Mic Drop: Kelly Shaw’s job got hacked – by DOGE - Click Here

Summary5 min read

Podcast Summary: "Mic Drop: Kelly Shaw’s Job Got Hacked – by DOGE"

Podcast Title: Click Here
Host: Dina Temple-Raston
Episode Title: Mic Drop: Kelly Shaw’s Job Got Hacked – by DOGE
Release Date: March 21, 2025
Produced By: Recorded Future News

Introduction

In this compelling episode of Click Here, hosted by Dina Temple-Raston, listeners are introduced to the unsettling story of Kelly Shaw, a seasoned cybersecurity expert whose unexpected termination from the Cybersecurity and Infrastructure Security Agency (CISA) raises significant concerns about the current state of U.S. cybersecurity infrastructure. The episode delves into the broader implications of recent government cutbacks on national security and the resilience of critical digital defenses.

Background on CISA and Kelly Shaw

CISA's Role:
The Cybersecurity and Infrastructure Security Agency (CISA), established in 2018 under the Department of Homeland Security, was initially tasked with defending government networks. Its mandate later expanded to include support for private companies, state governments, cities, and even international partners. CISA plays a pivotal role in safeguarding America's critical infrastructure from cyber threats.

Kelly Shaw’s Expertise:
Kelly Shaw, a dedicated cybersecurity professional with over 15 years of federal government service, was an integral part of CISA. She managed the Cyber Sentry program, which was crucial in monitoring and countering advanced persistent threats (APTs) from groups like Volt Typhoon and Salt Typhoon, linked to China's Ministry of State Security. Shaw's educational background includes:

Bachelor’s in Electrical Engineering from Virginia Tech
Master’s in Electrical Engineering from Virginia Tech
Master’s in Cybersecurity from James Madison University

Notable Quote:
“I think I have a deep background in cybersecurity and related activities.” – Kelly Shaw (05:28)

The Unexpected Termination

The Valentine's Day Incident:
On February 14th, Kelly Shaw received a termination email while unwinding from a romantic evening. The abruptness of the layoff was shocking, especially given her strong performance and dedication to national security.

Kelly’s Account:
“The very first thing I saw was a subject line about your termination. I was let go on that Friday night at 7:28pm and now I am scrambling to find a job.” – Kelly Shaw (00:49)

Impact of Layoffs:
CISA, with a workforce of approximately 3,200, has seen about 10% of its personnel leave due to layoffs and the Office of Personnel Management's deferred resignation program. This reduction is significant, particularly in a field as critical as cybersecurity.

Consequences of the Cuts on National Security

Expert Testimony:
Rob Joyce, former director of cybersecurity at the NSA, testified before Congress expressing grave concerns over the mass firings at CISA. He emphasized that these cuts could severely undermine the United States' ability to combat cyber threats, especially from adversarial entities like China.

Notable Quote:
“Eliminating probationary employees will destroy a pipeline of top talent essential for hunting and eradicating PRC threats.” – Rob Joyce (13:08)

Kelly’s Concerns:
Kelly Shaw articulated her fears about the country's vulnerability due to reduced manpower and expertise within CISA.

“We needed more people. The mere fact that we're rolling that back puts us back a year or two. If we cut half of those people... it would be devastating to our capability.” – Kelly Shaw (08:39)

Personal Impact on Kelly Shaw

Job Search Struggles:
Since her termination, Kelly has faced significant challenges in securing new employment. Despite her impressive qualifications, she has encountered numerous rejections.

“I've already gotten rejections, sometimes within a day or two, but I'll keep trying.” – Kelly Shaw (10:16)

Future Aspirations:
Kelly is seeking leadership roles where she can integrate artificial intelligence with threat intelligence to adopt a more predictive approach to cybersecurity, moving beyond the current reactive stance.

“What really interests me the most is that intersection of artificial intelligence with threat intelligence and overall holistic view of the risk posture of an entire system of systems.” – Kelly Shaw (10:37)

Potential Return to Federal Service:
While Kelly remains open to returning to federal government roles, she expresses concerns about the instability and uncertainty within the current administration.

“If conditions were a little bit more stable, yes. I would like to retire from the government.” – Kelly Shaw (11:40)

Systemic Issues and Broader Implications

Probationary Position Vulnerability:
Kelly Shaw’s position was part of DHS’s Cybersecurity Talent Management System (CTMS), which offers competitive salaries akin to the private sector but requires a three-year probationary period, making these roles particularly susceptible to layoffs.

