Congress is preparing to confirm a new leader for the federal agency charged with protecting our election systems from foreign cyberattacks. But as Sean Plankey prepares to face the Senate for confirmation as Director of the Cybersecurity and Infrastructure Security Agency (CISA), serious questions are piling up about the agency’s ability — or willingness — to do its job.
Senators shouldn’t allow Plankey’s nomination to move forward until they get clear answers about his plans for how the agency he hopes to lead will work with state and local officials to protect our elections.
We know that adversarial nations like Russia, China, and Iran are waging increasingly sophisticated digital interference campaigns aimed at disrupting U.S. elections and undermining our standing on the global stage. These threats are not hypothetical — they’re backed by years of intelligence findings, threats, and cyberattacks.
Federal agencies like CISA have been paramount in helping to identify and counter these threats. In 2024, CISA and its partners warned election officials about white powder envelopes that were sent to over a dozen election offices; shared declassified intelligence about attacks on ballot boxes; assisted with response to fires set in ballot dropboxes; and alerted officials about plans for widespread bomb threats from foreign adversaries. Critically, CISA also supported state and local officials as they navigated attempted hacks of election websites, phishing campaigns targeting election offices, and ransomware attacks. As a result, and despite a significant campaign of election interference including over 100 bomb threats around the country by Russian-linked actors, voting operations were minimally impacted.
Yet even as the country faces rising threats, the federal government has started pulling the plug on one of our most critical defensive assets.
In February, CISA announced that it was pausing all election security work ostensibly so it could conduct an internal review to align with the Agency’s core mission. Since then, CISA has slashed funding for two key threat-sharing centers and laid off large swaths of staff — including entire teams that supported local election officials on the front lines. More cuts are reportedly on the way. The result: election officials across the country are flying blind.
So far, CISA has refused to release its internal review, despite calls from the bipartisan National Association of Secretaries of State, members of the U.S. House and Senate, and my organization, the Center for Democracy and Technology, as well as cybersecurity experts across the country. That review, reportedly submitted to the White House in early March, would presumably explain CISA’s rationale for personnel and programmatic cuts — and, critically, would enable states and localities to understand what gaps will be left for them to fill.
One of the first and most basic questions the Senate must ask Plankey is whether he will release that report. CISA and DHS have given contradictory answers about the status of CISA’s services. Plankey must be asked to clarify what was cut, why it was cut, and what happens next. Without transparency about the services CISA will continue to offer, states are left scrambling to prepare for upcoming elections without knowing what support, if any, they can expect from the federal government. Wisconsin and Florida have already held major elections this year, and Virginia and New Jersey will hold votes for Governor and state legislatures this fall.
If CISA is abandoning them, election officials deserve to know so they can make plans to protect their cyber and physical infrastructure from nation-state hackers — keeping them in the dark only helps bad actors.
Meanwhile, news from across the Executive Branch suggests an even deeper pullback is still coming. It was reported in April that CISA might cut nearly 40% of its full time staff, and a new budget proposal would cut nearly $500 million from CISA next fiscal year. A March Executive Order directed agencies to review critical infrastructure policies, opening the door to revising or rescinding National Security Memorandum 22, which designates elections as part of the nation’s critical infrastructure and gives CISA the lead role in protecting them. Plankey supports maintaining that designation, he should say so.
Confidence in CISA is already shaken. Election officials and voting machine companies have expressed concern that the agency’s cyber and physical security assessments might be used to target or intimidate them, especially if shared with political actors. This fear has reportedly already led some election vendors to halt cyber threat information sharing with CISA. Others report feeling abandoned after losing key liaisons and seeing major communication breakdowns. Restoring that trust won’t be easy — but it starts with leadership that is transparent and publicly committed to CISA’s core mission of protecting critical elections infrastructure.
The public deserves to know if CISA will continue to invest in protecting the nation’s election infrastructure and national security from nation state hackers and cybercriminals. The U.S. government cannot claim to take election security seriously while simultaneously dismantling the very systems designed to uphold it. The burden now lies with the Senate to ask the hard questions — and with Plankey to deliver clear answers.
