The premier U.S. civilian cybersecurity agency wants to expand internationally and be a counterbalance to China’s global influence. 

The Cybersecurity and Infrastructure Security Agency proposed just such an expansion in a transition document prepared by the Trump administration for the next administration. It's unclear, however, whether Biden officials ever saw the document — although the agency, inside the Department of Homeland Security, has made expanding abroad a key part of its mission. 

The main goal of such an effort would be to persuade foreign countries not to use Chinese technology that some argue opens the door to spying, though Beijing denies any such charges. The document was obtained by The Cybersecurity 202 through a Freedom of Information Act request.

A February 2021 CISA strategy document proposes the agency focus its international efforts on working with, boosting and communicating with allies. Its aims are to “shape a global policy environment that supports U.S. priorities and enables future requirements.” 

CISA declined to comment on a detailed set of questions about the transition document, including whether the agency provided it in its entirety to Biden's transition team. Portions of the document are labeled with a smattering of dates, with one section labeled as a “draft.” 

“If countries have a willing partner in CISA, they may be less inclined to accept help from China or to allow Chinese companies access to sensitive markets and information,” the transition document states. 

Such an international expansion would rely on close coordination with the State Department, which has its own office for cyber issues. 

There has been momentum on Capitol Hill to boost the State office, with the House passing legislation in April to form a bureau with an ambassador-level head to lead cyber diplomacy.

CISA states in the transition document that it is boosting its information-sharing and capacity- building efforts with foreign partners, including through agreements with State allowing it to use foreign assistance funds to engage with other countries on cyber issues.

“You have a decision to make there: Do you give the money to CISA to do international stuff, or do you give it to the State Department?” said Jim Lewis, a senior vice president and director of the Strategic Technologies Program at the Center for Strategic and International Studies. “CISA's primary focus is domestic. So, you don't want to detract from that. We have enough to do here.” 

Coordination is the key, said Chris Painter, the State Department cyber coordinator in the Obama administration. 

“As long as there is close coordination, DHS clearly has a role in the international space,” he said. “DHS obviously should be doing the kind of coordination, the kind of operational stuff that they're doing and reaching out to countries. But as long as you make sure that you're not working at cross purposes, that's a good thing; the more the better.” 

Even as it works to take on a bigger international footprint, CISA faces challenges at home. 

The agency has butted heads with the Department of Energy, accusing it in the transition document of going behind CISA’s back and breaking an agreement the two agencies reached on energy legislation.

The Energy Department demonstrated a “lack of respect for the interagency process” by “sending official correspondence to House leadership opposing the interagency negotiated positions” of the bills, according to the document.

CISA went so far as to recommend that it and DHS “register opposition” to the Energy Department’s actions. 

The Energy Department declined to comment.

“I think this is how it's always been, right? I mean, this is nothing new,” Chris Krebs, the former head of CISA under Trump, said. “This is the challenge of who is the primary interface with any given sector.” 

Agencies across the government should build sector-specific expertise but CISA should be seen as the “center of gravity for civilian cyber security” in the government, he said. 

The document also describes expanding cyber threats targeting U.S. networks with potentially dire consequences. 

“Nation-state adversaries are increasingly looking at critical infrastructure as a battlespace,” the document warns. 

“With adversary threats growing in sophistication and the growing ubiquity and power of tools that can create significant degradation or possible destruction of American networks and systems, the Nation faces increased risk and future costs,” it notes. 

Cyber protections, meanwhile, haven’t kept up.  

“Presently, the Nation has limited capability to assess the degree to which adversaries have successfully penetrated and exploited U.S. critical infrastructure,” the document warns. “At the same time, we lack broad visibility into threat activity targeting specific entities, including early and advanced stage activity where adversary efforts could put critical assets at risk.” 

Joseph Marks contributed to this reporting.

The keys

Trump allies asked a judge to throw out three defamation lawsuits by Dominion Voting Systems.

The success of the lawsuits will ultimately rely on Dominion proving that former Trump attorneys Sidney Powell and Rudolph W. Giuliani, as well as MyPillow CEO Mike Lindell, knew their statements were false or made the statements with a “reckless disregard for the truth,” which is a high legal bar, Ann Marimow reports. The voting machine company says that false statements by the Trump allies amounted to a “viral disinformation campaign” that ultimately damaged the company’s reputation.

In its lawsuits, Dominion cited dozens of public statements the Trump allies made as they spread unfounded allegations the voting machine company helped steal the 2020 election from President Donald Trump. The court hearing came as a panel of judges in New York suspended Giuliani's law license after finding he “communicated demonstrably false and misleading statements to courts, lawmakers and the public at large in his capacity as lawyer for [Trump] and the Trump campaign in connection with Trump’s failed effort at reelection in 2020.”

The U.S. military uses an app that pays gig workers to provide open-source data.

Premise Data has pitched itself as a useful tool for the U.S. military and foreign governments who want on-the-ground information about things such as foreign locations and Internet signals in specific areas, the Wall Street Journal’s Byron Tau reports. But users say they’re not aware of who they’re ultimately working for when they gather information for the app. The company says in its privacy policy that data can be shared with all Premise clients, including governments.

The company has pushed back on the idea that it is tasking users with doing intelligence work. “Such data is available to anyone who has a cellphone,” CEO Maury Blackman said. “It is not unique or secret.”

“If some of our data is used by government departments to shape policy and to protect our citizens, we are proud of that,” he said. The company, which has received more than $5 million in U.S. military contracts since 2017, declined to provide a list of clients.

Lawmakers introduced a bipartisan bill to boost the U.S. government’s cyber training programs.

The bill would give CISA two years to set up a cybersecurity apprenticeship program, and would also direct the secretary of Veterans Affairs to set up a pilot program to train military veterans in cybersecurity.

The proposal was introduced by Sens. Maggie Hassan (D-N.H.) and John Cornyn (R-Tex.). It was originally presented as part of a massive, bipartisan legislative package designed to combat Chinese technological influence, but did not make it into the final bill that passed the Senate.

Hill happenings

Securing the ballot

Industry report

Cyber insecurity

On the move

John Demers has left the Justice Department.

Demers's last day as assistant attorney general of the Justice Department's National Security Division was Thursday. He led the division's efforts in prosecuting state-sponsored hackers, terrorists and spies.


  • Officials from the Cybersecurity and Infrastructure Security Agency discuss the ways businesses can secure themselves from cyber threats at a U.S. Chamber of Commerce event on June 29 at 11 a.m.
  • John Sherman, the Pentagon’s acting chief information officer, testifies before a House Armed Services subcommittee on June 29 at 2 p.m.
  • The House Energy and Commerce Committee holds a hearing on cybersecurity legislation and securing U.S. networks on June 30 at 10:30 a.m.

Secure log off