Though CISA was unusually absent from this year's RSAC, several different speakers had a lot to say about the future of the nation's top cybersecurity agency.
Like many other critical US federal agencies, the Cybersecurity and Infrastructure Security Agency (CISA) has faced serious restructuring under the direction of the Department of Government Efficiency (DOGE). In the first rounds of firings between January and February, CISA may have lost around 10 percent of their workforce. Later, more than 100 probationary workers were then technically rehired in March 2025 after a federal ruling. Two months after inauguration, President Trump nominated a director for CISA, Sean Plankey. However, Plankey’s confirmation has also been delayed as Oregon Senator Ron Wyden (D) has blocked the nomination until a report on US telecommunications security is released. The acting director of CISA, Bridget Bean, recently shared it may be a while before a plan to restructure the agency is finalized. This turbulence is ongoing, and is likely to affect CISA’s ability to function as the nation’s top cybersecurity agency.
For instance, CISA’s presence was notably missing from the 2025 RSA conference, which is attended by cybersecurity professionals from all over the world. This year, RSAC ran from April 28, 2025 to May 1, 2025 in San Francisco. In the past, leaders at CISA, like former director Jen Easterly have spoken at the conference, even using the opportunity to talk to press and gather support for federal initiatives, like Secure by Design. Topically, two high-ranking officials at the agency who pioneered the Secure by Design initiative resigned a week before the conference.
This year, there were no current staff from CISA talking at the conference. Jen Easterly, and another former director of CISA, Chris Krebs, did still talk at RSAC 2025, with Easterly denouncing the recent changes at the agency. In comparison, the current secretary of the Department of Homeland Security (DHS), Kristi Noem was added as keynote speaker at the last minute. There, she reiterated the opinions on CISA that she shared during her confirmation hearing - saying that the agency’s efforts to stop election misinformation were irrelevant: “We need to put CISA back on mission. Many times CISA is doing important work, but we also saw them get into areas that were not why they were created.” Easterly responded by saying protecting election security was on mission for CISA: “...election infrastructure was designated as critical infrastructure after Russian attempts to undermine our election security. And frankly, I was very, very proud of that mission."
Noem’s call to get CISA “back on mission”, defending the extensive cuts the agency has faced, was just one part of her keynote speech at RSAC 2025. Noem also shared support for the Cybersecurity Information Sharing Extension Act, a renewal of the 2015 Cybersecurity Information Sharing Act, which is set to expire this year. The latest version, backed by two senators (Gary Peters (D-MI) and Mike Rounds (R-SD)), continues to “encourage businesses to share information about ongoing cybersecurity threats with the federal government to strengthen our nation’s cybersecurity defenses.” Under this act, information sharing is entirely voluntary, and does not place a specific time constraint on when to report - unlike the 2022 Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which has not progressed past the Notice of Proposed Rulemaking issued last year. In her speech, Noem expressed that passing the bill could strengthen the government’s connection to the private sector while reducing the need for CISA’s funding.
Not all attendees at the conference agreed with Noem’s stance. Like Easterly, Krebs condemned the cuts to CISA’s funding at a panel: “Cybersecurity is national security, we all know that, that’s why we’re here, that’s why we get up every morning and do our jobs. We are protecting everyone out there, and right now to see what’s happening to the cybersecurity community inside the federal government, we should be outraged, absolutely outraged.” He reportedly received massive applause for saying so, suggesting that the general cybersecurity workforce is not aligned with the Trump administration (which is also investigating Krebs for saying the 2020 presidential election was secure and valid).
In addition to causing federal employees to worry about their jobs, the shake-up at CISA has also caused states to worry about their cybersecurity. During the Biden Administration, the DHS established a $1 billion state and local cybersecurity grant program that “has undoubtedly improved, and sometimes even established, the cybersecurity posture of our states and localities”, according to New York Rep. Andrew Garbarino, chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection. The initiative was supported by CISA and the Federal Emergency Management Agency (FEMA). On April 1, 2025, witnesses to the program testified at a House hearing, stressing the need for the program while calling for improvements.
Recently, the US Government Accountability Office (GAO) reported on the grant program to Congress. They found that the grants are funding 839 cybersecurity projects in alignment with the cybersecurity framework described by the National Institute of Standards and Technology (NIST). The program received positive feedback, but the challenges officials found included “sustaining cybersecurity projects after the program…officials from three states emphasized the importance of reauthorizing the program.” Considering Noem’s push to trim CISA, along with her opting out of the cybersecurity grants when she was governor of South Dakota, there doesn’t seem to be a bright future for the grant.
In any case, CISA’s funding will likely continue to be a source of tension, as Noem looks to limit the agency and others call for a stronger, more sturdy CISA. At the conference, Krebs was very clear on his position: “We need more Cyber Command, more fighters. We need more folks at the NSA collecting intel. We need more front line defenders, threat hunters, red teamers, folks that are just doing CISA admin, the basics, we need more of that, not less.”