Canceled Contracts, A Failed Polygraph And Personal Disputes: Inside The Turbulent Tenure Of Noem’s Former Cyber Czar

The interim chief of the nation’s top cyber defense agency had convinced many people he was not up to the task long before his sudden reassignment late Thursday. But the one person who mattered most — Department of Homeland Security Secretary Kristi Noem — stood firm on keeping him in place.

In his roughly nine months as acting director of the Cybersecurity and Infrastructure Security Agency, Madhu Gottumukkala made a series of decisions that alienated career staff, created friction with Trump appointees and provoked scrutiny from influential lawmakers on both sides of the aisle. Nine current and four former cyber officials who spoke with POLITICO over the last several weeks said his tenure was so chaotic that it was hampering the agency’s core mission: protecting sensitive government networks from a crush of cyberattacks. All were granted anonymity for fear of retribution.

Several who spoke with POLITICO said the agency was long overdue for a leadership change. Under Gottumukkala, said one current official, the agency was “devolving every day.”

The frustration with Gottumukkala was shared by several administration officials, two of whom told Noem as far back as November that Gottumukkala should not be in charge at CISA, according to three current cybersecurity officials with knowledge of those conversations.

But Noem was hesitant to remove Gottumukkala until recently because she and DHS special adviser Corey Lewandowski — President Donald Trump’s former campaign manager — feared it would reflect poorly on her, as she was already facing immense pressure over DHS’s immigration crackdown and other issues, two of those three officials said.

Noem’s reversal comes just days before a long-awaited Tuesday appearance before the Senate Judiciary Committee, where she is expected to face tough questions from lawmakers in both parties.

POLITICO reached out to CISA and its parent agency, DHS, 24 hours before Gottumukkala’s move was announced. In response to this reporting, Marci McCarthy, director of public affairs at CISA, shared a statement it also provided to other outlets confirming Gottumukkala’s move.

“Madhu Gottumukkala has done a remarkable job in a thankless task of helping reform CISA back to its core statutory mission. He tackled the woke, weaponized, and bloated bureaucracy that existed at CISA, wrangling contracts to save American taxpayer dollars,” McCarthy said.

She added Gottumukkala will “continue his work to save taxpayer money” as DHS’s new director of strategic implementation. The specific responsibilities of this role are unclear, and it is not listed on the department’s leadership website. Gottumukkala did not respond to a request for comment.

'Asleep at the wheel'

Gottumukkala had no prior experience in the federal government before Noem appointed him last May as the deputy director of CISA. He worked in private sector IT roles for more than two decades, and then served a 10-month stint under then-governor Noem as South Dakota’s chief information officer, according to his LinkedIn page. He holds a PhD in information systems from Dakota State University.

Some staff began to question whether Gottumukkala was fit for the job within just weeks of him starting at the $3 billion cyber defense agency.

In June, the new acting director had his first briefing of classified intelligence on the top hacking threats facing the U.S., during which he asked what information the agency had on cyber threats along the Southern border — and from India, where he grew up.

The briefers in the room were stunned, according to three current and one former agency official with knowledge of the exchange. Though the southern border was a Trump administration priority, India was not. It has also never been considered a significant hacking threat to the U.S. — as opposed to countries such as Russia and China, which have persistently targeted American networks.

One briefer had even prepared some material on Iran’s hacking capabilities, one of the officials added, because Israel was at the time weighing a major military strike against Tehran, but they never got to it.

“Typically, India would be the last place we’d be talking about,” said the official.

In August, Gottumukkala triggered a DHS-wide damage assessment by uploading sensitive agency contracting documents into a public version of ChatGPT that other staff at the agency weren’t permitted to use for security reasons.

And Gottumukkala angered career staff and fellow Trump appointees by taking a hatchet to some major agency contracts — in some cases without due consideration for their importance to CISA's cyber defense mission, or without properly alerting agency staff so they could find workarounds, according to four current officials. He gave little notice before deciding not to renew one such contract — a $30 million license CISA staff used to identify vulnerable internet-connected devices across government agencies — ahead of its expiry, they said.

