TechTarget and Informa Tech’s Digital Business Combine. TechTarget and Informa TechTarget and Informa Tech’s Digital Business Combine. Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise Newsletter Sign-Up Newsletter Sign-Up Cybersecurity Topics Related Topics Application Security Cybersecurity Careers Cloud Security Cyber Risk Cyberattacks & Data Breaches Cybersecurity Analytics Cybersecurity Operations Data Privacy Endpoint Security ICS/OT Security Identity & Access Mgmt Security Insider Threats IoT Mobile Security Perimeter Physical Security Remote Workforce Threat Intelligence Vulnerabilities & Threats Recent in Cybersecurity Topics Application Security 'TrustFall' Convention Exposes Claude Code Execution Risk 'TrustFall' Convention Exposes Claude Code Execution Risk by Jai Vijayan May 7, 2026 5 Min Read Cyberattacks & Data Breaches Instructure Breach Exposes Schools' Vendor Dependence Instructure Breach Exposes Schools' Vendor Dependence by Alexander Culafi May 6, 2026 3 Min Read World Related Topics DR Global Middle East & Africa Asia Pacific Latin America See All The Edge DR Technology Events Related Topics Upcoming Events Podcasts Webinars SEE ALL Resources Related Topics Resource Library Newsletters Podcasts Reports Videos Webinars White Papers Partner Perspectives Dark Reading Resource Library Cybersecurity Operations Threat Intelligence Cyber Risk Cybersecurity Careers News Has CISA Finally Found Its New Leader in Tom Parker? Dark Reading investigates rumors that Tom Parker, a board room 'operator' and longtime cyber exec, could be next in line to take over CISA. Becky Bracken , Senior Editor , Dark Reading May 7, 2026 5 Min Read Source: Timon Schneider via Alamy Stock Photo It’s been a brutal 16 months since the Cybersecurity and Infrastructure Agency (CISA) has had a Senate-confirmed director. Now, a new name has bubbled up as a possible pick to take over the beleaguered agency: Tom Parker, a low-key, British-born cybersecurity expert known for business savvy, technical expertise, and decades of focus on the delicate economics of cybercrime and cyber defense. Reports say that although he has not yet been officially nominated, Parker is a contender to get the nod from new Department of Homeland Security Secretary, Markwayne Mullin. A request for comment from Dark Reading to DHS was referred to the White House, which has not yet responded. Parker however tells Dark Reading that despite recent reporting, he has not had any “direct engagement” with the administration on taking on the role, but would welcome the opportunity. “Having spent the past two decades working across administrations, Congress, and the private sector on national cybersecurity strategy, policy, and large-scale cyber operations, I would welcome a conversation with the administration about how we continue strengthening the security and resilience of the nation’s most critical infrastructure and building operationally robust partnerships with American cyber businesses,” Parker tells Dark Reading. “This mission of CISA is more important than it ever has been, with increasingly emboldened adversaries that seek to harm US digital assets at home and abroad, using increasingly sophisticated methods of attack, such as the use of AI.” Related: Name That Toon: Mark of (Security) Progress It should be noted, Parker has also been a long-time contributor to Dark Reading . A Look at Tom Parker's Cyber Bona Fides Those who know and have worked with Parker throughout his career say he would be a solid choice to lead CISA with his unique set of skills. “For 20 years he has been the authority on adversaries,” Ryan LaSalle, CEO of Nisos, says about Parker. “He’s a true operator, has absolutely been a force for resiliency in this country, and would bring a new level of expertise to CISA.” LaSalle points out that Parker has never been a polarizing figure, and thinks that this could give him an edge in today’s hyper-intense political environment. His longtime collaborator and business partner, cybersecurity expert Matt Devos, says he thinks Parker could in fact help bring down the political temperature at CISA. And, he adds, the time he and Parker spent red teaming for some of the biggest companies in the world earned Parker invaluable insights into the cybersecurity risks businesses face every day. Related: 20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage “Thirty minutes later [after a red-team exercise] he could go into the board and explain the risk in terms they understood,” Devos says. “He would continue to enable the trust between the private sector and CISA.” Parker certainly has demonstrated that he knows his way around a boardroom. He’s currently an executive with IBM , and has launched and sold two start-ups: FusionX, which he sold to Accenture in 