President Donald Trump’s fiscal 2027 budget would slash the Cybersecurity and Infrastructure Security Agency’s total by $707 million, according to a summary released Friday, which would deeply chop down an agency that already took a big hit in Trump’s first year.

Another budget document suggests a smaller — but still substantial — hit of $361 million, with the discrepancy possibly due to the comparison points amid budget uncertainty for CISA’s parent agency, the Department of Homeland Security. DHS and CISA did not immediately respond to a request for clarification.

“At the time the Budget was prepared, the 2026 appropriations bill for the Department of Homeland Security was not enacted, and funding provided by the last continuing resolution it had been operating under (Continuing Appropriations Act, 2026, division A of Public Law 119-37, as amended by division H of Public Law 119-75) had lapsed,” the budget summary notes. “References to 2026 spending in the text and tables for programs and activities normally provided for in the full-year appropriations bill reflect the annualized level provided by the last continuing resolution.”

By either measurement, the proposed budget would cut deeply into an agency that started the Trump administration at roughly $3 billion, and would be substantially below that if Congress enacts the latest blueprint. The budget appendix says CISA would end up with slightly more than $2 billion in discretionary funding under Trump’s plan. For fiscal 2026, appropriators sought to mitigate some of Trump’s proposed CISA reductions.

The 2027 budget summary recycles identical language from the 2026 budget summary, and makes references to ending programs that CISA has already shuttered.

“The Budget refocuses CISA on its core mission — Federal network defense and enhancing the security and resilience of critical infrastructure — while eliminating weaponization and waste,” the summary states in both the 2026 and 2027 documents.

It makes references to getting rid of things that have already been cut, like “external engagement offices such as council management, stakeholder engagement, and international affairs.” It talks about ending programs focused on censorship, something CISA under the Biden administration said it never had, and on “so-called” misinformation, which CISA said it ended during the former president’s term.

Mississippi Rep. Bennie Thompson, the top Democrat on the House Homeland Security Committee, criticized the budget proposal for CISA.

“Like the President’s cyber strategy, the President’s CISA budget reflects his utter lack of understanding of the urgency of the cyber threats we face and how to mobilize the government to help confront them,” he said in a statement to CyberScoop. “As of 2023, CISA was spending $2 million on countering information operations, an effort initially launched at the behest of Congressional Republicans during the first Trump Administration.

“There is nothing that justifies a reckless $700 million cut to CISA, particularly at a time of heightened tensions with Iran and an increasingly aggressive China,” he continued. “I am committed to working with my colleagues to push back against these cuts and ensure we can protect government and critical infrastructure networks.”

The post Trump budget proposal would cut hundreds of millions more from CISA appeared first on CyberScoop.

President Donald Trump released his administration’s cyber strategy Friday, promoting offense operations in cyberspace, securing federal networks and critical infrastructure, streamlining regulations, leveraging emerging technologies and strengthening the cybersecurity workforce.

Trump also signed an executive order Friday directing agencies to take action to combat cybercrime and fraud.

A little more than half of the five pages of strategy text of the long-anticipated document is preamble, and two of its seven pages are title and ending pages. Administration officials have said the strategy is deliberately high-level, and the White House promised more detailed guidance in the future.

The strategy “calls for unprecedented coordination across government and the private sector to invest in the best technologies and continue world-class innovation, and to make the most of America’s cyber capabilities for both offensive and defensive missions,” the White House said in a statement accompanying its release.

Each of the six “pillars” of the strategy offer some prescriptions.

“Shaping adversary behavior” calls for using U.S. government offensive and defensive capabilities in cyberspace, as well as incentivizing the private sector to disrupt adversary networks.

It also says Trump will “counter the spread of the surveillance state and authoritarian technologies that monitor and repress citizens,” even as administration critics argue that his administration has fostered surveillance and repression against U.S. citizens.

The shortest pillar, “promote common sense regulation,” decries rules that are only “costly checklists.” The Biden administration expanded cyber regulations, spurring some industry resistance. But the Trump pillar does talk about addressing liability, a point of emphasis for the prior administration as well.

“Modernize and secure federal networks” talks about using concepts and technologies like post-quantum cryptography, artificial intelligence, zero-trust and lowering barriers for vendors to sell tech to the government to meet those goals.

To “secure critical infrastructure,” the strategy calls for fortifying not just owners and operators but also the supply chain, in part by focusing on U.S.-made rather than adversary-made products.

