The polygraph was not required of him. With every successive layer of internal conflict, that detail becomes more audible. Some officials claim that Madhu Gottumukkala, the acting director of CISA, took it excitedly and failed. That failure was more than just a personal shame; it was carried out under layers of miscommunication and bureaucratic opacity. It caused a rift in one of the most strategically significant organizations in the nation.
In order to obtain highly classified cyber intelligence, Gottumukkala was put through a polygraph exam during the final week of July. This was no typical clearance shuffle; the material involved was considered so sensitive that passing a counterintelligence polygraph was necessary. Experienced CISA insiders claim that not even the former deputy director of the agency had access to this degree of data. But Gottumukkala persisted.
He had previously been warned twice by senior staff by the middle of the summer that such access was not necessary for his position. The intelligence was easily accessible even in lower-security versions. However, he persisted and ultimately approved his own polygraph. And instead of calmly accepting the results or readjusting his course of action, he chose to choose a new route when they were released.
What came next was especially unsettling. Letters began to be sent on August 1. Six employees, including administrative contractors and top security professionals, were put on leave. The explanation? The acting director was allegedly tricked into thinking the test was required. These individuals weren’t fringe or rogue actors. They had the most in-depth knowledge of the agency’s workings.
| Detail | Description |
|---|---|
| Full Name | Madhu Gottumukkala |
| Current Role | Acting Director, Cybersecurity and Infrastructure Security Agency (CISA) |
| Appointed By | Kristi Noem (as Deputy Director, May 2025) |
| Controversy | Failed polygraph tied to access of classified cyber intel |
| Fallout | At least six career staff placed on administrative leave |
| Prior Experience | Senior IT Official, South Dakota; Former Director at Sanford Health |
| Agency Status | No permanent Senate-confirmed CISA head since January 2025 |
| External Link | Politico Report |
Even by Washington standards, this episode was remarkably obscure, and it transpired during a precarious period. Since January, CISA, a key player in the country’s cyber defense, has already lost about one-third of its employees. It has had to deal with both budgetary restrictions and changing leadership dynamics under President Trump’s administration. The agency was forced to rely on a relatively fresh political appointment who had not been tried on a national scale because there had not been a Senate-confirmed director since Jen Easterly’s departure.
Prior to his May appointment as deputy director, Gottumukkala, a technocrat with a background in healthcare technology and a low public image, worked in South Dakota’s IT system. His appointment seemed to some like a calculated move by Kristi Noem to appoint a devoted and analytical leader. But others pointed out that he advanced through the federal ranks astonishingly fast, especially considering CISA’s expanding responsibility for protecting vital digital infrastructure.
The polygraph failure might have been an ordinary bureaucratic annoyance. However, the choice to suspend employees completely changed the story. A personal blunder was transformed into a contentious institutional reckoning. In support of the acting director, DHS said that the test was “unsanctioned.” However, a number of present authorities objected, stating that no one takes a polygraph at that level without being aware of and consenting to the procedure.
At that point, things became more pronounced. Whispers of retaliation and the emergence of a culture of fear started to circulate within the organization. Whether Gottumukkala told his own superiors that he had been advised that such clearance wasn’t necessary or that more seasoned employees had initially refused him access is still unknown. The obvious thing is that he persevered, failed, and then attributed his failure to people who were probably attempting to help him pass through a delicate gate.
One source’s statement, “There is only one person to blame for that,” caused me to pause at one point in the middle of this maze. It was not yelled. It was not highlighted. But I couldn’t shake it.
The plot is made more difficult by some technical elements. Although polygraphs are employed extensively by intelligence services, their scientific validity is questionable. For this reason, they are not admissible in the majority of U.S. courts. Test failure can occasionally indicate nothing more serious than tension or a restless night. Perception, however, frequently triumphs over nuance, particularly in an area where procedure and trust are prevalent.
It has been stated that Gottumukkala assured colleagues that passing the test would be easy. Though somewhat misguided, the optimism wasn’t unusual. Overconfidence frequently accompanies leadership roles. However, it is less acceptable to place devoted employees in disciplinary limbo as a result. Some could characterize this managerial approach as very harsh.
Experienced personnel such as Masoom Chaudhary, CISA’s deputy head of staff, and Jeffrey Conklin, the agency’s chief security officer, were among the six employees suspended. For those who remained in the agency, their removal was particularly unsettling. This was a warning to many, not just a leadership blunder.
They were placed on administrative leave in early August while DHS’s acting general counsel conducted an investigation. Without addressing the fundamental question of why the test was conducted at all, it was a particularly effective strategy for stifling internal criticism.
The role of CISA goes well beyond internal HR conflicts. Its duties include keeping an eye on election security, administering crucial risk frameworks nationwide, and protecting national infrastructure from hackers. Under tremendous pressure, its employees are required to make judgments fast, accurately, and ideally with the support of capable leadership. It is difficult to regain confidence after it has been rattled to this extent.
The agency has made an effort to continue publicly in recent days. Gottumukkala put on a professional appearance while attending diplomatic functions and being photographed with foreign ambassadors. However, staff morale is still low on the inside. They feel lost, according to some. Others see an environment that has become increasingly polarized between career public workers and political appointments.
The stakes are national, not just institutional, for those who monitor federal cybersecurity. Decision-making delays or monitoring gaps could result in a breach with practical repercussions. When leadership mistakes are not addressed, they turn into weaknesses. Furthermore, in the context of cyberspace, vulnerabilities are always open to abuse.
