Two top cyber officials resign from CISA

Two senior officials at the Cybersecurity and Infrastructure Security Agency announced they were leaving the organization.

Bob Lord, who joined CISA as a senior technical advisor in 2022, wrote on LinkedIn Monday morning that he had “made the difficult decision” to leave the agency. 

Minutes later, Lauren Zabierek, a CISA senior advisor, announced on her LinkedIn page that she is resigning from her role.

“This was not an easy choice, as service to the nation has been the cornerstone of my career, from my time in uniform, to my years in the intelligence community, and now as a senior advisor at the nation’s cyber defense agency,” she wrote.

Neither said what they would do next.

The departures are the latest sign of the brain drain taking place at the country’s domestic cyber agency. The Trump administration could soon axe up to 1,300 employees, cutting about half of CISA’s full-time staff, and another 40 percent of its contractors.

Bob Lord previously held top security roles at the Democratic National Committee, Twitter and Yahoo. Image: @CISAgov / X

The agency previously attempted to cut 130 probational staffers, a move that was blocked in court before being overturned in an appeal. Earlier this month, the Homeland Security Department offered buyouts to employees who voluntarily resigned by April 14. It’s unclear if Lord or Zabierek were part of the buyouts.

In a statement, CISA Executive Director Bridget Bean, who is currently running the agency, said it “remains laser-focused on working across the public and private sectors to improve the nation’s cybersecurity.”

“This is why we continue to urge companies to develop products that are secure by design, instead of passing the cost of poorly designed products on to consumers,” she added. “While CISA’s approaches to Secure by Design evolve, our commitment to the principles remain steadfast. I thank Bob Lord and Lauren Zabierek for helping to lay the foundation on which future work in this space can be built.”

Lord previously served as the first chief security officer at the Democratic National Committee in 2018, where he worked to boost campaign cybersecurity in the wake of the 2016 breaches of the DNC and Hillary Clinton’s campaign by Russian hackers, like implementing digital security guidelines for campaigns to follow ahead of the 2020 presidential election. He previously held top security roles at Yahoo and Twitter.

Zabierek was the executive director of the Cyber Project at Harvard Kennedy School's Belfer Center before joining CISA. (Editor's note: Zabierek previously worked for Recorded Future — The Record is an editorially independent arm of the company).

Both Lord and Zabierek wrote that they were grateful to work on CISA’s Secure by Design initiative, its sweeping effort to hold tech companies accountable for the cascading harms of poorly designed products and vulnerable software.

“There’s a role for everyone in making software safer,” according to Lord. “Whether you're a developer who can propose systemic solutions to recurring classes of coding error, a product leader who can prioritize security investments, or a customer who demands transparency and measurable security improvements from software manufacturers, your actions matter.”

The effort “will only succeed if more people take ownership of the problem. So wherever you sit in the software ecosystem, I hope you’ll find your way to contribute,” he added.

Zabierek wrote that “being part of this initiative has been one of the most meaningful experiences of my career, one that truly embodies the spirit of public-private partnership and both interagency and international collaboration.”

She said one of the government's “most important roles is to catalyze innovation that serves the public, and then find a way for it to scale, adapt, and endure. What started as a government-led call to action has quickly become a global movement and we look forward to continuing the momentum.”

President Donald Trump has nominated Sean Plankey, a former top Energy Department and National Security Council official, to serve as director of CISA, but his nomination is currently blocked by Sen. Ron Wyden (D-OR) until CISA publicly releases a report on telecommunication systems vulnerabilities allegedly from 2022.