The resilient bipartisanship that has long protected cybersecurity issues in Washington is facing its biggest test in the second Trump administration.

Why it matters: Without guaranteed bipartisanship, the country's whole-of-government approach to both preventing hacks and fighting back is in jeopardy, experts say.

Driving the news: A long list of controversial moves in D.C. in the last few weeks is making it harder for Republicans and Democrats to publicly work together on cybersecurity issues.

• President Trump ordered a Department of Justice investigation into Chris Krebs, the Cybersecurity and Infrastructure Security Agency director during Trump's first term, and revoked any of his remaining security clearances. Employees at SentinelOne, where Krebs currently works, also had their clearances suspended.
• CISA plans to make widespread staff cuts in the coming weeks after sending voluntary exit options to employees last week.
• Sen. Ron Wyden (D-Ore.) placed a hold on Sean Plankey's nomination to run CISA until the agency releases a highly sought-after 2022 report detailing security weaknesses in the telecom industry.
• The Trump administration fired Gen. Timothy Haugh as head of the National Security Agency and Cyber Command with no explanation, spurring outrage and confusion on Capitol Hill.

The big picture: Rarely have partisan battles in cybersecurity clouded Washington's ability to pass new laws, get political nominees in office, or sign off on budget requests.

• A big reason is that every lawmaker has a constituent who has likely faced a significant cyberattack in their community, whether it's at the local hospital, university or water plant.
• But since 2020 — when the question of whether the election was secure became a political minefield for Republicans — that's slowly been changing, Liana Keesing, a policy manager at bipartisan political reform group Issue One, told Axios.
• Since then, separating CISA's cybersecurity work from its efforts to fight foreign-backed election disinformation has been a tough needle to thread.

Between the lines: "There are a lot of Republicans who disagree vehemently with the actions the administration is taking on cyber," Keesing said. "But no one wants to be the first one to take up the mantle to say that."

Yes, but: Rep. Mark Green (R-Tenn.), chair of the House Homeland Security Committee, told The Record in an interview that the era of bipartisanship isn't over.

• "It's not an issue of an absence of bipartisanship," Green said, "it's no one wants to talk about it because they find it a political tool to say there isn't bipartisanship."
• Rep. Andrew Garbarino (R-N.Y.), chair of the House Homeland Security cyber subcommittee, also said at an event this month that he was "not thrilled" about earlier firings at CISA.

What to watch: How lawmakers pursue reauthorization of the Cybersecurity Information Sharing Act, a key law that expires this year and enables information sharing, will be the test of how resilient cyber's bipartisanship actually is.

• Lawmakers are likely to pursue the law's reauthorization in a manner "as under the radar as possible" to avoid garnering attention that could make it harder for Republicans to publicly support the measure, Keesing said.

Lawmakers and ex-cybersecurity officials are starting to rally around Chris Krebs after President Trump revoked his security clearance and requested that the Justice Department open an investigation into his time leading CISA.

Why it matters: Trump's moves to revoke security clearances and investigate his political enemies could tarnish the targets' reputations.

• How colleagues, employers and other stakeholders respond to these moves is often a bellwether for whether the target can bounce back.

What they're saying: "The Executive Order attempts to tarnish Krebs' outstanding reputation, and harm his business, though I suspect both efforts will fail," David Becker, executive director of the Center for Election Innovation and Research and former DOJ attorney in the Clinton and Bush administrations, told Axios in a statement.

• "To take an action like this, which appears to be straight-up vengeance, is dangerous because of the message it sends to anyone in the federal government that tells the truth that you'll lose your clearance, be slandered by the President, and investigated," Sen. Angus King (I-Maine), a member of the Senate Intelligence and Armed Services Committees, told Axios in a statement.
• Sen. Gary Peters (D-Mich.), ranking member of the Senate Homeland Security Committee, called the move "completely ridiculous."
• Suzanne Spaulding, a former Obama-era DHS undersecretary who led the office that became CISA, said in a statement that "any honest investigation" will likely vindicate Krebs. "It is a diversion of increasingly scarce government resources to satisfy a grudge," she added.
• Cait Conley, a former CISA official who oversaw election security efforts in the 2024 elections, said in an X post that Krebs "did his job and defended the security and integrity of the 2020 election."

Flashback: Krebs landed on Trump's enemies list after releasing a statement in November 2020 while he was the director of CISA saying the election was the safest election to date.

