U.S. cybersecurity agency CISA is reportedly in dire shape, according to bipartisan lawmakers and industry leaders who fear that the agency’s ability to perform its core mission has been diminished and left it unprepared for a cybersecurity crisis.
News site Cyberscoop’s Tim Starks spoke with sources across Congress, the private cyber industry, and beyond, and what came back reflected a general consensus that CISA has suffered under cuts and layoffs during the Trump administration’s first year.
Over that time, CISA has lost around one-third of its staff, which cost it programs, personnel, and expertise, including the agency’s counter-ransomware initiative and efforts to promote secure software development. Some of these have included several members of its election security team, TechCrunch reported last year. CISA is the federal agency responsible for election security. Some warned that Trump’s ongoing obsession with promoting false claims about the 2020 election has led to the administration deprioritizing CISA.
CISA also reassigned hundreds of other staffers to aid other agencies within the Department of Homeland Security as part of the Trump administration’s broad immigration crackdown.
Many of Cyberscoop’s sources blame the Trump administration, Congress, or both. Others singled out CISA’s acting director, Madhu Gottumukkala, as having struggled to lead the agency and reportedly caused security headaches as a result.
CISA has been without a permanent director since Trump entered office in 2025.
The cybersecurity agency is said to be currently operating at around 38% staff levels as the partial U.S. federal government shutdown, which began on February 14, drags on. Lawmakers have declined to continue funding federal immigration authorities amid widespread criticism following the killings of two U.S. citizens by federal agents.
Techcrunch event
Boston, MA
|
June 9, 2026
When reached for comment, CISA’s Gottumukkala told TechCrunch that the agency “remains unwavering in its commitment to protect our federal networks from malicious cyber threat actors despite the multi-week government shutdown” of Homeland Security.