The Cybersecurity and Infrastructure Security Agency will increase its hiring efforts in 2026 as it seeks to rebuild from the Trump administration’s deep cuts and prepare for a potential U.S. conflict with China.
“The recent reduction in personnel has limited CISA’s ability to fully support national security imperatives and administration priorities,” acting CISA Director Madhu Gottumukkala said in a Nov. 5 memo to staff obtained by Cybersecurity Dive. The agency has “reached a pivotal moment,” he added, but it remains “hampered by an approximately 40% vacancy rate across key mission areas.”
With China continuing to target U.S. and allied critical infrastructure, and experts predicting a crisis in 2027, Gottumukkala wrote, “CISA must hire highly qualified professionals by the end of fiscal year 2026 to strengthen the agency’s defensive posture.”
As part of a new workforce and talent strategy, CISA will prioritize the hiring of state cybersecurity coordinators and regional cybersecurity advisers, particularly in regions with what Gottumukkala called “persistent vacancies.” Many of those vacancies are the result of the Trump administration’s policies — these personnel, who serve as vital liaisons between CISA and critical infrastructure organizations across the country, have been among the hardest hit by the layoffs and voluntary departures that have rocked CISA over the past 10 months.
In addition, CISA will expand its use of the Department of Homeland Security’s Cyber Talent Management System, a special hiring program, “to recruit critical cyber talent at market rates,” Gottumukkala said, “focusing on junior practitioners and experienced industry experts.” The agency will work with DHS’s human-resources office to make the hiring process faster.
“These proactive workforce measures will ensure continuity of operations and safeguard the American people against evolving national security risks,” Gottumukkala told staff.
The memo, which has not previously been reported, did not say how many people CISA intends to hire.
CISA’s new workforce strategy comes as the agency is still reeling from the loss of more than one-third of its workforce under the Trump administration. The downsizing program, spurred by the administration’s animus toward CISA over its election security work, has pushed out key experts, jeopardized important operations and frozen vital partnerships. Many CISA employees are frustrated with their leaders and unsure how to proceed in their jobs, while their industry and government partners are concerned about working relationships with CISA that have deteriorated amid travel restrictions and staff turnover.
Some of the changes detailed in Gottumukkala’s memo are aimed at making CISA a more attractive place to work, both for potential hires leery of recent changes and current employees who may be looking for other jobs. CISA will now consider granting exceptions to its return-to-office policy for “employees with deep technical expertise, significant travel requirements, or recurring mission-critical demands outside core hours,” Gottumukkala told staff.
CISA will still aim to have at least 80% of its employees working in offices, Gottumukkala wrote, but “flexibility will remain a vital tool for retaining high-skill employees and maintaining operational efficiency, particularly within Cybersecurity, IT, and operational divisions.”
The agency is also planning to expand its partnerships with colleges and universities to prepare young people for careers in cybersecurity, with a new focus on “high-demand industrial control systems and other mission-critical domains.” The agency will also prioritize hiring Scholarship for Service graduates and reinvigorate its internship program with the goal of bringing in “a large student cohort” by next summer.
With all three of those projects, CISA is effectively trying to reverse the damage from the Trump administration’s cuts, which have decimated the CISA division handling academic engagement and eroded the Scholarship for Service program.
“CISA must immediately accelerate recruitment, workforce development, and retention initiatives to ensure mission readiness and operational continuity,” Gottumukkala told employees.
CISA did not respond to a request for comment about the memo.