President Trump fired Christopher Krebs from his post as director of the Cybersecurity and Infrastructure Security Agency on Tuesday night via a tweet.
Both Krebs and CISA have been actively pushing back on misinformation in the weeks since Election Day, repeatedly speaking out against accusations made by Trump on issues like alleged voter fraud and election systems being hacked. Last Thursday, Reuters reported Krebs expected to be fired, five days before it actually happened.
Earlier Tuesday, Krebs tweeted that “On allegations that election systems were manipulated, 59 election security experts all agree, ‘in every case of which we are aware, these claims either have been unsubstantiated or are technically incoherent.'” Krebs’ statement was apparently the last straw for President Trump.
“The recent statement by Chris Krebs on the security of the 2020 Election was highly inaccurate, in that there were massive improprieties and fraud – including dead people voting, Poll Watchers not allowed into polling locations, ‘glitches’ in the voting machines which changed votes from Trump to Biden, late voting, and many more. Therefore, effective immediately, Chris Krebs has been terminated as Director of the Cybersecurity and Infrastructure Security Agency,” the president wrote.
In a tweet from his personal account following the firing, Krebs wrote, “Honored to serve. We did it right. Defend Today, Secure Tomorrow.”
A source with knowledge of the situation told SearchSecurity that Brandon Wales, executive director of CISA, has assumed the role of acting director of the agency.
Krebs was appointed the first director of CISA when the agency was established by the Trump administration on Nov. 16, 2018. Prior to his appointment at CISA, he held multiple Homeland Security-related positions and formerly served as director for cybersecurity policy at Microsoft’s U.S. Government Affairs team.
As head of CISA, Krebs became a popular figure in the cybersecurity community. Many infosec professionals had praise for the ousted director and publicly defended his work to secure election infrastructure.
Ciaran Martin, managing director at venture capital firm Paladin Capital and previously the first CEO of the U.K.’s National Cyber Security Centre, had glowing praise for the former CISA director.
“For all the time I was his opposite number in the U.K., Chris Krebs was as good a partner as an ally could hope for,” he said. “He has just overseen a fantastic success: a U.S. election free from controversy about hostile interference. The way he went about that showed remarkable leadership. He worked across national security agencies, international partners, the private sector, and all the way through to the small local government authorities who run elections. His success deserves to be studied for years to come in how to lead on cybersecurity in a big, complicated country.”
Chet Wisniewski, a principal research scientist at Sophos, said Krebs turned CISA into a useful utility for organizations. “Krebs has done a phenomenal job at CISA and if we look back a year or two years as to the capability of CISA to be a useful function for organizations in the United States to understand what’s going on in the threat space, they went from worthless to actually sending out really meaningful information in the last two years,” he said. “I think he’s done a great job at CISA and a great job leading it and he’s actually turned it into a useful thing.”
One cybersecurity professional, who asked to remain anonymous because they were not authorized to speak on political matters, told SearchSecurity that the move was a “major blow” to the U.S. government’s security team.
“It isn’t much of a surprise that Chris Krebs is being dismissed from the CISA, as it isn’t a secret that he has been at odds with the Trump administration for some time, and that President Trump seems to be cleaning house before the next administration, be it his or Joe Biden’s,” they wrote in an email. “It is a major blow to the government’s security team to lose someone as talented and respected as Chris Krebs. It also exacerbates the already huge problem that the US government has in finding/retaining qualified and skilled information security professionals.”
Dragos CEO and co-founder Robert Lee echoed the praise in a statement.
“There have been a lot of questions about roles and responsibilities across the government including where CISA fits in and where they don’t. There have been no questions, though, on Chris Krebs’ effectiveness. He focused on what he needed to focus on. He led his team with dignity. He was a public figure representing the agency in the community. And when the nation needed CISAs attention on protecting our voting and fundamentals of democracy he did with zeal and expertise. The next administration should keep Chris if he’s willing to stay and regardless folks should be thankful for his time there,” Lee said.
Bill Harrod, MobileIron federal CTO, called Krebs a steady force for CISA and the Department of Homeland Security, which oversees CISA.
“Chris has been a steady and consistent force for CISA and the Department of Homeland Security in general, a voice for election security and unbiased in his support of the election and voting process. With the loss of the WH Cyber Security Czar, it has fallen to DHS and in large part to Chris and CISA to help coordinate threat information and provide direction on cybersecurity for Federal Civilian agencies and to be an evangelist for preventive cybersecurity practices,” Harrod said.
Security news writer Arielle Waldman contributed to this report.