Sean Cairncross, President Donald Trump’s nominee to serve as national cyber director, doubled down on taking offensive cyber actions against foreign adversaries during a Senate homeland security committee nomination hearing on Thursday, and refused to condemn the president’s proposed cuts to the main US cyber defense agency.
Cairncross is a former White House advisor from Trump’s first term and a former Republican National Committee official. Despite limited cybersecurity experience, he has been widely endorsed by several former national security advisors and private-sector security executives.
“These [cyber] attacks are increasing,” Cairncross told lawmakers as he advocated for offensive action. “They’re becoming more sophisticated, and they’re scaling up. Our enemies do not see a cost in engaging in this behavior, and so they impose strategic dilemmas on us … it’s time that we impose those dilemmas on them.”
It’s no secret that the US has offensive-cyber weapons at its disposal, but it’s rare for government officials to talk about using these types of operations against adversaries. This seems to have changed following the Chinese cyberattacks over the past couple of years.
Senators also grilled Cairncross over the proposed budget cuts to the Cybersecurity and Infrastructure Security Agency (CISA). Last week, the administration released its Fiscal Year 2026 budget proposal for CISA [PFD], which would slash about $495 million in spending and eliminate 1,083 jobs.
“If you are confirmed, you will oversee the single biggest cut in cyber security dollars,” Senator Elissa Slotkin (D – MI) said during the nomination hearing. She also said that power companies in her state have told her, “we used to get quarterly updates from CISA and get a sense of the threat picture across the country. Now, we don’t have that. We feel vulnerable.”
Slotkin, a former CIA analyst and senior Pentagon official under the Obama administration, said she worries that America’s cybersecurity posture is similar to its preparedness for a terrorist attack prior to 9-11.
I am deeply worried that we’re going to have a spectacular cyber attack, and you’re going to be left holding the bag
“I am deeply worried that we’re going to have a spectacular cyber attack, and you’re going to be left holding the bag,” she told Cairncross. “So help me understand honestly, in a way that speaks to the average person who’s a principal of a K through 12 school, whose kids’ data is being ransomed: How can you justify a nearly $500 million cut on cybersecurity, given what you, yourself just said?”
Cairncross responded that the “vast majority of cyber defense in this country falls on the private sector,” but Slotkin pushed back, arguing that this doesn’t apply to public hospitals, utilities, K-12 schools, or state and local governments.
“So explain the cut,” the senator said. “You can’t say you care about an increasing and more sophisticated set of attacks while cutting the very people who help defend against those attacks.”
She continued: “If we have our cyber 9-11, you’re going to be the guy who’s sitting there saying: ‘Oh, holy crap, we just cut all this money, and I just had all the power go out on the Eastern Seaboard, or the Chinese stole a whole bunch of our personal data from every hospital and every school.’ So … let’s not pretend that a cut actually helps defend against what you agree is an increasing set of attacks.”
Cairncross didn’t respond to this question as Slotkin’s time ran out.
Where’s Plankey?
Meanwhile, second cyber nominee, Sean Plankey, who Trump tapped to head the US Cybersecurity and Infrastructure Security Agency (CISA), was notably absent from the Thursday hearing. His name was pulled from the agenda at the 11th hour.
“Sean Plankey’s confirmation process to be director of the Cybersecurity and Infrastructure Security Agency has been temporarily delayed while some further paperwork is cleared by the committee,” a Department of Homeland Security spokesperson told The Register.
CISA remains without a director — and likely will for the foreseeable future.
Senator Ron Wyden (D-OR) initially blocked the nomination back in April in an attempt to force the release of an unclassified report on American telecommunications networks’ weak security.
Wyden still hasn’t received the report, and his hold remains in place, according to the senator’s deputy policy director Keith Chu.
“Senator Wyden is asking for the release of an unclassified report about telecom cybersecurity, which he has repeatedly requested before,” Chu told The Register. “By announcing the hold in April, he gave CISA ample time to comply with his request and process the nomination. Furthermore, his hold did not prevent HSGAC from processing the nomination.”
When asked to respond to accusations that the senator’s hold on the CISA nomination will harm US cybersecurity, Chu said, “the administration can easily comply with Senator Wyden’s request and proceed with the nomination.” And then he rattled off a slew of actions that the Trump administration and senior White House officials have taken since January.
“I’d point out that the dismantling of Cybersecurity Review Board investigating the Salt Typhoon hack, expected firing of a significant portion of CISA, the fact our nation’s highest national security officials texted sensitive defense information on insecure phones, rampant circumvention of security protocols by DOGE, and failure to present any coherent cybersecurity agenda all have opened the door to major risks to American cybersecurity, which are surely being exploited by our adversaries,” Chu said.
“Releasing this report will improve cybersecurity by making public new details about threats to telecom security and help build pressure for Congress and this administration to act,” he added. ®
