{"id":72,"date":"2026-02-26T19:01:15","date_gmt":"2026-02-26T19:01:15","guid":{"rendered":"https:\/\/cybercolombia.co\/index.php\/2026\/02\/26\/across-party-lines-and-industry-the-verdict-is-the-same-cisa-is-in-trouble\/"},"modified":"2026-02-26T19:01:15","modified_gmt":"2026-02-26T19:01:15","slug":"across-party-lines-and-industry-the-verdict-is-the-same-cisa-is-in-trouble","status":"publish","type":"post","link":"https:\/\/cybercolombia.co\/index.php\/2026\/02\/26\/across-party-lines-and-industry-the-verdict-is-the-same-cisa-is-in-trouble\/","title":{"rendered":"Across party lines and industry, the verdict is the same: CISA is in trouble"},"content":{"rendered":"<div>\n<p>\u201cDecimated.\u201d\u00a0 <\/p>\n<p>\u201cAmateur hour.\u201d <\/p>\n<p>\u201cPretty much fallen apart.\u201d <\/p>\n<p>\u201cIt\u2019s really hard to find something positive to say right now.\u201d<\/p>\n<p>It\u2019s been a little more than one year into the second Trump administration, and there\u2019s a large consensus, if not total unanimity, among those who have worked with and for the Cybersecurity and Infrastructure Security Agency: It has suffered significantly during that time.\u00a0<\/p>\n<p>CISA has lost roughly a third of its personnel and shuttered entire divisions. Observers across the political spectrum told CyberScoop for this story that even on its core missions, like coordinating with industry and protecting federal networks, the agency is significantly diminished.<\/p>\n<p>Many sources that spoke with CyberScoop did so under the condition of anonymity, in order to be more candid or avoid retribution. They told CyberScoop that CISA\u2019s biggest problems, and their consequences, include:<\/p>\n<ul class=\"wp-block-list\">\n<li>Trump\u2019s ire over the 2020 election results has led to the agency being deprioritized within the administration. Congress has yet to approve the administration\u2019s permanent pick to lead the agency, Sean Plankey, and lawmakers have failed to do other things to strengthen it.\u00a0<\/li>\n<li>CISA\u2019s capabilities have been significantly diminished by the loss of personnel, expertise and programs.\u00a0<\/li>\n<li>In the absence of a permanent leader, Acting Director Madhu Gottumukkala has struggled to lead the agency. \u201cI don\u2019t think anybody would argue he\u2019s doing a great job,\u201d one industry source said.<\/li>\n<li>Organizations that previously turned to CISA for help now seek alternatives, like industry alliances, outside consultants or government-to-government partnerships.<\/li>\n<\/ul>\n<p>Where to assign blame varied from source to source. Most criticized both the administration and Congress, though some faulted one more than the other.<\/p>\n<p>Some see bright sports in CISA under the current administration. And while many are\u00a0 pessimistic about the agency\u2019s future, others expressed optimism.<\/p>\n<p>But the first year reviews are not glowing.<\/p>\n<p>\u201cYear one was a tough year for the agency,\u201d said House Homeland Security Committee Chairman Andrew Garbarino, R-N.Y.\u00a0 He noted that a \u201clot of the best and brightest have left the agency,\u201d though he expressed optimism about Plankey\u2019s ability to turn CISA around. \u201cThe amount of cyberattacks that our nation is seeing every day, both on the private side and on the federal government side \u2014 you want your best people there fighting against it, and if they\u2019re somewhere else, it definitely leaves us all vulnerable.\u201d<\/p>\n<p>Said Mississippi Rep. Bennie Thompson, the top Democrat on Garbarino\u2019s panel: \u201cIt\u2019s tough to have a robust entity when you cut the money\u2026we are weaker because of CISA\u2019s lack of manpower.\u201d<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-when-priorities-shifted\">When priorities shifted<\/h4>\n<p>Trump has harbored animosity toward CISA since 2020, when it contradicted his false claims related to widespread electoral fraud. He and his allies built on that animosity, recommending in <a href=\"https:\/\/www.brennancenter.org\/our-work\/research-reports\/project-2025s-plan-cybersecurity-agency-threatens-election-security\">Project 2025<\/a> that the agency be dismantled, divided by its core responsibilities, and farmed out to other federal agencies.\u00a0<\/p>\n<p>\u201cThere was uniquely a target on its back,\u201d said one CISA official who left in 2025. That hostility came from some Republicans in Congress, especially Kentucky Sen. Rand Paul, who chairs the Senate Homeland Security and Governmental Affairs Committee.<\/p>\n<p>Said Thompson: \u201cCISA wasn\u2019t politicized for the most part, until the Trump administration came along and accused them of somehow contributing to his [election] loss.