CISA: No Infrastructure Cybersecurity, Just a Stepping Stone for IT Incompetents
By
Duane Thresher, Ph.D. November 8, 2021
As the name implies, the Cybersecurity and Infrastructure
Security Agency (CISA), part of the Department of Homeland
Security, is the main U.S. Government agency responsible for
infrastructure cybersecurity. This includes elections, for
which CISA is already rightfully notorious and which I've
investigated, and electrical, including nuclear, power plants,
which CISA has ignored and I've written about in
Handing
Over America's Electrical Grid to the Russians and
Nuclear 9/11,
for example. As history shows, those in CISA are always IT
incompetent, incapable of doing infrastructure cybersecurity
and protecting America, and only concerned with using CISA as
a stepping stone to even higher-paying jobs. Stop this
dangerous national security IT incompetence —
remember
9/11
Was Due to IT Incompetence — and let me,
Dr. Duane Thresher, CEO
of
Apscitu Inc. and
a
real
IT expert, do America's infrastructure
cybersecurity.
First, as I wrote in
What
is IT and What Makes Me an Expert?, I prefer the term "IT
security" over "cybersecurity", since any word with cyber in
it sounds like it came from bad science fiction, which it did.
For the purposes of this article about the Cybersecurity and
Infrastructure Security Agency though, which is so dangerously
IT incompetent it seems like it must be bad science fiction
(also true of the NSA and CIA; see
9/11
Was Due to IT Incompetence), I will use the term
cybersecurity.
Back in April 2018 I wrote
Handing
Over America's Electrical Grid to the Russians, in which I
asked and answered, "So who is protecting America's electrical
grid from its greatest threat, state-sponsored foreign
hackers?"
The answer then was
Jeanette Manfra
, Assistant Secretary for
Cybersecurity, under the National Protection and Programs
Directorate (NPPD), precursor to CISA, of the Department of
Homeland Security (DHS).
Jeanette Manfra is IT incompetent, having no IT education; see
The
Most Important IT Credential: An IT Education in
Principles
of IT Incompetence.
Before joining NPPD in July 2017, Manfra worked for
Booz
Allen Hamilton, the IT incompetent NSA (National Security
Agency) contractor that let its IT incompetent (high school
dropout) employee
Edward
Snowden, now living in Russia, hack the NSA; see
9/11
Was Due to IT Incompetence.
Jeanette
Manfra was added to the Government and Business
IT Incompetents Hall Of
Shame when I wrote
Handing
Over America's Electrical Grid to the
Russians.
In November 2018 President Donald Trump elevated the mission
of the NPPD and it became CISA, still under DHS, and Jeanette
Manfra's title became Assistant Director for
Cybersecurity.
Finding any evidence of infrastructure hacking on her watch
would have been a career-threatening embarrassment —
breaking her stepping stone (a version of the
government-business
revolving door) — so Jeanette Manfra would not have
even if she was capable of doing so. IT incompetent
Jeanette Manfra
left CISA in January 2020 to become,
incredibly,
Google's
Global Director of Security, where she is making a lot more
money than the already outrageous $171,291 salary she made at
CISA. While this was yet another Google diversity hire
— see
IT
Hiring: Trading IT Competence for Diversity in
Principles
of IT Incompetence — more importantly it was for
Google to profit from Manfra's government connections. This
hiring was probably in violation of Title 18 (crimes and
criminal procedure) of U.S. Code, § 207 (restrictions on
former officers, employees, and elected officials of the
executive and legislative branches), a law written exactly to
prevent such hirings; see
IT
Hiring: IT Incompetence Breeds Disloyalty and Corruption
in
Principles
of IT Incompetence.
Also in the November 2018 NPPD to CISA change, Chris Krebs
became Director of CISA, having been acting Under Secretary
for Homeland Security in the NPPD since August 2017, and
Matthew Travis became Deputy Director of CISA. Bryan Ware
became Jeanette Manfra's replacement as Assistant Director for
Cybersecurity in January 2020.
CISA's IT incompetent Chris Krebs, Matthew Travis, and Bryan
Ware and the cybersecurity of the 2020 U.S. Presidential
Election became notorious. All were essentially fired for
their incompetence in this by President Trump in November
2020. Finding any evidence of election, or other
infrastructure, hacking on their watches would have been a
career-threatening embarrassment — breaking their
stepping stone — so they would not have even if they
were capable of doing so. They all had new higher-paying jobs
ready to go when they were fired.
