NSA Leadership Changes Amid Ongoing Cyber Directorate Turmoil
The National Security Agency (NSA) has undergone significant leadership changes following months of instability at its highest levels. Tim Kosiba, a veteran with over three decades of federal service, has been appointed as the new deputy director of the NSA after the Trump administration removed his predecessor and other top officials, reportedly due to political pressure. Kosiba previously held key roles within the NSA, FBI, and Naval Criminal Investigative Service, and his appointment was confirmed by Defense Secretary Pete Hegseth and Director of National Intelligence Tulsi Gabbard with President Trump's approval. The agency has faced a prolonged period without a Senate-confirmed leader, contributing to uncertainty within both the NSA and U.S. Cyber Command.
Simultaneously, the NSA's cybersecurity directorate is also experiencing a transition in leadership. David Imbordino, currently the directorate’s deputy chief, will serve as acting head following the retirement of Greg Smithberger, who had been leading in an interim capacity. Holly Baroody is set to return from the United Kingdom to serve as acting deputy chief. The directorate, established in 2019 to enhance intelligence sharing and collaboration with critical infrastructure, has lacked a permanent chief since early last year. These leadership changes come as the NSA continues to address evolving cyber threats, including recent advisories on malware such as BRICKSTORM, and underscores the agency’s ongoing efforts to stabilize its executive ranks and maintain operational continuity.
Timeline
Jan 9, 2026
Lorna Mahlock nominated as Cyber Command deputy
Marine Corps Maj. Gen. Lorna Mahlock was nominated to become U.S. Cyber Command's next deputy chief as part of the broader leadership reshuffle.
Jan 9, 2026
Josh Rudd awaits Senate confirmation to lead NSA and Cyber Command
Army Lt. Gen. Josh Rudd was pending Senate confirmation to become the dual-hatted leader of the NSA and U.S. Cyber Command, leaving the final leadership structure unsettled.
Jan 9, 2026
Tim Kosiba becomes NSA deputy director
Tim Kosiba was tapped to become the NSA's No. 2 official, a key leadership change reported amid broader cyber leadership turnover at the agency.
Jan 8, 2026
Holly Baroody returns from UK as acting deputy chief
Holly Baroody was set to return from the United Kingdom to serve as acting deputy chief of the NSA Cybersecurity Directorate.
Jan 8, 2026
David Imbordino named acting head of NSA Cybersecurity Directorate
The NSA selected deputy chief David Imbordino to serve as acting head of the Cybersecurity Directorate during the ongoing leadership transition.
Dec 1, 2025
NSA, CISA and Canada issue BRICKSTORM malware advisory
The NSA, CISA and Canadian authorities jointly released an advisory warning about the BRICKSTORM malware threat.
Apr 1, 2025
Greg Smithberger retires from NSA cyber leadership
Greg Smithberger retired from his leadership role in the NSA's Cybersecurity Directorate, contributing to the directorate's extended leadership transition.
Apr 1, 2025
NSA Cybersecurity Directorate loses permanent chief
The NSA's cybersecurity directorate went without a permanent leader for more than nine months before the January 2026 acting leadership changes, indicating the vacancy began around spring 2025.
Jan 1, 2020
David Imbordino co-leads election security effort
David Imbordino co-led the Election Security Group with U.S. Cyber Command to help protect the 2020 U.S. presidential election from cyber threats.
Jan 1, 2019
NSA establishes Cybersecurity Directorate
The NSA created its Cybersecurity Directorate to improve intelligence sharing and collaboration with industry and government partners on cyber threats.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
Related Stories
Leadership Turbulence and Strategic Shifts at the NSA Under Trump Administration
The Trump administration reversed its decision to appoint Joe Francescon as the next deputy director of the National Security Agency (NSA), opting instead for Tim Kosiba, a former NSA and FBI official. This change follows internal White House opposition and criticism from far-right activists, highlighting ongoing instability within the NSA's leadership ranks. The agency has faced significant personnel changes and has operated without a Senate-confirmed leader for over eight months, raising concerns about continuity and operational effectiveness. Simultaneously, former national security officials have raised alarms about the administration's new national security strategy, which they argue prioritizes short-term, transactional objectives—such as focusing intelligence resources on Venezuela and hardline migration policies—at the expense of monitoring enduring and emerging threats in Europe, Asia, and other regions. These developments underscore broader concerns about the direction and stability of U.S. intelligence leadership and strategy during this period.
1 months ago
Leadership Changes at U.S. Cyber Command and NSA
U.S. Cyber Command’s Cyber National Mission Force (CNMF) removed Air Force Lt. Col. **Jason Gargan**, a joint task force commander focused on operations against **Russia**, after he was “relieved for cause” following disagreements over operations with CNMF leadership, according to people familiar with the matter. Gargan was reassigned elsewhere within CNMF and is expected to retire by the end of 2026; the move was described as unusual for CNMF, where underperforming leaders are typically rotated rather than dismissed. The personnel action occurred amid broader senior-level churn at Cyber Command, which has reportedly been without a Senate-confirmed leader for an extended period, and as CNMF chief Maj. Gen. **Lorna Mahlock** was nominated to become Cyber Command’s next deputy chief. Separately, the **National Security Agency (NSA)** appointed intelligence community veteran **Timothy Kosiba** as deputy director with presidential approval. Reporting highlighted Kosiba’s background in network warfare and offensive cyber roles (including **Tailored Access Operations**-linked positions) and senior leadership posts supporting foreign signals intelligence and cybersecurity missions; Acting NSA and Cyber Command head **William Hartman** publicly endorsed the appointment as supporting NSA’s mission execution.
1 months ago
Leadership Uncertainty at U.S. Cyber Command and NSA Amidst Policy Disarray
U.S. Cyber Command and the National Security Agency have been without a permanent leader for over seven months following the dismissal of Air Force Gen. Timothy Haugh and his deputy, a move that has unsettled both organizations. Army Lt. Gen. Joshua Rudd, currently serving as the No. 2 at U.S. Indo-Pacific Command and lacking direct cyber or signals intelligence experience, has emerged as a leading candidate for the dual-hat leadership role, though the selection process remains fluid and contentious. Key leadership positions at both agencies remain unfilled, with Marine Corps Maj. Gen. Lorna Mahlock and Brig. Gen. Matthew Lennox identified as likely appointees to senior roles once the top post is settled. This leadership vacuum comes as the Trump administration’s official cyber policy calls for stronger deterrence against foreign cyber threats, particularly from China, but President Trump himself has publicly downplayed the significance of such threats. Senior administration officials have highlighted the need to respond to campaigns like those attributed to Salt Typhoon and Volt Typhoon, which target U.S. telecommunications and critical infrastructure, yet the president’s dismissive stance has created a disconnect between policy rhetoric and executive action. The ongoing instability at the helm of the nation’s top cyber agencies raises concerns about the United States’ ability to effectively coordinate and respond to escalating foreign cyber operations.
1 months ago