Two prominent figures at the Cybersecurity and Infrastructure Security Agency (CISA), Bob Lord and Lauren Zabierek, have announced their resignations, marking a notable shift within the agency’s leadership.

Their departures come amid growing concerns over internal instability and potential staffing cuts that could affect nearly half of CISA’s full-time workforce.

Lord, who joined in 2022, and Zabierek, known for her work on public-private cybersecurity collaboration, both expressed gratitude for their roles, especially their work on the agency’s “Secure by Design” initiative.

While neither individual specified their future plans, their exits appear to be part of a broader trend of attrition at the agency, which is currently facing possible mass layoffs under the Trump administration. The agency has been grappling with legal challenges, buyout incentives, and uncertainty over its long-term leadership, with the nomination of Sean Plankey for CISA Director currently stalled in the Senate.

Why It Matters: CISA plays a critical role in defending the nation’s digital infrastructure, and the resignation of two respected cybersecurity experts amid looming budget and personnel cuts underscores potential instability at the agency. Their departure could impact ongoing initiatives focused on securing software and critical systems against increasingly sophisticated cyber threats.

• Leadership Loss Comes at a Critical Juncture: Bob Lord and Lauren Zabierek’s resignations remove two of the most prominent voices behind CISA’s recent push for software security reform. Lord, with a notable track record from Twitter, Yahoo, and the DNC, played a pivotal role in elevating cybersecurity standards within political and tech ecosystems. Zabierek brought strategic experience from academia and intelligence. Their exits leave a gap in expertise and institutional memory, especially in steering the Secure by Design campaign, which aims to embed security considerations throughout the software development lifecycle.

• Wider Agency Instability Amid Threat of Workforce Reductions: Their resignations follow a series of destabilizing developments at CISA, including proposed budgetary cuts that could eliminate up to 1,300 positions, about half the agency’s full-time staff, and significantly shrink its contractor base.

• Secure by Design Initiative at a Crossroads: Both officials were deeply engaged in Secure by Design, CISA’s flagship initiative to shift cybersecurity responsibility upstream to software manufacturers. The effort calls for systemic changes in how products are designed, urging the tech industry to prioritize secure architectures and transparency. Their departures come as the initiative begins to gain international traction, raising concerns about its future direction and momentum without the leadership that originally championed it.

• Political Tensions Complicate Future Leadership: CISA is currently under interim leadership by Executive Director Bridget Bean while awaiting Senate confirmation of Trump nominee Sean Plankey. His confirmation is stalled due to a hold from Sen. Ron Wyden, who is demanding the release of a classified report on telecom system vulnerabilities.

• Long-Term Implications for Public-Private Cyber Collaboration: Both Lord and Zabierek emphasized the importance of collaboration between government, industry, and international partners in strengthening digital defenses. Their exit may disrupt key relationships that had been cultivated to align corporate security practices with national defense objectives. As the agency navigates internal transitions and public scrutiny, maintaining trust and cooperation with private sector allies will be essential to preserving the gains made under their tenure.

Go Deeper -> Two top cyber officials resign from CISA – The Record