Acting CISA Director Warns DHS Shutdown Would Curtail Cyber Defense Operations
Acting CISA Director Madhu Gottumukkala told House appropriators that a potential Department of Homeland Security funding lapse would materially reduce CISA’s ability to support public- and private-sector partners, warning that “when the government shuts down, cyber threats do not.” He said a shutdown would degrade timely, actionable guidance; curtail core missions such as digital response; and limit work to activities deemed essential to protecting life and property—shifting the agency from proactive efforts (including vulnerability scanning) to a more reactive posture. He also said a shutdown would force more than a third of CISA’s frontline security experts and threat hunters to work without pay and would impede progress on CISA’s long-awaited cyber incident reporting rule.
In the same congressional context, Gottumukkala also acknowledged that about 70 CISA staff were reassigned to other DHS offices over the last year (including a “handful” to ICE), while “30 plus” personnel were transferred into CISA; a December 2025 staffing chart cited in reporting reflected 27 inbound and 65 outbound reassignments. Separately, Congress reauthorized the Cybersecurity Information Sharing Act of 2015 (CISA 2015)—which provides liability protections, FOIA exemptions, and other safeguards for sharing cyber threat indicators and defensive measures—extending it from its planned January 2026 sunset to September 30, 2026. Reporting on the Senate Intelligence Committee advancing a nominee to lead U.S. Cyber Command/NSA is related to federal cyber leadership but is not part of the shutdown/CISA operational-impact story.
Related Entities
Organizations
Sources
2 more from sources like the record media and govinfosecurity
Related Stories
CISA Capacity Degraded by Personnel Cuts, Program Closures, and Leadership Vacancies
Bipartisan lawmakers and private-sector cybersecurity leaders warned that the U.S. Cybersecurity and Infrastructure Security Agency (**CISA**) has been significantly weakened after roughly a year of personnel cuts and layoffs under the second Trump administration, with reporting indicating the agency has lost about **one-third of its workforce** and shuttered or reduced entire divisions. Sources described diminished ability to execute core missions such as coordinating with industry and protecting federal civilian networks, with some organizations reportedly seeking alternatives (industry alliances, outside consultants, or direct government-to-government partnerships) rather than relying on CISA support. Reporting also tied the degradation to a prolonged **leadership vacuum**—with the administration’s nominee **Sean Plankey** not confirmed and Acting Director **Madhu Gottumukkala** criticized by some sources as struggling to lead—alongside political and operational pressures that deprioritized the agency. Specific capability impacts cited include reduced **counter-ransomware** efforts, work to promote **secure software development**, and losses affecting **election security** functions; additional strain was attributed to reassignment of staff to other DHS priorities and to a partial federal government shutdown that further reduced available staffing levels, raising concerns about CISA’s readiness to respond to a major cyber crisis.
2 weeks ago
US Lawmakers Seek Short-Term Extension of Key CISA Cybersecurity Authorities Amid Agency Leadership Turmoil
Congressional leaders introduced a compromise federal funding package that would **temporarily extend two major U.S. cybersecurity authorities**—the 2015 *Cybersecurity and Infrastructure Security Act* (which provides liability protections intended to encourage private-sector cyber threat information sharing with the federal government) and the **State and Local Cybersecurity Grant Program**—through **September 30**. The proposal follows prior stopgap extensions after the statutes lapsed, and comes as lawmakers debate longer-term reauthorization options, including competing House and Senate proposals and a draft approach from Sen. Rand Paul that would remove the original law’s liability protections. Separately, reporting highlighted **internal leadership instability at CISA**: acting director **Madhu Gottumukkala** reportedly attempted to remove or reassign CISA CIO **Robert Costello** via a management-directed reassignment, but was blocked after objections from other political appointees within DHS. The episode adds to concerns about decision-making and turnover at the agency at a time when CISA is responsible for coordinating federal cyber defense, incident response support, and collaboration with state, local, and private-sector partners—functions that could be affected by sustained leadership disruption.
1 months ago
Congressional Scrutiny of CISA Leadership Amid Workforce Reductions and CIO Reassignment Attempt
The acting director of the Cybersecurity and Infrastructure Security Agency (**CISA**), **Madhu Gottumukkala**, faced escalating scrutiny over leadership and personnel decisions as the agency manages ongoing threats to federal networks and critical infrastructure. Reporting describes an attempted management-directed reassignment of CISA CIO **Robert Costello**—a process that can force an employee to transfer within DHS or resign—that triggered immediate objections from career staff and senior political appointees, leading DHS headquarters to pause and then halt the action the same day. Lawmakers on the House Homeland Security Committee pressed Gottumukkala on broader staffing reductions and whether CISA retains sufficient capacity to execute its mission, including questions about efforts to push out staff and a reported attempt to remove the CIO. A chart entered into the hearing record cited a drop in personnel from **3,387 to 2,389** (a reduction of **998**), figures that aligned closely with Gottumukkala’s testimony; he also cited a **7.5%** attrition rate last year and asserted the agency has “the required staff,” while members warned that cutbacks could weaken national cyber defenses and increase exposure of critical systems and infrastructure.
1 months ago