Two prominent figures at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Bob Lord and Lauren Zabierek, have announced their resignations, prompting speculation about the future of the agency’s flagship Secure by Design initiative. Lord, senior technical adviser, and Zabierek, senior advisor, were instrumental in launching and advancing the initiative, which seeks to embed cybersecurity protections into products during their development rather than retrofitting them later.
The Secure by Design program was introduced under the Biden administration as a proactive measure to improve cybersecurity at the source—by holding manufacturers and technology providers accountable for product security. Both Lord and Zabierek confirmed their departures through separate LinkedIn posts, describing the decisions as “difficult” and “not easy,” but offered no specific reasons. Despite leaving their posts, Lord said he plans to continue supporting the initiative after a short break.
The Vision and Legacy of Secure by Design
Under their leadership, Secure by Design gained considerable traction, rallying major industry players to commit voluntarily to building safer software and technology products. Zabierek emphasized the importance of public-private collaboration, calling the initiative “one of the most meaningful experiences” of her career. She highlighted the transformation of the program from a government-led effort to a growing global movement, driven by shared responsibility among nations and companies alike.
Bob Lord brought significant experience to CISA, joining the agency in 2022 after serving in high-level cybersecurity roles at organizations including Yahoo, Twitter, Red Hat, and the Democratic National Committee. He is credited with introducing crucial cybersecurity practices for political campaigns following the high-profile hacks of 2016. Zabierek, who joined CISA in 2023, previously led cybersecurity research at the Harvard Belfer Center and contributed to national cyber policy discussions as a fellow at the National Security Institute.
Acting CISA Director Bridget Bean praised the duo’s contributions and reaffirmed the agency’s commitment to the Secure by Design principles. “While CISA’s approaches to Secure by Design evolve, our commitment to the principles remains steadfast,” she stated.
Uncertainty Around the Future of the Initiative
Their resignations come at a pivotal moment, as CISA faces a shifting political and budgetary landscape. The initiative, launched during a period of increased cybersecurity investment under the Biden administration, may face new challenges under the current leadership. Secretary of Homeland Security Kristi Noem recently announced plans to streamline CISA’s mission and cut back on personnel and resources, raising concerns about the sustainability of broader initiatives like Secure by Design.
Despite these uncertainties, Lord expressed confidence in the momentum of the movement he helped build. “This was never a solo effort,” he said, acknowledging the hundreds of collaborators from federal agencies, international partners, and the private sector. He stressed that the push for more secure software is larger than any single organization and is essential in light of ongoing cybersecurity threats.
As leadership transitions and agency priorities shift, the future of Secure by Design will depend on whether CISA and its partners can maintain the initiative’s momentum and continue pushing for meaningful industry reforms.
