Trump's budget proposal for FY27 would reduce CISA's funding by $700 million and eliminate election security measures.

      In summary: The proposed FY2027 budget by the Trump administration suggests a reduction of $707 million for CISA, effectively eliminating the agency’s election security program and cutting 860 positions. This move represents a significant intensification that would decrease the principal civilian cybersecurity agency’s budget to $2 billion, following a year characterized by layoffs driven by DOGE and notable staff departures.

      Over the past 14 months, the central civilian cybersecurity agency of the United States has seen its workforce shrink by about one-third. Its red team has been disbanded, and numerous employees, especially those involved in election security, incident response, and continuous monitoring, faced layoffs by the Department of Government Efficiency in early 2025. These employees were partially reinstated due to a court order and subsequently placed on paid leave. In this context, the Trump administration released its FY2027 budget request on April 7, 2026, proposing further cuts of $707 million to the Cybersecurity and Infrastructure Security Agency (CISA). The White House describes this reduction as a necessary recalibration of the agency’s core mission, while critics view it as a strategic dismantling.

      The proposed cuts involve nearly $700 million in program eliminations, leading to a net budget reduction of about $360 million after accounting for internal transfers and targeted new hires. If implemented, CISA’s budget would decrease from approximately $3 billion to around $2 billion, alongside an estimated loss of 867 positions, which would result in a net reduction of about 860 jobs.

      What would cease to exist

      The most visible cut would be the complete elimination of CISA’s election security program. This budget proposal would terminate funding for the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), which serves as the primary platform for distributing cyber threat intelligence, ransomware alerts, and incident response resources to state and local election offices. It would also abolish the dedicated election security advisors positioned nationwide and end the support for information sharing that CISA has provided since its establishment in 2018. These advisors have been essential contacts for county clerks and election officials dealing with phishing attacks, foreign threats to registration databases, and disinformation efforts aimed at election infrastructure.

      Beyond elections, the proposal would significantly reduce CISA’s stakeholder engagement, shutting down offices responsible for liaising with private-sector infrastructure operators and overseeing the agency’s international partnerships. Funding for workforce development programs and what the budget labels as “duplicative” state and local cybersecurity financing streams would also be cut. The proposal increases the burden of certain infrastructure security and emergency communication programs on state and local governments but does not outline any additional funding for these governments to manage the transfer.

      The White House’s rationale

      The administration’s justification for the budget is direct in its wording. The document claims that “CISA was more focused on censorship than on protecting the nation’s critical systems, which put them at risk due to poor management and inefficiency, and a focus on self-promotion.” The proposed cuts aim to “refocus CISA on its core mission” of securing federal civilian networks and assisting critical infrastructure operators in defending against cyber and physical threats.

      The reference to censorship predominantly pertains to CISA’s now-dismantled counter-disinformation initiatives, including a unit that collaborated with social media platforms on moderating election-related content during the 2020 and 2022 elections. Such efforts were terminated following Republican criticism and subsequent lawsuits. Sean Plankey, Trump’s nominee to head CISA, directly addressed these issues during his confirmation hearings, stating, “It is not CISA’s job, nor is it within its authority, to censor or determine truths,” and asserted that under his leadership the agency would not engage in such activities. He committed to “rebuild and refocus” CISA, with an emphasis on empowering private sector operators tasked with critical infrastructure. Plankey has yet to be confirmed by the Senate.

      A year already marked by reductions

      The FY27 budget proposal arrives at an agency that has considerably contracted over the past year. When Trump took office again in January 2025, CISA employed approximately 3,300 individuals. By December 2025, that number dropped to around 2,400, indicating a loss of nearly 900 staff. The reductions stemmed from a mix of voluntary departures during the deferred resignation program, terminations of probationary staff, and direct DOGE actions. In late February and early March 2025, DOGE executed mass layoffs that included the disbanding of CISA’s entire red team, over 80 continuous monitoring personnel, and between 30 to 50 incident response staff. Although a federal judge later mandated the reinstatement of probationary employees, the reinstated staff were placed on paid administrative leave rather than being returned to active roles.

      The elimination of the red team raised significant concerns among security professionals, as red-team exercises, where agency personnel simulate actual attacks on government networks to detect vulnerabilities, represent some of the most crucial