Senator puts hold on Trump cyber nominee, citing ‘cover up’ of telecom security report
Sen. Ron Wyden (D-OR) speaks to reporters following a weekly Democratic policy luncheon at the U.S. Capitol on April 8, 2025 in Washington, DC. Wyden has put a hold on Trump's nomination for CISA director until the agency releases and unclassified 202 2 report on telecommunications vulnerabilities. Andrew Harnik/Getty Images
An unreleased 2022 report is said to contain vital information about the security posture of the U.S. telecommunications sector, according to Sen. Ron Wyden, D-Ore., who is blocking Sean Plankey’s nomination to lead CISA.
Sen. Ron Wyden, D-Ore., is putting a hold on the nomination of Sean Plankey to lead the Cybersecurity and Infrastructure Security Agency on grounds that the agency failed to disclose the contents of an unclassified 2022 report that outlined vast security vulnerabilities in the U.S. telecommunications sector.
Wyden, a privacy hawk and a senior member on the Senate Intelligence Committee, said in a statement sent to Nextgov/FCW that he has “repeatedly urged” the cybersecurity agency to release the report, and even asked then-CISA Director Jen Easterly about it in a February 27, 2024, phone call.
The senator added the report’s contents have been viewed by his staff and that it contains information that Americans have the right to see. “CISA’s multi-year cover up of the phone companies’ negligent cybersecurity has real consequences,” Wyden said, citing sweeping Chinese intrusions into swaths of U.S. telecommunications infrastructure that was discovered around a year ago.
The penetrations, known as the Salt Typhoon hacks, hit at least nine U.S. telecom providers and some of their systems that facilitate law enforcement’s court-authorized wiretap requests. Wyden has initiated legislative efforts aimed at boosting telecom security following the incident.
The breach — and its impact on U.S. national security — occurred because American phone carriers failed to implement standard cybersecurity measures and federal agencies failed to hold them accountable, Wyden argued. The senator has sent letters about the report before, his office flagged to Nextgov/FCW.
Wyden also cited a whistleblower report filed last year from a CISA official, who told the Federal Communications Commission that “there have been numerous incidents of successful, unauthorized attempts to access the network user location data of communications service providers operating in the USA.”
Senate procedures permit any senator to place an unlimited hold on a federal nominee and such blockages can be used as leverage to compel executive branch agencies like the Department of Homeland Security — which houses CISA — to meet lawmakers’ demands. Reuters first reported Wyden’s intent to stall the nomination.
Plankey was tapped last month to lead the cybersecurity agency. In the latter portion of Donald Trump’s first term as president, Plankey served as principal deputy assistant secretary for the Office of Cybersecurity, Energy Security and Emergency Response at the Department of Energy, overseeing energy sector engagement, preparedness and response efforts, as well as research aimed at safeguarding U.S. energy infrastructure.
Prior to that, he served as the director for maritime and pacific cybersecurity policy at the National Security Council and also held cybersecurity leadership roles at U.S. Cyber Command.