CISA restructuring plan release date unknown and likely to be slowed by Plankey nomination

The acting director of the Cybersecurity and Infrastructure Security Agency told employees on Wednesday that it is unclear when a plan to reduce and restructure the agency’s workforce will be finalized. 

The plan has been drafted but it needs to be reviewed by the Department of Homeland Security, the White House and the Office of Personnel Management, acting Director Bridget Bean said.

Some 1,300 people are expected to be cut from CISA’s ranks. Much remains unknown, but the National Risk Management Center (NRMC), which analyzes risks to cyber and critical infrastructure, is expected to face significant reductions.

The plan’s release will also be slowed down by the need to allow feedback from Sean Plankey, who has been nominated as CISA director, she said.

“We're onboarding our political leadership and, again, wanting to make sure that to the extent possible we are preserving decision space for him,” Bean told agency staff, according to audio from the meeting obtained by Recorded Future News. “This is really important.”

Earlier this month, Sen. Ron Wyden (D-OR) announced he will block Plankey’s nomination until CISA makes public an unclassified 2022 report focused on U.S. telecommunications companies’ security problems.

Keith Chu, a spokesperson for Wyden, said Wednesday that the hold on Plankey’s nomination remains in place. Such holds do not prevent a nomination hearing or committee vote, but can delay floor votes on nominations, Chu said.

It is unclear when Plankey’s nomination hearing will be held. A spokesperson for CISA declined to comment.

Bean acknowledged at the meeting that the plan’s release could take a long time and the process faces “multiple hurdles.”

“This is really important, but it does not in any way reduce perhaps the anxiety and the angst that employees are experiencing, wondering, ‘is my position subject to the RIF [reduction in force]?’”

The meeting also touched on the requirement that many CISA workers who live up to 50 miles away from an office location begin working on-site on May 5.

Notifications about where workers will have seats are coming in sporadically, a CISA official said, emphasizing that once employees receive notice they must immediately stop telework.

“If we were to notify you today you would be expected to report tomorrow,” the official said. 

There is no flexibility in the policy and staffers who are unable to adapt within a day must use leave to cover any time they cannot be in the office, the official said.

Space in offices is limited, she added, and employees can expect in many cases to be working in conference rooms, operational areas and training centers.