CISA implements latest round of job reductions
The Cybersecurity and Infrastructure Security Agency (CISA) is currently undergoing significant changes, with a major push to reduce its workforce leading to concerns about the impact on national cybersecurity.
**Budget Reductions and Workforce Changes**
The Trump administration initially proposed a substantial cut to CISA's budget, which was later softened by Congress. The final budget reduced CISA's funding by about $135 million, a decrease of 4.6% from the previous year, resulting in a total budget of approximately $2.7 billion. As a result, over 1,000 CISA staff have departed in 2025 due to layoffs, buyouts, and voluntary resignations. The agency was initially slated to lose nearly a third of its workforce, but the exact number after the softened cuts is not specified.
The Department of Government Efficiency (DOGE) also imposed cuts, leading to the termination of key contracts and the dismissal of over 100 cybersecurity specialists, including specialized "red teams."
**Potential Impact on National Cybersecurity**
The loss of experienced personnel and specialized teams like red teams could diminish CISA's ability to provide cybersecurity guidance and support, potentially leaving organizations vulnerable and requiring them to invest more in internal cybersecurity measures. With fewer resources and personnel available for proactive measures like vulnerability testing, there is a higher risk of undetected security gaps, increasing the exposure to cyber attacks, particularly from state-sponsored actors during heightened geopolitical tensions.
Programs such as election security, K-12 cybersecurity coordination, critical infrastructure protection, and state and local cyber response are likely to be impacted, although they were not explicitly targeted in the final budget.
**Industry Concerns and Urgent Calls for Reconsideration**
Industry leaders have urged DHS and the Trump administration to reconsider drastic cuts at CISA due to potential impacts on the nation's ability to mitigate cyber threats. Rep. Eric Swalwell, ranking member of the Subcommittee on Cybersecurity and Infrastructure Protection, has written a letter to CISA's Acting Director Bridget Bean seeking a formal briefing on the expected cuts.
Rob Joyce, the former cybersecurity director at the National Security Agency, warned that cuts across federal agencies pose a serious risk to national security. Michael Daniel, president and CEO of the Cyber Threat Alliance, expressed similar concerns, stating that reducing federal cybersecurity capabilities is not wise.
Grant Guyer, chief strategy officer at Claroty, stated that the recent layoffs at CISA have made the cybersecurity workforce less stable, leaving the country more vulnerable to cyber threats. The potential cuts at CISA could make the U.S. more vulnerable and less safe, according to Michael Daniel.
These concerns have led to calls for the administration to reconsider the cuts and ensure the continued protection of the nation's cybersecurity infrastructure.
- The proposed budget reductions and workforce changes at the Cybersecurity and Infrastructure Security Agency (CISA) have raised concerns about the impact on national cybersecurity, as the loss of 1,000 staff members may diminish the agency's ability to provide cybersecurity guidance and support.
- The reduction in funding and personnel could potentially expose organizations to increased risks of cyber attacks, particularly from state-sponsored actors during heightened geopolitical tensions.
- Industry leaders, such as Rep. Eric Swalwell and Rob Joyce, former cybersecurity director at the National Security Agency, have urged the Trump administration to reconsider the cuts, arguing that they could leave the nation more vulnerable to cyber threats.
- The potential impact of these cuts extends beyond just election security and K-12 cybersecurity coordination, as the reduced capabilities of CISA may affect critical infrastructure protection, state and local cyber response, and General-News privacy.
