TZUTC: -0500   
   MSGID: 1502.consprcy@1:2320/105 2d2ebf8f   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   CISA blasted by US watchdog for wasting funds and retaining the wrong   
   employees   
      
   Date:   
   Mon, 15 Sep 2025 19:00:00 +0000   
      
   Description:   
   Roughly $183 million was given to CISA in four years to reward the proper   
   employees.   
      
   FULL STORY   
   ======================================================================   
    - CISA mismanaged over $138 million in cybersecurity retention funds,   
   awarding incentives to unqualified or unrelated personnel   
    - The agency lacked proper oversight, documentation, and compliance,   
   undermining its ability to retain critical cybersecurity talent   
    - DHS OIG recommended eight corrective actions; seven have been implemented,   
   with one unresolved concerning recovery of improper payments   
      
   The US Cybersecurity and Infrastructure Agency (CISA) mismanaged funds and   
   failed to properly oversee and document various funding incentives, risking   
   its ability to retain top cybersecurity talent.    
      
   This is the conclusion of CISA Mismanaged Cybersecurity Retention Incentive   
   Program and Wasted Funds, Risking Critical Talent Retention, a new report   
   published by the DHS Office of Inspector General (OIG).    
      
   CISA is a US government agency responsible for protecting critical   
   infrastructure and leading federal cybersecurity efforts, and apparently -    
   its been doing a poor job lately.   
      
   Lacking oversight    
      
   In the report, OIG slammed the agency for mismanagement and noncompliance,   
   claiming the agency failed to properly design, implement, and manage its   
   Cybersecurity Retention Incentive program.    
      
   As a result, its use of more than $138 million in federal funds, which it   
   received between 2020 and 2024, was inefficient, by large. Among other    
   things, OIG said the agency paid incentives to employees who did not meet   
   mission-critical, or high-qualification criteria.    
      
   In fact, some recipients held administrative roles unrelated to    
   cybersecurity, and 348 individuals received $1.41 million in unallowed back   
   payments.    
      
   OIG also said CISA lacked oversight and documentation, claiming its Office of   
   the Chief Human Capital Officer did not maintain accurate records of   
   recipients or payments, and broadened eligibility requirements without proper   
   procedures. DHSs oversight was also insufficient, it was added.    
      
   All these things meant CISA was risking cybersecurity talent retention. OIG   
   argued that the diluted incentive program undermined morale among qualified   
   cybersecurity professionals and jeopardized CISAs ability to retain critical   
   talent.    
      
   If CISA continues to offer the Cyber Incentive to a broad swath of its   
   workforce, circumventing the intent of the program, it risks attrition and   
   increased vulnerability to cyber threats as well as spending money   
   unnecessarily, the OIG warned.    
      
   Finally, the agency recommended eight steps to improve program integrity and,   
   per the document, CISA agreed with all eight of them. Seven already seem to    
   be implemented, while the eighth one is currently unresolved, and it revolves   
   around recovering improper payments made to ineligible employees.    
      
    Via Cybernews   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/cisa-blasted-by-us-watchdog-for-wasting   
   -funds-and-retaining-the-wrong-employees   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426