CISA resources ‘more limited than I would like’ amid shutdown, top official says

Nick Andersen, Acting Director of the Cybersecurity and Infrastructure Security Agency, speaks during a House Committee on Appropriations and Subcommittee on Homeland Security hearing on April 16, 2026 in Washington, DC.

Nick Andersen, Acting Director of the Cybersecurity and Infrastructure Security Agency, speaks during a House Committee on Appropriations and Subcommittee on Homeland Security hearing on April 16, 2026 in Washington, DC. Roberto Schmidt/Getty Images

Featured eBooks
Health Tech
Read Now

CDM

Read Now

Future-Ready Workforce

Read Now
Insights & Reports
Cribl for the Public Sector: Defend data at mission speeds
Presented By Cribl
Download Now
Drive Capital Program Success: Proactive Data Oversight and Financial Insights for Government Agencies
Presented By Procore
Download Now
David DiMolfetta By David DiMolfetta,
Cybersecurity Reporter, Nextgov/FCW

By David DiMolfetta

|

Many “preparatory activities” and “outreach that we’d typically be able to do” are not allowed during an ongoing DHS shutdown, Nick Andersen told lawmakers.

The Cybersecurity and Infrastructure Security Agency’s top official said resources to detect and counter hacking threats are “more limited than I would like” as the cyberdefense office grapples with funding issues facing the Department of Homeland Security.

CISA acting Director Nick Andersen told House appropriators on Thursday that many “preparatory activities within the environment, a lot of the outreach that we’d typically be able to do” are not allowed during an ongoing shutdown in the department.

DHS employees were called back to the office this week, after President Donald Trump ordered the department to use funds from the One Big Beautiful Bill Act to pay civilian employees and their furloughed colleagues who hadn’t received pay throughout the shutdown.

But due to its current cash issues, CISA is unable to cover costs beyond employee salaries, according to an email Andersen sent to staff on Monday that was obtained by Nextgov/FCW. The email specified that any non-salary expenditures now require an exception under the Antideficiency Act, which governs how agencies use their congressionally appropriated funds.

DHS has now been unfunded for about two months, amid a partisan stalemate over immigration enforcement reforms.

The cyberdefense agency also canceled plans to onboard summer interns participating in a government scholarship program for cyber talent due to the funding lapse, Nextgov/FCW reported Tuesday.

Even beyond current financial limitations, the fiscal year 2027 budget request for CISA proposes to make significant reductions to election security, workforce development, stakeholder engagement and a range of infrastructure protection resources.

The budget plans reflect long-standing skepticism from the Trump administration and its allies toward the agency, particularly over its role in 2020 election security efforts and concurrent work to counter false information online. Critics have argued CISA strayed beyond its “core” mission of infrastructure protection and federal cyber defense.

Cyber practitioners and former officials have frequently said that even the cuts put in place in the last year go too far.

Those reductions, compounded by the current shutdown, come as the U.S. continues to face cyber threats from Iran, despite recent efforts by the Trump administration to broker a deal with Tehran and Israel.

Earlier this month, CISA and other agencies said Iran-aligned hackers exploited and disrupted operational technology control systems embedded in multiple U.S. critical infrastructure sectors.

Iran has been “opportunistically focused” in its hacking efforts and has targeted unsecured devices connected to the internet, added Andersen.

NEXT STORY: Expect more cybersecurity executive orders soon, national cyber director says