\u201d<\/p>\n<p>CISA has lost substantial personnel, including veterans and whole teams. Some employees were transferred to other divisions in the Department of Homeland Security. Election security was quickly cut. Two <a href=\"https:\/\/statescoop.com\/ms-isac-loses-federal-support\/\">information sharing and analysis centers<\/a> (ISACs) that serve state and local governments lost funding. A division coordinating with foreign governments, businesses and state and local governments was <a href=\"https:\/\/www.cybersecuritydive.com\/news\/cisa-stakeholder-engagement-division-layoffs-critical-infrastructure-international\/803433\/\">effectively closed<\/a>.<\/p>\n<p>The agency has lost senior leaders in programs like counter-ransomware initiatives, threat hunting and secure software development. Contracts for things like detecting threats in critical infrastructure networks, tracking vulnerabilities and collaborating with industry teetered, albeit sometimes only temporarily.\u00a0<\/p>\n<p>DHS has unraveled multiple programs in which CISA plays a key role, such as by dismissing members of the Cyber Safety Review Board and disbanding the Critical Infrastructure Partnership Advisory Council. Congress has lurched between letting both a key state and local cyber grant program and a cyber threat information sharing law lapse and temporarily re-upping them.<\/p>\n<p>The departures and program changes likely haven\u2019t ended, either.\u00a0<\/p>\n<p>\u201cIt\u2019s not a very harmonious place right now,\u201d said one industry source. \u201cI hear from people that are looking to leave.\u201d Former CISA employees say those who remain either believe strongly in the mission, or are simply keeping their heads down until retirement from federal service.<\/p>\n<p>\u201cPeople I talk to say the morale is really low,\u201d said James Lewis, distinguished fellow with the tech policy program at the Center for European Policy Analysis think tank.<\/p>\n<p>CISA and DHS officials routinely say the changes are designed to get the agency \u201cback on mission.\u201d Lewis, industry officials and others say CISA probably never needed to get involved in combatting misinformation and disinformation, roles that rankled some conservatives, but the agency largely halted that work prior to Trump returning to office.<\/p>\n<p>Some saw duplication and redundancy at CISA as legitimate problems. \u201cI did see overlap between who was actually doing policy and who was actually doing the operational work,\u201d said Ari Schwartz, managing director of cybersecurity services at the law firm Venable and a former Obama administration cybersecurity official.<\/p>\n<p>It was not that long ago when CISA experienced quick budget growth, particularly after its establishment in 2018.<\/p>\n<p>\u201cAs with any organization, the first few years are growth years and after a while, the agency needed to reevaluate how it was operating and meeting its statutory authorities,\u201d said Kate DiEmidio, who formerly served as the agency\u2019s director of legislative affairs and acting chief external affairs officer. \u201cThere was a need for the agency to refocus.\u201d<\/p>\n<p>Even among those who saw the need for change at CISA, though, many saw the Trump administration as going way too far. \u201cCISA needed surgery,\u201d Lewis said, but \u201cwhat it needed was surgery with a scalpel, not a sledgehammer.\u201d He added, \u201cNot only is the White House hostile to CISA, but cybersecurity isn\u2019t a priority for them.\u201d<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-a-question-of-capacity\">A question of capacity<\/h4>\n<p>The cuts have created real-world consequences for cybersecurity coordination. Former officials and industry partners describe broken relationships, unanswered requests for help and serious questions about whether CISA can handle a major crisis. The coordination and engagement that defined the agency\u2019s approach have largely diminished.<\/p>\n<p>The end result is that \u201cthey\u2019ve dismantled all of those capabilities in units within government,\u201d said Caitlin Durkovich, a former DHS official in the Obama administration and White House official in the Biden administration. She recently started a firm with former top CISA official Jeff Greene that offers services CISA has scaled back, such as security assessments.<\/p>\n<p>\u201cIt\u2019s been really hard to watch,\u201d Greene said, how CISA has been working with the private sector and local governments on \u201cdeveloping a level of trust that is weakening or gone.\u201d<\/p>\n<p>One industry source said they used to meet regularly with top officials, but now can\u2019t get a response. \u201cWe\u2019ve got really good engagement elsewhere in government. We really would like the opportunity to do the same thing with CISA,\u201d they said. \u201c\u201cSome of the trust that had been built up has been eroded.\u201d<\/p>\n<p>Thompson said the biggest losses have been in election security and secure-by-design, areas where his staff says personnel has been \u201cdecimated.