Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action

DHS Advisory Committee Termination and Cybersecurity Impacts Under the Trump Administration
On January 20, 2025, the Trump administration made a significant move by terminating all memberships of advisory committees that report to the Department of Homeland Security (DHS), including several key cybersecurity bodies.
Termination of Advisory Committees
Acting Secretary of Homeland Security, Benjamine Huffman, issued a memo directing the immediate termination of all current memberships on advisory committees within DHS. This decision is part of the administration's commitment to "eliminating the misuse of resources and ensuring that DHS activities prioritize our national security"125.
Impact on Cyber Safety Review Board (CSRB)
The Cyber Safety Review Board (CSRB), established under a Biden-era cybersecurity executive order, has been particularly affected. The CSRB is an investigatory body composed of public and private sector experts tasked with probing major cybersecurity incidents. Key members removed include Heather Adkins of Google, Rob Joyce, former director of cybersecurity at the NSA, and Chris Krebs, former director of CISA2.
- Ongoing Investigations: The CSRB was currently investigating the Salt Typhoon hacks, which involved Chinese-linked attackers penetrating networks of at least nine telecommunications companies. The removal of private sector experts is expected to slow down this probe23.
- Past Contributions: The CSRB had issued significant reports, including one on Microsoft's security failures that allowed Chinese spies to breach US officials' email accounts and another on the vulnerabilities associated with the Apache Log4j library12.
Impact on Cybersecurity Advisory Committee (CSAC)
The Cybersecurity Advisory Committee (CSAC), another affected body, advised on issues such as national cybersecurity emergency alerts, public-private partnerships like the Joint Cyber Defense Collaborative (JCDC), and a 311 line for small businesses during cyber incidents. Members of CSAC, including Ciaran Martin and Kevin Mandia, have also been removed2.
Trump Administration's Cybersecurity Changes
Policy Direction
The Trump administration's move reflects a shift towards a more focused approach on national security and critical infrastructure protection. Here are some key changes and anticipated directions:
- Market-Based Approach: The administration is expected to pursue a market-based approach to cybersecurity, preferring voluntary security standards over stringent regulations. There is a push for harmonizing rules around incident reporting and baseline practices3.
- Regulatory Reduction: Trump promised aggressive regulatory reduction during his campaign. This could impact the Biden-era executive order requiring software companies to submit proof of secure software development practices to CISA. However, the executive order on cybersecurity signed by Biden just before Trump's inauguration remains in place for now3.
CISA's New Mission
Under the new administration, the Cybersecurity and Infrastructure Security Agency (CISA) is expected to undergo significant changes:
- Focus on Critical Infrastructure: CISA will focus solely on protecting civilian government networks, public-private partnerships, and information sharing on emerging threats, as well as coordinating the protection of the nation's critical infrastructure3.
- Disinformation Role: The role of CISA in countering election-security disinformation is set to disappear, as indicated by Trump’s nominee for Homeland Security Secretary, Kristi Noem3.
Public-Private Sector Collaboration
Despite the changes, there is an expectation of continued collaboration between the public and private sectors. The Joint Cyber Defense Collaborative (JCDC), initiated under the Biden administration, is likely to continue, with a focus on efficiency and public-private sector cooperation3.
Criticisms and Concerns
- Operational Impact: The removal of private sector experts from the CSRB is seen as having an operational impact, as these professionals bring unique insights that government service alone cannot provide2.
- National Security Concerns: US Senator Ron Wyden criticized the decision, suggesting it could be a "massive gift to the Chinese spies" and questioning whether it was related to Microsoft's past donations to Trump's inaugural committee3.
Conclusion
The Trump administration's decision to terminate all memberships of DHS advisory committees, including the CSRB and CSAC, marks a significant shift in cybersecurity policy. While the administration aims to prioritize national security and eliminate resource misuse, the immediate impact on ongoing cybersecurity investigations and the loss of private sector expertise are areas of concern. The future shape of these committees and the broader cybersecurity strategy under the Trump administration remain to be seen. 123