Cyber

DHS watchdog finds mismanagement in critical cyber talent program

CISA was paying employees without mission-critical cybersecurity backgrounds as part of a program for retaining cyber talent.

By Rebecca Heilweil

September 12, 2025

Listen to this article

0:00

This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.

A U.S. Department of Homeland Security sign is displayed at the U.S. Customs and Border Protection headquarters on May 18, 2025 in Washington, D.C. (Photo by Kevin Carter/Getty Images)

The Department of Homeland Security failed to effectively implement a critical retention incentive program for cyber talent, according to a new report from the agency’s inspector general, which found that federal funds meant for the Cybersecurity and Infrastructure Security Agency were used incorrectly.

In 2015, the agency implemented the Cyber Incentive program. The goal, the inspector general said, was to provide extra incentives to employees that might otherwise leave the federal government. More than $100 million has been spent on the program in recent years.

The program “was designed to help CISA retain mission-critical cybersecurity talent needed to execute its mission,” the report noted, and was meant to consider a series of qualifications to guide who received the retention benefit. The government hoped to keep in-demand technology experts in government.

“We found CISA’s implementation of the program wasted taxpayer funds and invites the risk of attrition of cyber talent, thereby leaving CISA unable to adequately protect the Nation from cyber threats,” the watchdog wrote.

Instead of being targeted toward valuable talent likely to transition to the private sector, the payments were disbursed generally, with many ineligible employees receiving tens of thousands of dollars in payment. According to the report, 240 employees who didn’t hold roles directly related to cybersecurity received payment through the Cyber Incentive program.

“We could not determine what made the positions in these CISA divisions critical to its overall mission to protect against cyberattacks that pose a threat to public safety and national security, or that there was an identified shortage of skilled individuals in these areas,” the report stated.

The agency’s human resources team didn’t track who received which payments, exacerbating the problem. More than 300 people also received erroneous backpayments.

The investigation was triggered following a hotline complaint sent to the OIG back in 2023. The OIG made eight recommendations to CISA, which concurred with all of them.