Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Attacks should not be ‘a cost-free endeavor,’ national cyber director nominee Cairncross tells senators

Sean Cairncross testifies before the Senate Homeland Security and Governmental Affairs Committee on his nomination to be national cyber director on June 5, 2025. (Senate HSGAC video)

By Bridget Johnson

The nominee to be the next national cyber director told senators today that attacks against the United States are “scaling up” and increasing in sophistication, underscoring the need for enhanced security collaboration between the government and the private sector as well as impactful costs for bad actors.

“This is a complicated vector but at its core this is a human nature issue,” Sean Cairncross told senators. “Our enemies do not see a cost in engaging in this behavior. And so they impose strategic dilemmas on us, and they have now for a long period of time. It’s time that we impose those dilemmas on them.”

Cairncross also faced grilling from Democrats on the Senate Homeland Security and Governmental Affairs Committee about the justification for deep cuts to federal cybersecurity funding and the workforce in the face of escalating threats and attacks.

Cairncross, former CEO of the Millennium Challenge Corporation and former COO at the Republican National Committee, was nominated by President Donald Trump in February to the executive branch role that has been vacant since former National Cyber Director Harry Coker left at the end of the Biden administration.

The five nominees appearing before the committee delivered opening statements only in written form as senators jumped straight into the questions. Sean Plankey, nominated to lead the Cybersecurity and Infrastructure Security Agency, was originally scheduled to testify as well, but his name was removed from the agenda before the hearing. The committee has scheduled a June 12 meeting to consider Cairncross and all of the other nominees, including Plankey.

In his prepared remarks, Cairncross referenced his time as a senior adviser to the White House chief of staff in the first Trump administration, and said that during his time at the RNC he “came face-to-face with cyber matters, during which I worked closely with our industry partners, the Federal Bureau of Investigation, and the intelligence community.”

“This is the opportunity to establish the Office of the National Cyber Director in the way Congress and the Cyberspace Solarium Commission envisioned,” he wrote, adding that ONCD “needs focus and direction toward more strategic policy alignment, including active defense measures”; should leverage incentives “to promote information exchange and coordination of efforts” and “work to streamline federal cyber regulation and compliance burdens”; and must work well with interagency partners “to ensure that U.S. government cyber efforts are integrated.”

“A goal of mine is to make sure that this office sits at the place that this committee and I believe Congress intended in the statute, and that is to lead cyber policy coordination across the federal government,” Cairncross told senators during the hearing under questioning from Ranking Member Gary Peters (D-Mich.). “And so in doing that, working with our interagency partners is vital. We’ve been empowered to work with OMB to ensure that budget alignment among the interagency aligns with administration policy and I think that those tools have to be leveraged and the relationships between us and the interagency, it’s making sure that it is monitored and enforced.”

Peters asked Cairncross about his lack of cybersecurity experience and how the nominee would “make up for these gaps.”

“It’s true I don’t have a technical background in cyber,” Cairncross replied, noting that in facing cyber threats in his previous roles he’s “been on the user side of this.”

“On the management side, I’ve run thousands of people and billions of dollars in funds and in doing those jobs I surround myself with smart people, make sure the right people are in place to do the jobs and take their advice,” he added.

The president’s proposed fiscal year 2026 budget for CISA would eliminate 1,083 positions from the agency and slice its budget by $495 million. Axios reported Tuesday that about a third of the CISA workforce has already left the agency since the beginning of the current administration.

Sen. Andy Kim (D-N.J.) asked Cairncross why, as attacks are increasing, the administration would then seek to decrease staffing and the budget at an agency such as CISA. “Why is our investment in it going down?” he asked.

“The first management principle for me is form follows function,” Cairncross replied. “And so I know with regards to this office, if I am to be confirmed, I’m going to use that principle to make sure that the function we’re serving, which is to defend the United States from these attacks, to keep our critical infrastructure safe, to keep our citizens safe – because, as we know, these criminals and enemies target the most vulnerable Americans – that the form that we take is the most efficient, effective way to service that mission.”

Sen. Elissa Slotkin (D-Mich.) said that power companies have told her they no longer receive quarterly CISA updates on the threat landscape and “feel vulnerable” as a result. “I am deeply worried that we’re going to have a spectacular cyberattack and you’re going to be left holding the bag,” she said, pressing the nominee to justify cuts to federal cybersecurity.

“The vast majority of cyber defense in this country falls on the private sector … and state and local, territorial and tribal, are extremely important,” Cairncross said.

Asked by Sen. James Lankford (R-Okla.) about his priorities to protect critical infrastructure, Cairncross stressed that he would “do everything I can” to make adversaries and cybercriminals understand that prepositioning in U.S. infrastructure and conducting attacks is “not a cost-free endeavor.”

“China is without question the single biggest threat in this domain that we face, and what Volt and Salt [Typhoons] show … is China is squatting on our critical infrastructure systems and they have an ability to exercise that at a time and place of their choosing,” Cairncross said. “And that should be unacceptable. And it is unacceptable.”

On Monday, a group of national security experts (including leaders of the McCrary Institute for Cyber and Critical Infrastructure Security, which runs Threat Beat) sent a letter to the committee’s leaders in support of Cairncross’ nomination.

“His impressive combination of experience in both the public and private sectors, as well as his ability to navigate government, build coalitions, and implement strategic approaches to the challenges facing the United States make Sean situated particularly well to this role,” they wrote.

Click to listen highlighted text!