Newsletter Archives | Page 3 of 9

One Password, 700 Jobs: The Collapse of a 158-Year Old Company

KNP Logistics Group had been moving goods across the UK for longer than you or your grandparents have been around. They had weathered world wars, recessions, and shifting markets over their lifetime, but last year the 158-year-old company fell victim to something it couldn’t recover from: a single, guessed employee password.

How It Happened

Hackers from the Akira ransomware group gained access to KNP’s internal systems by simply guessing a weak password. Once inside, they encrypted critical files, including backups and core systems, and demanded a ransom estimated at £5 million(5,826,400 USD).

The attack shut down operations overnight and with no clean backups, no access to essential systems, and customers moving to competitors, the business quickly unraveled. Within weeks, KNP went into administration, and approximately 700 jobs were lost.

The Takeaways for Every Business

While KNP’s size and age make the story stand out, the cause is far from unique. Weak or stolen credentials remain one of the most common entry points for cyberattacks. According to Verizon’s 2023 Data Breach Investigations Report, over 80% of breaches involve compromised passwords.

The lessons are clear:

Stronger Password Practices – Enforce complexity requirements, avoid re-use, and encourage long passphrases instead of short, memorable passwords.
Enable Multi-Factor Authentication (MFA) – Adding a second layer of verification stops most credential-based attacks cold.
Secure Your Backups – Keep at least one offline or immutable copy to ensure ransomware can’t touch them.
Test Your Response Plan – Run drills so your team can act quickly when the unexpected happens.

Insurance Isn’t Enough

KNP had cyber insurance, but coverage can’t restore lost customers, replace corrupted systems overnight, or save a business if operations are down for weeks. Cybersecurity isn’t just about meeting compliance standards; it’s about protecting your ability to function.

What Can You do?

KNP’s collapse is a reminder that no company, no matter how established, is immune to digital threats. The weakest point in your defenses might not be your firewall, your servers, or your software. It might be a single password. One of the best ways to counter this is to use MFA on login such as Duo that we have all our clients use here at Nevtec. This small additional security measure could have saved this company, and it can save you from a similar fate.

Don’t wait for a breach to reveal your weakest link. At Nevtec, we help businesses like yours implement simple but powerful protections, like Duo multi-factor authentication, that can stop credential-based attacks before they start. If you’re not sure where to begin, we’ll guide you. Click Here to schedule a security consultation and stay ahead of the next wave of cyber threats.

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

AI For Good; Google AI Blocks Zero-Day Exploit

In a milestone moment for cybersecurity, Google’s AI-powered defender “Big Sleep” has reportedly blocked a zero-day exploit targeting SQLite before threat actors could use it in the wild.

The Big Sleep Breakthrough

Big Sleep, developed by Google Project Zero and DeepMind, discovered a critical memory-corruption flaw in the widely used SQLite database engine. Tracked as CVE-2025-6965, this had not yet appeared in public scans but was known to attackers.

AI Acting Proactively

What makes this significant is that the AI acted proactively and alerted the vulnerability by Google Threat Intelligence that an exploit was imminent. Big Sleep pinpointed the vulnerability and triggered a preventive patch for it all before a breach occurred. Google claims this is the first timean AI agent has directly thwarted a real-world cyber threat.

Why This Matters

SQLite powers countless applications from mobile apps to embedded systems. A zero-day exploit in it could have had massive downstream consequences. Big Sleep’s intervention signals a leap from reactive cybersecurity to predictive, AI-powered defense.

What This Means for Defenders

AI is transforming cybersecurity by detecting threats at speed and scale, analyzing signals and code faster than humans to stop vulnerabilities before they’re weaponized. Google’s Big Sleep extends this protection beyond its own systems to widely used open-source components to scan and fortify. By combining traditional controls with AI-driven methods, Google is pioneering security as a hybrid defense that is both faster and more accurate.

Takeaway for Businesses

While the news is talking about all the bad and scary things that AI can or has done, this is a great change of pace to see AI working for us. Especially when many malicious people have only used it to work against us. Nevtec is here to help you use AI to your advantage, and this will be massive in helping us defend you even better than before. Click Here to schedule a consultation and stay ahead of the AI revolution.

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

Are Your New Hires More Vulnerable?

Study Finds New Hires 40% More Likely to Fall for Phishing Emails

A recent industry study has found that employees in their first year at a company are 40% more likely to click on phishing links compared to longer-tenured staff. The findings highlight a persistent challenge for businesses: while new hires bring fresh skills and energy, they also represent a higher cybersecurity risk during their onboarding period.

