“People are scary”: Inner CISA as the reels are caught from the purging of the cards,
The departure is tense at the already thinly growing workforce. “We had encountered [a] The second employee said: “Most people work more than two full-time jobs. [staffers]. ”
The CISA team, which helps critical infrastructure operators respond to hacks, has been understaffed for years. The agency has added support positions for that team Government Accountability Bureau Audithowever, “most of those people were fired,” says the third employee.
CISA’s flagship program has been largely unharmed to date. It includes Threat Hunting Brunchanalyze threats, search intruder government networks, and respond to violations. However, some of the laid back staff provided important “back-end” support to threat hunters and other analysts. “There are enhancements they can add to the tools they’re using,” says the first employee. However, fewer people are developing these improvements, so “starting an outdated system.”
In a statement, DHS spokesman Tricia McLaughlin said CISA is “committed to the safety and security of the country’s critical infrastructure,” and touted “the key skills CISA experts bring to the fight every day.”
National Security Council spokesman James Hewitt added that the story’s report was “nonsense” and that “the CISA had no extensive layoffs and its mission remains completely unharmed.”
“We continue to strengthen our cybersecurity partnerships, advance AI and open source security, and protect the integrity of our election,” Hewitt said. “Under President Trump’s leadership, our administration will make great strides in strengthening national cybersecurity.”
Partnership issues
CISA’s external partnerships were the cornerstone and particular emphasis in our efforts to understand and counter evolving threats.
International travel has been frozen, and travel and even online communications with foreign partners are seeking high levels of approval, according to the two employees. This has hindered collaboration between CISA and other cyber agencies, including Canada, Australia, New Zealand and the UK, which are its “Five Eyes” allies, staff say.
CISA employees are unable to even communicate with people from other federal agencies as they used to. Previously, daily conversations between CISA staff and high-level officials elsewhere require special permission, slowing down important tasks. “We cannot contact the CISO about an emergency without approval,” says the fourth employee.
Meanwhile, businesses have shared information with the CISA and expressed fear about using the agency’s free attack surveillance service for Doge. Delegation computer stolenAccording to two employees. “There is a high degree of concern with every service that collects sensitive data,” says the third employee. “partner [are] You can ask questions about what Doge has access to and express concern that their sensitive information is in their hands. ”
“The disruption of established relationships will have long-term effects,” says the fourth employee.
CISA’S Joint Cyber Defense Cooperationthe well-known hub of government industrial cooperation is also struggling. The JCDC is currently working with over 300 private companies to exchange threat information, draft defensive playbooks, discuss geopolitical challenges, and publish recommendations. The unit wants to add hundreds of partners, but the first employee says “it’s difficult to scale,” and the recent layoffs have only made things worse. Contractors may be able to help, but JCDC’s “vendor support contracts will go away within a year,” the employee says. Also, with the government-wide process being frozen or suspended for several weeks, we don’t know if CISA can pursue it. New contract. The JCDC doesn’t have enough federal workers to pick up Slack, says a fourth CISA employee.
