A senior Cybersecurity and Infrastructure Security Agency (CISA) official said Wednesday that the agency is narrowing its focus to core cyber defense duties after years of mission creep, emphasizing the need to protect federal networks, safeguard critical infrastructure, and push manufacturers to develop technology that is “secure by design.”
Nick Andersen, executive assistant director for CISA’s Cybersecurity Division, said that before joining the agency last month, he wanted to focus on the responsibilities of an overburdened workforce before taking on new roles.
“To say ‘there’s been some sort of problem that’s emerged, give it to CISA, CISA will take care of it,’ has sort of led to this constantly, ever-increasing scope of work that the agency was responsible for,” said Andersen while speaking at a Federal News Network event.
He pointed to the responsibilities CISA has to oversee cyber events in the federal government while delivering services to state, local, tribal, and territorial partners.
“I think it’s really been unfair to CISA as an agency and to the mission that it was supposed to serve,” said Andersen.
Since the start of the second Trump administration, CISA has lost around 1,000 employees, and the Trump administration’s fiscal year (FY) 2026 proposal included a 17% funding cut that would result in an additional 1,083 employees being cut from the agency.
According to FY 2025 documents, there were 3,732 full-time CISA employees last year.
Andersen said that CISA will be looking at what it should be delivering, such as protecting the “.gov” domain and federal civilian executive branch systems and serving as the national coordinator for critical infrastructure security and resilience.
He also pointed to responsibilities that come as the nation’s cyber defense agency, including helping original equipment manufacturers (OEMs) build secure products, maintaining rapid response capabilities for cyber incidents, and doing long-term planning with critical infrastructure operators.
Andersen said that his approach is to “take all the things that are good ideas and let’s set those to the side until we’ve really demonstrated some mastery over core competencies.”
Moving forward, CISA sees a major role in partnering with OEMs to ensure that the products and equipment they produce are “secure from the start, secure by design,” which will shift responsibilities upstream.
That means that instead of CISA or end users constantly patching and defending old or insecure systems, manufacturers would build in resilience and security features.
CISA first launched its Secure by Design initiative in April 2023.
“I don’t know how many of our houses, or how many of our businesses, or government agencies are running equipment that’s more than ‘insert number of years here old,’” Andersen explained. “So, until we start to engage in a really significant way with the OEM community – to engage and secure by design as a core operating principle – it’s going to take years to be able to sort of see that come to fruition in terms of the federal civilian executive branch.”
This spring, Homeland Security Secretary Kristi Noem told lawmakers that she wanted to get CISA “back on mission,” after claiming that the agency’s election security team took on “the role of the ministry of truth,” saying that the team targeted President Donald Trump and his supporters. That team was terminated earlier this year.
Similar to Andersen’s vision for the agency, Noem had said that the agency needed to focus more on securing the nation’s critical infrastructure, but at the time had not provided details on what that would look like.