Researchers attribute this increased vulnerability to several factors. New employees are often unfamiliar with company communication styles, making it harder to spot unusual requests or suspicious formatting. They may also be eager to respond quickly to messages from supervisors or colleagues they have not yet met in person—conditions that phishing attempts often exploit.

The Targets Have Changed

Attackers are adapting their tactics accordingly, with some tailoring phishing emails to look like onboarding documents, benefits information, or urgent requests from HR or IT. These “contextual lures” have a higher success rate when targeting those still learning company systems and culture.

The Experts Speak On What You Can Do

Cybersecurity experts stress that organizations need to address this gap early. Traditional email filters and endpoint protections can help, but proactive security awareness training during onboarding is key to reducing risk. The goal is not just to teach new hires how to recognize a phishing email but to establish a culture where verifying unexpected requests is the norm.

As part of its recommendations, the study suggests companies should embed phishing awareness into the first week of training, run simulated phishing campaigns within the first 90 days of hiring new employees, and encourage employees to confirm suspicious requests through alternate channels if they have any doubts.

How Can You Avoid This?

For companies looking to close this gap, Nevtec offers targeted Security Awareness Training programs designed specifically for onboarding periods. In an era where one click can cause significant disruption, early investment in security training pays dividends in reducing risk and strengthening organizational resilience. Click Here to schedule a security consultation and stay ahead of the next wave of cyber threats.

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

This Iranian Backed Ransomware Group is Back With a Vengeance

You May Be the Target

A new chapter in cyber warfare is unfolding, and it’s one that businesses can’t afford to ignore. The Iranian-backed ransomware group known as Pay2Key has resurfaced in 2025 under a new name, Pay2Key.I2P, and with a more dangerous agenda than ever before.

Unlike traditional ransomware campaigns driven purely by profit, Pay2Key.I2P blends financial incentives with ideological motives. Affiliates are now offered up to 80% of ransom profits for targeting organizations in the United States and Israel, a clear signal that this is no longer just about money, it’s about geopolitics.

What makes this campaign especially alarming is its infrastructure. Pay2Key.I2P is the first known ransomware-as-a-service (RaaS) platform to operate directly on the https://geti2p.net/en/, a privacy-focused network designed for anonymous communication. This shift makes the platform harder to detect, disrupt, or trace.

Key Technical Advancements

The group has expanded its capabilities significantly, integrating AI features and broadening its attack surface:

Advanced evasion techniques that disable Microsoft Defender
Dual-format loader scripts to avoid detection
A new Linux-targeted build released in June 2025

These enhancements make Pay2Key.I2P more versatile and harder to defend against, especially for organizations with mixed infrastructure.

Since its reappearance in February 2025, the campaign has claimed over 51 successful ransom payouts, totaling more than $4 million. Individual operators have reportedly earned upwards of $100,000, highlighting the effectiveness and profitability of this model.

Here are some quick stats on Pay2Key.I2P

Launch Date: February 2025
Total Ransom Payouts: Over $4 million
Individual Operator Profits: Up to $100,000
Profit Share for Affiliates: 80%
Target Regions: United States and Israel
Deployment Network: I2P (Invisible Internet Project)
Linux Variant Released: June 2025

Recruitment and Ideological Incentives

The group’s recruitment strategy is equally concerning. Pay2Key.I2P has been openly advertised on Russian and Chinese darknet forums, offering $20,000 per successful attack. This democratization of ransomware deployment means that virtually anyone with minimal technical skill can become a threat actor.

Open access to ransomware binaries
Financial rewards tied to ideological targets
Promotion on multiple darknet platforms

This model blurs the line between cybercrime and cyber warfare, making attribution and prevention more difficult than ever.

What Businesses Should Do

For small and mid-sized businesses, this evolution in ransomware tactics presents a new kind of risk. The convergence of state-sponsored cyber warfare and RaaS platforms means that no organization is too small or obscure to be targeted.

“The Pay2Key.I2P campaign is a wake-up call. It’s not just about ransomware anymore, it’s about ideology, anonymity, and scale. Businesses need to think beyond firewalls and start building cyber resilience,” says Steve Neverve, CEO and Founder of Nevtec.

