With recent leadership changes and a significant workforce reduction, the Cybersecurity and Infrastructure Security Agency (CISA) is undergoing a profound transformation. To understand the implications of this new direction, we sat down with Dominic Jainy, a veteran IT professional whose work focuses on the intersection of technology and public policy. He offers a critical analysis of the agency’s shift in mission, its controversial staffing cuts, and its redefined approach to securing the nation’s critical infrastructure and elections.
You have emphasized that a disciplined mission requires a “more capable and skilled” workforce rather than a larger one. With a significant reduction in staff, could you provide specific metrics or an anecdote that demonstrates how this new, more focused team is achieving better outcomes for taxpayers?
That’s the central argument coming from the agency’s acting leadership, and it’s a compelling narrative: focus on outcomes, not headcounts. When you hear that CISA, despite the cuts, assisted over 4,000 cyberattack victims and published more than 1,600 security products in 2025, it sounds like a victory for efficiency. The leadership points to these figures as proof that a leaner organization can be more impactful. However, the internal report tells a different story of turmoil, with at least 998 employees having left or been transferred. The real test isn’t just in the volume of products published, but in the institutional knowledge and expert relationships that walked out the door with those people. The leadership insists they “have the staff that we need,” but it’s hard to reconcile that with the bipartisan concern over workforce continuity we’re hearing from Congress.
CISA has shifted its election security approach, ending coordination with social media companies to avoid “narrative management.” Could you detail the specific tools and partnerships now used to help state officials combat foreign interference and disinformation, and explain how this new strategy is more effective?
This is one of the most significant and politically charged shifts we’ve seen. CISA has deliberately stepped away from anything that could be labeled as censorship or “narrative management,” a direct response to the intense criticism from the previous election cycle. The entire team that coordinated with social media platforms was eliminated. The new strategy treats election security just like any other critical infrastructure sector, like the power grid or banking. The focus now is on technical defense and intelligence sharing. The primary partnership highlighted is with U.S. Cyber Command, which aims to neutralize foreign adversaries’ attempts at interference before they reach the public. This approach is more effective in the sense that it avoids the political minefield of content moderation, allowing the agency to concentrate on its core technical mission without being accused of influencing domestic speech.
Given the turmoil involving key experts leaving and forced reassignments, how are you actively working to rebuild morale and ensure workforce continuity? Please walk us through the steps you are taking to retain top talent and recruit for mission-critical roles within the agency.
From the testimony, the strategy to manage morale appears to be rooted in a top-down reinforcement of the mission. The acting chief’s message is that being “on mission” and shedding extraneous responsibilities should be a motivating factor. He points to an attrition rate of 7.5% in 2025, which is below the government-wide average of 9.25%, as evidence that the situation is stable. The plan for the future is “targeted hiring in mission critical roles” while controlling costs. However, this doesn’t fully address the human element of seeing colleagues, many of them key experts, being forced out. The leadership seems to be betting that a clear, disciplined focus will naturally attract and retain the right people, even if the public narrative is one of an agency in turmoil.
With federal funding eliminated for the Multi-State Information Sharing and Analysis Center, many local governments have been impacted. What specific, alternative resources or programs is CISA providing to ensure these smaller entities still have access to the critical threat intelligence and support they need?
The elimination of funding for the Multi-State ISAC was a major blow for many local governments that relied on it. The official justification is that this brings it in line with the other two dozen ISACs, none of which receive federal funding. It’s presented as a move toward standardization and fairness. In place of direct funding, CISA’s leadership maintains that the agency is still coordinating with all the ISACs, including the Multi-State one. The support has shifted from a direct financial subsidy to providing intelligence and coordination. Smaller entities are now expected to lean on this broader information-sharing ecosystem, but it undoubtedly places a new financial and logistical burden on local governments that have now lost a critical, federally-backed resource.
In 2025, CISA reportedly assisted over 4,000 cyberattack victims and published more than 1,600 security products. Can you describe a specific incident where the agency’s streamlined focus allowed for a faster, more impactful response than might have been possible with the previous organizational structure?
While the hearing didn’t detail a specific incident, the philosophy espoused by the acting chief gives us a clear picture of what an ideal response would look like under this new model. Imagine a ransomware attack on a mid-sized hospital system. Previously, CISA’s response might have involved multiple teams with overlapping responsibilities. Under the new “back on mission” approach, the response would be laser-focused. A highly-skilled, smaller team would be deployed to triage the incident from the over 30,000 they handled that year, leveraging one of the 2,500 threat reports they’ve shared to quickly identify the adversary, and then providing actionable guidance drawn from their library of 1,600 security products. The goal is to eliminate bureaucracy and duplication, ensuring that every action directly contributes to victim support and network defense, maximizing impact without a sprawling headcount.
As CISA finalizes the CIRCIA reporting rule after reviewing extensive public feedback, what are the primary trade-offs you are weighing between national security needs and the regulatory burden on private industry? How are you working to strike a balance that encourages industry partnership?
This is a classic balancing act, and it’s one of the most critical tasks on CISA’s plate. On one hand, the government needs rapid, comprehensive reporting from private industry to protect national security. On the other hand, the business community is wary of regulations that are overly broad or onerous. The previous administration’s draft was heavily criticized for this. The current leadership has emphasized that they are working very closely with industry, meticulously reviewing what was described as “about 280-plus detailed public comments.” The trade-off is clear: require too much, too quickly, and you risk alienating the private sector partners CISA depends on. Require too little, and you leave the nation vulnerable. The agency’s approach appears to be a deliberate, slower process of refinement to ensure the final rule is seen as a collaborative security effort rather than a top-down mandate.
What is your forecast for CISA’s role in the upcoming midterm elections?
Looking ahead to the midterms, CISA’s role will be much more narrowly defined and technically focused than in past elections. You won’t see them engaging with social media companies about disinformation campaigns; that chapter is firmly closed. Instead, their efforts will be concentrated behind the scenes. Expect to see heightened intelligence sharing with state and local election officials, a strong partnership with U.S. Cyber Command to counter foreign threats, and the deployment of security services to protect election infrastructure itself. The agency’s public posture will be one of a quiet, capable partner focused exclusively on the technical integrity of the vote. They will be working hard to be effective while staying out of the political spotlight, which, in today’s climate, may be their biggest challenge and their most important goal.