“The catch was that the jobs had a long probationary period, three years, which made anyone in a CTMS job particularly vulnerable to layoffs.” – Kelly Shaw (05:50)

Impact on CISA’s Operations:
The reduction in workforce not only affects current operations but also impedes the agency’s ability to evolve and respond to emerging cyber threats effectively.

“But it's, we needed more people. The mere fact that we're rolling that back puts us back a year or two.” – Kelly Shaw (08:39)

Conclusion

The episode of Click Here paints a vivid picture of the precarious state of U.S. cybersecurity infrastructure amid government cutbacks. Kelly Shaw’s personal narrative serves as a microcosm of the broader challenges facing CISA and national security. The mass layoffs not only destabilize critical programs but also erode the talent pipeline necessary to defend against sophisticated cyber threats. As Rob Joyce highlighted, these actions could have long-lasting detrimental effects on the nation's cybersecurity posture.

Notable Quotes with Timestamps

“I think I have a deep background in cybersecurity and related activities.” – Kelly Shaw (05:28)
“The very first thing I saw was a subject line about your termination. I was let go on that Friday night at 7:28pm and now I am scrambling to find a job.” – Kelly Shaw (00:49)
“Eliminating probationary employees will destroy a pipeline of top talent essential for hunting and eradicating PRC threats.” – Rob Joyce (13:08)
“We needed more people. The mere fact that we're rolling that back puts us back a year or two.” – Kelly Shaw (08:39)
“I've already gotten rejections, sometimes within a day or two, but I'll keep trying.” – Kelly Shaw (10:16)
“What really interests me the most is that intersection of artificial intelligence with threat intelligence and overall holistic view of the risk posture of an entire system of systems.” – Kelly Shaw (10:37)
“If conditions were a little bit more stable, yes. I would like to retire from the government.” – Kelly Shaw (11:40)

Final Thoughts

Click Here masterfully intertwines Kelly Shaw's personal struggle with the larger narrative of national cybersecurity vulnerabilities. The episode serves as a poignant reminder of the critical need to safeguard and invest in cybersecurity talent to protect the digital frontier of the nation.

