Federal cybersecurity efforts are threatened as Elon Musk’s Department of Government Efficiency (DOGE) has fired more than a hundred Cybersecurity and Infrastructure Security Agency (CISA) staff, according to employees affected who were interviewed by TechCrunch.
The most recent round of reductions, in late February and early March, hit essential cybersecurity staff such as members of CISA’s “red team” and Cyber Incident Response Team (CIRT). These teams, tasked with finding vulnerabilities in government networks ahead of hackers, were hit hardest.
“DOGE was like a ballistic missile without a guidance system,” one former employee, who requested anonymity in case of government reaction, said. From directly affected sources, the workers were not notified before they were dismissed. The majority found out for certain only when they were locked out of the company network without warning.
When questioned for comment, CISA spokeswoman Tess Hyre declined to provide exact figures on the number of affected employees. Hyre maintained that the agency’s red team “remains operational” but conceded that CISA is “reviewing all contracts to make sure that they are consistent with the priorities of the new administration.”
Impact on Primary Cybersecurity Functions
The cuts came hardest among staff tasked with guarding government networks from cyber attacks. One of the laid-off staff members disclosed that 30 to 50 incident response staff members were cut, along with more than 80 staff members who worked to aid continuous monitoring projects.
These teams are at the core of the federal government’s approach to cybersecurity. Red team staff simulate attacks in order to find security vulnerabilities before they can be exploited by actual attackers. By contrast, CIRT staff do penetration testing and vulnerability management on networks within most federal departments and agencies.
When questioned regarding possible effects on government systems after such staff reductions, one of the former staff members candidly conceded, “As far as what will happen to those government systems, I have no knowledge.”
Pattern of Reductions
This is the third documented round of reductions to CISA since the beginning of the Trump administration on January 20. Earlier reports already indicated that DOGE already lowered more than 130 CISA employees in early February. Certain CISA employees who were tasked with election security were also placed on administrative leave in January.
The persistent downsizing is questioning the readiness of the federal government for cybersecurity at a time when cyber assaults by foreign states and criminal networks persist and continue to grow and evolve.
Ex-CISA employees are now in search of what one called “DOGE-resistant gigs” following these abrupt layoffs. Abruptness of the layoffs left many cybersecurity professionals questioning their own fates, and the security standing of the government networks they once protected.
While CISA remains to redirect its operations to prioritize what the agency spokesman referred to as “the priorities of the new administration,” there are issues surrounding how the reductions in the number of people would affect the government’s ability to detect, prevent, and respond to cyber attacks on the nation’s critical infrastructure and information systems.
The cybersecurity community will be watching closely to determine how CISA is retooling its capabilities and whether the agency is given alternative resources to continue its protective mission in the wake of the significant personnel reductions.
In the meantime, retired personnel and security experts are left to wonder about the long-term implications of these cuts to the nation’s cyber defense position, particularly in light of the continued growth in the number and complexity of cyber threats.
