Flavijus Piliponis â stock.ado

News brief: CISA and partners face budget overhauls, cuts

Check out the latest security news from the Informa TechTarget team.

The Cybersecurity and Infrastructure Agency -- the division of the U.S. Department of Homeland Security whose mission is to "lead the national effort to understand, manage and reduce risk to our cyber and physical infrastructure" -- has faced scrutiny from the current administration, which is now acting on its pledge to downsize it, along with other government agencies.

The future of CISA was up in the air last fall when Jen Easterly, the agency's director under then-President Joe Biden, announced she would step down on President-elect Donald Trump's inauguration day in January. Easterly joined CISA in 2021 following an eight-month vacancy, after then-President Trump fired CISA's first director, Chris Krebs, in fall 2020.

Other Biden administration appointees also left CISA when Trump took office. While it isn't out of the norm to see personnel shifts during a change in leadership, the agency itself and its work have also come under the microscope. DHS Secretary Kristi Noem, a Trump appointee, has openly criticized CISA, saying it went "far off mission" in its work to combat misinformation and disinformation. Noem appeared to be referencing CISA's pushback against President Trump's unfounded claims of voter fraud and election system hacking in 2020.

Noem also called for making the agency "smaller," with a tighter focus on critical infrastructure security. Other Republican lawmakers have said the government should dramatically downsize CISA or eliminate it entirely.

In April, CISA whipped the security industry into a frenzy when it appeared ready to let its contract with Mitre to manage the CVE program expire. It didn't -- CISA made a U-turn and temporarily extended the contract.

This week, more CISA personnel and government program cuts made the news.

CISA workforce shrinks by one-third

The Trump administration's workforce purge has resulted in approximately 1,000 employees leaving CISA, down from about 3,200. This roughly reflects the number of cuts proposed in Trump's recent CISA budget. The departures occurred through buyouts, early retirements and layoffs, with the most recent round accounting for more than 600 employees.

CISA's Cybersecurity Division has been severely affected, reportedly losing nearly 200 staff members. Its Cybersecurity Advisers, a field team that helps organizations access federal resources, has shrunk from 164 to about 97 employees nationwide. Many private contractors have also seen their CISA contracts terminated.

Despite these losses, CISA Executive Director Bridget Bean has maintained that the agency remains capable of fulfilling its mission to secure critical infrastructure and strengthen cyber defenses.

Read the full story by Eric Geller on Cybersecurity Dive.

Trump proposal calls for major budget and workforce cuts

President Trump's fiscal year 2026 budget proposal aims to cut $495 million from CISA and reduce the agency's workforce by nearly 30% (1,083 positions). The plan would slash $216 million (18% of the current budget) from CISA's Cybersecurity Division, $46.2 million (20%) from the Integrated Operations Division, $62.2 million (62%) from the Stakeholder Engagement Division and $97.4 million (73%) from the National Risk Management Center (NRMC).

Key programs projected to undergo significant cuts include CISA's Joint Collaborative Environment ($36.5 million) and NRMC's critical infrastructure security planning activities ($67.3 million).

The budget also calls for eliminating 14 positions and $36.7 million of nonsalary funding related to CISA's election security mission.

Read the full story by Eric Geller on Cybersecurity Dive.

EMR-ISAC shutters amid budget slashings

The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) shut down June 1 due to budget cuts, with the U.S. Fire Administration saying it could no longer support its services. EMR-ISAC was a critical hub for sharing physical and cyber threat intelligence with emergency services sectors and government agencies through newsletters and bulletins.

While officials claim the information is available through other sources, experts have questioned this assertion. The closure has raised concerns about information gaps for emergency responders, particularly as nation-state actors, such as China's Volt Typhoon, continue to target U.S. critical infrastructure. Industry professionals have said they worry that while immediate effects might be minimal, the long-term consequences of losing this communication network could be significant.

Read the full story by Arielle Waldman on Dark Reading.

Editor's note: Our staff used AI tools to assist in the creation of this news brief.

Sharon Shea is executive editor of Informa TechTarget's SearchSecurity site.

Dig Deeper on Security operations and management