CISA Pen-tester Says 100-strong Red Team Binned After DOGE Canceled Contract

Updated A penetration tester who worked at the US govt's CISA claims his 100-strong team was effectively dismissed after Elon Musk's Trump-blessed DOGE unit cancelled a contract – and that more folks have also been put out of work by the cybersecurity agency.

“On Friday, February 28, 2025, at 1600 hours, the government contract I supported with CISA (Dept of Homeland Security) was terminated due to DOGE," senior penetration tester Christopher Chenoweth wrote on LinkedIn.

"DOGE cut our entire red team and all support roles — over 100 people impacted. The following Wednesday, DOGE cut a second CISA red team also doing mission-critical work. As a result, I and many other experienced red team operators are now seeking new opportunities."

DOGE’s "wall of receipts" listing contracts it has cancelled hasn’t been updated since March 5, but lists 86 deals axed at CISA’s parent, the Department of Homeland Security. The Register reviewed the list and can’t find one obviously related to penetration testing.

Someone with Chenoweth’s experience – he’s a former Marine who’s worked in infosec for 20 years - shouldn't struggle to find a new gig. Chenoweth wrote he’s now keen on "DOGE-resistant opportunities."

For those waking up from a six-month coma, DOGE is the advisory unit run by Tesla tycoon Elon Musk that goes around the US federal government pointing out staff, programs, and contracts for the White House to kill off, ostensibly to save Uncle Sam some money. Its key operatives are listed here, and previous coverage can be found here.

• Ex-NSA grandee says Trump's staff cuts will 'devastate' America's national security
• US Cyber Command reportedly pauses cyberattacks on Russia
• So … Russia no longer a cyber threat to America?
• Incoming deputy boss of Homeland Security says America's top cyber-agency needs to be reined in

Meanwhile, the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) – which is part of the US government-funded Center for Internet Security organization and advised American election officials, and voting machine makers, about democracy-menacing cyber-threats – has also seemingly been shut down.

"Due to the termination of funding by the Department of Homeland Security, the Center for Internet Security no longer supports the EI-ISAC," its now-wiped website reads.

Not too surprising given the Trump administration's sudden desire to rein in those probing election security.

Also reportedly under threat is the CISA-funded Multi-State Information Sharing and Analysis Center (MS-ISAC), established over 20 years ago to share cybersecurity information between federal, state, and local governments.

"The EI-ISAC and the MS-ISAC provide real-time threat-sharing and response coordination that election offices can’t replicate by themselves. Losing that coordination leaves towns and counties to fight nation-state hackers on their own," Tim Harper, a senior policy analyst at the separate Center for Democracy and Technology, said in a statement to El Reg.

"Many state and local election offices rely on EI-ISAC as their only source of federal cybersecurity support, so cutting it puts entire counties at risk. Defunding EI-ISAC doesn’t just weaken election security, it leaves communities wide open to cyberattacks on schools, emergency services, and local governments," he added.

The Register asked the Center for Internet Security and CISA for comment, and none was forthcoming at the time of publication. ®

Updated to add on March 13

In a statement, CISA's spinners confirmed the cybersecurity agency had "taken action to terminate contracts."

They also insisted there are at least some penetration-testing teams still operating for the organization. "CISA’s red teams continue their work without interruption," the agency said.