CISA Warns of 'Detrimental Capacity Impacts' Amid Shutdown

Government , Industry Specific CISA Warns of 'Detrimental Capacity Impacts' Amid Shutdown CISA Acting Director Says Major Staffing Gaps Are Weakening Federal Network Defense Chris Riotta (@chrisriotta) • April 16, 2026     Share Post Share Credit Eligible Get Permission Image: Shutterstock The top Trump administration at the U.S. Cybersecurity and Infrastructure Security Agency defended a paired down budget request before a congressional panel that convened amid a prolonged government shutdown that has strained the agency. See Also: New Trend in Federal Cybersecurity: Streamlining Efficiency with a Holistic IT Approach eBook Testifying Thursday before the House Appropriations Subcommittee on Homeland Security, Acting Director Nick Andersen said the $2.5 billion request reflects the administration's effort to stabilize and scale the agency's mission as cyber and physical threats grow more complex and intertwined (see: Trump's Budget Proposal Would Slash CISA After Bruising Year). "While we are shut down, our adversaries are not," Andersen told lawmakers, adding that CISA continued incident response and infrastructure defense operations even as its workforce was reduced to roughly 40% capacity during the funding lapse. The Department of Homeland Security, of which CISA is a component, this week recalled furloughed workers back to work despite the lack of a funding bill. The $2.5 billion request is aimed at supporting what Andersen described as CISA's core statutory mission. A major portion of the proposal includes $1.4 billion for the agency’s cybersecurity division, tasked with detecting, defending against and building resilience to cyberattacks targeting federal systems and critical infrastructure. The funding request comes at a moment of continued instability for the agency, which only recently began recalling its workforce after operating for weeks in a stripped-down posture during the shutdown (see: CISA Workers Recalled Despite Shutdown). Andersen said CISA has issued multiple emergency directives and expanded threat guidance since early 2025, including dozens of joint cybersecurity advisories with law enforcement and international partners. The agency has also added nearly 300 known exploited vulnerabilities to its catalog over the past year, bringing the total to more than 1,500. Andersen highlighted continued investment in federal network visibility through the Continuous Diagnostics and Mitigation program, which would receive $410 million under the proposal to expand endpoint detection and response capabilities and improve coordinated threat response across agencies. The budget also allocates $391 million for infrastructure security and resilience programs aimed at enabling risk-informed decision-making by operators of critical systems, alongside $178 million for risk reduction services delivered through CISA’s regional field presence. Those services include vulnerability assessments, incident response support and training activities designed to help state and local governments and private-sector partners anticipate and recover from cyber and physical threats. Andersen said the agency completed more than 1,000 such engagements tied to major events - including the upcoming FIFA World Cup. CISA's budget request includes $98 million for emergency communications programs to improve interoperability across federal, state and local agencies, and $31 million to support its role as the sector risk management agency for eight of the nation’s 16 critical infrastructure sectors. An additional $42 million would fund the National Risk Management Center, which Andersen said plays a central role in identifying and prioritizing cross-sector risks and informing national-level policy. Lawmakers used the hearing to press agency leaders on workforce challenges, with Andersen acknowledging that vacancies and shutdown-related disruptions have had "detrimental capacity impacts" on mission delivery. "The most significant near-term impact recently has been our reduction down to about 40% of staff," Andersen said, adding that CISA is working to fill 329 positions identified as critical to restoring operational capacity, particularly in cybersecurity and field operations. Those roles include personnel embedded in local communities and critical infrastructure environments, where lawmakers said CISA’s presence is often most visible during incident response and recovery efforts. The administration's proposed cuts to CISA's overall budget also raise questions about how the agency will sustain expanded mission demands with fewer resources. Andersen said the agency is focused on stabilizing operations and directing resources toward the highest-risk sectors, particularly those tied to national security, public health and economic continuity.