CISA to furlough most of its workforce under impending DHS shutdown

Madhu Gottumukkala, acting director of the Cybersecurity and Infrastructure Security Agency, testifies during the DHS oversight hearing in the Cannon House office building on January 21, 2026

Madhu Gottumukkala, acting director of the Cybersecurity and Infrastructure Security Agency, testifies during the DHS oversight hearing in the Cannon House office building on January 21, 2026 Heather DiehlGetty Images

Featured eBooks
CDM
Read Now

Future-Ready Workforce

Read Now

Health Tech

Read Now
Insights & Reports
5G Powers Mission-Ready Connectivity: Powering secure, real-time coordination for federal agencies
Presented By T-Mobile
Download Now
The Hidden Threat of Malicious Open-Source Packages
Presented By Checkmarx
Download Now
David DiMolfetta By David DiMolfetta,
Cybersecurity Reporter, Nextgov/FCW

By David DiMolfetta

|

The shutdown would also slow ongoing revamps of a major cyber incident reporting rule that was signed into law in 2022, acting director Madhu Gottumukkala said this week.

A likely partial government shutdown after Friday would impair the Cybersecurity and Infrastructure Security Agency’s operations, leading to diminished capabilities in critical areas including cyber response, security assessments, stakeholder engagements, training exercises and special event planning, a top official said this week.

CISA would furlough a majority of its workforce and just one-third would remain on the job under shutdown conditions, agency acting director Madhu Gottumukkala told House appropriators on Wednesday. 

“I want to be clear — when the government shuts down, cyber threats do not,” he said.

The impending shutdown of the Department of Homeland Security — CISA’s parent agency — comes after Congress granted the department a two-week funding extension following high-profile Immigration and Customs Enforcement shootings in Minneapolis. Democrats have seized upon those incidents to advocate for funding overhauls for ICE and U.S. Customs and Border Protection, which have played central roles in the Trump administration’s maximalist deportation efforts.

The cyberdefense agency’s work would be “strictly limited to those that are essential to protecting life and property” and available staff will “only look at anything that is an immediate need and an imminent threat,” said Gottumukkala, adding that the agency will be unable to proactively scan for cyber vulnerabilities.

The shutdown would also slow ongoing revamps of a major cyber incident reporting rule that was signed into law in 2022, he said. The Cyber Incident Reporting for Critical Infrastructure Act directed CISA to enact a final rule by October 2025, though that deadline has been extended to this May. CISA announced a series of listening sessions for CIRCIA on Thursday.

The cyberdefense agency has already lost approximately one-third of its workforce over the past year amid various Trump 2.0 efficiency plans and mechanisms aimed at shedding purported government bloat and wasteful spending.

NEXT STORY: CISA orders agencies to patch and replace end-of-life devices, citing active exploitation