The Trump administration late Thursday removed the scandal-plagued acting director of the Cybersecurity and Infrastructure Security Agency, injecting fresh uncertainty into the operations of an agency already grappling with a morale crisis as it tries to protect the U.S. from sophisticated hacking threats.
The Department of Homeland Security reassigned Madhu Gottumukkala, the deputy CISA director who had led the agency in an acting capacity since last May, to a position at DHS headquarters. Nick Anderson, the executive assistant director for CISA’s Cybersecurity Division and one of the few remaining political appointees at the agency, will step in as acting director.
In an emailed statement confirming the changes, a DHS official said Gottumukkala “has done a remarkable job in a thankless task of helping reform CISA back to its core statutory mission.”
“He tackled the woke, weaponized, and bloated bureaucracy that existed at CISA, wrangling contracts to save American taxpayer dollars,” said the official, who spoke on the condition of anonymity to discuss personnel matters.
Gottumukkala will now serve as director of strategic implementation at DHS, the official said.
Gottumukkala’s removal caps a rocky tenure that saw him embroiled in several controversies. In incidents first reported by Politico, Gottumukkala failed a polygraph test and reassigned staffers involved in administering it, pushed to remove CISA’s chief information officer after clashing with him (as Cybersecurity Dive first reported, he finally succeeded on Thursday, hours before his own removal) and uploaded sensitive data to a public AI tool. The episodes embarrassed many CISA employees and raised questions about Gottumukkala’s fitness to lead a federal agency.
Agency in crisis
The scandals worsened an already bleak environment at CISA, which has experienced widespread layoffs, significant program changes and a stark deterioration in critical partnerships since President Donald Trump took office in 2025. The Trump administration described CISA as a rogue agency because of its work with election officials and social media companies during the 2020 election, and officials vowed to put it “back on mission.”
As acting director, Gottumukkala was a reliable political ally of the Trump administration. He has close ties to Secretary of Homeland Security Kristi Noem, for whom he had worked in South Dakota when she was governor and he was the state’s CIO. (He did not have any cybersecurity leadership experience before joining CISA.) Over the past nine months, Gottumukkala dutifully implemented a series of workforce and program cuts that demoralized the agency’s staff and alienated many of its partners in state and local government and the critical infrastructure community.
Those cuts attracted criticism from experts and lawmakers, however, and by November, Gottumukkala was promising that CISA would soon begin a hiring spree to rebuild its diminished capacity. Even so, he told Congress in late January, CISA’s work “is mission-focused, which means capability is measured by outcomes, not head count.”
Optimism about new leader
With Gottumukkala gone, CISA faces a new phase of uncertainty, as employees and outside observers wait to see how Anderson will steer the agency.
“I am excited for this leadership change,” said one CISA employee, who — like others interviewed for this story — requested anonymity to speak freely.
Gottumukkala “was clearly the wrong person” to lead CISA, this employee added. “Our hope is that Nick will be allowed to make the necessary changes to turn CISA around so it can begin to heal and stem further losses.”
Another employee agreed, saying they were “very excited” for Anderson to take over because he was “a great leader who understands the right priorities for CISA to defend critical infrastructure and federal networks.”
“I’m also confident he’ll advocate for CISA to have the budget and personnel to tackle the problems,” the second employee added.
A third employee expressed hope that Anderson “will be able to provide better stability and direction like he’s done within [the cyber division].”
A fourth employee described Anderson’s appointment as “the best thing that’s happened since this new administration.”
“Nick has proved [that] mission-focused, no-nonsense and common sense are all traits that can be found in a political appointee since he’s come here,” the employee said. “Cyber isn’t political, and he’s a wonderful example of what leadership at this agency should be.”
People familiar with CISA’s internal operations described the change as sorely needed.
“CISA right now is a s— show,” a U.S. official said, adding that Gottumukkala “didn’t bring confidence to CISA at a time when CISA needed it, both with the employees and with the public.”
“Nick is a smart, capable guy,” the official said. “I think he will do very well in the role.”
Acting director brings deep expertise
Anderson spent two years as the Coast Guard’s CIO, a year as the Navy’s CIO and more than a year as a senior official at the Department of Energy’s cybersecurity and emergency response division. Last September, the Trump administration appointed him to lead CISA’s cyber division, the agency’s largest and most important wing.
He also served as Vermont’s chief information security officer, in which capacity he served on a CISA committee of state and local government leaders, giving him an understanding of the state side of the federal-state partnership on cyber and physical security matters.
Many people familiar with Anderson’s work said his cybersecurity leadership experience could help stabilize CISA, but some said the agency would continue to struggle until the Senate confirmed Trump’s CISA director nominee, Sean Plankey.
“I’d hope Nick brings more stability to the agency,” said one person familiar with the matter. “I don’t think we’ll get that until Plankey comes in, though.”
