligence Agency, which are better equipped for such roles.

Her plan also aligns with broader government efficiency initiatives under the Department of Government Efficiency, better known as DOGE, led by Elon Musk and Vivek Ramaswamy. In this climate, eliminating non-core functions such as disinformation surveillance could streamline CISA while protecting it from potential budget cuts.

However, critics warn that this reset could create dangerous loopholes. Hybrid threats such as state-sponsored propaganda and extremist recruitment by groups such as ISIS and Al-Qaeda require a coordinated response. Removing CISA from the equation, they argue, could weaken the country’s ability to counter these digital threats.

Biden’s last-minute EO move: A test for Trump and Noem

Adding to the tension is President Biden’s latest executive order, issued just days before the end of his term. This order expands CISA’s responsibilities to include combating disinformation and assessing the risks associated with emerging technologies.

How Noem and the incoming Trump administration handle this executive order remains to be seen. Will they modify it to fit Noah’s vision, scrap it altogether, or find a middle ground? The decision could significantly impact CISA’s role in shaping the nation’s cybersecurity strategy moving forward.

Terrorist threats loom: Will the US be ready?

The urgency of this debate is underscored by FBI Director Christopher Wray’s recent warning about the rapid radicalization of terrorists, both foreign and domestic. These actors are using digital platforms to recruit, incite violence and plan attacks, as evidenced by the New Year’s Eve attack in New Orleans.

While Noem argues that such threats are best handled by intelligence and law enforcement agencies, some worry that stripping CISA of disinformation oversight could leave critical gaps in the country’s defenses. The question is whether a leaner, more technically focused CISA will be able to work effectively with the FBI, CIA and other agencies to counter these evolving threats.

A new chapter for CISA

Kristi Noem’s leadership at the Department of Homeland Security is poised to reshape CISA. With the rumored appointment of Sean Plankey as the next director of CISA, the agency is expected to reflect the Trump era’s priorities of technical focus and streamlined operations.

But Noem faces significant challenges. Balancing her vision with the expanded responsibilities outlined in Biden’s executive order will require careful navigation. Additionally, the growing threat of hybrid warfare—where cyberattacks merge with extremist propaganda and activity—requires a nuanced strategy that ensures no gaps are left in the federal response.

CISA’s transformation under Noem’s leadership will shape the nation’s cybersecurity strategy for years to come. Whether her plan strengthens America’s defenses or leaves weaknesses for adversaries to exploit remains to be seen. One thing is certain: the stakes have never been higher on the increasingly digital battlefield of national security.