\u201d<\/p>\n<p>Said another industry source: \u201cI do feel like that when people, if organizations, want to reach out to CISA, it\u2019s not clear who\u2019s there\u2026 If we got into a major conflict, let\u2019s say, with China, and they start triggering Volt Typhoon-related malware, are we organized and ready to roll? I don\u2019t think so.\u201d<\/p>\n<p>Another former CISA official described the current situation as a \u201clack of capacity,\u201d especially when it comes to coordinating with state and local governments and others on a regional basis.<\/p>\n<p>\u201cA bunch of regions are really grappling with the loss of really key personnel who were the ones that were establishing and maintaining these relationships, and really trying to build the trust between the agency and the private sector, and especially in critical infrastructure,\u201d they said. \u201cNot having as many people to help do that national coordinating function that CISA is supposed to do is a real issue.\u201d<\/p>\n<p>They also said there are fewer people working in \u201cflagship programs\u201d like secure-by-design and developing regulations for the landmark Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). \u201cPeople are overstretched,\u201d they said. \u201cThey\u2019re not doing all the things that they could or should be doing, or want to be doing, and I think that you see evidence of that with talk from the private sector and their inability to to reach people and to get help \u201c<\/p>\n<p>Schwartz said he worries about when \u201can incident happens, do they have the people to go in, go to the states, go locally, and really do the work that\u2019s needed, as they did in the past? Because they\u2019ve lost some of that ability.\u201d<\/p>\n<p>Lewis said that \u201coverall, the impression is it\u2019s a much weaker entity than it was a year ago.\u201d<\/p>\n<p>\u201cTheir power was in their ability to act as a focal point, to coordinate, to bring people together, and just the publication of vulnerabilities and some of the things they were starting to get into in the previous administration were big steps forward that\u2019s been diminished because they don\u2019t have the people now,\u201d he said. \u201cSo a smaller organization, that\u2019s just not going to be as powerful.\u201d<\/p>\n<p>State and local governments say they\u2019ve lost critical connections with CISA, saying they\u2019ve had to turn to one another to fill the gaps.<\/p>\n<p>\u201cWe\u2019re asking states to do a job they\u2019re not resourced to do, while weakening the one federal agency designed to help them,\u201d said Errol Weiss, chief security officer at the Health-ISAC. \u201cThis is precisely where you do need a strong, centralized federal security function.\u00a0We already have a national shortage of cybersecurity experts, and you can\u2019t just replicate that expertise 50 times over.\u201d<\/p>\n<p>Overall, Weiss said industry partners have felt the lack of outreach from the agency.\u00a0 \u201cFewer touchpoints, fewer briefings, fewer problem\u2011solving calls,\u201d he told CyberScoop, adding that there\u2019s \u201ca growing perception that CISA is being hollowed out where it matters most to industry: stakeholder engagement, collaborative forums, and operational support during incidents.\u201d<\/p>\n<p>Rob Knake, a former top Biden administration official, recently said that \u201cCISA as an organization has pretty much fallen apart.\u201d<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-leadership-in-limbo\">Leadership in limbo<\/h4>\n<p>One near-universal sentiment is that as Sean Plankey\u2019s leadership nomination drags in the Senate, the agency is worse off.<\/p>\n<p>\u201cWe need to start this year off right, and we\u2019re already in February and can\u2019t get Plankey confirmed,\u201d Garbarino said. \u201cThere\u2019s nothing better than having a Senate-confirmed person running the show.\u201d<\/p>\n<p>The acting director has also faced criticism beyond the operational issues.\u00a0 Gottumukkala, who served as South Dakota\u2019s chief information officer under Kristi Noem before she became DHS secretary, has faced fire from both parties for his stewardship.<\/p>\n<p>A string of embarrassing stories have emerged about Gottumukkala, from the tale of him <a href=\"https:\/\/www.politico.com\/news\/2025\/12\/21\/cisa-acting-director-madhu-gottumukkala-polygraph-investigation-00701996\">failing a polygraph test<\/a> and seeking to oust those who administered it; to his reported <a href=\"http:\/\/politico.com\/news\/2026\/01\/18\/acting-cisa-chief-sought-ouster-of-agencys-chief-information-officer-00735826\">attempted ouster<\/a> of veteran agency CIO Robert Costello; to his reported <a href=\"https:\/\/www.politico.com\/news\/2026\/01\/27\/cisa-madhu-gottumukkala-chatgpt-00749361\">uploading of sensitive contract<\/a> data to ChatGPT. DHS has defended Gottumukkala amid those revelations.<\/p>\n<p>Reading stories like that, \u201cIt just sounds like amateur hour,\u201d said one former CISA employee.