The firings did not break their stepping stone — the
publicity actually greatly helped — because of the
hatred of President Trump by the left, including the media,
who just claimed Trump wanted some election hacking evidence
manufactured and fired them in retaliation for not doing so.
CISA, in particular Chris Krebs, said "There is no evidence
that any voting system deleted or lost votes, changed votes,
or was in any way compromised." But this is the same tired
old fallacy that all IT incompetent organizations use to avoid
responsibility when they are hacked: that because they didn't
find any evidence, no hacking occurred. But think about how
stupid that is: if you don't want to find evidence, you won't.
As a former scientist, I can tell you that one of the basic
tenets of science is "absence of evidence is not evidence of
absence". See for example
HealthCare.gov
Hacked.
CISA itself, as a part of DHS, was probably hacked in 2020,
months before the 2020 U.S. Presidential Election in November
2020, in
The
Doomsday Microsoft Government Email Data
Breach.
I first investigated Chris Krebs, Matthew Travis, and Bryan
Ware when I was doing a 3-part series, as yet
unpublished,
2020 U.S. Presidential Election
Hacked,
Part I: Undetectable So Unreported,
Part
II: Government Responsible, and
Part III: How (see
also
Foreign
Hacking of New Hampshire Voting Machines from February
2020). As a
real
IT expert, I can tell you that it is quite possible the
2020 U.S. Presidential Election was hacked.
Former CISA Director
Chris
Krebs is IT incompetent, having no IT education;
see
The
Most Important IT Credential: An IT Education in
Principles
of IT Incompetence.
Chris Krebs was the Cybersecurity Policy Director at Microsoft
from February 2014 to March 2017, before he joined CISA, and
was planning on working for Microsoft again, at a
higher-paying level, with his profitable government
connections from stepping stone CISA.
Working for Microsoft was a reason for Chris Krebs not to find
any evidence of hacking in the 2020 U.S. Presidential
Election.
The
Doomsday Microsoft Government Email Data Breach was
Microsoft's fault so if any evidence was found it would have
implicated Microsoft. Krebs was part of Microsoft's
protection in the federal government. See
Microsoft
Guilty But Protected by NSA, AB PAC, India, and DelBenes
and note also that according to the Federal Election
Commission, Krebs donated to Microsoft's political action
committee (MSVPAC).
Chris Krebs did not end up working directly as an employee of
Microsoft, but only because he saw and exploited an
opportunity created by
The
Doomsday Microsoft Government Email Data Breach. After he
was fired for IT incompetence by President Trump after the
2020 U.S. Presidential Election in November 2020, Chris Krebs
started an IT security consulting firm with, incredibly,
Alex
Stamos, the IT incompetent Yahoo-then-Facebook Chief
Information Security Officer (CISO) who was responsible for
both Yahoo's and then Facebook's massive data breaches;
see
Yahoo-Then-Facebook
CISO Alex Stamos Allows Yet Another Massive Data Breach.
The first customer of the Krebs Stamos Group was SolarWinds,
the software company whose biggest customer was the federal
government and that most are blaming — although
Microsoft was really to blame — for
The
Doomsday Microsoft Government Email Data Breach.
Microsoft will also, if they haven't already, hire the Krebs
Stamos Group, which will also probably be a violation of Title
18 (crimes and criminal procedure) of U.S. Code, § 207
(restrictions on former officers, employees, and elected
officials of the executive and legislative branches);
see
IT
Hiring: IT Incompetence Breeds Disloyalty and Corruption
in
Principles
of IT Incompetence.
Former CISA Deputy Director Matthew Travis is IT incompetent,
having no IT education; see
The
Most Important IT Credential: An IT Education in
Principles
of IT Incompetence.
In January 2020, the Cybersecurity Maturity Model
Certification Accreditation Body (CMMC-AB) was incorporated in
Maryland, next to Washington D.C., supposedly as a non-profit,
but any corporation that takes all the money it makes and uses
it on expenses, like huge salaries for its officers, can be
declared a non-profit corporation. The U.S. Department of
Defense, which was also hacked in
The
Doomsday Microsoft Government Email Data Breach, has made
CMMC-AB "the sole entity authorized to accredit defense
contractor cybersecurity". Without this accreditation, which
the contractor has to pay for, the contractor can't get a
defense contract, which are notoriously lucrative. Matthew
Travis was probably in talks to join CMMC-AB even before they
incorporated. After he was fired for IT incompetence by
President Trump after the 2020 U.S. Presidential Election in
November 2020, Matthew Travis became the first CEO of CMMC-AB
on 1 April 2021, April Fools' Day. This hiring is also
probably a violation of Title 18 (crimes and criminal
procedure) of U.S. Code, § 207 (restrictions on former
officers, employees, and elected officials of the executive
and legislative branches); see
IT
Hiring: IT Incompetence Breeds Disloyalty and Corruption
in
Principles
of IT Incompetence. Matthew Travis became
one of the most powerful men in the Department of Defense
— since it's all IT (cyber) these days — and he's
IT incompetent and has no concern for national security, only
his personal wealth, just like CISA's Jeanette Manfra, Chris
Krebs, Bryan Ware, Jen Easterly, Nitin Natarajan,
...