To stay ahead, organizations should:

Upgrade endpoint protection to a Managed Detection and Response solution like Sophos MDR
Monitor darknet activity for emerging threats
Educate staff on phishing and social engineering
Patch systems promptly, especially Linux environments

Nevtec’s cybersecurity team is actively monitoring threats like Pay2Key.I2P and helping clients build resilient defenses. Whether you’re looking to assess your risk posture, implement advanced threat detection, or train your staff, our experts are here to help.

Click Here to schedule a security consultation and stay ahead of the next wave of cyber threats.

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

Russia’s AI Disinformation Tactics Could Be Used Against Your Business

The same tools built for war are now targeting small and midsize organizations

A recent Wired investigation uncovered one of the fastest-growing and most dangerous fronts in global conflict: AI-powered disinformation.

Pro-Russian groups are now using free, widely available AI tools to flood the internet with deepfake videos, fake news stories, cloned voices, and bogus social media accounts as part of a coordinated effort known as Operation Overload. These campaigns are designed to confuse populations, erode public trust, and destabilize economies.

While their immediate targets include Ukraine, the U.S., and allied governments, the tactics being honed on the battlefield are already bleeding into the private sector, where small and midsize businesses are increasingly at risk.

If your company isn’t prepared for this new form of cyber warfare, you could become collateral damage.

AI-Fueled Information Warfare

Researchers at the Institute for Strategic Dialogue (ISD) have uncovered hundreds of AI-generated images, fake blogs, cloned voices, and synthetic videos shared across Telegram, TikTok, X, and email. These disinformation assets are designed to look real, spark outrage, or discredit targets.

The campaign’s goal is simple but far-reaching: overwhelm audiences with conflicting or false information to create confusion, erode trust in institutions, and destabilize public opinion. It’s a modern spin on psychological warfare designed not just to inform, but to exhaust and divide.

The sources are tools like Flux AI and other free platforms that anyone, including criminal groups, can use to create convincing fake content with just a few clicks.

This isn’t just state-sponsored propaganda. It’s proof that:

AI tools are now weapons
The barrier to entry is gone
Every organization is vulnerable

Small Businesses are at Risk

These sorts of AI-powered disinformation campaigns are being perfected on the battlefield and are already making their way into cybercrime and corporate sabotage.

1. Your Brand Is a Soft Target

Imagine a deepfake video circulating online that appears to show your CEO saying something inflammatory. Or a fake image of a product defect going viral. These kinds of false narratives can be created and deployed quickly and easily destroy trust with customers and partners.

2. You Can Be Framed in Supply Chain Attacks

Disinformation can be used to create false flags in the supply chain, causing partners to drop you or clients to panic. Criminals may pose as your business to target others, or insert you as a “weak link” in a campaign to breach larger enterprises.

3. Social Engineering Just Got More Dangerous

AI tools can mimic the voice of your executives. Attackers are already using them to fool employees into sending money or credentials. Combined with phishing, these tactics become almost impossible to detect without the right defenses.

Protect Your Organization

This is a new terrifying form of cyber warfare. But by having a plan and taking active steps can mitigate the risk and keep you and your reputation safe.

At Nevtec, here are what steps we recommend:

1. Train Your Employees to Spot Manipulated Media

Deepfakes and disinformation often work because people aren’t trained to question what they see or hear. Ongoing cybersecurity awareness training must now include AI threats, not just phishing.

2. Secure Your Executive Presence

Protect public-facing assets, like executive bios, headshots, and video appearances. These can be scraped to train deepfakes. Use secure communications platforms for sensitive video or audio exchanges.

3. Monitor for Brand Impersonation

Set up digital monitoring tools to flag unauthorized use of your company’s name, domain, or imagery. Early detection is key to controlling the narrative.

4. Implement an Incident Response Plan for Disinformation

Just like a data breach, a disinformation attack requires a rapid response. Have a plan in place to correct misinformation, notify stakeholders, and coordinate legal and PR efforts.

How Ready Are You?

AI-powered cyberattacks are here. The same tactics used to undermine global stability and erode public trust in wartime are now being deployed against small and midsize businesses.

If this technology can be used to influence elections and destabilize nations, imagine the damage it could do to your brand, your clients, and your operations. Is your business safe? Are you sure?

Schedule a free consultation with Nevtec

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

Tech Trends: Cybercrime Is Hitting Main Street

Small and midsize businesses are now the primary target for cyberattacks, according to the latest report from Sophos.