“We will deny our adversaries initial access, and in the event of an incident, we must be able to recover quickly,” the strategy reads. “We will galvanize the role of state, local, Tribal, and territorial authorities as a complement to— not a substitute for — our national cybersecurity efforts.” Some critics of the administration’s cybersecurity actions have contended that it has shifted the burden to state and local governments too much.

AI usage makes up the bulk of the pillar entitled “sustain superiority in critical and emerging technologies,” in addition to reflecting earlier parts of the strategy on the topics of quantum cryptography and privacy protection. That includes the protection of data centers, the subject of localized fights across the country over their location and resource costs.

The final pillar says the United States must “build talent and capability,” after a year of the administration cutting a significant number of cyber positions in the federal government. “We will eliminate roadblocks that prevent industry, academia, government, and the military from aligning incentives and building a highly skilled cyber workforce,” it states.

Some positive reviews rolled in about the strategy despite the late-Friday afternoon release, traditionally the time of week when an administration looks to publish news it hopes will garner little attention.

“As new and more sophisticated threats emerge, America needed a new national cyber strategy that captures the urgency of this moment,” USTelecom President and CEO Jonathan Spalter said in a news release. “The President’s strategy rightly recognizes that harnessing America’s unique mix of private-sector innovation with public-sector capacity is the best deterrence.”

Frank Cilluffo, Director of the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University, was struck by the focus on deterrence: “This unified strategy determining a direction on offensive and defensive cyber operations and collaboration couldn’t be more timely.”

The Business Software Alliance cheered the call for streamlining cyber regulations, in particular.

A number of cyber vendors took note of the passages on AI. “Redirecting resources from paperwork to AI-powered security capabilities is the only way to keep pace with modern threats and adversaries who operate at great speed,” said Bill Wright, global head of government affairs at Elastic. “This strategy appears to recognize that fundamental truth.”

Not all the reviews were flattering, however, including from the top Democrat on the House Homeland Security Committee, Bennie Thompson, who said the strategy’s “underachieving” was the only thing impressive about it.

“What little ‘substance’ does exist in this pamphlet is a mishmash of vague platitudes, a long catalogue of ‘we will’ statements that may or may not match the Administration’s current behavior, and, mercifully, an apparent extension of some Biden-era policies,” he said. “Completely lacking is even the most basic blueprint for how the Administration will go about achieving any of its cybersecurity goals — an objective possibly hamstrung by the hemorrhage in cyber talent across all Federal agencies since Trump took office.”

The executive order Trump signed Friday coincides with the release of the strategy but there’s little overlap between the subject matter; the strategy makes one mention of cybercrime.

The order directs the attorney general to prioritize prosecution of cybercrime and fraud, orders agencies to review tools that they could use to counter international criminal organizations and  gives the Department of Homeland Security marching orders to improve training, in addition to other steps, according to a fact sheet.

“President Trump is unleashing every available tool to stop foreign-backed criminal networks that exploit vulnerable Americans through cyber-enabled fraud and extortion,” the fact sheet states.

The post The long-awaited Trump cyber strategy has arrived appeared first on CyberScoop.

“Decimated.” 

“Amateur hour.”

“Pretty much fallen apart.”

“It’s really hard to find something positive to say right now.”

It’s been a little more than one year into the second Trump administration, and there’s a large consensus, if not total unanimity, among those who have worked with and for the Cybersecurity and Infrastructure Security Agency: It has suffered significantly during that time. 

CISA has lost roughly a third of its personnel and shuttered entire divisions. Observers across the political spectrum told CyberScoop for this story that even on its core missions, like coordinating with industry and protecting federal networks, the agency is significantly diminished.

Many sources that spoke with CyberScoop did so under the condition of anonymity, in order to be more candid or avoid retribution. They told CyberScoop that CISA’s biggest problems, and their consequences, include:

• Trump’s ire over the 2020 election results has led to the agency being deprioritized within the administration. Congress has yet to approve the administration’s permanent pick to lead the agency, Sean Plankey, and lawmakers have failed to do other things to strengthen it. 
• CISA’s capabilities have been significantly diminished by the loss of personnel, expertise and programs. 
• In the absence of a permanent leader, Acting Director Madhu Gottumukkala has struggled to lead the agency. “I don’t think anybody would argue he’s doing a great job,” one industry source said.
• Organizations that previously turned to CISA for help now seek alternatives, like industry alliances, outside consultants or government-to-government partnerships.

Where to assign blame varied from source to source. Most criticized both the administration and Congress, though some faulted one more than the other.

Some see bright spots in CISA under the current administration. And while many are pessimistic about the agency’s future, others expressed optimism.

But the first year reviews are not glowing.