Former CISA Assistant Director for Cybersecurity Bryan Ware is
IT incompetent, having no IT education; see
The
Most Important IT Credential: An IT Education in
Principles
of IT Incompetence.
Right after he was fired for IT incompetence by President
Trump after the 2020 U.S. Presidential Election in November
2020, Bryan Ware went to work for LookingGlass Cyber
Solutions. LookingGlass does the IT for the Secret Service,
which protects the president's life and knows a lot of
personal, possibly damaging, information about the president.
(Looking Glass is the name of the U.S.'s flying command and
control center in case of nuclear war.) As I explained
in
Secret
Service Outsources IT to IT Incompetent Foreign-Influenced
Company in April 2018, LookingGlass is IT incompetent and
run by foreigners. This hiring is also probably a violation
of Title 18 (crimes and criminal procedure) of U.S. Code,
§ 207 (restrictions on former officers, employees, and
elected officials of the executive and legislative branches);
see
IT
Hiring: IT Incompetence Breeds Disloyalty and Corruption
in
Principles
of IT Incompetence.
As I wrote in
Nuclear 9/11,
Jen Easterly
is (Jul 2021 – present) now
the Director of CISA, nominated by President Joe Biden
(see
U.S. Surrenders
in IT War, Starts Paying Tribute to Russia). Easterly is
IT incompetent. Again,
an
IT education is the most important IT credential and
Easterly only has a bachelor's degree in a subject she won't
reveal — so almost certainly not in IT — and a
Master of Arts in "politics, philosophy, and economics" from a
foreign university.
Jen
Easterly was added to the Government and Business
IT Incompetents Hall
Of Shame when I wrote
Nuclear 9/11.
Before CISA, Easterly was Head of Cybersecurity for investment
bank Morgan Stanley from Feb 2017 – Jul 2021, during
which time Morgan Stanley had a data breach for which they
were fined $60 million. CISA is IT incompetent Jen Easterly's
next stepping stone, part of the
government-business
revolving door.
Nitin Natarajan
is (Feb 2021 – present) now
the Deputy Director of CISA.
Nitin
Natarajan is IT incompetent. Again,
an
IT education is the most important IT credential and
Natarajan only has a bachelor's degree in a subject he won't
reveal — so almost certainly not in IT — and a
non-IT Master of Arts. Natarajan started as a paramedic (in
ambulances) for several years and leveraged that experience to
get somewhat-related jobs in the government, stepping his way
up. CISA is IT incompetent Nitin Natarajan's next stepping
stone. While it might seem that paramedic experience could be
helpful when a nuclear power plant undergoes a hacking and
forced meltdown — even if caused by Natarajan's IT
incompetence — Natarajan resides around Washington
D.C. (as does Jen Easterly) and will be among the first to die
horribly from radiation sickness when the Peach Bottom nuclear
power plant is cyberattacked; see
Hacking
and Forced Meltdown of Nuclear Power Plants: Upwind of
Washington, Baltimore, Philadelphia.
Jen Easterly
and
Nitin Natarajan
are obvious examples of
IT
Hiring: Trading IT Competence for Diversity in
Principles
of IT Incompetence and are part of President Biden's
scheme of playing the sexism and racism cards whenever
possible and at whatever cost, including national security
(Biden should note though that the racism card just backfired
big time in the elections a week ago in Virginia, where I
vote, albeit not confidently that the elections weren't
hacked). As I wrote in
Hacking
and Forced Meltdown of Nuclear Power Plants: Upwind of
Washington, Baltimore, Philadelphia, radiation sickness is
equal opportunity death. It doesn't care about diversity; it
kills regardless of sex or race ... or political
affiliation.
CISA can't and won't do infrastructure cybersecurity and
protect America from having its elections tampered with or
from another 9/11, a far deadlier nuclear one. Let
me,
Dr. Duane
Thresher, CEO of
Apscitu
Inc. and a
real
IT expert, do America's infrastructure
cybersecurity.