CISA faces deep strain as Trump-era cuts and layoffs weaken US cybersecurity defenses

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is reportedly in serious trouble, according to bipartisan lawmakers and leaders across the cybersecurity industry who worry the agency’s capacity to carry out its core mission has been eroded — leaving it less prepared if a major cyber incident hits.

Cyberscoop reporter Tim Starks spoke with sources spanning Capitol Hill, private-sector cyber firms, and other corners of the security community, and the feedback pointed to a broad consensus: CISA has taken significant damage from budget reductions and staff cuts during the Trump administration’s first year.

During that period, CISA has lost roughly one-third of its workforce, a reduction that has reportedly gutted programs, eliminated roles, and drained hard-to-replace expertise. Among the efforts affected were the agency’s counter-ransomware work and initiatives to encourage secure software development practices. The losses have also reportedly included multiple members of its election security team. CISA is the federal agency tasked with supporting election security, and some observers warned that Trump’s continued focus on advancing false claims about the 2020 election has contributed to the administration placing less priority on CISA’s election-related work.

Beyond layoffs, CISA also reassigned hundreds of employees to support other components within the Department of Homeland Security as part of the Trump administration’s sweeping immigration crackdown.

Many of the people Cyberscoop spoke with placed responsibility on the Trump administration, Congress, or both. Others specifically criticised CISA’s acting director, Madhu Gottumukkala, suggesting he has struggled to steer the agency effectively and has reportedly created operational security problems.

CISA has not had a permanent director since Trump took office in 2025.

The agency is also reportedly operating at about 38% staffing levels as the partial U.S. federal government shutdown continues. Lawmakers have declined to extend funding for federal immigration authorities amid widespread backlash following the killing of two U.S. citizens by federal agents.

When contacted for comment, Gottumukkala said the agency “remains unwavering in its commitment to protect our federal networks from malicious cyber threat actors despite the multi-week government shutdown” affecting Homeland Security.