Following the federal workforce reductions that have occurred this year, the Trump administration is now telling agencies to rethink how many senior executives they will need on staff as a result of those cuts.

A Nov. 24 memo from OPM encouraged agencies to consider reducing their staffing allocations for senior-level positions within their workforces.

No later than Dec. 19, OPM said agencies should submit a workforce assessment, detailing their current staffing allocations for various senior-level positions, and by how much they plan to reduce those allocations going forward — if at all. The memo includes a template that OPM expects agencies to fill out with more details on their projected allocations.

Agencies’ staffing assessments should reconsider allocations for Senior Executive Service (SES) members, as well as Senior Level (SL) and Scientific/Professional (ST) positions, OPM said.

“This review is especially important in light of headcount reductions and workforce restructuring, which may lead to a corresponding reduction in the need for SES, SL and ST allocations,” OPM wrote in its memo, addressed to agency chief human capital officers.

OPM said the senior-level staffing assessments should also take into account how agencies are reaching “optimal implementation of presidential priorities.”

“These assessments should also inform whether SES, SL and ST positions are appropriately classified and designated,” the memo reads.

OPM’s memo comes in response to an Oct. 15 executive order from President Donald Trump, which maintains limits for agencies on their recruitment efforts. Agencies have spent most of the year under a governmentwide hiring freeze, with a few exceptions carved out for positions in immigration enforcement, national security and public safety.

Trump’s executive order from October mandated that each agency create a “strategic hiring committee,” composed of senior officials and political appointees who will have to ensure that any hiring that does take place going forward is focused on “agency needs, the national interest and administration priorities.”

Already, the Trump administration has surpassed its goal of reducing the federal workforce by more than 300,000 employees during 2025. After reporting that approximately 317,000 federal employees have so far left the government this year, OPM is now pushing agencies toward their next steps for staffing plans.

At the same time that it’s encouraging a reduction of senior-level staffing, the administration has taken steps to give agencies more leeway in hiring politically appointed senior leaders instead. Over the summer, the White House created a new “Schedule G” employment classification, focused in particular on hiring non-career feds for roles in policy-making or policy-advocating work.

OPM’s new memo on senior executive allocations also comes after those in higher-level positions across government have seen a number of other changes from the Trump administration this year.

Most recently, OPM launched two new training series, in part focused on teaching senior leaders more in-depth about how they can best implement Trump’s workforce priorities, and to ensure they are adhering to “President Trump’s executive orders and other executive branch priorities.”

The Trump administration earlier this year also overhauled performance standards for senior executives, making adherence to the president’s priorities the “most critical element” of their reviews. Agencies are now being directed to set stricter limits on how many executives can be considered top performers.

The post OPM advises agencies to consider reducing senior executive staffing first appeared on Federal News Network.

EXECUTIVE SUMMARY:

Despite CISOs’ formidable training efforts on behalf of teams, a commonly overlooked phenomenon is the human tendency to freeze amidst a crisis. Building your incident response operations around this ingrained aspect of psychology can help prevent your teams from seizing up during intense and urgent situations.

In the event of an intrusion or ransomware attack, how exactly will your security team respond? Will they take an aggressive approach, pass the potato, or involuntarily experience fear-based paralysis?

While CISOs commonly contend that their staff has the expertise and training required to fight off a cyber attack, there’s still a chance that staff will freeze up when the pressure is on.

Fight, flight, freeze

Director of Human Science at Immersive Labs, Bec McKeown, says that “You may have a crisis playbook and crisis policies, and you may assume those are the first things you’ll reach for during an incident. But that’s not always the case because the way [in which] your brain works isn’t just fight or flight. It’s fight, flight or freeze.”

According to Chief Information Security Officers, freezing during a high-stakes moment isn’t so unusual. But when a security staff member or team freezes, rather than acts, it can give hackers an edge, enabling them to inflict further damage or export additional data. At the end of the day, it can also culminate in higher regulatory penalties and loss of business.

Preventing freeze

Given the very real possibility of a ‘freeze’ reaction and its negative repercussions, analysts and long-time CISOs suggest that security leaders spend time implementing new practices that can reduce the chances of occurrence. In addition, CISOs should know how to identify and dissolve the freeze response if it does occur during a security incident.

In-depth insights

Any person or team can experience what is known as ‘cognitive narrowing,’ where they are so focused on the present situation that they cannot contextualize the event. In short, cognitive narrowing prevents people from thinking in the way that they usually do, creating the ‘freeze’ response. It’s just part of human nature.

Cyber security leader Neil Harper, who now serves as a board director with ISACA, observed a team freeze in response to a ransomware attack. Says Harper, “They literally did not know what to do, even though they had some experience with [incident response] walkthroughs…They were in panic mode.”

In some instances, teams that freeze are afraid that their actions will come across as overreactions. In other cases, teams are paralyzed by the fear of being blamed. In yet other situations, no team members have had real-world cyber event experience, meaning that no one feels sufficiently confident to lead an attack response.

Actionable takeaways

Prevent the freeze effect. Here’s how:

1. Examine your drills and add components that can better enable teams to prepare for real cyber attacks. As you team moves through drills, bring up new things that aren’t normally in your playbook. For example, ahead of time, discretely request for an employee to deliberately make a wrong move during the drill. This will help your team work through an unexpected or deteriorating situation.

2. Try out a countdown clock during drills. This forces teams to make progress against adversaries under intense pressure – the kind of pressure that they would feel during a real cyber security incident. While it might feel like an uncomfortable exercise, it builds muscle memory that can help incident responders swiftly squash an actual cyber attack.

3. Consider involving enterprise executives in cyber security drills, as they too are liable to experience the ‘freeze’ phenomenon during an incident. For example, you may see your CFO withhold financial information that is needed as an incident unfolds.

4. If possible, you may want to hire cyber security staff members who have experience working through breaches and hacks. Alternatively, consider a contract with an outside incident response team that does this type of work on a routine basis.

5. Further, consider creating channels that would allow for security employees to suggest creative solutions to problems during a live incident. Employees should feel comfortable enough to suggest solutions under even the most stressful of security situations.

For more cyber security insights, please see CyberTalk.org’s past coverage. Lastly, unpack transformative insights, and learn about how to make your organization more agile and secure when you subscribe to the Cybertalk.org newsletter.

The post Must-know ways to overcome the much-dreaded ‘freeze’ response appeared first on CyberTalk.