US Federal Cyber and IT Leadership Turnover and Confirmation Disputes
US federal cyber and IT leadership saw multiple high-profile personnel moves, including a planned transition at the Cybersecurity and Infrastructure Security Agency (CISA). Acting director Madhu Gottumukkala is expected to leave CISA for a new Department of Homeland Security role as director of strategic implementation, with Nick Andersen (CISA’s executive assistant director for cybersecurity) slated to become acting director. Separately, CISA CIO Bob Costello reportedly received reassignment/transfer orders and is expected to depart the agency, with reporting indicating he may have been offered reassignment to FEMA; the reasons for the move were not publicly clarified.
In parallel, Senate confirmation politics affected senior national cyber leadership: Sen. Ron Wyden said he would block confirmation of Lt. Gen. Joshua Rudd to lead both U.S. Cyber Command and the NSA, citing a lack of cyber and signals intelligence experience and concerns about his understanding of NSA surveillance authorities. Outside the cyber agencies, the Department of Justice elevated Nikki Collier from deputy CIO to permanent CIO, following a prolonged vacancy after the prior CIO’s departure, underscoring broader federal IT leadership churn during a period of workforce reductions and ongoing scrutiny of security governance practices.
Timeline
Feb 27, 2026
Nick Andersen becomes acting CISA director
Following Gottumukkala's departure, Nick Andersen, CISA's senior cybersecurity executive, was named interim acting director. The change left CISA still awaiting Senate confirmation of a permanent leader.
Feb 27, 2026
Madhu Gottumukkala moved from CISA to DHS role
CISA acting director Madhu Gottumukkala was shifted to a new Department of Homeland Security position as director of strategic implementation. The move came amid controversy over his tenure and broader leadership turmoil at the agency.
Feb 26, 2026
CISA CIO Bob Costello receives reassignment orders
Bob Costello, CISA's chief information officer, reportedly received transfer orders and is expected to leave the agency, with FEMA mentioned as a possible destination. The reasons for the reassignment were not publicly explained.
Feb 26, 2026
Sen. Wyden blocks Joshua Rudd's confirmation
Sen. Ron Wyden said he would block Lt. Gen. Joshua Rudd's confirmation to lead both U.S. Cyber Command and the NSA, citing concerns about his cyber and signals intelligence experience and his answers on surveillance authorities. The move could force a formal Senate vote instead of approval by unanimous consent.
Feb 23, 2026
DOJ updates staff profile to show Collier as CIO
The Department of Justice updated Nikki Collier's staff profile on February 23 to identify her as CIO. The update publicly signaled that she had formally moved into the permanent role.
Feb 1, 2026
Nikki Collier assumes DOJ CIO role
Collier's LinkedIn indicates she took over as DOJ's chief information officer in February 2026, ending the department's stretch without a permanent CIO. DOJ staff records were updated shortly afterward to reflect the change.
Dec 31, 2025
Sean Plankey's CISA director nomination lapses at end of 2025
Sean Plankey's earlier nomination to serve as CISA director expired when the 2025 session closed without confirmation. The administration later renominated him while the agency continued under acting leadership.
May 31, 2025
DOJ CIO Melinda Rogers departs
Former DOJ CIO Melinda Rogers left the department at the end of May 2025, leaving the agency without a permanent IT leader. Collier was subsequently listed as acting CIO.
Feb 26, 2025
Trump fires Gen. Timothy Haugh from NSA and Cyber Command leadership
President Donald Trump fired Gen. Timothy Haugh, after which Lt. Gen. William Hartman led the National Security Agency and U.S. Cyber Command in an acting capacity for nearly a year. This created the vacancy later tied to Joshua Rudd's nomination.
Jan 1, 2025
Nikki Collier becomes DOJ deputy CIO
Nikki Collier began serving as the Department of Justice's deputy chief information officer. She later became a key internal candidate for the department's top IT role.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Sources
Related Stories
CISA Leadership Shakeup: CIO Departure and New Acting Cyber Chief नियुक्त
The Cybersecurity and Infrastructure Security Agency (**CISA**) is undergoing a leadership transition marked by the departure of its chief information officer, **Robert Costello**, who announced he is leaving after nearly five years in the role. Reporting indicates Costello’s exit follows internal turbulence, including conflicting accounts about whether then-acting director **Madhu Gottumukkala** attempted to push him out and subsequent transfer orders that raised the prospect of reassignment elsewhere in DHS; Costello had public support from some lawmakers and had been a visible advocate for modernization and improved tooling at the agency. Separately, CISA named **Chris Butera** as acting executive assistant director for the agency’s **cybersecurity division** amid broader leadership shakeups: Gottumukkala was moved to another DHS role, and **Nick Andersen** assumed leadership of the agency. The changes come as CISA continues to face workforce attrition tied to broader federal staffing reductions, with additional departures expected within the cyber division, raising concerns about sustained capacity to execute CISA’s mission to address major cyber threats, vulnerability response, and critical infrastructure resilience.
1 months ago
U.S. Federal Cyber Leadership Turmoil and CISA Policy Disruptions
U.S. federal cyber operations faced heightened uncertainty amid **leadership turnover and staffing reductions at CISA**, raising concerns about the agency’s capacity to execute its mission. Reporting indicated acting director **Madhu Gottumukkala** was replaced by **Nick Andersen** following controversies including alleged mishandling of sensitive information, while CISA also lost its CIO and reportedly saw staffing reduced by roughly one-third. Separately, Senate confirmation dynamics continued to affect cyber leadership, with Sen. Ron Wyden opposing the nomination of Lt. Gen. **Joshua Rudd** to lead **U.S. Cyber Command and the NSA**, citing concerns about experience and constitutional-rights familiarity as the agencies remained without a permanent chief. CISA’s policy and guidance output continued but faced headwinds from broader federal disruptions. CISA published new insider-threat program guidance centered on the **POEM framework** (*Plan, Organize, Execute, Maintain*) to help organizations build multi-disciplinary insider threat management teams spanning physical security, cybersecurity, HR/personnel, and reporting/analysis functions. At the same time, a **partial DHS shutdown** was reported to be stalling progress on the **Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA)** rulemaking, complicating compliance planning for critical infrastructure entities awaiting clarity on incident reporting requirements and enforcement expectations.
1 months ago
DHS Leadership Upheaval and Uncertainty Over CISA’s Direction
The Department of Homeland Security is undergoing a significant IT and cybersecurity leadership realignment, including the reported departures of **DHS CISO Hemant Baidwan** and **Deputy CISO Amanda Day**. The shakeup follows broader turbulence across DHS and **CISA**, including the reassignment of acting CISA Director Madhu Gottumukkala to a DHS headquarters role and the resignation of CISA CIO Bob Costello; Day has since moved to the private sector as VP of cybersecurity and trust at *Workday*. Separately, President Donald Trump nominated Sen. **Markwayne Mullin** to lead DHS after firing Secretary Kristi Noem, a move that DHS and CISA personnel described as adding uncertainty to an agency already strained by workforce reductions, leadership instability, and operational impacts from a recent DHS shutdown. While Mullin has supported some cybersecurity-related legislation, employees cited ongoing concerns about CISA’s ability to stabilize without a permanent, Senate-confirmed leader; an unrelated report noted the IRS has launched a “thorough” cybersecurity review amid congressional scrutiny of taxpayer-data sharing and privacy compliance, but that issue is not part of the DHS/CISA leadership event.
1 months ago