Cybersecurity vet Madison Horn makes her bid for US Congress

It’s safe to say that Madison Horn is the only candidate for US Congress in history who has ever injected Taylor Swift lyrics into a teleprompter during a pen test.

A few years ago, while working in cybersecurity at a global consulting firm, Horn conducted that white-hat hacking demo to show her client, a media outlet, how vulnerable its systems are to much darker online exploits.

“It was so important to understand how susceptible our media companies are to attacks in a different way, and what information could be broadcast to millions and millions of people in seconds,” says Horn, now CEO of her own cybersecurity firm, RoseRock Advisory Group.

After working in private sector cybersecurity for 13 years, Horn is running as a Democratic candidate in Oklahoma’s fifth congressional district. She pledges to shine a brighter light on cyber issues if Oklahoma voters send her to Congress.

That may be an uphill battle on Capitol Hill, where border security constantly overshadows cybersecurity — and Senate Majority Leader Chuck Schumer still roams the corridors using a flip phone.

A path from cyber to politics

Horn, 34, is a seventh-generation Oklahoman and a citizen of the Cherokee tribal nation. She was born and raised in Stilwell, a tiny town with just 3,700 people and a 47% unemployment rate. It’s part of Adair County, where 55% of households have no broadband access, 44% are Native American, and 20% live below the poverty line.

Horn says that growing up in the heart of America’s economic, social, and digital divide provided the inspiration for her run for political office.

“I grew up as a farm kid. I didn’t have any type of true exposure to technology. But I did have exposure to what it means to struggle,” she says. “I’m fighting to ensure we close that technological divide and truly understand the social impacts of it, like healthcare outcomes. It sounds like a cheesy platitude, but there’s been a real decay in our rural communities and no one really gives a damn about them.”

Madison Horn For Congress

Horn left Stilwell and worked various jobs (office admin, tutoring, waitressing) until a chance meeting with some cybersecurity pros resulted in an entry-level job offer at their company. She worked her way up the ladder to cyber roles at Accenture and PwC.

In 2022, she left her job as global cybersecurity portfolio lead at Siemens Energy to launch her first run for office, an unsuccessful campaign for the US Senate. She started her firm RoseRock thereafter, and currently sits on the advisory committee of the US Global Leadership Coalition, a non-profit focused on national security, foreign policy, and critical infrastructure.

In her current political campaign, she views the cybersecurity of critical infrastructure — for oil, gas, electric, and nuclear power — as a cornerstone of national security. She had an epiphany about it early in her cyber career, while visiting a nuclear power facility to conduct a threat assessment.

“When you get close to one of those [nuclear] stacks, it’s a very unnatural and humbling feeling. The ground is literally vibrating from the amount of electricity that’s coming through. And you have the realization of what you’re protecting, to ensure that no one can jeopardize a set of systems that could wipe away that entire state and have widespread impact around the way that we harness nuclear energy,” she says.

Cybersecurity policy priorities

If elected, Horn says she will push for more funding to modernize America’s critical infrastructure grid, boosting its resilience to cyber threats. She’s also in favor of creating rules of engagement for international cyber warfare, saying, “There’s no real language that actually dictates the articles of war in cyberspace, and that’s dangerous.” Horn says multinational cyber defense treaties should be developed akin to NATO’s Article 5, “so there are agreements of what can happen if someone attacks the US” in the cyberspace realm.

Domestically, Horn would like current federal cybersecurity regulations for CISA’s 16 categories of critical infrastructure to be tailored to each sector. “It needs to be industry-specific because the same regulation isn’t going to match water infrastructure facilities, or satellites in space, or telecoms,” she says.

In a campaign news release, Horn has urged the US to “develop strategies for dealing with emerging technologies like AI and quantum computing at a national level.” In an interview with CSO Online, she didn’t elaborate on specific policy plans but said “whoever harnesses the power of AI first is going to dictate the global economy” as the next global superpower. She believes the weaponization of AI for disinformation campaigns is a cyber threat to US elections, including the one she’s running in.

“Russia, Iran, and China want to create a discourse of distrust within American institutions. They’re pushing out narratives to create fractures so that Americans don’t go out and vote,” says Horn.

A day after her interview with CSO, the US Department of Justice (DOJ) indicted two Russians, alleging they paid a Tennessee firm $10 million to post anti-US propaganda videos online. According to DOJ officials, the 2,000 videos have racked up more than 16 million views on social media since November 2023.

Cybersecurity remains an abstract concept on Capitol Hill

Even if Horn gets elected, her quest to make cybersecurity a higher legislative priority could prove tough to fulfill. One stumbling block is Washington’s focus on border security over cybersecurity. While border security came up 20 times during the 90-minute Trump/Harris presidential debate (an average of once every 4.5 minutes), cybersecurity elicited zero mentions from either candidate.

“Do we have immigration problems? Yes,” Horn acknowledges. “Whether that be fentanyl [trafficking] or the potential threat of terrorist groups or bad actors coming across the southern border, those are threats that people see in their communities. But when we talk about cybersecurity, it’s still a little bit abstract, to be honest.”

Another challenge is the notorious dearth of tech knowledge on the Hill. Besides Schumer’s undying devotion to flip phones, there was also Mark Zuckerberg’s memorable appearance at a 2018 Senate hearing. High-ranking members of Congress asked the Meta CEO some truly bizarre questions, suggesting they had no basic understanding of how social media or smartphones work.

“Having someone in Congress with a background in [cyber], with hands-on experience, could lead to more informed decision-making. They can advocate for stronger cybersecurity laws’ they can work on better funding for cybersecurity defense initiatives,” says Dennis Dayman, CISO of Code42, a division of Mimecast. Dayman, who’s also chair of the policy subcommittee at the Department of Homeland Security, has known Horn through cyber industry circles for a couple of years.

Horn’s Republican opponent, incumbent congresswoman Stephanie Bice, worked in finance, marketing, and business strategy at her family’s technology company for eight years. Bice also had an executive role at a digital marketing agency and currently serves on the House Committee on Science, Space, and Technology.

Aiming to be a ‘powerful’ role model for diversity

In the heart of Horn’s electoral district, Mitzi Westerman runs a tech consulting firm in Oklahoma City. During Horn’s 2022 senate run, they met briefly to talk about women in politics and cybersecurity over lunch. Westerman says Horn, if elected, could be a powerful role model for diversity within both politics and tech.

“I couldn’t be more excited about the possibility of someone with Madison’s background, skill set, experience, and perspective being in the United States Congress. We’re definitely underrepresented as women, in technology and in the leadership of our country at this moment. So I think it’s hugely impactful,” says Westerman, president and owner of mGroup IT and Telecommunications.

Horn is definitely a statistical rarity in cybersecurity. In the US, just 20 to 25% of the cyber workforce is female; only 1% is Native American.

Although her first run for office was unsuccessful, Horn managed to garner one-third of all votes in her failed 2022 senate bid, the best showing by a Democrat in an Oklahoma senate race since 2004. After making it all the way from her family farm in Stilwell to the cybersecurity boardroom, she’ll try once again to make it to Congress in November.