Shelly Hartsook will resign as acting associate director of the Cybersecurity and Infrastructure Security Agency’s cybersecurity division, Federal News Network reported Monday. A source familiar with the matter said Hartsook will depart CISA on March 6.
Sign up for the Potomac Officers Club’s 2026 Cyber Summit on May 21 to hear leading cyber officials and industry experts as they discuss escalating digital threats and advance zero trust.
What Role Did Hartsook Hold at CISA?
Hartsook oversaw “capacity building” efforts across the cybersecurity division, managing programs that deliver cyber capabilities to federal agencies. Among those initiatives was the Continuous Diagnostics and Mitigation program, which provides tools, integration services and dashboards to help agencies reduce cyber risk and strengthen network visibility and response capabilities.
The outgoing acting associate director directed externally facing services aimed at helping agencies confront significant cyber threats. She also led the agency’s efforts to build customer capacity to address pressing cybersecurity challenges by delivering externally facing services.
How Did Hartsook Shape Federal Cyber Policy?
Hartsook helped define a long-term strategic recovery roadmap following the 2020 SolarWinds cyber intrusions and spearheaded government-wide initiatives under the May 2021 cybersecurity executive order, including advancing zero trust architecture adoption and enhancing federal cyberthreat detection through enhanced logging practices.
In 2025, CISA issued “Microsegmentation in Zero Trust, Part One: Introduction and Planning,” a guide that provides an overview of microsegmentation as part of its efforts to help agencies implement zero trust architectures.
“So many organizations, both on the federal side and in the private sector, we saw make early investments in zero trust network access tools, or SASE tools – secure access service edge –as part of their early implementation,” said Hartsook.
