The Cybersecurity and Infrastructure Security Agency faces an uncertain future after more than one-third of the agency, including more than a dozen senior leaders, have left their positions in recent months.
Meanwhile, many of CISA’s engagements with industry have been paused after Homeland Security Secretary Kristi Noem terminated a key partnership council in March.
CISA also faces the prospect of losing longstanding information sharing authorities in September and is tasked with finalizing landmark cyber incident reporting rules by November.
The inflection point comes as Sean Plankey, the nominee for CISA director, testifies before the Senate Homeland Security and Governmental Affairs Committee on Thursday morning.
Plankey has previously served in cybersecurity positions at the Energy Department and the Coast Guard. He enjoys broad support from the cyber industry and former officials.
CISA workforce turmoil
Plankey is likely to face questions about the deep workforce reductions and low morale at CISA. One current CISA employee said approximately 1,000 staff have either been placed on administrative leave or have resigned from the agency. The reductions represent about one-third of CISA’s workforce. Axios first reported the number of CISA reductions.
Many employees took the most recent “fork in the road” offered by the Department of Homeland Security. The resignations include 14 senior leaders, including the heads of several CISA operational divisions, regional divisions and key administrative posts.
A former CISA employee who recently retired said dozens of agency employees turned in their badges, laptops and other equipment last Friday, the deadline for employees who took one of the most recent buyout offer.
“It was like an assembly line,” the former employee said.
CISA employees had to decide about whether to stay or go with little information about the Trump administration’s plans for the agency, according to current and former employees.
The White House directed all agencies to develop workforce reduction plans in February. The initial plans were due to the White House in March. But even after DHS offered the latest buyout options in April, CISA employees said they were kept in the dark about the ultimate plan for the cyber agency.
Current and former officials said CISA leaders either said they didn’t know or refused to answer when asked about the agency’s workforce reduction plan during all-hands meetings.
CISA’s budget justification documents, published on Friday, provide more detail about budget cuts and planned workforce reductions. But the documents were released well after the deadline for employees to decide on DHS’s workforce transition offer.
Mark Montgomery, director of the Cyberspace Solarium Commission 2.0, said making sense of the workforce reductions will be among Plankey’s first big challenges, if he’s confirmed.
“People left randomly from different jobs, and they lost a disproportionate amount of senior executives,” Montgomery said. “This was not a well organized cutting. It was just kind of a jailbreak.”
The departures are also raising questions from industry about CISA’s ability to keep up with its responsibilities. In April, the agency narrowly avoided letting a key cybersecurity vulnerability management contract expire.
Ari Schwartz, coordinator of the Cybersecurity Coalition, pointed out that CISA’s budget request includes cuts to the team implementing the Cyber Incident Reporting for Critical Infrastructure Act, or CIRCIA. The statutory deadline for CISA to finalize the CIRCIA rule is November.
Schwartz said despite the Trump administration’s plans to slim down CISA’s staff and responsibilities, Congress has often turned to the agency to do more in recent years.
“I think there will be a call to do more, and they will need more people to do it, and then they have to figure out how to get that done,” Schwartz said. “Are they going to hire contractors? Are they going to try and rehire full time staffers at the point that they need them?”
In a statement, acting CISA Director Bridget Bean said the agency is “doubling down and fulfilling its statutory mission to secure the nation’s critical infrastructure and strengthen our collective cyber defense.” CISA declined to comment on the number of workforce reductions.
“We were created to be the cybersecurity agency for the nation, and we have the right team in place to fulfill that mission and ensure that we are prepared for a range of cyber threats from our adversaries,” Bean said.
Public-private partnerships
Beyond CISA’s staffing cuts, Plankey will likely face questions about the future of CISA’s public-private partnerships. If he’s confirmed in the coming weeks, he’ll be staring down a Sept. 30 expiration for the Cybersecurity Information Sharing Act of 2015. The law underpins many of CISA’s cyber threat intelligence sharing activities with industry.
Cyber leaders in Congress have already introduced bills to reauthorize the law. But they face a tight timeline in a narrowly divided Congress with a packed agenda over the coming months.
In March, DHS also terminated the Critical Infrastructure Partnership Advisory Council amid a broader purge of federal advisory committees.
CIPAC allowed government and industry officials to share information and make recommendations regarding cyber threats and other threats to critical infrastructure. It also facilitated the sector coordinating councils that helped address issues in specific sectors ranging from electricity to water.
CIPACT also chartered public-private groups focused on issues like securing communications technology supply chains and the defense industrial base. The work of those groups has now been put on hold as well.
Noem has said DHS plans to reinstate CIPAC so it will “bring more people to the table and be much more action oriented.”
But industry officials have yet to see a plan materialize ahead of Plankey’s nomination hearing. They say the workforce cuts at CISA mean the agency will likely need to rely more on partnering with the private sector.
“I would argue the partnership is more important than ever in that environment, because you really need to leverage private sector resources,” one technology industry official told Federal News Network. “Hopefully that’s all able to get back on track quickly to help Sean succeed.”
Copyright
© 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
