Homeland Security Secretary Kristi Noem has fired 24 members of the Federal Emergency Management Agency’s (FEMA) IT department, citing a series of alleged cybersecurity failures at DHS that put national security at risk. Among those terminated were FEMA’s Chief Information Officer, Charles Armstrong, and Chief Information Security Officer, Gregory Edwards.
The firings, announced on August 29, 2025, come after an internal audit ordered by Noem revealed what the Department of Homeland Security (DHS) described as a deeply concerning breach of FEMA’s systems. While DHS claims no data was ultimately stolen, the vulnerabilities reportedly discovered were severe enough to trigger immediate action.
Mass Firings Follow DHS Cybersecurity Audit
According to a press release issued by DHS, the breach was uncovered during a comprehensive cybersecurity review initiated by Secretary Noem shortly after taking office. The DHS Office of the Chief Information Officer (OCIO) found that FEMA had failed to implement fundamental security measures, including the use of multi-factor authentication. Additionally, the FEMA IT team had allegedly relied on outdated legacy protocols that had been explicitly prohibited, failed to patch known and critical software vulnerabilities, and lacked sufficient visibility into their operational networks.
“FEMA’s career IT leadership failed on every level. Their incompetence put the American people at risk,” Noem stated. “When DHS stepped in to fix the problem, entrenched bureaucrats worked to prevent us from solving the problem and downplayed just how bad this breach was. These deep-state individuals were more interested in covering up their failures than in protecting the Homeland and American citizens’ personal data, so I terminated them immediately.”
The DHS press release described the fired FEMA IT team as “entrenched bureaucrats” who “resisted any efforts to fix the problem,” avoided scheduled inspections, and allegedly misled officials about the severity of the cybersecurity issues.
This incident follows FEMA’s expenditure of nearly half a billion dollars on IT and cybersecurity in Fiscal Year 2025. Despite this substantial investment, the DHS claims the agency’s IT leadership “delivered virtually nothing for the American people” and failed to meet even basic cybersecurity expectations.
“Fortunately, this problem was caught before any American citizens were directly impacted,” said the release. “Despite this failure and neglect, no sensitive data was extracted from any DHS networks.”
DHS Blames “Entrenched Bureaucrats”; FEMA Insiders Disagree
However, not everyone agrees with DHS’s portrayal of the FEMA IT team. Several FEMA insiders who spoke to CNN described the terminated employees as “extremely competent” and “highly respected.” The conflicting narratives have sparked debate over whether the mass firings were justified or politically motivated.
The use of politically charged language, such as “deep-state individuals”, in an official government press release has also raised eyebrows. Critics argue that while the DHS is right to demand stronger safeguards, labeling public servants with such terms sets a dangerous precedent and risks politicizing internal agency operations.
Still, Secretary Noem has stood firm, claiming the firings were essential to restoring public trust and security. “This unacceptable behavior will not be tolerated in the Trump administration,” she declared.
