WASHINGTON D.C. — The Cybersecurity and Infrastructure Security Agency (CISA), the leading U.S. federal entity charged with protecting the nation’s critical infrastructure from cyber and physical threats, is grappling with a significant and widening leadership crisis, according to sources familiar with the situation. Nearly all of CISA’s top officials are reported to have departed or are slated to leave the agency by the end of May 2025, sparking concerns about the stability and effectiveness of America’s primary cyber defense body at a time of escalating digital warfare.
Scope of the Departures
The scale of the impending departures is described as unusually broad, affecting key operational areas across the agency. Senior leaders from five of CISA’s six operational divisions are reportedly among those heading for the exits. This includes vital components responsible for cybersecurity, infrastructure security, emergency communications, and other critical functions. Furthermore, most of CISA’s regional offices, which play a crucial role in coordinating with state, local, tribal, and territorial partners, are also facing leadership changes.
The list of departing officials includes prominent figures within the cybersecurity community. Matt Hartman, who has held significant roles within the agency, is among those confirmed to be leaving. Also departing is Boyden Rohner, another key leader whose contributions have been central to CISA’s operational capabilities.
This extensive turnover at the senior level is not limited to one or two specific divisions but represents a systemic drain of expertise and institutional knowledge from nearly every corner of the agency responsible for defending the digital and physical backbone of the United States.
Timeline and External Context
The mass departures are occurring on a specific timeline, with the majority expected to be complete by the end of May 2025. This date coincides with a period of heightened geopolitical tension and increasingly sophisticated cyber threats. Global adversaries, including state-sponsored actors from countries like Russia, China, Iran, and North Korea, are persistently targeting U.S. government networks, critical infrastructure operators, and private sector entities with disruptive and espionage-focused cyber campaigns.
The timing of this leadership void is particularly concerning to cybersecurity experts and policymakers. As foreign adversaries grow bolder and their attack methods more advanced, a stable, experienced, and cohesive leadership team is seen as essential for CISA to effectively anticipate, deter, and respond to these threats. The departure of leaders across both central divisions and regional offices could potentially impact the agency’s ability to execute its mission uniformly across the country.
Implications for National Security
The primary concern raised by these departures revolves around CISA’s stability and effectiveness. The loss of experienced senior personnel can disrupt ongoing initiatives, slow decision-making processes, and potentially leave gaps in strategic planning and operational execution. For an agency tasked with protecting everything from the energy grid and financial systems to federal networks and election infrastructure, such instability could have significant national security implications.
Expertise in cybersecurity and infrastructure protection is highly sought after, and the reasons behind the collective decision of these officials to depart are not explicitly detailed in the provided information. However, the sheer volume of senior leaders leaving suggests potential underlying issues, whether related to agency culture, strategic direction, compensation, or the immense pressure of the roles.
Filling these numerous high-level positions will be a significant challenge for CISA and the Department of Homeland Security, under which CISA operates. Recruiting and onboarding experienced cyber leaders with the necessary security clearances and understanding of CISA’s complex mission takes time, potentially leaving the agency vulnerable during the transition period leading up to and beyond May 2025.
Navigating a Critical Juncture
The leadership crisis at CISA comes at a critical juncture for U.S. cyber defense. The agency has made strides in improving information sharing with the private sector and federal agencies, but the evolving threat landscape requires constant adaptation and strong, consistent leadership. The departure of leaders like Matt Hartman and Boyden Rohner represents the loss of valuable experience needed to navigate this complex environment.
As the deadline of end of May 2025 approaches, all eyes will be on CISA’s ability to manage this transition effectively and ensure that the departure of a generation of senior leadership does not translate into a reduction in the agency’s vital capacity to defend the nation’s digital and physical critical infrastructure against increasing cyber threats from foreign adversaries.