Loading summary

Transcript42 lines

[00:03]
Dina Temple Raston
From Recorded Future News and prx, this is Click Here. I sense an accent. Where are you from?
[00:16]
Kelly Shaw
Southern Virginia. How y'all doing?
[00:20]
Dina Temple Raston
Thanks for doing that for me. That's awesome. From Recorded Future News, this is Click Here's Mic Drop. A longer listen to one of our favorite interviews of the week. I'm Dina Temple Raston and today a chat with Kelly Shaw, one of the more than 100 employees at the Cybersecurity and Infrastructure Security Agency who received an email on Valentine's Day that they didn't see coming.
[00:49]
Kelly Shaw
Sure enough, the very first thing I saw was a subject line about your termination. I was let go on that Friday night at 7:28pm and now I am scrambling to find a job. For the first time in 15 years.
[01:12]
Dina Temple Raston
A cybersecurity agency meant to safeguard America's critical networks is suddenly bleeding. Staff, we take a closer look at the administration's buzz saw approach to cutting government and whether it's making us all a lot more vulnerable. Stay with us. Click Here is brought to you by Progressive Insurance. Fiscally responsible financial geniuses, monetary magicians. These are things people say about drivers who switch their car insurance to Progressive and save hundreds. Visit progressive.com to see if you could save. Progressive Casualty Insurance Company has affiliates. Potential savings will vary. Not available in all states or situations. I'm Dena Temple Roster and this is Click Here's Mic Drop. Cisa, the Cybersecurity and Infrastructure Security Agency, is part of the Department of Homeland Security. It's a name you don't hear very often unless something's gone very, very wrong. The agency was created in 2018, and originally it was supposed to defend government networks. Then it expanded and began helping private companies and state governments, entire cities, even foreign partners. And Kelly Shaw ran a program that had become indispensable, something called Cyber Sentry. And so would you have been, without telling me anything secret, would you have been seeing Volt Typhoon go into places it shouldn't be going? Or Salt Typhoon? Volt Typhoon and Salt Typhoon there are hacking groups linked to China's Ministry of State Security.
[03:06]
Kelly Shaw
Yeah, so that is the goal, to catch our advanced persistent threats as well as insiders and that kind of thing. But we really are going after the advanced persistent threat. So CISA has a plethora of tools to allow a threat hunter to look for the bad guy on these critical infrastructure networks. So most certainly Volt Typhoon, Salt Typhoon, any of the other names. That's what we looked for.
[03:36]
Dina Temple Raston
So pretty important.
[03:37]
Kelly Shaw
I think so. I think so. Definitely the way CISA is set up. The importance is not that we are looking at one individual organization. The idea is for us to have insight across critical infrastructure and be able to pull that information back, create threat intelligence, and share it to the community.
[04:07]
Dina Temple Raston
Kelly Shah had spent 15 years working for the federal government. She started with the Navy as a civilian and then moved to the Office of Naval Intelligence. And she always liked the work and always envisioned a career in government service.
[04:21]
Kelly Shaw
As a government employee, you know, that's. You take a little bit less in benefits and salary to be able to serve your country as well as to have a little bit of a cushion there. With longevity, she figured that government jobs.
[04:36]
Dina Temple Raston
Were more secure, and people like her who focus on intelligence and national security were always in high demand. So after 12 years of working for the Department of Defense, she began contemplating a move to a different agency within the federal government.
[04:51]
Kelly Shaw
I was looking for a promotion, you know, to move up, you know, in the ranks. And so I thought CISA looked really great. I had a colleague that had previously moved over to cisa, and I applied.
[05:09]
Dina Temple Raston
Kelly was a natural for the job. She had multiple advanced degrees, recent master's.
[05:15]
Kelly Shaw
Degree in cybersecurity from James Madison, a master's in electrical engineering from Virginia Tech, and a bachelor's from Virginia Tech in electrical engineering.
[05:25]
Dina Temple Raston
She had certifications for pen testing, malware analysis.
[05:29]
Kelly Shaw
I think I have a deep background in cybersecurity and related activities.
[05:36]
Dina Temple Raston
By all accounts, she was exactly the kind of expert CISA wanted to attract. And she figured this job was stable because Cyber Sentry is an official DHS program.
[05:46]
Kelly Shaw
It's a program of record, which means, you know, a budget and that kind of thing.
[05:51]
Dina Temple Raston
But her position came through DHS's Cybersecurity Talent Management System, a program meant to recruit top tier talent with something close to private sector salaries. The catch was that the jobs had a long probationary period, three years, which made anyone in a CTMS job particularly vulnerable to layoffs.
[06:13]
Kelly Shaw
So I made it for the first two years. When I hit that, you know, in December, I went shoo. I thought, wow, I'm almost there. I got a little bit longer, but surely nothing's going to happen.
[06:26]
Dina Temple Raston
And then came Valentine's Day.
[06:28]
Kelly Shaw
We had gone out to eat. I came back to the house and kind of just took it easy, went to bed, had a great, probably my last good night's sleep of the year so far, and woke up and figured, it's Saturday. Let me very quickly just scan my work email to see if there are any hot topics that might need to be handled. Sure enough, the very first thing I saw was a subject line about your termination.
[07:01]
Dina Temple Raston
We'll be right back.
[07:08]
Brooke Gladstone
There's a lot going on right now. Mounting economic inequality, threats to democracy, environmental disaster, the sour stench of chaos in the air. I'm Brooke Gladstone, host of WNYC's on the Media. Want to understand the reasons and the meanings of the narratives that led us here and maybe how to head them off at the pass that's on the Media's specialty. Take a listen wherever you get your podcasts.
