The Cybersecurity and Infrastructure Security Agency’s acting leader used a hearing on Wednesday to defend the Trump administration’s mass layoffs at CISA and reassure lawmakers that the agency was still prepared to defend government and critical infrastructure networks from hackers.
“A disciplined mission requires the right workforce — not a larger one, but a more capable and skilled one,” Madhu Gottumukkala said during a House Homeland Security Committee hearing that featured him and two other Department of Homeland Security officials.
In the coming year, Gottumukkala added, “CISA will continue targeted hiring in mission critical roles while remaining aligned with [DHS’s] broader efforts to control costs and maximize return.”
For now, though, he said, “we have the staff that we need.”
CISA turmoil over layoffs, transfers
CISA has lost more than one-third of its workforce since President Donald Trump took office almost exactly one year ago. The Trump administration has forced out key experts, eliminated a major collaboration framework, withdrawn funding from a state and local cybersecurity group and shuttered offices that managed important partnerships with states, businesses and foreign allies.
At least 998 CISA employees have quit or been laid off or transferred since the start of the Trump administration, with 65 receiving forced reassignments to other agencies, according to an internal agency report that House Homeland Security Committee ranking member Bennie Thompson, D-Miss., entered into the record at the end of the hearing. Thompson’s office later provided the report to Cybersecurity Dive.
Lawmakers of both parties expressed concern about the turmoil at CISA, with committee chairman Andrew Gabarino, R-N.Y., saying that “workforce continuity, clear leadership, and mission readiness are essential to effective cyber defenses.”
Democrats were more critical. “At a time of persistent and growing cyber threats from malign foreign actors,” said Rep. James Walkinshaw, D-Va., the cuts at CISA “have weakened our defenses and left our critical systems and infrastructure more exposed and the American people more vulnerable.”
Gottumukkala repeatedly declined to answer questions about how CISA’s workforce purge was affecting its ability to execute its mission. When Walkinshaw asked if CISA had conducted an analysis of its staffing needs, Gottumukkala responded that CISA’s work “is mission-focused, which means capability is measured by outcomes, not head count.”
CISA’s attrition rate in 2025 was lower than the government-wide average, according to Gottumukkala, hovering at around 7.5% compared with the government-wide rate of 9.25%.
Rep. Andy Ogles, R-Tenn., the chairman of the homeland security panel’s cyber subcommittee, praised Gottumukkala over the workforce cuts. “You're doing more with less,” he said, “and you're doing it more efficiently.”
CISA is not planning to make any more organizational changes, Gottumukkala said, and the agency will consult with Congress if that changes.
The hearing, which was Gottumukkala’s first appearance before Congress, gave Democrats an opportunity to press him on multiple controversies that have recently embroiled his tenure at CISA, although he largely avoided commenting on them. He refused to confirm that he had failed a polygraph test, saying he didn’t “accept the premise of that characterization” and wouldn’t discuss security clearance–related matters in public. He declined to comment on a report that he had tried to oust CISA’s chief information officer, citing the complexities of personnel matters. And he dodged a question about DHS’s controversial plan to build a facility for discussing classified information at a South Dakota university aligned with DHS Secretary Kristi Noem, the state’s former governor.
Election security concerns
When Walkinshaw asked Gottumukkala about CISA eliminating funding for the Multi-State Information Sharing and Analysis Center, which forced many local governments to leave the group, Gottumukkala said none of the roughly two dozen other ISACs received federal funding, although CISA is still coordinating with all of them.
Gottumukkala also repeatedly said that no CISA personnel had been transferred to ICE to support Trump’s immigration crackdown, although Democratic lawmakers disputed that claim.
Gottumukkala consistently defended CISA’s workforce cuts by saying that the Trump administration was putting CISA “back on mission” by eliminating activities beyond the agency’s core responsibilities.
“The personnel that we have, we are making sure that they are on mission,” Gottumukkala said. “The bad press … misses the point.”
CISA’s election security mission has seen the biggest changes. In 2020, CISA helped state and local officials alert social media companies to misinformation related to the election and the Covid-19 pandemic. Republicans accused CISA of conspiring with Silicon Valley to censor Americans’ online speech, and the falsehood-fueled controversy turned the agency into a pariah among conservatives. After Trump took office last year, CISA froze its election security program and eliminated the entire team.
But in Wednesday’s hearing, Gottumukkala sought to assure lawmakers that CISA was still committed to helping states secure the upcoming midterm elections.
“The claim that DHS or CISA has rolled back election security protections is not accurate,” Gottumukkala told Rep. Tony Gonzales, R-Texas. “We treat election security like any other critical infrastructure sector, and our election security services remain fully in place.”
CISA ended “activities that were outside its core mission,” Gottumukkala told Rep. Dale Strong, R-Ala., including “monitoring any American's lawful speech, any narrative management or any coordination with those social media companies on election-related posts.”
Gonzales urged Gottumukkala to keep CISA focused on election security, including partnering with the military’s U.S. Cyber Command to neutralize foreign adversaries’ attempts to interfere with American elections. “That needs to be a priority,” Gonzales told Gottumukkala, who said CISA had a strong intelligence-sharing relationship with Cyber Command.
Several lawmakers asked Gottumukkala about the precarious status of the 2015 Cybersecurity and Infrastructure Security Act, which lawmakers temporarily revived in November after it sunset on Sept. 30. “It remains one of the most important authorities for defending the U.S. critical infrastructure against increasingly sophisticated cyber threats,” Gottumukkala said. The Trump administration strongly supports a long-term renewal of the law, he added. “One of the strengths of CISA is the partnership and collaboration with the private sector.”
CIRCIA update
Gottumukkala also briefly discussed the status of the regulation that CISA is developing pursuant to the Cyber Incident Reporting for Critical Infrastructure Act. The business community objected to the Biden administration’s draft rule, saying it was too broad and onerous, and the Trump administration has said that it is working closely with industry to refine the requirements.
“We are working very hard to make sure that we are getting towards the closure line,” Gottumukkala said, adding that the agency was reviewing “about 280-plus detailed public comments.”
The Trump administration is keeping CISA “squarely focused” on the responsibilities that Congress gave it, Gottumukkala told lawmakers. In 2025, he said, CISA helped more than 4,000 cyberattack victims, published more than 1,600 security products, shared more than 2,500 threat and incident reports and triaged more than 30,000 incidents.
“We are prioritizing what works, eliminating duplication and ensuring that every product and service directly advances CISA’s regulatory mission and aligns with the administration's goals of efficiency, accountability and impact,” Gottumukkala said.
One of the few things that united Republicans and Democrats during the hearing was the recognition of CISA’s importance to U.S. national security.
“CISA [is] arguably one of the most important agencies in our government [where] most people don't realize what's happening,” Gonzales said.
But Republicans also said the newly slimmed-down agency needed to stay on track.
“When [CISA’s] mandate is carried out with discipline and focus, the agency earns bipartisan support in Congress and confidence from the industry,” Garbarino said. “When it does not, that confidence erodes.”
