Statement on CISA's Red Team

CISA’s Red Team is among the best in the world and remains laser focused on helping our federal and critical infrastructure partners identify and mitigate their most significant vulnerabilities and weaknesses. This has not changed.

Contrary to inaccurate reporting, CISA has not “laid off” our Red Team. CISA has taken action to terminate contracts where the agency has been able to find efficiencies and eliminate duplication of effort. As good stewards of the taxpayer dollar and in accordance with good fiscal governance practices, CISA regularly reviews contracts across the agency to ensure that we have the capabilities that we need and that we are allocating resources in ways that make the most impact. This was a contract action that did not impact the employment status of CISA personnel.  

CISA’s Red Teams continue their work without interruption. The team works directly with network defenders, system administrators, and other technical staff to address strengths and weaknesses across critical infrastructure networks and systems. They continue to assist organizations in refining their detection, response, and hunt capabilities to protect the nation’s critical infrastructure from a range of threats.