2010; and Hubble, founded in 2020 and funded by CrowdStrike and Accel, which he sold to KKR/NetSPI in 2024. He also served as CISO for insurer AIG Business between his startup stints. Navigating Tough Political Waters at CISA Whoever steps in to lead CISA next will have a hard job ahead of them, says Jake Williams, cyber expert and vice president of research at Hunter Strategy: “Trust in CISA to provide timely, actionable, and apolitical data to industry partners is at an all-time low. This is critical, because as much as CISA helps private organizations, it relies on the data those organizations share, too.” Roselle Safran, founder of cybersecurity startup company KeyCaliber and former US Executive Office of the President Branch Chief and DHS cybersecurity analyst under the Obama administration, says she has only met Parker in passing, but thinks navigating government bureaucracy can be tough for someone more accustomed to getting things done at enterprise speed, she adds. Related: Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber “Founders know how to set a clear vision, attract talent, iterate quickly when processes aren't working, and deliver results, all of which will be needed for the next CISA leader to be effective,” Safran says. “Of course, government work brings its own set of unique and nuanced constraints, particularly due to its bureaucratic nature and the need to address multiple stakeholders simultaneously. However, he likely has the ability to learn quickly.” And although he’s not exactly a Beltway insider, Parker’s no stranger to Washington DC either. He served as a consultant for US-CERT , later folded into CISA, and was on the Department of Homeland Security cyber advisory committee under the George W. Bush administration director Tom Ridge. Parker also joined the FedRAMP working group that created the first set of federal regulations for software, and worked with cybersecurity legend Dan Kaminsky to help policymakers understand the nuance around net-neutrality regulations. One former high-ranking CISA official, who asked not to be named directly, says he doesn’t know Parker personally, but hopes that the new director, whoever they are, will focus on secure-by-design, “given how quickly AI is changing the economics of breaking and building software.” The former CISA official says he would also like to see the CVE program get funded . Credentials and skill set aside, confirmation in the Senate will likely be a tough slog for any nominee. The previous choice, Sean Plankey, finally withdrew from consideration last April after lingering in the confirmation process for 13 months. Senator Ron Wyden blocked Plankey’s confirmation in an effort to force the US government to release details on China’s Salt Typhoon attacks on US communications networks. His office did not respond to a request for comment on whether he would similarly work to stymie Parker’s confirmation. Don't miss the latest Dark Reading Confidential podcast, How the Story of a USB Penetration Test Went Viral . Two decades ago Dark Reading posted its first blockbuster piece — a column by a pen tester who sprinkled rigged thumb drives around a credit union parking lot and let curious employees do the rest. This episode looks back at the history-making piece with its author, Steve Stasiukonis. Listen now! Read more about: CISO Corner About the Author Becky Bracken Senior Editor, Dark Reading Award-winning journalist and senior editor at Dark Reading reporting across diverse media platforms, including podcasts and video. Becky is passionate about delivering insightful, high-quality information and storytelling that informs and engages the cybersecurity community. Her specific focus is on the intersection of cybersecurity and public policy and it's impact on the enterprise. As the host and producer of the recently Azbee-recognized Dark Reading Confidential podcast, she presents compelling conversations with industry leaders, exploring the latest trends and challenges in cybersecurity. Becky is also the moderator Dark Reading's popular editorial webinars, and oversees Dark Reading's Commentary section, curating expert perspectives intended to drive meaningful dialogue. Additionally, she is the host of Dark Reading's Black Hat News Desk, delivering timely and in-depth coverage right from the heart of one of the industry's most important events. Beyond editorial responsibilities, Becky is a regular writer and reporter for Dark Reading, contributing articles that delve into the evolving cybersecurity landscape. Prior to joining Dark Reading, Becky honed her expertise as a cybersecurity reporter for Threatpost, where she covered breaking news and emerging threats in the digital security space. She holds a BA in political science from the University of Arizona, and