Gene Dodaro, retiring Comptroller General of the Government Accountability Office, warned senators that cybersecurity and critical infrastructure protection are not receiving urgent attention matching the severity of threats, expressing concern about staffing cuts at CISA.
Dodaro testified before the Senate Homeland Security and Governmental Affairs Subcommittee on Border Management, Federal Workforce and Regulatory Affairs on December 16, 2025, delivering a final message about cybersecurity priorities as he prepares to retire at the end of December. During the hearing, Dodaro stated that daily pressure from state and non-state actors has left the US in a "very vulnerable" position. He noted the need for a permanent CISA director, noting that Madhu Gottumukkala has served as acting director since spring while nominee Sean Plankey awaits confirmation. Sources indicate Plankey is unlikely to move forward after multiple senators placed or threatened holds on his nomination. Dodaro revealed that CISA has lost approximately one-third of its staff under the Trump administration's downsizing efforts. The GAO has designated cybersecurity as a high-risk area since 1997 and critical infrastructure since 2003, with 600 of 4,400 recommendations still open.
The Trump administration has been reducing CISA's workforce through layoffs and forced relocations since October 2025. According to court filings, the Department of Homeland Security laid off 176 employees following the federal government shutdown on October 1, with CISA accounting for the bulk of those layoffs. The layoffs targeted employees in CISA's Stakeholder Engagement Division, Integrated Operations Division, and the Infrastructure Security Division's Chemical Security unit. Additionally, DHS has been issuing Management Directed Reassignments (MDR) to CISA staffers, ordering them to relocate across the country to work for agencies like ICE, Customs and Border Protection, FEMA, and the Federal Protective Service. Employees have been given seven days to respond to relocation orders, with refusal considered grounds for termination. Many reassignments involve cross-country moves to positions outside employees' skill sets, leading critics to suggest the strategy is designed to force resignations rather than direct terminations.
The workforce reductions have affected critical areas of CISA's mission:
The administration has justified the downsizing by claiming CISA had been "focused on censorship, branding and electioneering" during the previous administration, stating the changes are "part of getting CISA back on mission."
Dodaro told the subcommittee that cybersecurity and critical infrastructure protection are not getting "the urgent attention commensurate with the evolving grave threat."
When asked by Sen. Bernie Moreno, R-Ohio, about the importance of having a CISA head in place, Dodaro responded: "I think it's essential. We've spent a lot of time trying to encourage the government to do more, and CISA was doing, you know, a better job."
He added: "We have a lot of open recommendations still for them to do. But I'm concerned that we're taking our foot off the gas at CISA, and I think we'll live to regret it."
Regarding election security, Dodaro stated the cyber agency has historically "provided a lot of assistance to … elections officials at the state and local level." He continued: "I'm concerned they may not be postured to do that with the midterms coming up, as well as deal with critical infrastructure throughout the country."
The Cybersecurity and Infrastructure Security Agency (CISA) serves as the nation's primary civilian cybersecurity agency, responsible for protecting federal networks, critical infrastructure, and supporting state and local election security efforts. Congress created CISA in 2018 to streamline and empower the government's cyber defense work. The Biden administration expanded the agency's mission, raised its public profile, and gave it new authorities. Management Directed Reassignments (MDR) are relocation orders that can be used to move federal employees to different positions or agencies; refusing an MDR can be considered grounds for termination. The GAO's high-risk designation identifies areas vulnerable to fraud, waste, abuse, and mismanagement, requiring focused attention and transformative solutions from federal agencies.
The workforce reductions are happening at the operational level, affecting employees who directly support critical infrastructure organizations, respond to ransomware attacks, protect chemical facilities, and assist state and local election officials. Former Biden administration official Caitlin Durkovich noted that disrupting the federal cybersecurity apparatus is dangerous "as the world grows more contentious and adversaries harness AI to amplify the scale and sophistication of their attacks."
With nation-state adversaries and cybercriminals growing bolder, reassigning experienced cybersecurity professionals to immigration enforcement or forcing them out creates vulnerabilities. Congress must prioritize confirming permanent CISA leadership and ensuring the agency has adequate resources and personnel stability to fulfill its mission of protecting critical infrastructure and supporting election security before the 2026 midterms. Healthcare organizations and other critical infrastructure operators should prepare for reduced federal cybersecurity support and strengthen their own security programs.
The shutdown resulted from a funding lapse amid disputes over spending cuts proposed by the Trump administration and Department of Government Efficiency (DOGE) initiatives.
Yes, reduced federal threat intelligence sharing and vulnerability alerts would force companies to invest more in independent defenses.
State actors use AI for automated phishing, deepfake reconnaissance, and scalable ransomware.