The reduction in CISA’s budget and workforce comes at a time when cyber threats are increasing in volume and sophistication. Private sector teams and state and local agencies must now take the lead in defending their assets.
The CISA 2026 budget cuts would be accompanied by a reduction of 1,083 CISA positions, a cut of almost a third of its present count of 3,292 employees. The Cyber Defense Education and Training program would also be gutted, with the budget proposal suggesting that it could be replaced by free resources.
Weak cyber security practices mean a company will almost certainly experience a data breach – the only question is the order of magnitude of dollars lost, reputational damage, and downstream harm to the individuals who trusted the company with their data.
The White House’s 2025 fiscal plan includes a request for $13 billion to the federal cybersecurity budget, a substantial increase from the current $11.8 billion number that is still being negotiated.
New report from IANS Research and Artico Search shows that the average security budget is only up by 6% this year, representing a 65% decrease in cybersecurity spending from the prior year.
Quantitative cybersecurity budgeting helps security professionals properly translate security risks into business risks and demonstrate how cyber risks impact the organization as a whole – which are key to getting buy-in from non-technical stakeholders.
