The Trump administration has proposed a sweeping overhaul of the United States’ civilian cybersecurity apparatus, seeking to slash $707 million from the Cybersecurity and Infrastructure Security Agency (CISA) in its FY2027 budget request. Released on April 7, 2026, the proposal would effectively dismantle the agency’s election security program and reduce its total operating budget to approximately $2 billion—a significant drop from the $3 billion baseline established at the start of the current administration.
The budget request targets a net reduction of roughly 860 positions, signaling a dramatic escalation in the administration’s effort to shrink the agency. This move follows a volatile 14-month period during which CISA has already lost nearly a third of its workforce. The contraction has been driven by a combination of voluntary departures, probationary terminations, and direct actions by the Department of Government Efficiency (DOGE), which previously eliminated the agency’s “red team”—the elite group of security professionals who simulate adversary attacks to find vulnerabilities.
While the White House characterizes these cuts as a necessary “refocusing” on the agency’s core mission of securing federal networks, critics and lawmakers describe the move as a systematic dismantlement of the country’s primary civilian defense against cyber threats. The most contentious element of the plan is the total elimination of the funding and personnel dedicated to safeguarding the integrity of U.S. Elections.
The Erosion of Election Security Infrastructure
Under the proposed budget, the federal government would entirely cease funding for the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). For years, the EI-ISAC has functioned as the central nervous system for election security, providing state and local offices with real-time threat intelligence, ransomware alerts, and critical incident response resources.
Beyond the loss of the EI-ISAC, the plan would remove dedicated election security advisors who serve as the primary point of contact for county clerks and election administrators. These specialists are often the first line of defense when local jurisdictions face phishing attacks, foreign probing of voter registration databases, or disinformation campaigns targeting the technical infrastructure of the vote.
The budget also proposes scaling back other outward-facing functions, including:
- Private Sector Coordination: Eliminating offices that manage partnerships with critical infrastructure operators.
- International Affairs: Cutting the agency’s capacity to coordinate cybersecurity standards and threat intelligence with foreign allies.
- Local Funding: Removing “duplicative” funding streams for state and local cyber initiatives, shifting the financial burden to local governments without providing additional offsets.
A Strategy of ‘Refocusing’ vs. Dismantlement
The administration’s justification for the cuts is rooted in a critique of CISA’s past activities. The budget document asserts that “CISA was more focused on censorship than on protecting the nation’s critical systems, and put them at risk due to poor management and inefficiency, as well as a focus on self-promotion.”
This “censorship” narrative refers to the agency’s former counter-disinformation efforts, specifically a unit that collaborated with social media platforms to moderate election-related content during the 2020 and 2022 cycles. That unit was disbanded following Republican criticism and legal challenges. Sean Plankey, the administration’s nominee to lead CISA, has echoed this sentiment during his confirmation hearings, stating, “It is not CISA’s job, and nor is it in its authorities, to censor or determine the truths.”
Plankey, who has yet to be confirmed by the Senate, has pledged to “rebuild and refocus” the agency to “empower the operators to operate,” shifting the weight of security responsibility back toward the private sector entities that own and operate the nation’s power grids, water systems, and financial networks.
Timeline of CISA’s Workforce Contraction
| Period | Event/Metric | Impact |
|---|---|---|
| January 2025 | Baseline Staffing | Approximately 3,300 employees |
| Feb–March 2025 | DOGE Actions | Elimination of Red Team; loss of 80+ monitoring and 30-50 incident response staff |
| December 2025 | Staffing Level | Reduced to roughly 2,400 employees |
| April 2026 | FY27 Budget Proposal | Proposed net reduction of ~860 additional roles |
The Operational Risk to Critical Infrastructure
For the commercial cybersecurity sector, the potential loss of CISA’s partnership-intensive layer is a point of significant concern. Many smaller organizations and local governments rely on CISA for free vulnerability advisories and threat intelligence that they cannot afford to procure from private vendors. As AI-driven threats expanded throughout 2025, these advisories became critical for operators of industrial control systems.
The proposed budget does not eliminate CISA entirely. Core functions, such as the Einstein intrusion detection system and the Continuous Diagnostics and Mitigation (CDM) program for federal civilian networks, are expected to survive. However, the removal of the red team and the scaling back of stakeholder engagement means the agency will have fewer eyes on the network and fewer channels to communicate risks to the private sector.
Congressional Resistance and the Path Forward
The $707 million cut is a sharp increase over the FY26 request, which sought roughly $490 million in reductions. In that previous cycle, bipartisan resistance—including from some Republicans who viewed the cuts as excessive—narrowed the final reductions to between $130 million and $300 million.
Representative Bennie Thompson, Democrat of Mississippi and ranking member of the House Homeland Security Committee, has been the most vocal critic. Thompson stated that the budget reflects an “utter lack of understanding of the urgency of the cyber threats we face,” specifically citing heightened tensions with Iran and an aggressive posture from China as reasons to maintain robust funding.
While some bipartisan legislation was introduced in early 2026 to mandate “sufficient” staffing levels at CISA, the bill has not yet advanced to a vote. The final fate of the agency’s budget now rests with the Congressional appropriations process.
The next critical checkpoint will be the Senate confirmation process for Sean Plankey and the subsequent budget hearings, where lawmakers will determine if the administration’s “refocusing” strategy will be funded or if Congress will intervene to preserve the agency’s election security and partnership capabilities.
Do you think the federal government should lead election cybersecurity, or should the responsibility shift to the states? Share your thoughts in the comments.
