The agency charged with defending the United States against cyberattacks β from foreign adversaries, criminal syndicates, and lone-wolf hackers alike β is staring down a budget cut so severe that former officials and cybersecurity experts say it would fundamentally compromise the nation’s digital defenses. The Trump administration’s fiscal year 2026 budget proposal calls for reducing the Cybersecurity and Infrastructure Security Agency’s funding by roughly 491 million dollars, a cut of nearly 17 percent from its current allocation. But internal planning documents and reporting from multiple outlets suggest the actual restructuring could be far more dramatic, with workforce reductions approaching 40 percent.
That’s not a trim. It’s an amputation.
According to The Register, the proposed budget would bring CISA’s total funding down to approximately 2.59 billion dollars from its current level of roughly 3.08 billion dollars. The cuts target multiple divisions within the agency, including threat hunting teams, vulnerability disclosure programs, and election security operations that were built up over the past several years in response to well-documented foreign interference campaigns. The proposal arrives at a moment when the cybersecurity threat environment has never been more complex or more dangerous β a point that even administration allies in Congress have acknowledged in recent hearings.
CISA, housed within the Department of Homeland Security, was established in 2018 with broad bipartisan support. Its mission: protect federal civilian networks, coordinate with critical infrastructure operators in the private sector, and serve as the central hub for cyber threat intelligence sharing across government. Under its first two directors β Chris Krebs, who was fired by President Trump in 2020 after affirming the security of the presidential election, and Jen Easterly, who expanded the agency’s partnerships and public profile β CISA grew into what many in the cybersecurity community regarded as one of the few genuinely functional interagency coordination bodies in Washington.
Now, much of that architecture is on the chopping block.
The workforce reductions are particularly alarming to current and former officials. The Register reported that the administration’s restructuring plans could eliminate up to 1,300 full-time positions, a figure that tracks with earlier reporting from The Washington Post and Nextgov/FCW about mass layoffs and buyout offers already circulating within the agency. Some of those departures have already occurred. In the first months of 2025, CISA lost several senior leaders, including officials overseeing election security, critical infrastructure coordination, and international partnerships. The departures were a mix of firings, forced reassignments, and voluntary exits by people who saw the writing on the wall.
The administration’s rationale, as articulated by officials at the Office of Management and Budget and DHS, centers on eliminating what they describe as mission creep. Specifically, the White House has taken aim at CISA’s work on election security and its efforts to coordinate with social media platforms on misinformation β activities that conservative critics have characterized as government censorship. President Trump himself has repeatedly attacked the agency, dating back to his dismissal of Krebs. Senior adviser Elon Musk’s Department of Government Efficiency, or DOGE, has also flagged CISA as a target for downsizing, consistent with its broader campaign to reduce the federal workforce.
But cybersecurity professionals across the political spectrum argue that the proposed cuts go far beyond any reasonable policy disagreement about CISA’s role in content moderation. The reductions would hit core technical functions β the teams that actually hunt for intruders on federal networks, issue vulnerability advisories, and respond to active incidents.
Consider the timing. In late 2024, U.S. officials publicly attributed the Salt Typhoon campaign β a sophisticated Chinese espionage operation β to hackers who had penetrated major American telecommunications providers, including AT&T and Verizon. The breach gave Chinese intelligence access to call records and, in some cases, the content of communications involving senior U.S. officials. CISA played a central role in the government’s response, coordinating with affected companies and issuing technical guidance to the broader telecom sector. The agency’s Joint Cyber Defense Collaborative, or JCDC, served as the primary channel for real-time information sharing between government and industry during the incident.
That same JCDC is now facing significant cuts under the proposed budget.
“You don’t get to pretend the threat has decreased just because you’ve decided to stop funding the people who track it,” said one former senior CISA official who spoke on condition of anonymity because they still hold a security clearance. The sentiment has been echoed publicly by figures including former CISA Director Easterly, who has warned that dismantling the agency’s capabilities would be a gift to adversaries in Beijing, Moscow, and Tehran.
On Capitol Hill, the reaction has been split along predictable but not entirely partisan lines. Several Republican members of the House Homeland Security Committee have expressed concern about the depth of the cuts, even as they support the administration’s broader deregulatory agenda. Representative Andrew Garbarino of New York, the Republican chairman of the cybersecurity subcommittee, has previously called CISA “indispensable” and pushed back on proposals to reduce its technical workforce. Democratic members have been more uniformly critical, with Senator Gary Peters of Michigan calling the budget proposal “reckless” in a statement released shortly after the details became public.