The 2025 Sophos Annual Threat Report reveals a major shift in the cybercrime landscape: criminals are turning their focus from Wall Street to Main Street.

While large enterprises still make headlines, attackers are shifting their focus to small businesses, local governments, healthcare providers, and schools. These are organizations they view as under secured and more likely to pay quickly in the event of an attack.

In this article, we break down the key findings of the report and, more importantly, show you how Nevtec can help you prepare and protect your business.

Small Businesses are Prime Targets

In previous years, major corporations were the big-game targets. But in 2025, cybercriminals are prioritizing volume over scale, opting for easier wins over massive payouts.

Here’s why:

Lower defenses: Many lack the in-house security resources or dedicated teams to respond quickly to threats.
Faster payouts: Attackers know small businesses are less likely to fight back, especially when ransomware halts operations.
Supply chain leverage: Small businesses often connect to larger organizations, making them a backdoor into enterprise networks.

The report lays that Main Street is now ground zero for ransomware, business email compromise (BEC), and social engineering attacks.

Threats to Watch in 2025

Sophos highlights several growing tactics you should watch closely:

Ransomware-as-a-Service (RaaS) Expands

Criminal groups are offering turnkey ransomware kits on the dark web, allowing even low-skilled hackers to launch sophisticated attacks.

“Pig Butchering” Investment Scams

These emotionally manipulative, long-game scams trick victims into fake crypto investments. SMBs are often targeted through employees’ inboxes or compromised social accounts.

AI-Assisted Phishing and Impersonation

Attackers now use AI to craft hyper-personalized phishing messages and clone voices or writing styles, making fraud much harder to spot.

The Fallout for Your Business

Cybercriminals no longer need to breach a Fortune 500 company to make money. They just need to lock down your data, impersonate your CEO, or trick an employee into clicking the wrong link.

Without proper protection in place your face:

Operational downtime
Reputational damage
Regulatory and legal consequences
Loss of client trust

Small and midsize businesses learn the costs of not being prepared every day.

Nevtec’s Advice: Stay Vigilant

The Sophos report paints a clear and urgent picture: being unprepared is a risk you can’t afford.

Too often, small and midsize businesses treat cybersecurity as a background IT concern, not the core business issue it truly is. But today’s threats don’t just disrupt your systems. They damage your reputation, drain your finances, and erode client trust.

At Nevtec, we help businesses shift from reactive to ready. Based on the 2025 Sophos Threat Report, here are the critical steps we recommend:

1. Enable 24/7 Threat Monitoring with Managed Detection & Response (MDR)

Catch threats in real time with expert monitoring and response. MDR helps prevent small intrusions from becoming full-blown incidents.

2. Train Employees on Modern Cyber Threats

Your team is the first line of defense. Regular training should cover phishing, business email compromise (BEC), deepfakes, and AI-driven scams.

3. Implement Zero Trust and Multi-Factor Authentication (MFA)

Zero trust means never assuming a device or user is safe. MFA and strict access controls protect your data, even if a password is compromised.

4. Run Routine Cyber Risk Assessments

Don’t wait for a breach to learn where you’re vulnerable. Regular assessments help you stay ahead of emerging threats and identify gaps before attackers do.

Be Vigilant. Strengthen Your Defenses.

The Sophos report makes it clear: cybercriminals are targeting businesses like yours, and being unprepared is no longer an option.

Your systems, your data, and your reputation are all on the line.

Now is the time to act. Be ready, stay vigilant, and take the steps to protect your business before it’s too late.

Schedule a free consultation with Nevtec

We’ll help you assess your cybersecurity maturity, identify vulnerabilities, and build a defense strategy that keeps you ahead of today’s most urgent threats.

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

Tech Trends: Check Fraud Is Skyrocketing

Businesses Are Switching to ACH

One of the oldest financial crimes is back and thriving.

Paper check fraud surged nearly 400% in 2024, making checks one of the riskiest ways to move money today. Businesses that continue paying vendors, partners, or clients by check are putting themselves at serious risk.

From stolen mail to forged signatures and altered check amounts, fraudsters are targeting small and midsize businesses that lack modern protections.

So what’s driving this rise and why are more businesses switching to ACH (Automated Clearing House) payments as a safer, more secure alternative?

The Return of Check Fraud

According to the Federal Reserve’s most recent fraud survey, checks account for one of the highest fraud loss categories, far more than most digital payments. In fact, the American Bankers Association confirmed that check fraud and debit card scams top the list for fraud losses in business banking.