“Year one was a tough year for the agency,” said House Homeland Security Committee Chairman Andrew Garbarino, R-N.Y. He noted that a “lot of the best and brightest have left the agency,” though he expressed optimism about Plankey’s ability to turn CISA around. “The amount of cyberattacks that our nation is seeing every day, both on the private side and on the federal government side — you want your best people there fighting against it, and if they’re somewhere else, it definitely leaves us all vulnerable.”

Said Mississippi Rep. Bennie Thompson, the top Democrat on Garbarino’s panel: “It’s tough to have a robust entity when you cut the money…we are weaker because of CISA’s lack of manpower.”

When priorities shifted

Trump has harbored animosity toward CISA since 2020, when it contradicted his false claims related to widespread electoral fraud. He and his allies built on that animosity, recommending in Project 2025 that the agency be dismantled, divided by its core responsibilities, and farmed out to other federal agencies. 

“There was uniquely a target on its back,” said one CISA official who left in 2025. That hostility came from some Republicans in Congress, especially Kentucky Sen. Rand Paul, who chairs the Senate Homeland Security and Governmental Affairs Committee.

Said Thompson: “CISA wasn’t politicized for the most part, until the Trump administration came along and accused them of somehow contributing to his [election] loss.”

CISA has lost substantial personnel, including veterans and whole teams. Some employees were transferred to other divisions in the Department of Homeland Security. Election security was quickly cut. Two information sharing and analysis centers (ISACs) that serve state and local governments lost funding. A division coordinating with foreign governments, businesses and state and local governments was effectively closed.

The agency has lost senior leaders in programs like counter-ransomware initiatives, threat hunting and secure software development. Contracts for things like detecting threats in critical infrastructure networks, tracking vulnerabilities and collaborating with industry teetered, albeit sometimes only temporarily. 

DHS has unraveled multiple programs in which CISA plays a key role, such as by dismissing members of the Cyber Safety Review Board and disbanding the Critical Infrastructure Partnership Advisory Council. Congress has lurched between letting both a key state and local cyber grant program and a cyber threat information sharing law lapse and temporarily re-upping them.

The departures and program changes likely haven’t ended, either. 

“It’s not a very harmonious place right now,” said one industry source. “I hear from people that are looking to leave.” Former CISA employees say those who remain either believe strongly in the mission, or are simply keeping their heads down until retirement from federal service.

“People I talk to say the morale is really low,” said James Lewis, distinguished fellow with the tech policy program at the Center for European Policy Analysis think tank.

CISA and DHS officials routinely say the changes are designed to get the agency “back on mission.” Lewis, industry officials and others say CISA probably never needed to get involved in combatting misinformation and disinformation, roles that rankled some conservatives, but the agency largely halted that work prior to Trump returning to office.

Some saw duplication and redundancy at CISA as legitimate problems. “I did see overlap between who was actually doing policy and who was actually doing the operational work,” said Ari Schwartz, managing director of cybersecurity services at the law firm Venable and a former Obama administration cybersecurity official.

It was not that long ago when CISA experienced quick budget growth, particularly after its establishment in 2018.

“As with any organization, the first few years are growth years and after a while, the agency needed to reevaluate how it was operating and meeting its statutory authorities,” said Kate DiEmidio, who formerly served as the agency’s director of legislative affairs and acting chief external affairs officer. “There was a need for the agency to refocus.”

Even among those who saw the need for change at CISA, though, many saw the Trump administration as going way too far. “CISA needed surgery,” Lewis said, but “what it needed was surgery with a scalpel, not a sledgehammer.” He added, “Not only is the White House hostile to CISA, but cybersecurity isn’t a priority for them.”

A question of capacity

The cuts have created real-world consequences for cybersecurity coordination. Former officials and industry partners describe broken relationships, unanswered requests for help and serious questions about whether CISA can handle a major crisis. The coordination and engagement that defined the agency’s approach have largely diminished.

The end result is that “they’ve dismantled all of those capabilities in units within government,” said Caitlin Durkovich, a former DHS official in the Obama administration and White House official in the Biden administration. She recently started a firm with former top CISA official Jeff Greene that offers services CISA has scaled back, such as security assessments.

“It’s been really hard to watch,” Greene said, how CISA has been working with the private sector and local governments on “developing a level of trust that is weakening or gone.”

One industry source said they used to meet regularly with top officials, but now can’t get a response. “We’ve got really good engagement elsewhere in government. We really would like the opportunity to do the same thing with CISA,” they said. “Some of the trust that had been built up has been eroded.”

