CISA Director Nomination Stalled by Senate Procedural Holds
Sean Plankey's nomination to lead the Cybersecurity and Infrastructure Security Agency (CISA) has been effectively halted after being excluded from a Senate vote advancing a package of nominees. The primary obstacle is a hold placed by Sen. Rick Scott, R-Fla., related to a dispute over a Coast Guard contract, with additional procedural holds from other senators. As a result, the White House will need to resubmit Plankey's nomination in 2026 if no floor vote is scheduled before the end of the current session, leaving CISA without a Senate-confirmed director as it enters the new year.
The ongoing vacancy at CISA's top leadership position is not due to concerns about Plankey himself, but rather broader congressional disputes involving unrelated issues such as telecom oversight and Coast Guard contracting. This leadership gap comes at a time when CISA faces significant challenges in defending U.S. critical infrastructure, and the lack of a confirmed director may impact the agency's ability to respond to evolving cyber threats and maintain operational continuity.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
CISA appears set to enter 2026 without a confirmed director
Following the failed advancement of Plankey's nomination, officials and analysts said CISA was likely to begin 2026 without a Senate-confirmed director. They warned the prolonged leadership vacuum could weaken the agency's authority over long-term strategy, budgeting, personnel decisions, and interagency cyber coordination.
Senate package advances without Plankey nomination
On Thursday, Sean Plankey was excluded from a Senate vote advancing a package of Trump administration nominees. His omission effectively stalled the nomination through the end of 2025 and made it unlikely he would advance without being re-submitted the following year.
Senators place holds on Sean Plankey's CISA nomination
Multiple senators placed or threatened procedural holds on Sean Plankey's nomination to lead CISA. The most significant obstacles cited were Sen. Rick Scott's hold tied to a DHS Coast Guard contracting dispute and Sen. Ron Wyden's hold over the unreleased telecom security report, with additional holds from North Carolina senators linked to disaster relief funding.
CISA says it will release an unclassified telecom security report
In July, CISA said it would publish an unclassified report on telecommunications network security. The report's continued non-release later became the basis for Sen. Ron Wyden's hold on Sean Plankey's nomination.
Jen Easterly departs, leaving CISA under acting leadership
After Jen Easterly's departure, CISA began operating under acting leadership, with Nitin Natarajan managing the agency's day-to-day operations. This created the leadership gap that later framed concerns over Sean Plankey's stalled confirmation.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
No Vote, No Leader: CISA Faces 2026 Without a Director
govinfosecurity.com
Open sourceNo Vote, No Leader: CISA Faces 2026 Without a Director
bankinfosecurity.com
Open sourceSean Plankey nomination to lead CISA appears to be over after Thursday vote
cyberscoop.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Congressional Concerns Over CISA Leadership and Federal Cybersecurity Readiness
Senior lawmakers and federal officials have raised alarms about the lack of a confirmed director for the Cybersecurity and Infrastructure Security Agency (CISA), warning that this leadership gap could undermine the United States' ability to respond to escalating cyber threats. Outgoing Comptroller General Gene Dodaro emphasized to Congress that cybersecurity and critical infrastructure protection are not receiving the urgent attention required, highlighting that CISA has hundreds of outstanding recommendations from the Government Accountability Office (GAO) and that the absence of a permanent director is a significant vulnerability. House Homeland Security Committee Chairman Rep. Garbarino also expressed disappointment over the Senate's failure to approve the White House's CISA nominee, further questioning recent decisions to reverse telecom security rules enacted after a major Chinese cyber intrusion. The ongoing delay in confirming a permanent CISA director has prompted bipartisan concern, with lawmakers and oversight officials warning that "taking our foot off the gas" at CISA could have serious consequences for national security. Acting Director Madhu Gottumukkala has led the agency since the spring, while nominee Sean Plankey's confirmation has stalled due to Senate holds. The GAO has identified cybersecurity as a high-risk area for decades, and the current leadership uncertainty at CISA is seen as a critical issue that could impede progress on closing longstanding security gaps across federal agencies.
Mar 21, 2026
Sean Plankey Departs Coast Guard Role Amid Delayed CISA Nomination
President Donald Trump’s nominee to lead the Cybersecurity and Infrastructure Security Agency (**CISA**), **Sean Plankey**, is leaving his advisory role at the U.S. Coast Guard (within the Department of Homeland Security), according to multiple people familiar with the matter. Reporting indicates Plankey is still expected to remain the nominee, but his confirmation timeline remains uncertain amid broader Senate friction and holds that have slowed nominations; one report also notes he may receive an award ceremony tied to his departure. Plankey privately told stakeholders he left the Coast Guard role to address concerns tied to a Republican senator’s hold on his nomination, saying the move was intended to demonstrate he is no longer involved in shipbuilding-related work that had raised questions. The hold was described as unrelated to cybersecurity and instead connected to a Coast Guard cutter contract issue involving Eastern Shipbuilding Group; Plankey said he is focused on the CISA nomination and prepared to lead federal cyber defense efforts. Separately reported IRS privacy and data-sharing controversies are not directly connected to Plankey’s nomination or his Coast Guard departure.
Mar 21, 2026
CISA Leadership Uncertainty Amid Key Departures and Unconfirmed Director
The Cybersecurity and Infrastructure Security Agency (CISA) is facing significant leadership challenges as the key employee responsible for its early ransomware warning program has departed the agency. This program, credited with preventing an estimated $9 billion in economic damages, now faces an uncertain future, raising concerns about the continuity of CISA's proactive ransomware defense efforts. The departure comes at a critical time for the agency, which has played a central role in national cyber defense and threat mitigation. Compounding these challenges, the U.S. Senate adjourned without confirming a new CISA director, leaving the agency without permanent leadership as it heads into the new year. The stalled nomination of Sean Plankey follows a year marked by workforce reductions and ongoing efforts to finalize a comprehensive national cyber strategy. The lack of confirmed leadership and the loss of key personnel may impact CISA's ability to respond effectively to evolving cyber threats and maintain its critical programs.
Mar 21, 2026