The White House is continuing to downsize the Cybersecurity and Infrastructure Security Agency (CISA) via a round of cuts and forced relocations.
These cuts are a result of the White House’s “reductions in force” during the federal shutdown. In late September, the Office of Management and Budget (OMB) advised federal agencies that the shutdown would provide an opportunity to cut programs and jobs deemed inconsistent with President Trump’s priorities.
Making true on that promise, 176 employees at the Department of Homeland Security (DHS) have been laid off since the government shutdown began, says a court filing from the OMB last week. Following a statement from the DHS, it seems that many of those terminations may have involved CISA employees.
“RIFs will be occurring at CISA,” the DHS spokesperson said. “During the last administration CISA was focused on censorship, branding and electioneering. This is part of getting CISA back on mission.”
The reductions mark the latest in a series of reductions to the Agency’s workforce since President Trump came to office in January.
Following the loss of one third of its workforce earlier this year, almost two thirds of CISA’s remaining 2,500 employees were furloughed when the government shutdown began on October 1st, leaving only 889 staff working without pay. Following this latest round of cuts, that number could reduce to as few as 713.
The cuts reportedly targeted employees in CISA’s Stakeholder Engagement Division, Integrated Operations Division, and Infrastructure Security Division’s Chemical Security unit, but didn’t affect the Cybersecurity Division.
Relocation, Relocation, Relocation
In addition to the cuts, the DHS has sent relocation orders called Management Directed Reassignments (MDRs) to a number of CISA employees, reportedly ordering them to take new roles within US Immigration and Customs Enforcement, US Customs and Border Protection, the Federal Emergency Management Agency, and the Federal Protective Service (FPS).
For some CISA employees, these new roles may be across the country from where they currently live; some may also be assigned roles that do not match their skillset. Despite this, refusing an MDR notice can be considered grounds for termination.
In a post on LinkedIn, Sunny Wescott, CISA’s Chief Meteorologist, wrote about her reassignment, which would require her to relocate from Arlington, Virginia, to Fort Worth, Texas, in order to take on a new role at the FPS.
“Is that truly the best use of my knowledge and skills?” Wescott wrote.
The Bigger Picture
The reduction of almost 1,000 employees across CISA since the start of the year has been a cause for concern for many cybersecurity professionals, who worry that the cuts could lead to a lack of support for critical infrastructure organizations and reduced resilience against nation state-backed cyberthreats.
The latest round of cuts comes shortly after the expiration of the US Cybersecurity Information Sharing Act, which meant that organizations sharing threat intelligence with government agencies or peers will no longer receive antitrust and liability protections.
As a result, the US “will face a more complex and dangerous security environment,” warned industry experts. “Sharing information about cyber threats and incidents makes it harder for attackers because defenders learn what to watch for and prioritize.”