Why checks are such a popular target:

They’re easy to intercept. Stolen mailboxes and check-washing schemes are on the rise.
They contain sensitive information. Checks expose your account and routing numbers—perfect for scammers.
They’re slow to process. This gives criminals more time to manipulate or forge them.
They’re hard to track. Once cashed or altered, it can be difficult to reverse the damage.

In many cases, fraudsters don’t even need to steal your check; they just need a photo of it.

ACH: A Better Way to Pay

ACH payments offer a secure, reliable alternative to checks, with fewer fraud risks and better control. They move funds electronically from one bank to another, reducing exposure and making it easier to authenticate and monitor each transaction.

Why ACH Makes Sense for Your Business:

Fewer fraud incidents: According to U.S. Bank, ACH fraud rates are significantly lower than check fraud.
Faster payment processing: No more mail delays or manual deposits.
More automation and less human error
Easier to track, audit, and reconcile

ACH Done Securely

ACH payments are safer, but they aren’t invincible. Attackers are increasingly using phishing, business email compromise (BEC), and fake vendor updates to redirect funds to fraudulent accounts.

That’s why switching to ACH also means building the right internal policies to prevent fraud.

Nevtec’s ACH Security Checklist

Before going fully digital with your payments, here’s what we recommend implementing:

Always verify account changes verbally. Never update ACH details based on email alone. Call a known contact using a verified phone number.
Use multi-factor authentication (MFA) on email and financial systems.
Create dual-approval workflows for large or first-time payments.
Train staff on phishing, invoice scams, and vendor impersonation.
Keep payment platforms and email systems updated with the latest security patches.

Start Paying Securely

Check fraud isn’t slowing down. If you’re still using paper checks to send or receive payments, you’re exposing your business to unnecessary risk. SECURITY AWARENESS

Nevtec can help you make the switch to ACH safely and efficiently, with the right cybersecurity measures, internal controls, and payment protections in place.

Schedule a consultation with Nevtec
We’ll help you design secure payment workflows, implement anti-fraud policies, and build confidence in your digital financial operations—so you can move money safely in 2025 and beyond.

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

Nerve-Wracking Facts: 10 More Cybersecurity Shocks You Shouldn’t Ignore

1. Cybercrime is projected to cost the world $10.5 trillion annually by 2025.

That would make it the third-largest economy in the world, after the U.S. and China.
Source: Cybersecurity Ventures

2. More than 60% of phishing sites are hosted on legitimate domains.

Attackers are hiding in plain sight by using compromised business websites.
Source: Palo Alto Networks Unit 42

3. AI-generated scams are fooling 49% of people.

A recent McAfee study found nearly half of consumers couldn’t distinguish AI-generated voices from real ones.
Source: McAfee AI Voice Scam Study

4. Deepfake videos have surged by 550% year over year.

Used in fraud, impersonation, and social engineering, they’re now a major business threat.
Source: Sumsub Identity Fraud Report 2024

5. 84% of companies have high-risk, inactive user accounts.

Old employee logins often go unnoticed—until they’re used in an attack.
Source: IBM Security

6. Cyber insurance claims rose 87% last year.

Attacks are more frequent, more severe, and more expensive, putting insurers and businesses under pressure.
Source: Coalition Cyber Claims Report

7. QR code scams (quishing) have increased 587%.

Attackers are replacing real QR codes with malicious ones to steal data or deploy malware.
Source: Abnormal Security

8. 90% of ransomware victims had endpoint protection, but it failed.

Standard antivirus is no longer enough. Ransomware is bypassing traditional defenses.
Source: Sophos State of Ransomware 2024

9. The average time to detect a breach is 204 days.

Attackers often lurk undetected for months before striking.
Source: IBM Cost of a Data Breach Report

10. The dark web has more than 15 billion stolen credentials for sale.

Many are from SMBs. If you reuse passwords, you’re likely already exposed.
Source: Digital Shadows Research

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

Employee Spotlight: Reece Williams

Employee Spotlight: Reece Williams – The Calm in the IT Storm

This month, we’re thrilled to shine the spotlight on Reece Williams, a System Administrator at Nevtec whose journey into IT began with a little family guidance and a lot of curiosity. From uncertain beginnings to becoming a go-to tech hero, Reece’s story is one of growth, grit, and a genuine love for helping others.

