Congressman Dan Goldman Demands Information on National Security Impact of Trump's Hiring Freeze on US Cybersecurity

 

 

Washington, D.C. – Congressman Dan Goldman (NY-10) joined Ranking Member of the Committee on Homeland Security, Bennie G. Thompson (MS-2) and other Homeland Democrats in sending a letter to Office of Personnel Management (OPM) demanding more information on the impact President Trump’s hiring freeze will have on the Federal government’s cybersecurity workforce. 

 

“[T]he Federal government has struggled to recruit, hire, and retain qualified cybersecurity workers for many years. During the Biden Administration, the Federal government took several steps to address this challenge, including through the issuance of a National Cyber Workforce and Education Strategy and implementation of the Cyber Talent Management System at the Department of Homeland Security (DHS). Now, reckless attacks on Federal workers risk reversing recent progress in addressing the Federal government’s cyber workforce shortage,” the members wrote. 

 

While the hiring freeze ostensibly exempted positions related to “national security,” the Trump Administration failed to define this term or provide any meaningful clarity to explain the exemptions. Disturbingly, the Cybersecurity and Infrastructure Security Agency (CISA), which is the operational lead for Federal cybersecurity and the national coordinator for critical infrastructure security and resilience, does not have a single open position listed on the USA Jobs website. The same is true for cabinet-level departments that have been targeted in recent cyber attacks. 

 

“To better understand the homeland security implications of the current hiring freeze, we seek to clarify how President Trump’s executive order has impacted the Federal cybersecurity workforce and what OPM plans to do to mitigate the national security harms of the President’s poorly drafted, vague, and irresponsible hiring freeze,” the members added. 

 

 

Dear Acting Director Ezell: 

 

We are writing to request information on the impact of President Trump’s hiring freeze on the Federal cybersecurity workforce. As you may know, the Federal government has struggled to recruit, hire, and retain qualified cybersecurity workers for many years. During the Biden Administration, the Federal government took several steps to address this challenge, including through the issuance of a National Cyber Workforce and Education Strategy and implementation of the Cyber Talent Management System at the Department of Homeland Security (DHS). Now, reckless attacks on Federal workers risk reversing recent progress in addressing the Federal government’s cyber workforce shortage.

 

On Inauguration Day, President Trump issued an executive order to mandate “a freeze on the hiring of Federal civilian employees.” While the order included an exemption for positions related to “national security,” it failed to provide any definition for that term. Related guidance from the Office of Personnel Management (OPM) and the Office of Management and Budget similarly failed to clarify how agency heads should implement this exemption. While the Department of Defense has continued hiring for civilian positions, the Cybersecurity and Infrastructure Security Agency, which is the operational lead for Federal cybersecurity and the national coordinator for critical infrastructure security and resilience, does not have a single open position listed on the USA Jobs website. 

 

Agencies throughout the Federal government are responsible for defending their agency networks, regardless of whether cybersecurity is their primary mission, and any delay in filling vacant cybersecurity positions at Federal agencies risks severe national security implications. Recent cyber incidents have demonstrated that Federal agencies remain top targets for foreign adversaries. In December 2024, the Treasury Department suffered a major cyber incident when Chinese hackers were able to gain access to then-Secretary Janet Yellen’s files through a supply chain attack. In June 2023, the State Department discovered a breach of Microsoft’s cloud networks by Chinese hackers, uncovering an incident that affected 22 organizations and over 500 individuals around the world, including the Commerce Department and then-Secretary Raimondo. The Departments of Treasury, State, and Commerce all have zero open positions listed on the USA Jobs website. A hiring freeze that precludes Federal agencies from filling cybersecurity positions risks the security of Federal networks and may prevent sector risk management agencies from fulfilling their obligations to help defend critical infrastructure. 

 

On January 28, 2025, OPM emailed Federal employees an “offer” to resign from Federal employment, entitled a “Fork in the Road.” This offer included an exemption for positions related to national security but similarly failed to define which positions fall under the exemption. While we understand that many DHS components have been exempted from this offer, there is a risk that incentives offered by OPM could reduce the number of cybersecurity professionals across the Federal government. 

 

To better understand the homeland security implications of the current hiring freeze, we seek to clarify how President Trump’s executive order has impacted the Federal cybersecurity workforce and what OPM plans to do to mitigate the national security harms of the President’s poorly drafted, vague, and irresponsible hiring freeze. 

 

Please respond to the following questions by February 19, 2025: