Government
,
Industry Specific
Swalwell: Sweeping CISA Cuts Leave Nation Vulnerable to Major Cyberattacks
A top House Democrat is demanding answers from the nation’s cyber defense agency after deep staffing cuts that security analysts warn have weakened federal efforts to prevent the next major cyberattack.
See Also: New Trend in Federal Cybersecurity: Streamlining Efficiency with a Holistic IT Approach eBook
Rep. Eric Swalwell, D-Calif., ranking member of the House Homeland Security subcommittee on cybersecurity and infrastructure protection, sent a letter Tuesday to Madhu Gottumukkala, acting director of the Cybersecurity and Infrastructure Security Agency, seeking the agency’s current staffing numbers. The letter also requested details on how many employees have been furloughed, terminated, reassigned within the Department of Homeland Security or departed under the workforce transition program – reductions that left the agency operating at just 35% capacity during the shutdown (see: CISA in Disarray Amid Shutdown and Growing Political Threats).
“I should not need to remind you that cybersecurity threats pose a significant and growing risk to our national security,” the congressman wrote. Homeland Security Secretary Kristi Noem testified in May that Chinese-affiliated threat actors have compromised multiple critical infrastructure sectors nationwide, he noted. “In order to combat these threats, CISA needs to have sufficient personnel to carry out its mission.”
Estimates and public reports indicate CISA has lost more than 1,000 staffers since January – a major exodus that hit nearly every part of the agency, which peaked at over 3,300 employees in 2024. Fewer than 900 staffers reportedly remain amid the ongoing government shutdown, with an unknown number reassigned to other DHS components such as immigration enforcement – a shift one former senior official called unprecedented in an interview with Information Security Media Group.
“I can count on one hand the number of directed reassignments we approved – and they always involved consultation and planning with the employee,” the official said. “Telling someone they have to uproot their lives and move across the country or lose their job – that’s not standard practice.”
CISA has declined to comment on recent staff reductions, though DHS said in a court filing that at least 176 employees across its components received reduction-in-force notices in recent days. The White House signaled plans to furlough up to 10,000 federal workers during the shutdown, but a judge issued a temporary restraining order Wednesday blocking further cuts.
Swalwell wrote that CISA has “refused to share final numbers on how many employees have left the agency” despite multiple requests from the subcommittee. He also requested information on how many security advisors and cybersecurity state coordinators remain employed at the agency.
“The only reason for these RIFs is to further terrorize hardworking federal employees the administration was unable to harass into leaving their jobs earlier this year,” the letter read.
The shutdown and workforce cuts also come as CISA warns that federal networks are under active attack by a nation-state threat actors exploiting vulnerable devices across agencies. CISA Executive Assistant Director for Cybersecurity Nick Andersen said Wednesday that the latest RIF notices did not affect personnel working on the directive, which mandates agencies apply new vendor updates to multiple F5 products (see: CISA: F5 Hack Exposes Fed Networks to Full Compromise).
“While a government shutdown can disrupt federal operations, we’re sustaining essential functions,” Andersen said.
Swalwell urged CISA to “immediately cease all efforts” to cuts its workforce, and to reinstate employees who have been dismissed or transferred to non-cyber Homeland Security components in recent weeks.
“CISA’s ongoing efforts to reduce its workforce suggest it plans to leave state and local governments on their own for cyber defense,” he wrote.