President Donald Trump wants to cut $495 million and nearly 30% of positions at the Cybersecurity and Infrastructure Security Agency, with deep cuts to the agency’s partner engagements and risk-management work.
Trump’s Fiscal Year 2026 budget proposal for CISA, which the administration released on Friday, details his team’s plan for slashing the work of the nation’s lead cyber defense agency as part of what administration officials call an effort to refocus CISA on its core mission.
The $495 million cut would slash $216 million, or 18% of current funding, from CISA’s Cybersecurity Division, which leads efforts to protect government networks and help defend critical infrastructure. The plan cuts $46.2 million, or 20%, from the Integrated Operations Division, which coordinates CISA’s distribution of support and services to companies and local governments across the country.
Two other divisions would face much bigger cuts: the Stakeholder Engagement Division, which leads CISA’s partnerships with critical infrastructure organizations, would lose $62.2 million, 62% of current funding, while the National Risk Management Center, which analyzes and predicts threats to infrastructure, would lose $97.4 million, a 73% reduction.
Within IOD, CISA’s regional teams, a cornerstone of the agency’s efforts to raise its profile in the field, would see a $36 million cut, representing 27% of their total funding.
The funding plan would also cut procurement spending by $68.9 million (14%), reducing CISA’s ability to upgrade capabilities like Continuous Diagnostics and Monitoring and CyberSentry.
Trump’s budget would eliminate 1,083 positions at CISA, bringing the agency down to 2,649 positions. The cuts would include 218 roles in Mission Support, which handles agency-wide administrative responsibilities; 204 roles in the Cybersecurity Division; 327 roles in the Integrated Operations Division; and 127 roles in the Stakeholder Engagement Division.
The budget would slash funding for several of CISA’s most significant programs. The budget would cut $36.5 million from the Joint Collaborative Environment, where CISA analyzes the threat and incident data it gathers; $67.3 million from the NRMC’s critical infrastructure security planning activities; $14 million from the Joint Cyber Defense Collaborative; and $19.7 million from the cybersecurity services that CISA provides to the rest of the government.
The budget would also cut $45.4 million from CISA’s Cyber Defense Education and Training program, with the administration suggesting that the agency can “direct users to free resources.” And it would slash $30.8 million from CISA’s vulnerability assessment program, which the budget says would “allow CISA to prioritize the most critical vulnerabilities” and focus on “cost-effective solutions like collaborative partnerships and automated tools.”
In the Stakeholder Engagement Division, a cut of 120 positions and $36.5 million in non-salary funding would involve eliminating the teams that support CISA’s advisory councils (which the administration shuttered on its first day) and the international-affairs teams that liaise with foreign governments.
In keeping with the Trump administration’s shutdown of CISA’s election security mission, the budget would eliminate 14 positions and $36.7 million of non-salary funding for that work.
The funding plan would slash 301 currently vacant positions at CISA, including 83 in the Cybersecurity Division, 75 in the Integrated Operations Division, and 70 in the National Risk Management Center.
The budget includes the first official tallies of CISA employees leaving as part of the agency’s Workforce Transition Program, including 119 people leaving the Cybersecurity Division, 23 leaving the Integrated Operations Division and 87 leaving mission-support roles.
Editor’s note: A previous version of this article cited the wrong figure for the total size of the proposed CISA budget cut. It is $495 million.
