GoKawiilChris Krebs at Black Hat USA. Source: Black Hat Events
When Christopher Krebs took the job as the first-ever director of the Department of Homeland Security's brand-new Cybersecurity and Infrastructure Security Agency (CISA) in 2018, he probably had no idea that two years later he would be embroiled in a red-hot political dogfight over US election security — one that continues to simmer to this day.
He was tapped by the Trump Administration to lead CISA after a career at the Department of Homeland Security in various upper-tier roles focusing on cybersecurity. It was a quiet appointment, and by all accounts he went to work carrying out CISA's mission to unite government and the private sector in a shared responsibility to protect critical infrastructure and combat national cybersecurity threats.
"As the inaugural director of CISA, Chris Krebs fundamentally transformed the agency into the nation's primary operational cyber defense hub, establishing the standard for how the public and private sectors must collaborate to prevent and mitigate cyberattacks," says John Gallagher, vice president of Viakoo Labs at Viakoo. "By forming the Sector Coordinating Councils (of which there are now 15), he created an enduring legacy of CISA as an active partner with organizations outside the federal government in protecting critical infrastructure and operational technology (OT)."
His name quickly became kitchen-table recognizable, though, as he oversaw efforts to protect US elections, fight disinformation, and generally ensure trust in the electoral process during the fractious 2020 presidential election cycle. Because shortly after Biden was declared the victor in 2020, Trump doubled down on the idea that the election was "stolen" from him.
CISA officials, in response, said in a statement that 2020 "was the most secure in American history." And Krebs posted from his government Twitter account: "On allegations that election systems were manipulated, 59 election security experts all agree, 'in every case of which we are aware, these claims either have been unsubstantiated or are technically incoherent.'"
After two weeks of public back-and-forth that amounted to obvious infighting within the administration, Trump fired Krebs via tweet, to the surprise of no one, "effective immediately," citing debunked theories about "massive improprieties and fraud" in the vote, as well as unproven "'glitches' in the voting machines."
The director role would remain empty, and CISA leaderless, until Joe Biden took office and appointed Jen Easterly as the next leader of the agency. Krebs meanwhile went on to private-sector roles on advisory boards, consulting gigs, Black Hat keynotes, teaching stints, being a talking head at CBS News, and being Chief Intelligence and Public Policy Officer at SentinelOne. But Trump's memory is long; after taking office the second time, the president revoked Krebs’s security clearance, posted a permanent page on the White House website declaring Krebs a "significant bad-faith actor," and ultimately hounded Krebs into resigning from SentinelOne so he could focus on his legal defense.
As the midterms loom, Trump is floating warnings about election rigging and voter fraud a second time, which gives the once-again-vacant CISA chief position an undeniably Krebsian political halo.
All of this sadly overshadows a career in government cybersecurity that should be remembered for pioneering a holistic vision of how cybersecurity risk spans American life, Gallagher notes.
... continue reading