Acting CISA Director Pushed to Remove Agency CIO
America’s cybersecurity backbone is facing a certain amount of strain.
The acting head of the country’s Cybersecurity and Infrastructure Security Agency, Madhu Gottumukkala, took steps last week to remove the agency’s chief information officer, Robert Costello — but was blocked after other political appointees at the department objected, according to three officials with knowledge of the matter.
The Jan. 18 report by Politico, reveals this comes at a tense moment for CISA, as the agency works to defend federal networks and critical infrastructure from persistent threats while navigating a wave of internal turnover and heightened scrutiny of leadership decisions.
The move also adds to growing concerns inside the agency about decision-making by Gottumukkala, who has already faced internal criticism in recent weeks over other personnel actions.
CISA is part of the Department of Homeland Security and plays a central role in coordinating the federal government’s cyber defense posture, including incident response support, threat analysis, and broader coordination with state and local partners as well as the private sector. Leadership turmoil at the top of the agency can have ripple effects across DHS operations, particularly when it involves core operational roles like the CIO.
How the reassignment unfolded
The personnel dispute began late Thursday (Jan. 15) afternoon, when Costello was informed he had been given a so-called management-directed reassignment, the three officials said. Under that process, Costello was given about one week to decide whether to move to another part of DHS — or resign.
All three officials were granted anonymity because they feared retaliation for discussing internal agency developments.
Management-directed reassignments are typically used to move senior staff to other roles or units without a formal termination process. But in practice, officials said, such actions are often understood as forcing an employee out of their current position, particularly when the shift is abrupt and the employee is not offered a clear alternative role in the same chain of command.
In this case, officials said, the move surprised not only career staff but also other senior political appointees.
Political pushback halts the effort
Other senior political appointees at DHS, including Nick Anderson, CISA’s executive assistant director for cybersecurity, were not informed ahead of time about the decision and objected sharply when they learned about it, the officials said.
They immediately “raised hell” and questioned the justification for Costello’s surprise ejection from the agency, said the first of the three officials.
The internal pushback prompted DHS headquarters to pause the reassignment and ultimately stop it entirely before the end of the day Friday, according to all three officials.
The episode highlighted how unusually contentious the move was, officials said. Removing a CIO during a period of staffing instability can disrupt enterprise technology planning, cloud migration efforts, network security programs, and day-to-day operations that support cyber defense work.
CISA’s official response
In a statement, CISA’s Director for Public Affairs Marci McCarthy said that while CISA does not comment on specific personnel decisions or discussions, the agency “can clarify that senior personnel decisions are made at the highest levels at the Department of Homeland Security’s Headquarters and are not made in a vacuum, independently by one individual, or on a whim.”
She added: “CISA remains committed to transparency, accountability, and the highest standards of leadership within our organization. We discourage reporting based on inaccurate or incomplete information provided by disgruntled individuals at CISA who are upset that accountability and reform have come to the agency.”
The statement appeared aimed at reinforcing that DHS headquarters maintains oversight of major staffing actions, and at framing internal criticism as resistance to reform rather than concerns about leadership judgment.
However, the three officials described the attempted reassignment as sudden and poorly coordinated, increasing anxiety among staff about the stability of senior leadership roles.
Questions surrounding Gottumukkala’s leadership
Each of the three officials said that Gottumukkala directly approved the move. His motivations aren’t entirely clear, and Gottumukkala did not reply to a request for comment.
The attempted CIO ouster comes as Gottumukkala has already faced scrutiny inside the agency following his handling of a failed polygraph exam in July, as Politico previously reported. At least six career staff involved in scheduling the test were suspended with pay afterward, which DHS described as an “unsanctioned” exam.
Officials familiar with internal discussions said that the suspensions rattled both career staff and political appointees, in part because the situation raised questions about how personnel discipline was being applied and whether decision-making processes were being followed consistently.
The Costello reassignment effort, even though it was stopped, added to that uncertainty, officials said, because it suggested that other senior leaders could also face sudden removal without clear justification or warning.
Tensions over policy and contracting
The second and third officials said there had been friction between Costello and Gottumukkala, particularly because Costello frequently pushed back on policy matters.
The first and second officials also cited disagreements over contracting decisions at CISA — a major area of responsibility given the agency’s heavy reliance on vendor partnerships for cybersecurity tools, enterprise IT platforms, and operational support.
Disputes over contracting can carry outsized significance inside federal agencies, as they affect both mission execution and spending priorities. Officials said Costello was viewed internally as an experienced leader with a reputation for integrity, and all three praised his performance.
A former senior DHS official familiar with the fallout at CISA last week said the effort to remove Costello alarmed staff because he is seen as one of the agency’s remaining top technical talents.
That concern has become more pronounced as the agency’s workforce has shrunk substantially. Roughly 1,000 people — about one third of CISA’s staff — have left in the last year due to the Trump administration’s workforce cuts, the former official said.
Right now, “the fear is high at CISA,” that former official said. “It’s insane.”
Costello, Anderson, and Gottumukkala did not reply to requests for comment.
CISA and international partners issued new guidance on securing AI in operational technology, warning of OT risks and urging stronger governance and safeguards.
About Author
