CISA blasted by US watchdog for wasting funds and retaining the wrong employees

• CISA mismanaged over $138 million in cybersecurity retention funds, awarding incentives to unqualified or unrelated personnel
• The agency lacked proper oversight, documentation, and compliance, undermining its ability to retain critical cybersecurity talent
• DHS OIG recommended eight corrective actions; seven have been implemented, with one unresolved concerning recovery of improper payments

The US Cybersecurity and Infrastructure Agency (CISA) mismanaged funds and failed to properly oversee and document various funding incentives, risking its ability to retain top cybersecurity talent.

This is the conclusion of “CISA Mismanaged Cybersecurity Retention Incentive Program and Wasted Funds, Risking Critical Talent Retention”, a new report published by the DHS Office of Inspector General (OIG).

CISA is a US government agency responsible for protecting critical infrastructure and leading federal cybersecurity efforts, and apparently - it’s been doing a poor job lately.