Cybersecurity Spending
,
Government
,
Industry Specific
Analysis of Proposed Budget, Workforce Cuts Reveal Risks to Cyber Readiness
The White House is framing plans to cut 1,000 federal cybersecurity jobs and hundreds of millions in funding from the U.S. Cybersecurity and Infrastructure Security Agency as a crackdown on waste and inefficiency. A review of the fiscal year 2026 budget proposal reveals sweeping reductions that could affect core national cyber defense capabilities.
The agency’s budget proposal subtracts nearly $150 million from cyber operations, eliminates cyber defense education programs, guts funding for infrastructure simulation and risk management and reduces support for election security, international coordination and stakeholder engagement. The proposal includes cuts across virtually all of the agency’s divisions, diminishing its ability to respond to emerging threats and undermining coordination with state and local governments (see: Trump Homeland Security Budget Guts CISA Staff, Key Programs).
Analysts warn that a growing leadership vacuum and the departure of top talent could destabilize the agency, as most heads of operational divisions and regional offices prepare to leave amid uncertainty over shifting mission and priorities. Multiple staffers in CISA’s regional offices told Information Security Media Group they fear the new administration is steering the agency away from its core focus, noting the shutdown of local election security partnerships that had been central since staffing ramped up ahead of the 2024 election (see: CISA’s Leadership Exodus Continues, Shaking Local Offices).
“A nearly 20 percent budget cut would gut a number of CISA’s critical cyber defense capabilities,” said Annie Fixler, director of the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation (see: White House Shifting Cyber Risk to State and Local Agencies).
“Therewill be pain,” said Travis Rosiek, public sector chief technology officer at Rubrik and a former red team director at the Defense Information Systems Agency. Cuts to training and awareness will undermine efforts to recruit and retain the skilled workforce needed to staff key positions capable of combating cyberthreat actors, he said.
Under the fiscal year 2026 budget, even further workforce cuts would further erode institutional knowledge and risk disrupting frontline coordination with state and local partners.
Workforce Reductions by Program
- Mission Support: 788 – 218 = 570 positions left
- Cybersecurity: 1,267 – 204 = 1,063 positions left
- Infrastructure Security: 343 – 18 = 325 positions left
- Emergency Communications: 128 – 48 = 80 positions left
- Integrated Operations: 827 – 327 = 500 positions left
- Risk Management Operations: 179 – 121 = 58 positions left
- Stakeholder Engagement & Requirements: 200 – 147 = 53 positions left
Spending reductions have triggered bipartisan concerns from lawmakers who question how CISA will defend against escalating threats from foreign adversaries and cybercriminals (see: CISA’s Acting Director Defends Cuts Amid Growing Turmoil).
Rep. Andrew Garbarino, R-N.Y., demanded Thursday to know why CISA plans to eliminate its Mobile App Vetting program as early as this month in a letter sent to Homeland Security Secretary Kristi Noem.
“CISA must be equipped with the right tools and able to provide relevant guidance to improve the security of mobile devices, which have been repeatedly targeted by the People’s Republic of China,” wrote the chair of the cybersecurity subcommittee on the Committee on Homeland Security. He advised the secretary to prioritize CISA’s role as a sector risk management agency for the communications sector as she conducts a “review” of the agency’s structure.
Budget Reductions by Program
- Mission Support: $478,506,000 – $126,952,000 = $351,554,000
- Cybersecurity: $1,181,648,000 – $216,095,000 = $965,553,000
- Emergency Communications: $101,565,000 – $19,797,000 = $81,768,000
- Integrated Operations: $228,378,000 – $46,239,000 = $182,139,000
- Risk Management Operations: $133,870,000 – $97,464,000 = $36,406,000
- Stakeholder Engagement & Requirements: $99,718,000 – $62,199,000 = $37,519,000
Overall Totals
- Total Workforce: 3,732 – 1,083 = 2,649 positions left
- Total Full-Time Equivalents (FTEs): 3,294 – 970 = 2,324 FTEs left
- Total Operations and Support (O&S) Budget: $2,382,814 – $424,929 = $1,957,885
Top 10 Takeaways from CISA’s Fiscal 2026 Budget Proposal
- One-third of CISA’s workforce would be eliminated under the Trump administration’s proposed budget, triggering concerns over national cyber readiness.
- Cyber operations funding would be reduced by a nearly $150 million cut.
- Cyber defense education and training programs would be eliminated, ending investments in workforce pipeline and upskilling.
- Election security support faces steep reductions.
- Risk management operations would be gutted, with critical infrastructure modeling, threat simulation and analysis capacity significantly diminished.
- The National Infrastructure Simulation and Analysis Center would lose most of its funding.
- The Intelligence Unit under Integrated Operations would be completely eliminated.
- Stakeholder engagement and international coordination resources would be drastically reduced.
- More than 200 positions would be cut from CISA’s cybersecurity division, including cyber operations, vulnerability management and joint exercises.
