The recent departures have put additional pressure on a workforce that was already operating at full capacity. “We were facing a critical skills shortage even before this,” remarks a second employee. “Currently, most team members are handling responsibilities meant for two or more full-time staffers.”
The CISA team responsible for assisting critical infrastructure operators in responding to cyberattacks has experienced prolonged understaffing. Although the agency introduced additional support roles for this team following an audit by the Government Accountability Office, “most of those roles were eliminated,” claims a third employee.
CISA’s primary programs have, for the most part, remained unaffected so far. This includes the threat-hunting division, which investigates potential threats, scans governmental networks for intrusions, and addresses security breaches. However, some of the employees who were laid off previously offered essential “backend” support to threat hunters and analysts. “There are improvements that could be implemented for the tools in use,” says the first employee. With a reduced workforce focused on these enhancements, “we risk becoming dependent on outdated systems.”
In a statement, DHS spokesperson Tricia McLaughlin asserts that CISA stays “dedicated to ensuring the safety and security of the nation’s critical infrastructure” and emphasized “the essential expertise that CISA personnel contribute to our efforts every day.”
National Security Council spokesperson James Hewitt dismisses the reports in this article as “nonsense,” stating that “there have been no widespread layoffs at CISA, and its mission remains completely intact.”
“We continue to enhance cybersecurity partnerships, advance AI and open-source security, and safeguard electoral integrity,” Hewitt states. “Under President Trump’s guidance, our administration will achieve significant advancements in bolstering national cybersecurity.”
Challenges with Partnerships
CISA’s external collaborations—fundamental to its ability to monitor and combat evolving cyber threats—have suffered considerable setbacks.
International travel has come to a standstill, as reported by two employees, with any trips—or even online engagements with foreign collaborators—now requiring high-level approvals. This has impeded CISA’s synergy with other cyber agencies, including those of its “Five Eyes” allies: Canada, Australia, New Zealand, and the UK, according to staff members.
Moreover, communication between CISA employees and officials from other federal agencies has become strained. Conversations that were once routine now necessitate special permissions, slowing down critical operations. “I can’t contact a CISO during an emergency without prior approval,” mentions a fourth employee.
At the same time, businesses are increasingly hesitant to share information with CISA or utilize the agency’s complimentary attack-monitoring services, largely due to concerns stemming from DOGE’s breach of agency systems, according to two employees. “There’s escalating anxiety regarding all our services that handle sensitive data,” states the third employee. “Partners are inquiring about what DOGE can access and are apprehensive that their confidential information could be compromised.”
“The damage to preexisting relationships will leave lingering repercussions,” says the fourth employee.
The Joint Cyber Defense Collaborative (JCDC), a key platform for collaboration between government and industry, is also facing difficulties. The JCDC collaborates with over 300 private firms to share threat intelligence, create defensive strategies, address geopolitical challenges, and issue advisories. While the unit aims to expand its partnerships significantly, it has “struggled to scale this initiative,” according to the first employee, with recent layoffs exacerbating the situation. Although contractors might offer some assistance, the JCDC’s “vendor support contracts are set to expire in under a year,” adds the employee, noting that many government processes have been stalled or frozen lately. CISA currently lacks the personnel to fill the gaps, as stated by the fourth CISA employee.
