CISA acting director reassigned to DHS division; agency operating under partial shutdown during peak Iranian cyber threat — US cyber defense coordination degraded
CISA acting director reassigned to DHS division; agency operating under partial shutdown during peak Iranian cyber threat — US cyber defense coordination degraded
The US Cybersecurity and Infrastructure Security Agency (CISA) is operating without its acting director, who was reassigned to a new division within DHS last week, while simultaneously under partial shutdown. This leadership vacuum coincides with the highest Iran cyber threat environment since 2020. Active threat picture as of March 3: US banks on heightened alert (Reuters), UK NCSC issued advisory warning UK organizations of cyber spillover risk, Unit 42 (Palo Alto) tracking active phishing and hacktivist operations, Cyber Islamic Resistance umbrella collective (RipperSec, Cyb3rDrag0nzz) running DDoS and data-wipe campaigns, Fortune reporting Iran exploring AI-accelerated cyberattack methodology. CISA’s statutory role coordinating federal cyber defense for critical infrastructure (energy, finance, water, healthcare) is non-delegable. Agency cannot execute mission at full capacity during partial shutdown with no acting director.
Sources
- Nextgov/FCW (March 3): 'The lead U.S. cyber agency is stretched thin as Iran hacking threat escalates. Last week, CISA's acting director was reassigned to a new division within DHS and the agency is operating under a partial shutdown'
- Reuters (March 3): US financial services industry on heightened alert
- NCSC.gov.uk advisory: organizations urged to take action against spillover risk
- Unit 42 Threat Brief (March 2026): direct observations of phishing and hacktivist activity
- Fortune (March 2): ex-NSA operative commentary on pre-positioned threat actors