David Okonkwo
Health and science correspondent specializing in biotech, public health, and environmental science
·5 min read
Who is Cait Conley? Understanding the CISA Senior Official's Role in Cybersecurity
Cait Conley is CISA's first Senate-confirmed senior official since 2021. Learn about her background in election security, her influence on national cybersecurity strategy, and her priorities for critical infrastructure resilience.
PolicyCybersecurity
Cait Conley became the first Senate-confirmed senior official at the Cybersecurity and Infrastructure Security Agency (CISA) in early 2025, filling a leadership vacuum that had persisted since the original deputy director departed in 2021. Her appointment as Senior Official performing the duties of the Deputy Director comes at a moment when cyber threats from nation-state actors and ransomware groups are escalating faster than the agency's capacity to respond.
Conley's confirmation ended a four-year stretch of acting leadership at CISA, restoring a level of stability that the agency had lacked during a period of unprecedented cyberattacks on critical infrastructure.
Cait Conley's Appointment as Senior Official Marks a New Era for CISA Leadership
The Senate confirmed Conley with bipartisan support in February 2025, signaling broad recognition of the stakes involved. Her role as second-in-command places her directly responsible for day-to-day operations, strategic planning, and coordination with the Department of Homeland Security. The appointment effectively restores a layer of accountability that had been absent since 2021, when CISA's original leadership team departed following the change in administration.
- Conley is the first Senate-confirmed senior official at CISA since the original deputy director left in 2021.
- Her role encompasses oversight of CISA's operational divisions and strategic initiatives.
- The confirmation process highlighted bipartisan support for stabilizing CISA's leadership structure.
Conley's leadership arrives as the agency faces a sharp increase in threats targeting energy grids, healthcare systems, and financial networks. Nation-state actors continue to probe vulnerabilities, while ransomware groups have adopted more sophisticated extortion tactics.
From Election Security to Public-Private Partnerships: Conley's Unique Background
Before her confirmation, Conley served as acting director of CISA's Election Security and Resilience division, where she led efforts to protect election infrastructure from cyber interference and disinformation campaigns. Her career includes roles at the Department of Homeland Security and the private sector, where she focused on cybersecurity policy and operational risk management.
Conley is widely recognized for bridging the gap between policy and operations, a skill that has made her effective at forging public-private partnerships.
- She previously led CISA's Election Security and Resilience division, overseeing the protection of voting systems and campaign networks.
- Her private sector experience includes senior advisory roles in cybersecurity policy and risk management.
- She has a track record of fostering collaboration between government agencies and critical infrastructure owners, a priority that shapes her approach to national security.
This collaborative mindset mirrors partnerships seen in other critical sectors, such as the use of technology in emergency response highlighted in recent analyses of the San Jose Fire. Conley's ability to translate between technical teams and executive decision-makers has been a defining asset throughout her career.
Shaping National Cybersecurity Strategy: Conley's Influence on CISA's Priorities
Since taking office, Conley has championed proactive threat hunting and information-sharing initiatives, most notably through the Joint Cyber Defense Collaborative (JCDC). She advocates for a risk-based approach that prioritizes the most critical infrastructure sectors—energy, healthcare, and finance—over broad compliance mandates. Her emphasis on resilience over compliance is reshaping how CISA allocates resources and engages with industry.
- She has expanded the JCDC's role in coordinating real-time threat intelligence between government and private sector partners.
- Conley pushes for measurable improvements in incident response and recovery capabilities, moving beyond checklist-based security.
- Her influence extends to national policy frameworks, including guidelines for information sharing and incident reporting.
Conley's leadership stresses that resilience requires continuous adaptation, not static adherence to standards—a philosophy that aligns with the forward-thinking strategies of leaders like Peter Suder in the AI space.
Under her guidance, CISA has also deepened partnerships with international allies, recognizing that cyber threats do not respect borders. Conley's approach integrates domestic operations with global threat intelligence, creating a more coordinated defense against sophisticated adversaries.
Key Takeaways
- Cait Conley is a seasoned cybersecurity leader with deep expertise in election security and public-private partnerships.
- As CISA's senior official, she is shaping the agency's operational focus on proactive defense and critical infrastructure resilience.
- Her confirmation represents a stabilizing force for CISA after years of acting leadership.
- Conley's influence extends to national policy, including frameworks for information sharing and incident response.
- She prioritizes collaboration across government, industry, and international partners to counter sophisticated cyber threats.