• Trump — who at the time was incorrectly claiming that the election was rigged against him — then fired Krebs via tweet.

Yes, but: Cybersecurity companies have remained quiet publicly. Only one of the 36 cyber organizations that were asked chose to comment on Trump's memo in a Reuters story last week.

The big picture: The investigation into Krebs is just the latest move targeting the federal government's role in election security.

What to watch: Katie Moussouris, CEO of Luta Security and a former member of CISA's Cyber Safety Review Board, told Axios the probe into Krebs will have several chilling effects.

• "Cybersecurity companies might think twice about hiring former government officials," Moussouris said. "But it's also going to have a chilling effect in the federal government's ability to attract cybersecurity professionals to go work for them in the first place."

Virtue AI has raised a $30 million seed and Series A funding round led by Walden Catalyst Ventures and Lightspeed Venture Partners, the company exclusively shared with Axios.

Why it matters: If Virtue AI's platform works as intended, it could solve a major headache for security leaders who currently juggle multiple tools to address different AI-related vulnerabilities.

• Many existing AI security solutions are narrowly focused — covering only specific large language models or offering only a limited number of specialized features like guardrails or red-teaming.

Zoom in: Virtue AI provides a single platform with three distinct products for securing an organization's AI tools.

• The first is an algorithmic red-teaming platform that continuously tests AI tools for potential risks — such as hallucinations, privacy leaks, jailbreaks and prompt injections — and sends results to the company's security teams.
• The second product is a set of guardrails that prevent general AI tools from producing outputs that violate internal policies or government regulations.
• The third offering is an agent guardrail solution that specifically protects the autonomous agents that are gaining popularity.

Between the lines: Virtue AI's co-founders — Bo Li, Dawn Song, Carlos Guestrin and Sanmi Koyejo — are academics who have studied AI for decades. They created Virtue AI after seeing preventable security breaches in real-world AI deployments.

• One example: The prominent case in which Air Canada's chatbot misinformed a customer about a bereavement travel discount policy that didn't actually exist. The company now must legally comply with that discount.
• "This very broad risk surface, it raises a lot of concerns," Li told Axios.

The intrigue: Virtue AI already counts companies in finance, health care and IT among its customers, along with several frontier labs.

• Uber and Glean (a fellow Lightspeed Venture Partners portfolio company) are also both customers.

What's next: Li plans to expand the current 20-person team to around 50 this year, hiring for business development and machine-learning expertise.

• In a year, Li hopes Virtue AI will help protect "most AI product layers," including chatbots, codebases, agents and models.
• "We can provide the security layer, and [our customers] can just focus on the products," Li said. "That's the vision."

@ D.C.

🇨🇳 An investigation has found that TP-Link's new U.S. presence still appears to have substantial operations in mainland China, raising concerns about the popular router's security risks. (Bloomberg)

❌ The Department of Defense has ended $5.1 billion worth of IT and consulting contracts, including those with Accenture and Deloitte. (Business Insider)

🚧 The Department of Homeland Security and the General Services Administration have halted a $524 million construction project for a new CISA headquarters. (Bloomberg Government)

@ Industry

💰 UnitedHealth Group has been demanding medical providers immediately pay back the loans they accepted from the health care giant to help recover from the Change Healthcare ransomware attack. (Wall Street Journal)

🤖 OpenAI may soon require organizations to complete an ID verification to access future AI models, according to a support page published on its website. (TechCrunch)

📲 Apple is starting a new approach to improve its AI systems that involves studying data on customers' devices. (Bloomberg)

@ Hackers and hacks

💥 The Chinese government has accused the NSA of launching several cyberattacks against the Asian Winter Games in February via a "pre-installed backdoor" in Microsoft Windows. (Reuters)

🚗 Hertz is notifying customers around the world about a data breach that involved a cyberattack on one of its vendors last fall. (TechCrunch)

👀 Hackers have targeted five security flaws in Ivanti products already this year, and have exploited 16 flaws in total since the beginning of 2024. (CyberScoop)

🗣️ It's not every day that people see the impact of apparent AI voice-cloning tools en masse — but those who hit crosswalk buttons across Silicon Valley this weekend got to experience just that after hackers replaced the normal crosswalk messages with voices imitating Mark Zuckerberg and Elon Musk.