CISA loses 1,100 staff

The immediate story is simple — the federal government’s main civilian cyber agency just got thinner at exactly the wrong moment. On Sunday, Homeland Security Secretary Markwayne Mullin said CISA lost about 1,100 employees during the 76-day partial DHS shutdown that ran from February 14 to April 30. That is not some abstract budget trim. It is a hit to the people who do threat hunting, information sharing, incident coordination, and the slow unglamorous work of helping critical infrastructure operators stay ahead of attacks. (thehill.com) ### What does CISA actually do? CISA is the government’s hub for civilian cyber defense and infrastructure security. It pushes out advisories, helps victims of cyber incidents, coordinates with state and local governments, and works with private operators in sectors like energy, hospitals, transportation, a(thehill.com)ing, mitigation, or technical help to the right people fast enough to matter. (cisa.gov) ### Why is 1,100 such a big number? Because CISA was already smaller before Mullin gave that number. In late March, acting director Nick Andersen told Congress the agency had a headcount of 2,389 employees, down from earlier levels over the prior year. If you put those two facts next to each other, the picture is not a temporary wobble. It looks more like an agency(cisa.gov)d then got hit again during a shutdown. That makes every departure hurt more. (meritalk.com) ### What did the shutdown do beyond payroll? It seems to have broken normal operating rhythm. Andersen told lawmakers only about 40% of CISA’s workforce was continuing to work during the shutdown because only certain functions could legally continue without pay. He also said intellige(meritalk.com)holder engagement were paused or sharply reduced. In plain English — the emergency lights stayed on, but a lot of the preventive work slowed down. (meritalk.com) ### Why do resignations matter more in cyber? Cyber teams are not interchangeable. If six highly technical threat-hunting specialists leave, you do not replace that next week with a generic hiring push. Those jobs depend on experience, clearances, and trust networks built over time. C(meritalk.com)ch tells you this was already a talent problem before the shutdown turned it into a morale problem. (meritalk.com) ### Was more cutting already on the table? Yes — and that is the part that makes this feel structural, not accidental. DHS budget documents released last year proposed cutting more than 1,000 CISA positions, taking the agency from roughly 3,732 funded positions to 2,649. Those propose(meritalk.com)pprove them, but the direction was already clear. (federalnewsnetwork.com) ### So what breaks first? Usually not the highest-profile mission. The first things to fray are the connective tissues — outreach, assessments, planning sessions, partner coordination, and the kind of hand-holding that helps smaller organizations act on a warning(federalnewsnetwork.com)s usually cannot. (meritalk.com) ### What should companies take from this? Basically, assume less federal bandwidth. Not zero help — but less surge capacity, less proactive engagement, and slower coordination when several things go wrong at once. The practical answer is boring but real: know your assets, know who can(meritalk.com) this episode is a reminder that your first line of defense was always supposed to be your own. (meritalk.com)