[07:44]
Dina Temple Raston
Between layoffs and the Office of Personnel Management's deferred resignation program, about 10% of CISA's 3200 person workforce is now gone. And while DHS says it remains committed to cybersecurity, without these people, people like Kelly, how much harder does that become? This all seems a little arbitrary and capricious and does it feel that way to you?
[08:10]
Kelly Shaw
That's exactly how I worded it in my appeal. Arbitrary and capricious. Yes, it does. I'm leading the show. I've gotten, gotten great performance reviews, you know, and other accolades. I'm still kind of at a loss of words for how that happened.
[08:34]
Dina Temple Raston
Do you worry that it makes the country more vulnerable?
[08:40]
Kelly Shaw
Now? This is a two part answer. Yes, I do. And the more that we tear away from the great work being done at CISA and reduce employee count there. Yes. And the reason I say that is, like I said before, these people at CISA are some of the smartest people I have ever worked with. I came over from oni, Office of Naval Intelligence as a senior Intelligence analyst. So I came over kind of with a big head like, hey, I'm from the ic, I'm here to help. I had those master's degrees, a lot of experience with operational technology and weapon systems, get over to cisa. And I was, I don't think I was ever the smartest person in the room, probably the least smart. These people are smart. They know their stuff. And so. But it's. We needed more people. You know, that was the whole thing with DHS creating CISA as the agency and the whole cyber talent management system was to bring on these experts and bring them on so we can attack the problem. And so the mere fact that we're rolling that back puts us back year or two. I'm concerned if we cut half of those people, say, for example, just, you know, how other organizations are being asked to cut half, I think would be devastating to our capability.
[10:15]
Dina Temple Raston
So what are you doing now? How's the job hunt?
[10:17]
Kelly Shaw
Going, it's hard. I've gotten, you know, just like everybody else. I've already gotten rejections, sometimes within a day or two, but I'll keep trying. That's what I do all day.
[10:35]
Dina Temple Raston
And what kind of jobs are you looking for?
[10:37]
Kelly Shaw
With my background, I'm looking for something more on the leadership side, the more senior leadership side of things. Program lead, project lead, within cybersecurity. To me, what really interests me the most is that intersection of artificial intelligence with threat intelligence and overall holistic view of the risk posture of an entire system of systems. Which would mean I want to know at a glance what the threats are to an entire wastewater system versus how we do it now. We industry, we're in a reactive state. We're waiting for the bad things to happen. I'm thinking, how can we use AI to be a little bit more predictive? It's something we may not reach for a long time, but that's what really interests me.
[11:35]
Dina Temple Raston
And would you return to federal government ever?
[11:41]
Kelly Shaw
Yes, I say that if conditions were a little bit more stable, yes. The main reason is I'm a little bit under five years away from my 20 years, so that's a number I'm aiming for. And so I would like to retire from the government. But, you know, if I have to wait four years for someone sane to be in place in the administration, then that's going to really be a problem because I don't want to extend that if I don't have to. So, yeah, I would, but I understand that it's a big risk. It's a big risk for me right now, to be honest. If it got me another month or two, yeah, of course I have to pay bills.
[12:34]
Dina Temple Raston
In March, just weeks after Kathy Shah's Valentine's Day email, Rob Joyce, the former director of cybersecurity at the nsa, testified before Congress. And he was supposed to focus on cyber threats from China. But instead he sounded the alarm on these mass firings.
[12:52]
Rob Joyce
I want to raise my grave concerns that the aggressive threats to cut US Government probationary employees will have a devastating impact on the cybersecurity and our national security.
[13:03]
Dina Temple Raston
And he specifically pointed to the firing of people like Kelly, those probationary employees.
[13:09]
Rob Joyce
Eliminating probationary employees will destroy a pipeline of top talent essential for hunting and eradicating PRC threats. Even if the positions are not eliminated, the pervasive uncertainty and doubt in the current environment is forcing them to seek and secure opportunities outside national security security.
[13:30]
Dina Temple Raston
Kelly Shaw's last official email from CISA told her that her access to headquarters was revoked and that her work accounts would be turned off in a few days. Dhs, it continued, would send her a mailing label so she could return all her work equipment things like her phone and her badge. But so far she still hasn't mailed those items back.
[13:50]
Kelly Shaw
It's in a box upstairs now, because they never sent the machine mailing label.
[13:54]
Dina Temple Raston
Maybe someone at DHS will finally send that mailing label. Or maybe it's just another thing that got lost in the cuts From Recorded Future News this has been Click Here's Mic Drop. It was written and produced by Erica Gaeda, Megan Dietre, Sean Powers and me, Dina Templrest. It was edited by Karen Duffett. We'll be back on Tuesday with an all new episode of Click Here. Have a great weekend.
[14:36]
Unknown
If you're looking for a daily guide to cybersecurity news and policy, sign up for the Cyber Daily from Recorded Future News. It serves up the day's most interesting and important cyber stories from our sister publication the Record, and then aggregates all of the big cyber stories you might have missed from news outlets around the world. Just go to the Record Media and click on Cyber Daily to get all you need to know about the world of cybersecurity right in your inbox.