<\/p>\n<p>\u201cI don\u2019t think he\u2019s up to the task. I believe that he\u2019s not the best person, and I think he is just somebody the secretary likes, because they both are from South Dakota.\u201d Thompson said. \u201cI don\u2019t know anybody before this administration who would be in sensitive areas and not have passed minimal standards like the polygraph.\u201d<\/p>\n<p>The ChatGPT story <a href=\"https:\/\/www.grassley.senate.gov\/imo\/media\/doc\/grassley_to_cisa_-_chatgpt.pdf\">drew concern<\/a> from the right by Senate Judiciary Chairman Chuck Grassley, R-Iowa, as well as from conservative figure <a href=\"https:\/\/x.com\/LauraLoomer\/status\/2016641520682627511\">Laura Loomer<\/a> (the latter of whose remarks were <a href=\"https:\/\/www.politico.com\/news\/2024\/09\/11\/laura-loomer-trump-mtg-00178815?utm_medium=email&amp;utm_source=substack\">racially tinged<\/a>). Others were more perturbed by the lie detector story.<\/p>\n<p>\u201cWhen you have security issues with someone in a leadership position, you should find another place for them to go,\u201d said a former Trump administration national security official. \u201cThere are plenty of competent people in DHS, in CISA, who could hold things together until Sean Plankey gets there. There are lots of serious things CISA needs to be working on right now. This is a drag on that. It\u2019s not a place where you want any type of friction at the top.\u201d<\/p>\n<p>Garbarino was more generous, noting Gottumukkala\u2019s technical background. DiEmidio also noted Gottumukkala\u2019s technical skills. But Garbarino and Nevada Rep. Mark Amodei, the GOP chairman of the House Appropriations Subcommittee on Homeland Security, have been seeking CISA\u2019s organizational plans to no avail.<\/p>\n<p>\u201cI don\u2019t think he\u2019s intentionally lying to us by saying there\u2019s no reorg plan,\u201d Garbarino said. \u201cBut there\u2019s got to be some reasoning behind all these moves, moving the people around, or layoffs or whatever. I want to give him the benefit of the doubt that he is the technical guy that has been given a non-technical job to do.\u201d<\/p>\n<p>Schwartz and some others largely blame Congress for CISA\u2019s current woes, since they haven\u2019t approved Plankey as a full-time, permanent leader. \u201cA lot of the issue is the fact that just doesn\u2019t have the leadership to be able to participate in senior-level discussions,\u201d he said.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-what-s-left-to-build-on\">What\u2019s left to build on<\/h4>\n<p>Despite myriad complaints, many observers still see value in the current iteration of CISA. Some are hopeful about its ability to rebound, too.<\/p>\n<p>CISA says it\u2019s still devoted to its missions. The agency published a <a href=\"https:\/\/www.cisa.gov\/about\/2025YIR\">2025 year-in-review<\/a> about its accomplishments.<\/p>\n<p>\u201cCISA remains steadfast in its mission to safeguard the systems Americans rely on by strengthening federal network defenses, empowering businesses, and fortifying critical infrastructure nationwide,\u201d Gottumukkala said in a statement to CyberScoop.<\/p>\n<p>Moving forward, \u201cwe will deepen collaboration with trusted partners, prioritize highly skilled technical professionals, and direct resources for maximum impact\u2014accelerating innovation, operational coordination, and workforce right-sizing to reduce long-term risks while maintaining strong industry partnerships and cost efficiency,\u201d he said. \u201cThe CISA leadership and workforce remains committed to this mission despite a small minority who are upset that accountability and reform have come to the agency.\u201d<\/p>\n<p>It\u2019s a message Gottumukkala recently delivered to Congress. \u201cHe tried to give the impression that we haven\u2019t lost any capacity,\u201d Thompson said. \u201cI wasn\u2019t impressed.\u201d<\/p>\n<p>Others said CISA is still carrying out many of its old tasks, such as issuing public alerts on vulnerabilities and threats.<\/p>\n<p>\u201cThere\u2019s still some good reporting coming out,\u201d Greene said. \u201cBut what I can\u2019t know is the volume of what they can put out versus what they used to be able to put out.\u201d<\/p>\n<p>Weiss said \u201cCISA still has tremendous value in areas only the federal government can truly provide: national\u2011level visibility, cross\u2011sector coordination and the ability to marshal resources across agencies in a crisis.\u201d But it\u2019s not clear whether CISA can rise to the occasion like it did during the <a href=\"https:\/\/www.congress.gov\/crs-product\/IN12330\">2024 Change Healthcare crisis<\/a>.<\/p>\n<p>\u201cAll of this means it\u2019s more important than ever for the private sector to take the initiative,\u201d he said. \u201cCritical infrastructure owners and operators cannot assume the federal government will have the capacity to step in the way it once did.