"I don’t think people realized how ill-served we, the American public, were by having someone that was this unserious, just asleep at the wheel in an agency leadership position like this," said one of the four officials.

Personnel purge

Agency staff also say Gottumukkala did not take accountability for his missteps and often lashed out at his staff — which resulted in the dismissal of nearly a dozen employees while the agency continued to face a workforce shortage.

POLITICO previously reported that DHS placed a swath of CISA employees on leave after Gottumukkala failed a counterintelligence polygraph exam last July. DHS later dismissed the polygraph as “unsanctioned” and accused staff of “misleading” Gottumukkala about the need for the test.

Six staffers remain on paid leave, according to two of the current officials who spoke to POLITICO. A seventh staffer, an intelligence research specialist named Maisie Hendrix, was fired in part due to her involvement in arranging the test, according to a current and a former official. Hendrix did not respond to a request for comment.

Last summer, Gottumukkala temporarily suspended a CISA employee who had flashed a middle finger at his Tesla Cybertruck while it sat unoccupied in an agency parking lot, according to four current officials. Footage of the incident was captured by the car’s on-board camera, and Gottumukkala had the CISA Security Office identify the employee, two of the people said.

The four officials said the employee did not appear to know whose car it was at the time, and was frustrated because the electric vehicle had been left in a shared charging port for days at a time. The employee returned to work after two months, the four officials said.

In the fall, Gottumukkala had DHS reassign his first chief of staff, Brian Bonacci, whom he felt was challenging his authority by advocating policies he felt would be supported by Sean Plankey, Trump’s pick to lead the agency, according to three current and one former officials. Bonacci did not reply to a request for comment.

And most recently, he clashed with two of CISA’s senior-most career officials — one who he tried to oust in January after butting heads over contracting issues, and a second who he blamed for preventing that, according to two officials with knowledge of the dynamic.

Both of those officials received orders on Thursday — just hours before Gottumukkala’s move was announced — to either accept another role at DHS or resign.

While Gottumukkala appeared to be picking off employees he had disagreements with, he acknowledged that the agency needed to ramp up hiring to better defend against Russian and Chinese hackers, two current officials said. In November, he sent a memo to DHS arguing for more staff to replenish the nearly 1,000 staffers the agency had lost due to the Trump administration's efforts to slash the federal workforce before his arrival.

Clean-up effort

CISA has been without a Senate-confirmed leader since the start of Trump’s second term, when former Director Jen Easterly stepped down. It’s unclear whether Plankey will be confirmed anytime soon, as Senate Republicans have been blocking his nomination over unrelated partisan grievances for months.

The work of shoring up the agency, therefore, falls on another temporary leader: Nick Anderson, CISA’s former executive assistant director for cybersecurity, whom DHS said will take Gottumukkala’s place. Anderson is a veteran of the first Trump administration and has previously held senior IT and security roles in the private sector and in the U.S. military.

Noem could get tough questions about her oversight of CISA and its tumultuous past few months at the Senate Judiciary Committee hearing this Tuesday.

Sen. Chuck Grassley (R-Iowa), the chair of the committee, sent a letter to CISA earlier this month requesting extensive records on Gottumukkala’s ChatGPT usage. A spokesperson for Grassley said the agency has not yet replied to the letter due to the DHS shutdown.

The top Democrat on the House Committee overseeing CISA, Rep. Bennie Thompson (D-Miss.), told POLITICO he looks forward to working with Anderson to straighten out the agency.

"Over the past year, CISA's staff has been decimated and it has lost capacity to conduct critical missions,” Thompson said in a statement. “Ultimately, however, the responsibility lies with Secretary Noem, who put Dr. Gottumukkala in the position in the first place.”

Maggie Miller and Dana Nickel contributed to this report.