The Cybersecurity and Infrastructure Security Agency wasted federal funding and undermined cyber protections by paying retention bonuses to personnel without special skills, an government watchdog says.
CISA, a unit of the Department of Homeland Security, received more than $138 million to retain employees with specialized cybersecurity skills from fiscal 2020 to 2024 but didn’t narrowly target the bonus payouts, didn’t maintain proper records, and didn’t comply with program requirements, the DHS inspector general reported Friday. CISA’s mismanagement of the bonuses resulted in $1.4 million in unpermitted back payments, the report said.
The watchdog’s findings are the latest bruise for an ...