The budget numbers tell only part of the story. Institutional knowledge is walking out the door. Cybersecurity is a field where experienced practitioners are extraordinarily difficult to replace β the private sector pays significantly more, and the pipeline of qualified candidates has never kept pace with demand. When CISA loses a threat analyst with a decade of experience tracking Russian state-sponsored groups, that expertise doesn’t get backfilled in a hiring cycle. It’s gone. And the classified relationships that analyst maintained with counterparts at NSA, FBI, and allied intelligence services? Those erode too.
The private sector is watching all of this with growing unease. Major technology companies, financial institutions, and critical infrastructure operators have come to rely on CISA’s advisories, vulnerability alerts, and incident coordination. The agency’s Known Exploited Vulnerabilities catalog β a running list of software flaws being actively used by attackers β has become a baseline reference for patch management across both government and industry. Its Shields Up campaign, launched during the Russia-Ukraine conflict, provided actionable guidance to thousands of organizations that lacked their own sophisticated threat intelligence capabilities.
Smaller organizations β local governments, water utilities, rural hospitals β stand to lose the most. These entities don’t have security operations centers. They don’t have threat intelligence teams. They depend on CISA’s free services: vulnerability scanning, incident response assistance, cybersecurity assessments. The proposed budget cuts would reduce or eliminate many of these programs.
And then there’s the election security question, which remains the most politically charged aspect of the entire debate. CISA’s election security work began under the Trump administration in 2017, initially focused on helping state and local election officials harden their systems against foreign interference. The effort was widely praised at the time. It became controversial only after the 2020 election, when CISA’s public statements affirming the integrity of the vote drew the president’s ire. The proposed budget would effectively dismantle the election security team, reassigning or eliminating positions dedicated to that mission.
This matters beyond politics. Election infrastructure β voter registration databases, electronic poll books, results reporting systems β is designated critical infrastructure. Foreign adversaries have probed these systems repeatedly. The intelligence community has assessed with high confidence that Russia, China, and Iran all have the capability and intent to target U.S. election systems. Removing the federal government’s primary coordinating body for election cybersecurity, less than 18 months before the 2026 midterms, is a decision with tangible operational consequences.
Some defenders of the cuts argue that other agencies can absorb CISA’s functions. The NSA’s Cybersecurity Directorate, the FBI’s Cyber Division, and the military’s Cyber Command all have significant capabilities. But this argument misunderstands how the federal cybersecurity apparatus works. NSA and Cyber Command are focused on foreign intelligence and military operations. The FBI investigates crimes. CISA is the only agency whose primary mission is defending domestic civilian networks and coordinating with the private sector. There is no redundancy here. There is a gap.
The international dimension deserves attention too. CISA has become a key node in a global network of cybersecurity agencies, working closely with counterparts in the UK’s National Cyber Security Centre, Australia’s Cyber Security Centre, and similar bodies across Europe and Asia. These partnerships facilitate the rapid sharing of threat intelligence and coordinated responses to major incidents. Allies are already expressing concern, according to officials familiar with diplomatic discussions. A weakened CISA means a weakened alliance.
So where does this go? The budget proposal is just that β a proposal. Congress holds the power of the purse, and appropriators in both chambers have historically been more supportive of CISA than the current White House rhetoric would suggest. The agency’s funding has enjoyed bipartisan backing since its creation, and there are enough members on both sides of the aisle who understand the threat environment to mount a defense of the agency’s core capabilities.
But the damage may already be underway. Budgets are statements of intent, and this one has sent a clear signal to CISA’s workforce: your mission is not valued by this administration. The attrition that follows β the quiet departures of experienced professionals who decide the fight isn’t worth it β may prove more destructive than any line item in a budget document. Recruiting replacements into an agency under political siege, at government pay scales, in a historically tight cybersecurity labor market? Good luck.
The United States faces persistent, sophisticated cyber threats from nation-state adversaries and criminal organizations. The volume and severity of attacks on critical infrastructure β energy grids, water systems, healthcare networks, financial institutions β have increased every year for the past decade. The federal government’s ability to defend against these threats depends on having a capable, well-resourced civilian cybersecurity agency. That agency is CISA. And right now, the plan is to cut it nearly in half.
Whether Congress allows that to happen will say a great deal about how seriously Washington takes cybersecurity when it’s not in the headlines. The threats don’t take budget cuts into account. Neither do the adversaries.
WebProNews is an iEntry Publication