Swalwell Expresses Concerns Over CISA Staffing Cuts Exposing Nation to Cyber Threats
Rep. Eric Swalwell, a senior House Democrat, is demanding clarity from the Cybersecurity and Infrastructure Security Agency (CISA) following significant staffing reductions that experts warn could hamper national cyber defense capabilities against potential major attacks. In a pointed letter addressed to Acting Director Madhu Gottumukkala, Swalwell called for current staffing figures and details regarding the layoffs and furloughs that have left CISA operating at approximately 35% capacity during a prolonged government shutdown.
In his correspondence, Swalwell highlighted the growing cyber threats to national security, referencing recent testimonies from Homeland Security Secretary Kristi Noem about successful intrusions by threat actors linked to China. He emphasized that CISA must be sufficiently staffed to effectively execute its mission and mitigate these threats.
Reports suggest that CISA has experienced a substantial decrease in personnel, losing over 1,000 staff since the beginning of the year. This attrition, which has affected nearly all facets of the agency, has left the workforce dwindling to fewer than 900 employees during the ongoing shutdown—with an unknown number reassigned to other sectors, including immigration enforcement. This situation has been described by former officials as unprecedented.
The implications of such cuts directly impact CISA’s ability to counter cyber threats. Swalwell’s letter made it clear that the agency’s unwillingness to disclose the number of departing employees raises serious concerns. He requested clarity on the remaining cybersecurity personnel and called for a cessation of workforce reductions entirely.
Ongoing threats from state-sponsored actors targeting federal networks amplify these concerns, particularly as CISA has indicated that its personnel dedicated to critical cybersecurity functions remain stable despite recent staffing changes. CISA Executive Assistant Director for Cybersecurity, Nick Andersen, addressed the agency’s operations during the shutdown, asserting that essential functions would continue unabated.
The context of these staffing challenges suggests a potential vulnerability in national cybersecurity infrastructure, especially considering the tactics and techniques employed by adversaries that may align with the MITRE ATT&CK Framework. Potential adversarial tactics such as initial access through exploiting vulnerabilities, persistence strategies to maintain access, and privilege escalation to commandeer additional system control might be leveraged in forthcoming attacks.
Swalwell has urged an immediate reversal of recent personnel cuts and the reinstatement of employees previously reassigned or terminated. The congressman underscored the critical role CISA plays in bolstering local and state cyber defense measures and cautioned against leaving these vital protections to chance amid ongoing threats.
