Sean Plankey Nominated to Lead CISA in Trump Administration Reshuffle
Sean Plankey has been put forward by the Trump administration as the nominee for the head of the Cybersecurity and Infrastructure Security Agency (CISA) on March 11. Plankey, no stranger to the administration, had previously worked in a cyber policy role within the White House and the Department of Energy. His appointment comes after former Director Jen Easterly’s departure on January 20, with Bridget Bean currently acting as interim director. Plankey’s history with the Trump administration includes being considered as a replacement for then-Director Chris Krebs in 2020, after Krebs confirmed the security of the election that year. Having recently worked at WTW, a financial services multinational, Plankey’s experiences blend government service with private sector endeavors.
Insider Threats Grow as Companies Scramble for Solutions
As insider incidents escalate, with 83% of organizations reportedly experiencing at least one such attack in the past year, the importance of robust insider risk programs has never been clearer. Experts like AppOmni’s Brian Soby emphasize the threat comes not only from insiders with malicious intent but also from those who unwittingly jeopardize organizational security. Building an effective program involves much more than just deploying technology; it’s about a comprehensive strategy that involves proactive approaches and strong risk management. SpotStone’s Nick Stephanadis warns against trying to solve the problem solely through purchasing solutions, highlighting the need for an integrated approach to managing insider threats.
Improvement in Application Security, but Room for Growth Remains
Veracode’s recent study, “2025 State of Software Security”, has revealed an encouraging trend where 52% of applications are now passing the OWASP “Top 10” checklist, a notable increase from just 32% five years prior. Chris Wysopal of Veracode draws attention to this progress while acknowledging there’s still much work to be done. The Open Worldwide Application Security Project (OWASP), an influential nonprofit in the field, has been a driving force behind this improvement, thanks to its community-led efforts to establish application security standards. According to Wysopal, better tools and higher prioritization from leadership are contributing factors to these improved rates of compliance.
