CISA Workforce Reductions and Pullback From RSAC Amid Leadership and Mission Refocus
The Cybersecurity and Infrastructure Security Agency (CISA) said it will not participate in the RSA Conference (RSAC) in March, citing routine reviews of stakeholder engagements and “good stewardship of taxpayer dollars,” and framing the decision as part of a broader effort to return to its statutory “core mission” and align with the Trump administration’s priorities. The move followed the announcement that former CISA Director Jen Easterly was named CEO of the RSAC Conference, after which senior administration cyber officials reportedly discussed canceling their attendance.
Separately, Acting CISA Director Madhu Gottumukkala told the House Homeland Security Committee that CISA remains capable of protecting government networks and critical infrastructure despite significant workforce reductions, describing the cuts as intended to eliminate duplication and refocus on mission outcomes. Lawmakers raised questions about impacts to election security, broader cybersecurity operations, and implementation of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA); Gottumukkala said CISA will continue targeted hiring for mission-critical roles and asserted the agency has the staffing it needs, while an internal report cited in the hearing indicated nearly 1,000 personnel have departed, been laid off, or transferred since President Trump took office (over one-third of the workforce).
Related Entities
Organizations
Sources
5 more from sources like security boulevard
Related Stories
CISA Capacity Degraded by Personnel Cuts, Program Closures, and Leadership Vacancies
Bipartisan lawmakers and private-sector cybersecurity leaders warned that the U.S. Cybersecurity and Infrastructure Security Agency (**CISA**) has been significantly weakened after roughly a year of personnel cuts and layoffs under the second Trump administration, with reporting indicating the agency has lost about **one-third of its workforce** and shuttered or reduced entire divisions. Sources described diminished ability to execute core missions such as coordinating with industry and protecting federal civilian networks, with some organizations reportedly seeking alternatives (industry alliances, outside consultants, or direct government-to-government partnerships) rather than relying on CISA support. Reporting also tied the degradation to a prolonged **leadership vacuum**—with the administration’s nominee **Sean Plankey** not confirmed and Acting Director **Madhu Gottumukkala** criticized by some sources as struggling to lead—alongside political and operational pressures that deprioritized the agency. Specific capability impacts cited include reduced **counter-ransomware** efforts, work to promote **secure software development**, and losses affecting **election security** functions; additional strain was attributed to reassignment of staff to other DHS priorities and to a partial federal government shutdown that further reduced available staffing levels, raising concerns about CISA’s readiness to respond to a major cyber crisis.
2 weeks ago
Congressional Scrutiny of CISA Leadership Amid Workforce Reductions and CIO Reassignment Attempt
The acting director of the Cybersecurity and Infrastructure Security Agency (**CISA**), **Madhu Gottumukkala**, faced escalating scrutiny over leadership and personnel decisions as the agency manages ongoing threats to federal networks and critical infrastructure. Reporting describes an attempted management-directed reassignment of CISA CIO **Robert Costello**—a process that can force an employee to transfer within DHS or resign—that triggered immediate objections from career staff and senior political appointees, leading DHS headquarters to pause and then halt the action the same day. Lawmakers on the House Homeland Security Committee pressed Gottumukkala on broader staffing reductions and whether CISA retains sufficient capacity to execute its mission, including questions about efforts to push out staff and a reported attempt to remove the CIO. A chart entered into the hearing record cited a drop in personnel from **3,387 to 2,389** (a reduction of **998**), figures that aligned closely with Gottumukkala’s testimony; he also cited a **7.5%** attrition rate last year and asserted the agency has “the required staff,” while members warned that cutbacks could weaken national cyber defenses and increase exposure of critical systems and infrastructure.
1 months agoCISA Divisions Impacted by Workforce Termination Orders During Government Shutdown
Several divisions within the Cybersecurity and Infrastructure Security Agency (CISA) have been affected by reduction-in-force (RIF) notices issued during the ongoing government shutdown, according to multiple industry sources. The Office of Management and Budget, led by Director Russ Vought, announced these workforce cuts as part of broader federal government measures. Staff members from CISA's Stakeholder Engagement Division, Infrastructure Security Division, and Integrated Operations Division are among those impacted by the layoffs. The Department of Homeland Security (DHS) has stated that these layoffs are intended to help CISA refocus on its core mission. Prior budget documents from DHS indicated that the Chemical Security subdivision within CISA was already scheduled to wind down certain programs and initiatives, suggesting that the workforce reductions are part of a longer-term restructuring. A recent court filing revealed that 176 DHS employees were laid off, though the specific number of CISA employees affected remains unclear. The possibility of further reductions across the federal workforce has not been ruled out. The Trump administration has been critical of CISA's involvement in addressing misinformation, particularly regarding its collaborations with social media platforms to counter false information about elections and COVID-19. This criticism has been cited as a factor in the administration's push to "refocus" the agency. The layoffs have created uncertainty within CISA, with staff members expressing concerns about the future of their divisions and the agency's ability to fulfill its cybersecurity mandate. The Stakeholder Engagement Division, which plays a key role in liaising with external partners, is believed to be among the hardest hit. The Infrastructure Security Division and Integrated Operations Division, both critical to national infrastructure protection and operational coordination, are also affected. The reduction in workforce may impact CISA's capacity to respond to cyber threats and support critical infrastructure sectors. DHS has not provided detailed breakdowns of which positions or functions are being eliminated. The ongoing government shutdown has exacerbated the challenges faced by CISA, as resource constraints and political pressures converge. Industry observers are closely monitoring the situation for potential impacts on national cybersecurity readiness. The future direction of CISA remains uncertain as the agency navigates these significant organizational changes. The broader implications for federal cybersecurity efforts are still unfolding as the shutdown and workforce reductions continue.
5 months ago