The director of Citizen Lab, one of the most prominent organizations investigating government spyware abuses, is calling on the cybersecurity community to take action against rising authoritarianism. Ron Deibert will deliver a keynote at the Black Hat cybersecurity conference in Las Vegas, one of the largest gatherings of information security professionals. Ahead of his talk, Deibert shared his concerns about what he describes as a “descent into a fusion of tech and fascism,” highlighting the role of major tech platforms in fueling collective insecurity—an issue often overlooked by the cybersecurity community.
Deibert views recent political events in the United States as a dramatic shift toward authoritarianism, but he believes the cybersecurity community can play a crucial role in defending against it. He stressed the need for awareness and action, urging professionals not to contribute to these trends and, if possible, help reverse them.
Historically, the cybersecurity industry in the U.S. has largely avoided political engagement. However, politics has increasingly intersected with cybersecurity. Earlier this year, former President Donald Trump ordered an investigation into Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), after Krebs publicly refuted Trump’s false claims of election fraud. Krebs was later fired via tweet. Months after Trump’s 2024 reelection, the investigation forced Krebs to leave his position at SentinelOne and vow to fight back.
In response, Jen Easterly, another former CISA director, called on the cybersecurity community to speak out. She warned that remaining silent when experienced leaders are targeted risks undermining the institutions they aim to protect. Easterly herself faced political pressure when an offer to join West Point was rescinded under the Trump administration.
Deibert, who recently published his book *Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy*, shares Easterly’s concerns. He argues that the cybersecurity landscape is shifting, and professionals must recognize that traditional security challenges may pale in comparison to the broader erosion of checks and balances.
Deibert also worries that major tech companies like Meta, Google, and Apple may scale back efforts to combat government spyware, particularly by reducing their threat intelligence teams. These teams track government-linked hackers, including agencies like China’s Ministry of State Security and Russia’s FSB and GRU, as well as private firms like NSO Group and Paragon. They also detect attacks on users, such as WhatsApp uncovering NSO Group’s hacking of over 1,400 users in 2019 or Apple identifying and notifying victims of government spyware.
Deibert points to a “huge market failure” in cybersecurity for global civil society—groups that lack the resources to hire major security firms catering to governments and corporations. He warns that this gap will widen as institutions weaken and attacks on civil society intensify. He urges cybersecurity professionals to contribute through pro bono work, calling it essential for the future of liberal democracy.
Despite the critical role of threat intelligence teams, Deibert fears they may face cuts, especially as tech companies reduce moderation and safety teams. He acknowledges the valuable work of teams at companies like Meta but questions how long they can remain insulated from broader corporate pressures.