From Help Desk to Hero

Reece didn’t always know he’d end up in IT. After school, he was still figuring things out when his brother-in-law, an IT Director in Oakland, stepped in and offered to train him. That mentorship sparked a passion that led Reece into the world of Managed Service Providers (MSPs), where he’s been ever since. Starting at the Help Desk, he steadily worked his way up to a senior/project role—proof that dedication and curiosity can take you far.

Why He Loves What He Does

What keeps Reece motivated? It’s simple: people. “I love helping people,” he says. “When they’re frustrated and stressed, I like to relieve some of that stress and put a smile on their face.” That empathy and calm under pressure make him a favorite among colleagues and clients alike.

Life Beyond the Screen

When he’s not solving tech puzzles, Reece is all about the outdoors. Whether it’s hiking, kayaking, or just breathing in mountain air, he finds peace in nature. His recent trip to Iceland left a lasting impression—he calls it “the most beautiful place I have seen.”

Family First

Reece grew up in a military family, moving frequently and learning to adapt quickly. Today, his roots are firmly planted with his wife Christina and their beloved dog Kobe. “Family is the most important thing,” he says, and it shows in everything he does.

Favorite Things

Movie: Reservoir Dogs
Food: Steak and potatoes—especially anything grilled or smoked
TV Shows: For laughs, it’s The Office or Schitt’s Creek. For drama, Breaking Bad tops the list.

Fun Fact

As a kid, Reece dreamed of becoming a homicide detective. While he didn’t go down that path, his knack for solving problems and staying cool under pressure makes him a detective of a different kind in the tech world.

We Love Reece!

Reece’s journey reminds us that the path to success isn’t always straight—but with the right support, a willingness to learn, and a heart for helping others, you can build a career that’s both meaningful and impactful. Thanks, Reece, for being a steady hand and a friendly face at Nevtec!

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

CISA Lays Off Nearly One-Third of Workforce

In a significant and concerning development, the Cybersecurity and Infrastructure Security Agency (CISA) has experienced a dramatic reduction in its workforce. Nearly one-third of CISA’s employees have departed since the beginning of the second Trump administration, marking a critical moment for the nation’s top cybersecurity agency.

Expedited Exits

The workforce reduction has seen approximately 1,000 employees leave CISA, reducing the agency’s total workforce from 3,732 to around 2,649. This reduction has been driven by a combination of buyouts, early retirements, and layoffs. The Trump administration’s proposed budget for the 2026 fiscal year suggested cutting CISA’s workforce by 1,083 positions, but the agency has already reached these numbers.

Nation’s Infrastructure At Risk?

The reduction in workforce raises significant concerns about the agency’s ability to protect the nation’s critical infrastructure. CISA plays a crucial role in safeguarding power grids, water utilities, and election systems from cyber threats. With a smaller team, the agency may struggle to provide the necessary support and defense against increasing cyber threats.

Leadership Void

The workforce reduction has affected several of CISA’s most visible and impactful initiatives. Virtually all of CISA’s senior officials have now left, including Lauren Zabierek and Bob Lord, who oversaw the “Secure by Design” initiative, and Matt Hartman, the No. 2 official in CISA’s cybersecurity division. Members of CISA’s international partnerships and engagement division have also departed, further impacting the agency’s capabilities.

Sean Plankey, the nominee for CISA director, faces the prospect of leading an agency that’s lost one-third of its workforce in just a few months. Plankey is likely to face questions about the deep workforce reductions and low morale at CISA. One current CISA employee said, “Approximately 1,000 staff have either been placed on administrative leave or have resigned from the agency. The reductions represent about one-third of CISA’s workforce.”

A former CISA employee who recently retired said, “Dozens of agency employees turned in their badges, laptops, and other equipment last Friday, the deadline for employees who took one of the most recent buyout offers. It was like an assembly line.”

Uncertain Future

The future of CISA remains uncertain as the agency navigates these significant changes. Sean Plankey is expected to testify before the Senate Homeland Security Committee to address questions about the workforce cuts. The agency has already started appointing new officials to senior roles, but the impact of these changes on CISA’s effectiveness remains to be seen.

The reduction in CISA’s workforce is a critical development that could have far-reaching implications for the nation’s cybersecurity. As cyber threats continue to evolve and increase, the need for a robust and well-equipped cybersecurity agency is more important than ever.

Optimize Your IT Today

Navigator

Windows 10 End of Life Soon

Category Archives: Newsletter