Federal cyber retention incentive program spending mismanaged, audit shows

Implementation of the Cyber Incentive program aimed at bolstering the Cybersecurity and Infrastructure Security Agency's retention of its mission-critical cybersecurity workforce was discovered by the Department of Homeland Security's Office of the Inspector General to have gone awry, FedScoop reports. Despite being primarily focused on incentivizing talent at risk of leaving for the private sector, CISA distributed more than $100 million in funds given to the program, which was initially implemented a decade ago, to 240 employees without cybersecurity roles, as well as provided wrongful backpayments to more than 300 other workers, according to the DHS OIG. "We found CISA's implementation of the program wasted taxpayer funds and invites the risk of attrition of cyber talent, thereby leaving CISA unable to adequately protect the Nation from cyber threats," said the watchdog, which commenced the probe into the use of the program's budget following a hotline complaint two years ago. CISA has agreed to all eight recommendations given by the OIG.