What brought this on: This is mostly a reaction to a White House order on Wednesday that tied security clearances to supporting political concepts. The order chastised Chris Krebs, the former head of Trump’s Cybersecurity and Infrastructure Security Agency (CISA). “Krebs’ misconduct involved the censorship of disfavored speech implicating the 2020 election and COVID-19 pandemic. CISA, under Krebs’ leadership, suppressed conservative viewpoints under the guise of combatting supposed disinformation, and recruited and coerced major social media platforms to further its partisan mission,” it read.Trump then announced the punishment: “Those who engage in or support such conduct must not have continued access to our Nation’s secrets. Accordingly, I hereby direct the heads of executive departments and agencies (agencies) to immediately take steps consistent with existing law to revoke any active security clearance held by Christopher Krebs. I further direct the Attorney General, the Director of National Intelligence, and all other relevant agencies to immediately take all action as necessary and consistent with existing law to suspend any active security clearances held by individuals at entities associated with Krebs, including SentinelOne, pending a review of whether such clearances are consistent with the national interest.”On Thursday, Krebs resigned from SentinelOne, presumably hoping that Trump would then spare the company and not remove its employees’ security clearances. The current status of the security clearances for both Krebs and SentinelOne is unclear. The White House statement said the agency heads should revoke Krebs’ credentials, but it never said if that had happened yet. The same situation exists with SentinelOne. Neither the White House press office nor the media relations contact at SentinelOne commented on the clearance’s current status. Kurtis Minder, the CEO of GroupSense, a Virginia company that sells threat intel to enterprises, said that the kind of wholesale switching of cybersecurity companies described is difficult, but it may ultimately happen.”When CISOs have to start taking into account the pedigree of the [security vendor’s] leadership and the political positions that they have held in the past, in my mind that becomes untenable,” Minder said. “It may have to happen, and that is a bad thing.””US CISOs would have to start wondering if those companies were safe bets,” he said, and “it would resurface concerns” about governments asking for spyware and backdoors. Minder was one of several cybersecurity executives who are waiting to see if the SentinelOne incident proves to be isolated, or the beginning of a trend.”Depending on how this one is pushed, and if it happens to another cybersecurity company for any reason,” Minder said, “this is the first volley and we’ll have to wait and see where it lands.”Minder was candid when asked what his firm would do if a government asked them to do something that he felt would hurt their customers, and threatened to yank security clearances if they refused. He said that he would bring it to the company’s board, and all options would be evaluated in line with fiduciary obligations.
Could just be payback: But not everyone interpreted the security clearance order as especially problematic.”I think this is primarily an issue with Trump and Chris specifically. It has to do with the election issue. SentinelOne is just temporary collateral damage,” said Steve Zalewski, the former CISO at Levis Strauss. He has held senior cybersecurity roles at both Pacific Gas & Electric and Kaiser Permanente; today he is a cybersecurity advisor for S3 Consulting.”Trump is just being a New Yorker who does not forget a slight. Chris crossed him and this is payback,” Zalewski said. “What if he does it to other security companies? I don’t think that is in [Trump’s] mind. I don’t think he’s trying to make a deal. He’s just doing a little payback.”Most analysts declined to comment on the Trump efforts, but Will Townsend, a principal analyst with Moor Insights & Strategy, said he doubts that the order will have much of an impact on the industry.”The US boasts the most cybersecurity companies in the world, led by Microsoft, Cisco, CrowdStrike, Palo Alto Networks, and Zscaler, among many others including SentinelOne. I don’t foresee CISOs moving their business to other regions based on what’s materialized with Krebs resignation,” Townsend said. “Many may speculate that the pressure on Krebs was politically motivated, since he led CISA, but only those with security clearances will know the truth, and if SentinelOne truly poses any risks as a security provider to the US federal government.”
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3965056/will-politicization-of-security-clearances-make-us-cybersecurity-firms-radioactive.html
