By the end of July, Madhu Gottumukkala was embroiled in an unexpectedly explosive scenario that started with a polygraph and swiftly developed into a full-fledged leadership dispute within the U.S. cyber security agency. Gottumukkala’s answer deviated from the standard federal strategy after he failed a highly sensitive counterintelligence exam linked to access-level rules. He replied with a fast and contentious wave of suspensions rather than a quiet recalibration.
Acting directors don’t often make such a lasting impression. However, Gottumukkala came with specific goals in mind, having worked in South Dakota’s IT infrastructure before moving straight from state service under Governor Kristi Noem to a senior position in DHS. It wasn’t wholly unexpected that he pushed to access one of the agency’s most strictly regulated cyber-intelligence streams. His zealous pursuit of it and the ease with which the clearance test backfired caught many off guard.
After Gottumukkala allegedly insisted on being read in, the polygraph—which is purportedly connected to an elite intelligence compartment that normally requires Senate-confirmed status—was given. He thought the exam was procedural, according to staff close to the decision. He was told not to, according to some. In any case, he took the test and signed the waiver.
Then tensions were really high.
The test identified problems, and the findings led to an administrative storm rather than a peaceful recalibration. Six employees were put on leave in a matter of weeks. Prominent cybersecurity experts like Masoom Chaudhary and Jeffrey Conklin are among them. The public defense put forward was that they had “misled” the acting director into a clearance procedure that DHS authorities subsequently determined to be “unauthorized.” In private, the tone was different, more dejected and uneasy.
| Name | Madhu Gottumukkala |
|---|---|
| Role | Acting Director, Cybersecurity and Infrastructure Security Agency (CISA) |
| Background | Former senior IT official in South Dakota; appointed deputy by Kristi Noem |
| Controversy | Failed a polygraph test tied to access of top-secret cyber intelligence |
| Key Issue | Staff allegedly misled him into taking the test; later suspended |
| Reference | Politico Article – 21 Dec 2025 |
According to one CISA employee, the organization started to feel “like it was hemorrhaging competence.” I was moved by that comment because it was accurate rather than dramatic. It was a reflection of something very delicate. CISA is a high-stakes, high-trust organization. Until something goes wrong, its work is invisible. Internal cohesion is fundamental; it is not negotiable.
However, there came a time when the boundaries of trust broke. What ought to have been a simple HR filing with a redacted footnote turned into a chasm that changed people’s careers. The test wasn’t the only thing that went wrong. It was the speed with which retribution took the place of perspective. Many felt it was disproportionate that six employees, many of whom had decades of experience in cybersecurity, were taken out of operations for allegedly “guiding” a superior into a clearance track rather than for espionage or poor management. It felt like a form of revenge.
Notably, the DHS response supported Gottumukkala. In a formal statement, he disassociated himself from accountability and blamed the career team for providing “inappropriate guidance.” However, that simply made the gap wider. In order to shield an appointment, some insiders believed the agency had broken institutional rules. Others contended that superiors ought to have halted the test long before Gottumukkala arrived at the testing chair and that it should never have taken place in the first place.
In the midst of all of this, morale—something that rarely made news—came to light. In contrast to the cooperative culture that CISA had previously fought hard to safeguard, a number of persons I spoke with characterized a culture of “watch your back.” According to a former CISA employee, this wasn’t about a test at all; rather, it was about timing, power, and a cultural conflict that was being resolved through bureaucratic channels.
It is easy to understand why. Unlike a director confirmed by the Senate, Gottumukkala is not permanently answerable to Congress. He gains exceptional mobility as a result, but internal checks become more brittle. He is amassing power under the pretense of discipline, according to his detractors. He is merely reestablishing order in an organization that relies too heavily on legacy staffing, according to his supporters. It’s possible that both sides are correct. However, the time couldn’t be more dire.
Since January, almost one-third of CISA’s employees have either quit or been moved. Particularly among state officials and outside partners, trust in the agency’s leadership trajectory has significantly declined. In the midst of all of this, there is still no obvious way to integrate one of the nation’s most sensitive cyber intelligence divisions.
The irony is that. The information Gottumukkala requested access to, which triggered the clearance test, is still mainly unaltered. Not because of security issues, but rather because the initial goal has been overshadowed by a leadership maze. The organization that was established to protect infrastructure from online attacks is currently attempting to protect itself from internal strife.
If there is a lesson to be learned from this, it has nothing to do with the validity of polygraphs. These tests are still controversial and are generally acknowledged to be flawed. The problem is that at a time when cybersecurity coordination is essential, a single leadership decision—made perhaps too quickly and enforced with extraordinary force—managed to destroy confidence.
Although processes are the foundation of agencies, trust is what keeps them together. No amount of technical competence can cover up the emptiness when that erodes, especially at the top.
The feeling that the employees who were disciplined were caught in a crossfire they did not start is what sticks with me more than the failed test. For them, a standard procedure turned into a moment that changed their careers. And that’s especially troubling for an organization whose goal is based on resiliency.
