Karen Evans has been appointed as the new Executive Assistant Director (EAD) for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA). In this new role, Evans brings an extensive portfolio of experience spanning decades in federal cyber policy, critical infrastructure protection, and government IT modernization.
Before stepping into her current role at CISA, Evans had an illustrious career, holding several key leadership positions across both the public and private sectors. Most recently, she served as a senior advisor within CISA’s cybersecurity division, contributing to the agency’s mission of enhancing the cybersecurity posture of federal civilian networks and critical infrastructure. Her work in this capacity involved advising on cybersecurity strategies and providing insights into new threats and best practices for federal agencies.
Karen Evans as the New Executive Assistant Director (EAD)
Karen Evans’ experience also includes her tenure as the Managing Director at the Cyber Readiness Institute (CRI), a non-profit dedicated to improving the cybersecurity resilience of small and medium-sized businesses (SMBs). At CRI, she focused on empowering businesses with the tools and resources necessary to defend against cyber threats, demonstrating her deep understanding of the intersection between private sector cybersecurity and national security.
Evans co-founded SafeGov, an advisory firm that helped U.S. government agencies navigate secure cloud computing strategies. This experience was instrumental in shaping her understanding of cybersecurity challenges and solutions in the cloud era, an area of growing importance as government agencies and businesses increasingly move to cloud environments.
Distinguished Federal Service
Throughout her distinguished federal career, Karen Evans has held multiple senior roles at the Department of Homeland Security (DHS) and the Department of Energy (DOE). Between June 2020 and January 2021, she served as the Chief Information Officer (CIO) at DHS, where she played a critical role in overseeing IT modernization efforts, crafting cybersecurity strategies, and driving technology investments across the department’s various components.
As the Assistant Secretary for Cybersecurity, Energy Security, and Emergency Response, Evans was at the forefront of securing the nation’s energy infrastructure and mitigating cyber threats to the nation’s power grid. In this capacity, she helped lead efforts to ensure the resilience and security of one of the most critical sectors in the country.
Evans’ early federal work dates to the George W. Bush administration, where she served as Administrator of the Office of Electronic Government and Information Technology at the Office of Management and Budget (OMB). In this role, she oversaw a staggering $71 billion in annual IT investments, highlighting her expertise in managing large-scale IT projects and understanding the intersection between technology, policy, and national security.
A Vision for CISA’s Future
Karen Evans’ appointment comes at a time of transition for CISA. The agency is undergoing a leadership shift, with key positions still awaiting confirmation, including the role of the CISA Director. Former DOE cybersecurity officials Sean Plankey and Nick Andersen have been identified as potential candidates for this role, according to sources familiar with the situation.
Evans’ appointment as Executive Assistant Director for Cybersecurity is a vital piece of this larger transformation. CISA’s mission, which originally extended to combatting misinformation and disinformation, is being redefined. In January, DHS Secretary Kristi Noem expressed the need for a “refocus” on CISA’s core mission, urging the agency to concentrate more on cybersecurity efforts rather than areas outside its primary remit, like disinformation campaigns.
“No one intended for CISA’s resources to be used in ways they were never meant to,” Noem said during her confirmation hearing. “CISA needs to be much more effective, smaller, and more nimble to fulfill its cybersecurity mission.”
Evans is expected to play a crucial role in this strategic shift, ensuring that CISA is better positioned to defend against cyber threats and provide enhanced cybersecurity support to federal agencies and critical infrastructure sectors.
Educational and Professional Credentials
Karen Evans holds a Ph.D. in Business Administration, a Master of Arts in Public History, and a Bachelor of Science in Chemistry from West Virginia University. She is also an elected fellow of the National Academy of Public Administration, further highlighting her leadership and contributions to the public sector. Her diverse background in both the public and private sectors, coupled with her deep understanding of cybersecurity and technology, positions her as an ideal candidate to lead CISA’s efforts to protect the nation from cyber actors.
As Karen Evans takes on her new role as Executive Assistant Director for Cybersecurity at CISA, the agency looks forward to leveraging her expertise to strengthen the nation’s cybersecurity posture and protect critical infrastructure from increasingly sophisticated cyber adversaries. With Evans at the helm, CISA is poised to play a central role in securing federal networks and supporting the broader mission of defending the nation’s cyber ecosystem.
Karen Evans’ leadership is widely recognized within the cybersecurity community. Ari Schwartz, Coordinator of the Center for Cybersecurity Policy and Law, praised her appointment, stating, “Throughout her work at OMB, DOE, and CRI, Karen Evans has shown her knowledge and commitment to cybersecurity and is well-positioned to help guide CISA’s core cybersecurity efforts, particularly in defending federal civilian networks and protecting critical infrastructure from attacks by adversaries.”