\u201d<\/p>\n<p>Weiss and others also said that CISA has refocused on federal networks, but others, such as Lewis, said it\u2019s also diminished there. \u201cThat\u2019s their primary mission, and they don\u2019t have the policies or the bodies to do that,\u201d Lewis said.<\/p>\n<p>Garbarino and a number of industry sources say they\u2019re encouraged by the idea that the Trump administration could write less onerous regulations for CIRCIA, with an earlier draft drawing bipartisan and industry criticism.<\/p>\n<p>A Senate-confirmed leader could further brighten the agency\u2019s prospects, many agree. \u201cThey still have some good talent there. It\u2019s not totally that we\u2019ve lost everything there,\u201d Schwartz said. \u201cIf you have leadership in there, then you can build it up.\u201d<\/p>\n<p>DiEmidio said some of the staff changes have made sense. Election security had more people than other sectors that needed the help, she said.\u00a0<\/p>\n<p>\u201cIn some ways, I think the external attention to CISA\u2019s mission in the media and with Congress was completely focused on one or two things, and the focus on the things that really matter, and the good work that CISA is doing got overshadowed,\u201d she said. For the agency\u2019s cybersecurity division and other cyber teams, \u201cthere were several incidents over the summer where those teams were incredible. They were working evenings, weekends.\u201d<\/p>\n<p>But many agree that rebuilding CISA\u2019s workforce will be difficult.<\/p>\n<p>The Trump administration has deliberately made working for the federal government\u00a0challenging as a matter of policy. Russell Vought, head of the Office of Management and Budget, said before the election that the goal was to put federal workers <a href=\"https:\/\/www.propublica.org\/article\/video-donald-trump-russ-vought-center-renewing-america-maga\">\u201cin trauma.\u201d<\/a> Morale at CISA has been particularly bad, they say. Periodic DHS shutdowns haven\u2019t helped.<\/p>\n<p>On the plus side for CISA, it\u2019s a <a href=\"https:\/\/www.nbcnews.com\/business\/economy\/layoffs-job-openings-as-bad-as-2009-rcna257557\">bad labor market<\/a>, Lewis said.<\/p>\n<p>Some of what CISA needs to do going forward is about managing expectations, said DiEmidio.<\/p>\n<p>\u201cWhat I would want to make sure is that CISA has a hiring plan in place to start hiring, especially in those key technical positions at all levels,\u201d she said. \u201c I think you have to have an understanding that people are going to rotate in and out of government. Not everyone wants to stay in government long term and that\u2019s okay.\u201d<\/p>\n<p>But there are some worries about CISA recruiting going forward. \u201cJust the way they handle the departures, for a lot of folks, I don\u2019t think it gives a lot of encouragement to individuals that \u2018Hey, this is a great place to work,\u2019\u201d said one former DHS official.<\/p>\n<footer class=\"single-article__footer\">\n<div class=\"author-card\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\">\n\t\t\t\t\t<img decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2024\/03\/Tim-Starks-01.jpg?w=150&amp;h=150&amp;crop=1\" alt=\"Tim Starks\"\/><br \/>\n\t\t\t\t<\/figure>\n<\/p><\/div>\n<div class=\"author-card__details\">\n<h4 class=\"author-card__name\">Written by Tim Starks<\/h4>\n<p>\t\t\tTim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he&#8217;s covered cybersecurity since 2003. Email Tim here: tim.starks@cyberscoop.com.\t\t<\/p><\/div>\n<\/p><\/div>\n<\/footer><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u201cDecimated.\u201d\u00a0 \u201cAmateur hour.\u201d \u201cPretty much fallen apart.\u201d \u201cIt\u2019s really hard to find something positive to say right now.\u201d It\u2019s been a little more than one year into the second Trump administration, and there\u2019s a large consensus, if not total unanimity, among those who have worked with and for the Cybersecurity and Infrastructure Security Agency: It [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":73,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[100,122,121,120,124,123],"class_list":["post-72","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest","tag-cisa","tag-industry","tag-lines","tag-party","tag-trouble","tag-verdict"],"_links":{"self":[{"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/posts\/72","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/comments?post=72"}],"version-history":[{"count":0,"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/posts\/72\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/media\/73"}],"wp:attachment":[{"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/media?parent=72"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/categories?post=72"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybercolombia.co\/index.php\/wp-json\/wp\/v2\/tags?post=72"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}