Senate adjourns without confirming CISA director
ean Plankey, nominee to be director of the Cybersecurity and Infrastructure Security Agency, testifies during his Senate Homeland Security and Governmental Affairs Committee confirmation hearing in Dirksen building on Thursday, July 24, 2025. Tom Williams/CQ-Roll Call, Inc via Getty Images
Sean Plankey’s nomination faltered as lawmakers ran out the clock after a tumultuous year of workforce reductions. The cyberdefense agency enters the new year without a permanent leader as the White House finalizes a sweeping national cyber strategy.
As the Senate closed its doors for the Christmas holiday, lawmakers left town without confirming Sean Plankey to lead the Cybersecurity and Infrastructure Security Agency, extending a leadership vacuum at the nation’s top cyberdefense office into the new year.
The nomination, which will have to be renewed if the White House still wants him in the role, stalled amid a series of procedural hurdles and objections from both Republicans and Democrats.
The outcome leaves CISA — tasked with protecting U.S. critical infrastructure and federal computer networks — without a Senate-confirmed director nearly a year into President Donald Trump’s second term.
Plankey, a former Energy Department cybersecurity official in Trump’s first term, had faced multiple holds in the Senate, some tied to broader political disputes rather than cybersecurity policy itself. While confirmation remained technically possible until the final days of the session, the nomination ultimately fell victim to end-of-year time pressure and unresolved opposition.
Nextgov/FCW has asked the White House about its plans to renominate Plankey.
CISA has grappled with significant workforce challenges that emerged during Trump’s second term. Around a third of the agency’s staff has been shed in 2025 through a combination of terminations and early retirement offers, moves officials said were part of a broader White House effort to curb what it characterizes as wasteful government spending.
Former officials and cybersecurity experts have warned that the cuts risk undermining CISA’s ability to coordinate with government partners and defend federal systems against major cyber threats, particularly from China.
Across the Department of Homeland Security, several employees, including some within CISA, have also been marked for reassignment to agencies focused on border security and deportation work, adding to uncertainty inside the cyber agency.
On Sunday, Politico also reported that staffers in the cyber agency were suspended without pay after organizing a potentially malicious polygraph examination for Madhu Gottumukkala, which he failed. Two people familiar with the matter confirmed the polygraph results to Nextgov/FCW. DHS, in a response to Politico, disputed the nature of the exam.
Whoever ultimately leads CISA will also do so in a midterm election year. Election matters fall under the agency’s statutory mission to protect critical infrastructure, which includes systems such as election management software and vote tabulation machines, though CISA has faced sustained scrutiny in recent years over its past work monitoring and flagging online misinformation in coordination with social media companies.
During his confirmation hearing before the Senate Homeland Security Committee in July, Plankey sought to distance the agency from content moderation disputes, saying it is “not CISA’s job, and nor is it in its authorities, to censor or determine the truths, whether it be on social media or in any level of media.”
He clashed with Sen. Richard Blumenthal, D-Conn., over 2020 election security assessments.
“As a cybersecurity professional, these are state-run elections,” Plankey said. “I have not reviewed the cybersecurity posture of all 50 states.”
“Your role in that agency is to be above politics,” Blumenthal responded. “If you can’t tell us with conviction and conscience that those elections were secure, I have very serious doubts about your ability to lead this agency.”
Trump has repeatedly and falsely claimed the 2020 election was rigged and stolen. After then-CISA Director Chris Krebs said the election was the “most secure in American history,” Trump fired him.
The leadership limbo comes as the White House prepares to release a national cybersecurity strategy in the coming weeks, a document expected to revisit major U.S. cyber policy frameworks.
Among its defensive pillars, the strategy is expected to push agencies toward adopting quantum-resistant security measures to protect encrypted government networks against future advances in quantum computing — an effort CISA is likely to play a central role in once a permanent director is finally in place.