CISA Capacity Degraded by Personnel Cuts, Program Closures, and Leadership Vacancies
Bipartisan lawmakers and private-sector cybersecurity leaders warned that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been significantly weakened after roughly a year of personnel cuts and layoffs under the second Trump administration, with reporting indicating the agency has lost about one-third of its workforce and shuttered or reduced entire divisions. Sources described diminished ability to execute core missions such as coordinating with industry and protecting federal civilian networks, with some organizations reportedly seeking alternatives (industry alliances, outside consultants, or direct government-to-government partnerships) rather than relying on CISA support.
Reporting also tied the degradation to a prolonged leadership vacuum—with the administration’s nominee Sean Plankey not confirmed and Acting Director Madhu Gottumukkala criticized by some sources as struggling to lead—alongside political and operational pressures that deprioritized the agency. Specific capability impacts cited include reduced counter-ransomware efforts, work to promote secure software development, and losses affecting election security functions; additional strain was attributed to reassignment of staff to other DHS priorities and to a partial federal government shutdown that further reduced available staffing levels, raising concerns about CISA’s readiness to respond to a major cyber crisis.
Sources
Related Stories
CISA Leadership Uncertainty Amid Key Departures and Unconfirmed Director
The Cybersecurity and Infrastructure Security Agency (CISA) is facing significant leadership challenges as the key employee responsible for its early ransomware warning program has departed the agency. This program, credited with preventing an estimated $9 billion in economic damages, now faces an uncertain future, raising concerns about the continuity of CISA's proactive ransomware defense efforts. The departure comes at a critical time for the agency, which has played a central role in national cyber defense and threat mitigation. Compounding these challenges, the U.S. Senate adjourned without confirming a new CISA director, leaving the agency without permanent leadership as it heads into the new year. The stalled nomination of Sean Plankey follows a year marked by workforce reductions and ongoing efforts to finalize a comprehensive national cyber strategy. The lack of confirmed leadership and the loss of key personnel may impact CISA's ability to respond effectively to evolving cyber threats and maintain its critical programs.
2 months ago
U.S. Federal Cyber Leadership Turmoil and CISA Policy Disruptions
U.S. federal cyber operations faced heightened uncertainty amid **leadership turnover and staffing reductions at CISA**, raising concerns about the agency’s capacity to execute its mission. Reporting indicated acting director **Madhu Gottumukkala** was replaced by **Nick Andersen** following controversies including alleged mishandling of sensitive information, while CISA also lost its CIO and reportedly saw staffing reduced by roughly one-third. Separately, Senate confirmation dynamics continued to affect cyber leadership, with Sen. Ron Wyden opposing the nomination of Lt. Gen. **Joshua Rudd** to lead **U.S. Cyber Command and the NSA**, citing concerns about experience and constitutional-rights familiarity as the agencies remained without a permanent chief. CISA’s policy and guidance output continued but faced headwinds from broader federal disruptions. CISA published new insider-threat program guidance centered on the **POEM framework** (*Plan, Organize, Execute, Maintain*) to help organizations build multi-disciplinary insider threat management teams spanning physical security, cybersecurity, HR/personnel, and reporting/analysis functions. At the same time, a **partial DHS shutdown** was reported to be stalling progress on the **Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA)** rulemaking, complicating compliance planning for critical infrastructure entities awaiting clarity on incident reporting requirements and enforcement expectations.
2 weeks ago
Congressional Scrutiny of CISA Leadership Amid Workforce Reductions and CIO Reassignment Attempt
The acting director of the Cybersecurity and Infrastructure Security Agency (**CISA**), **Madhu Gottumukkala**, faced escalating scrutiny over leadership and personnel decisions as the agency manages ongoing threats to federal networks and critical infrastructure. Reporting describes an attempted management-directed reassignment of CISA CIO **Robert Costello**—a process that can force an employee to transfer within DHS or resign—that triggered immediate objections from career staff and senior political appointees, leading DHS headquarters to pause and then halt the action the same day. Lawmakers on the House Homeland Security Committee pressed Gottumukkala on broader staffing reductions and whether CISA retains sufficient capacity to execute its mission, including questions about efforts to push out staff and a reported attempt to remove the CIO. A chart entered into the hearing record cited a drop in personnel from **3,387 to 2,389** (a reduction of **998**), figures that aligned closely with Gottumukkala’s testimony; he also cited a **7.5%** attrition rate last year and asserted the agency has “the required staff,” while members warned that cutbacks could weaken national cyber defenses and increase exposure of critical systems and infrastructure.
1 months ago