President Donald Trump’s nominee for national cyber director said he would lead the Office of the National Cyber Director with “focus and direction,” while also backing a push from lawmakers and industry to streamline federal cyber regulations.
Sean Cairncross, former CEO of the Millennium Challenge Corporation and former chief operating officer for the Republican National Committee, told the Senate Homeland Security and Governmental Affairs Committee today that “form must follow function” at the Office of the National Cyber Director.
“If confirmed, I would assume this role with the following approach: First, if ONCD tries to do everything, it will be ineffective,” Cairncross said in a prepared statement. “On a very bad day, our nation’s critical infrastructure must be resilient and able to function. The office needs prioritized targets and objectives that are concrete and achievable. It needs focus and direction toward more strategic policy alignment, including active defense measures.”
He said cyber attacks “are scaling up and becoming more sophisticated.” He said ONCD needs to develop partnerships across the federal government, state and local governments, and the private sector.
“ONCD must leverage convening and policy coordinating authorities, and across critical infrastructure sectors, CEOs must engage in these efforts with full force,” Cairncross said.
However, Cairncross didn’t directly answer questions about the Trump administration’s plan to cut nearly $500 million from the Cybersecurity and Infrastructure Security Agency’s budget next year.
“You’re saying that the threats are increasing and they’re scaling up . . . Then why is it that the Trump administration is trying to decrease the staffing and the budget when it comes to an incredibly important office like CISA?” asked Sen. Andy Kim (D-N.J.)
Cairncross did not address the budget cuts in his response, instead saying that, “our enemies do not see a cost in engaging in this behavior, and so they impose strategic dilemmas on us — and they have now for a long period of time. It’s time that we impose those dilemmas on them.”
Sean Plankey, the nominee for CISA director, was scheduled to testify as well on Thursday but was pulled from the hearing at the last minute. The change is reportedly due to a delay in Plankey’s FBI background check.
In his prepared remarks, Cairncross also gave a nod to push started under Biden’s ONCD to harmonize cybersecurity regulations.
“ONCD needs to work to streamline federal cyber regulation and compliance burdens,” he said. “Cyber defense cannot, and should not, be a checklist that increases costs and slows incident preparedness or response effectiveness. We must develop a more unified and efficient approach.”
Cairncross also pledged to support several lawmaker priorities, including a push to reauthorize the Cybersecurity Information Sharing Act of 2015 before it expires in September.
Congress created the national cyber director position in 2021 to serve as the president’s top cyber advisor. During the Biden administration, ONCD led implementation of a national cyber strategy. The office often led on specific initiatives and convened meetings from across government and industry.
But Biden’s first national cyber director, Chris Inglis, reportedly clashed with Anne Neuberger, the deputy national security advisor for cyber and emerging technologies. Neuberger often led the Biden administration’s cybersecurity policy initiatives.
In the wake of that dynamic, cyber policy experts last December urged the incoming Trump administration to reinforce the national cyber director’s role.
Since coming into office, Trump’s NSC has done away with the deputy national security advisor role. Meanwhile, the top cyber official on the NSC is largely focused on offensive cyber activities.
Given the changing dynamics within the White House, Mark Montgomery, director of the Cyberspace Solarium Commission 2.0, predicted Cairncross and Plankey will likely have the power to shape much of the administration’s defensive cyber strategies.
“The two of them together are going to have a lot of room to run because the NSC has very much taken itself out of the defensive cyber business with its reorganization,” Montgomery said.
Copyright
© 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
