Introduction
Kristi Noem [1] [3] [4] [5] [6] [7] [8] [9] [10] [11], Secretary of Homeland Security [4] [8] [10] [11], addressed the RSAC Conference in San Francisco [2], focusing on the realignment of the Cybersecurity and Infrastructure Security Agency (CISA) with its core mission. She emphasized the need to prioritize cybersecurity over misinformation efforts and highlighted the importance of protecting critical infrastructure from sophisticated threats, particularly those posed by China.
Description
Kristi Noem [1] [3] [4] [5] [6] [7] [8] [9] [10] [11], Secretary of Homeland Security [4] [8] [10] [11], addressed cybersecurity practitioners at the RSAC Conference in San Francisco, responding to criticisms regarding reforms at the Cybersecurity and Infrastructure Security Agency (CISA) [2] [3] [7]. She criticized previous leadership for prioritizing misinformation efforts over cybersecurity, stating that it is not the agency’s role to determine what is true or false [1]. Emphasizing the need for CISA to realign with its original mission of protecting critical infrastructure from sophisticated threats, particularly those posed by China, Noem highlighted the urgency of addressing recent espionage campaigns that have infiltrated critical systems and targeted small businesses and local governments. She underscored China, along with threats from Russia, Iran [1], and North Korea [1], as primary cyber threats to the US [6] [10], citing specific examples of cyber espionage such as Salt Typhoon and Volt Typhoon [1].
In outlining priorities for CISA [8], Noem announced plans to refocus the agency on its core responsibilities, which include enhancing information sharing among government agencies and the private sector, establishing clearer response protocols for state and local cyber incidents [1] [8], and promoting secure technology procurement practices [8]. She advocated for “secure by design” approaches [1], asserting that taxpayers should not bear the costs of security flaws that should have been addressed during initial software development [1]. This commitment to reform comes amid backlash from former officials and the cybersecurity community regarding recent workforce reductions and the dissolution of key advisory councils, including the Critical Infrastructure Partnership Advisory Council and the Cyber Safety Review Board [2] [3] [9]. Notably, Noem announced plans to revive the Critical Infrastructure Partnership Advisory Council [11], which she indicated would be restructured to be more inclusive and action-oriented.
Despite reports of significant personnel reductions and funding cuts impacting CISA’s election security efforts [10], including the termination of federal support for the Election Infrastructure Information Sharing and Analysis Center (EIISAC) [10], Noem emphasized that CISA will remain the nation’s cyber defense agency [10]. She expressed concern over the potential impact of cybersecurity cutbacks on national security and urged Congress to reauthorize the Cybersecurity Information Sharing Act (CISA), a law that facilitates data sharing between companies and the government to address cyber threats [11]. She linked the reauthorization to the Trump administration’s plans to reduce CISA’s size and funding [11], which would shift more cybersecurity responsibilities to the private sector [11].
Additionally, Noem requested feedback from the private sector on the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022 to inform updates and policies [4]. An internal memo had suggested a potential withdrawal of support for CISA’s flagship Common Vulnerabilities and Exposures (CVE) Program, which tracks cybersecurity vulnerabilities [9], but this decision was later reversed under public pressure [3], allowing continued support for nearly another year [3]. CISA has also discontinued a cybersecurity threat hunting tool and placed employees focused on disinformation on administrative leave [9]. Noem urged the cyber community to remain optimistic about these changes and encouraged input on improving efficiency and accountability within the agency, framing cybersecurity as a critical national security mission [11]. She noted that more cyber-focused priorities would be revealed in upcoming federal budget proposals [9], highlighting that approximately $10 million has been saved from cuts within CISA [9].
Conclusion
The reforms outlined by Kristi Noem aim to strengthen CISA’s focus on its core mission of cybersecurity, particularly in the face of threats from nation-states like China. By advocating for secure technology practices and enhancing collaboration between the public and private sectors, these changes seek to mitigate the impact of recent cutbacks and ensure the agency’s effectiveness. The future implications of these reforms will depend on continued support from Congress and the cybersecurity community, as well as the successful implementation of proposed strategies to safeguard national security.
References
[1] https://securityboulevard.com/2025/04/homeland-secretary-noem-vows-to-put-cisa-back-to-focusing-on-its-core-mission/
[2] https://www.cyberreport.io/news/just-wait-to-see-how-cisa-reforms-play-out-dhs-head-tells-cyber-community?article=107255
[3] https://cybermaterial.com/cisa-reforms-aim-to-strengthen-cyber-defense/
[4] https://www.meritalk.com/articles/noem-defends-cisa-cuts-says-agency-is-undergoing-assessment/
[5] https://www.nextgov.com/cybersecurity/2025/04/just-wait-see-how-cisa-reforms-play-out-dhs-head-tells-cyber-community/404936/
[6] https://thenimblenerd.com/article/cisa-under-fire-homeland-security-chief-blasts-ministry-of-truth-tactics-amid-cyber-cutbacks/
[7] https://www.cybersecuritydive.com/news/dhs-secretary-vows-to-refocus-cisa-saying-it-strayed-from-mission/746739/
[8] https://cyberscoop.com/kristi-noem-rsac-2025-cisa-mission/
[9] https://dnyuz.com/2025/04/30/just-wait-to-see-how-cisa-reforms-play-out-dhs-head-tells-cyber-community/
[10] https://www.infosecurity-magazine.com/news/dhs-head-cisa-ministry-truth/
[11] https://thecyberwire.com/podcasts/daily-podcast/2298/transcript