Thompson said the biggest losses have been in election security and secure-by-design, areas where his staff says personnel has been “decimated.”

Said another industry source: “I do feel like that when people, if organizations, want to reach out to CISA, it’s not clear who’s there… If we got into a major conflict, let’s say, with China, and they start triggering Volt Typhoon-related malware, are we organized and ready to roll? I don’t think so.”

Another former CISA official described the current situation as a “lack of capacity,” especially when it comes to coordinating with state and local governments and others on a regional basis.

“A bunch of regions are really grappling with the loss of really key personnel who were the ones that were establishing and maintaining these relationships, and really trying to build the trust between the agency and the private sector, and especially in critical infrastructure,” they said. “Not having as many people to help do that national coordinating function that CISA is supposed to do is a real issue.”

They also said there are fewer people working in “flagship programs” like secure-by-design and developing regulations for the landmark Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). “People are overstretched,” they said. “They’re not doing all the things that they could or should be doing, or want to be doing, and I think that you see evidence of that with talk from the private sector and their inability to to reach people and to get help “

Schwartz said he worries about when “an incident happens, do they have the people to go in, go to the states, go locally, and really do the work that’s needed, as they did in the past? Because they’ve lost some of that ability.”

Lewis said that “overall, the impression is it’s a much weaker entity than it was a year ago.”

“Their power was in their ability to act as a focal point, to coordinate, to bring people together, and just the publication of vulnerabilities and some of the things they were starting to get into in the previous administration were big steps forward that’s been diminished because they don’t have the people now,” he said. “So a smaller organization, that’s just not going to be as powerful.”

State and local governments say they’ve lost critical connections with CISA, saying they’ve had to turn to one another to fill the gaps.

“We’re asking states to do a job they’re not resourced to do, while weakening the one federal agency designed to help them,” said Errol Weiss, chief security officer at the Health-ISAC. “This is precisely where you do need a strong, centralized federal security function. We already have a national shortage of cybersecurity experts, and you can’t just replicate that expertise 50 times over.”

Overall, Weiss said industry partners have felt the lack of outreach from the agency. “Fewer touchpoints, fewer briefings, fewer problem‑solving calls,” he told CyberScoop, adding that there’s “a growing perception that CISA is being hollowed out where it matters most to industry: stakeholder engagement, collaborative forums, and operational support during incidents.”

Rob Knake, a former top Biden administration official, recently said that “CISA as an organization has pretty much fallen apart.”

Leadership in limbo

One near-universal sentiment is that as Sean Plankey’s leadership nomination drags in the Senate, the agency is worse off.

“We need to start this year off right, and we’re already in February and can’t get Plankey confirmed,” Garbarino said. “There’s nothing better than having a Senate-confirmed person running the show.”

The acting director has also faced criticism beyond the operational issues. Gottumukkala, who served as South Dakota’s chief information officer under Kristi Noem before she became DHS secretary, has faced fire from both parties for his stewardship.

A string of embarrassing stories have emerged about Gottumukkala, from the tale of him failing a polygraph test and seeking to oust those who administered it; to his reported attempted ouster of veteran agency CIO Robert Costello; to his reported uploading of sensitive contract data to ChatGPT. DHS has defended Gottumukkala amid those revelations.

Reading stories like that, “It just sounds like amateur hour,” said one former CISA employee.

“I don’t think he’s up to the task. I believe that he’s not the best person, and I think he is just somebody the secretary likes, because they both are from South Dakota.” Thompson said. “I don’t know anybody before this administration who would be in sensitive areas and not have passed minimal standards like the polygraph.”

The ChatGPT story drew concern from the right by Senate Judiciary Chairman Chuck Grassley, R-Iowa, as well as from conservative figure Laura Loomer (the latter of whose remarks were racially tinged). Others were more perturbed by the lie detector story.

“When you have security issues with someone in a leadership position, you should find another place for them to go,” said a former Trump administration national security official. “There are plenty of competent people in DHS, in CISA, who could hold things together until Sean Plankey gets there. There are lots of serious things CISA needs to be working on right now. This is a drag on that. It’s not a place where you want any type of friction at the top.”

Garbarino was more generous, noting Gottumukkala’s technical background. DiEmidio also noted Gottumukkala’s technical skills. But Garbarino and Nevada Rep. Mark Amodei, the GOP chairman of the House Appropriations Subcommittee on Homeland Security, have been seeking CISA’s organizational plans to no avail.

“I don’t think he’s intentionally lying to us by saying there’s no reorg plan,” Garbarino said. “But there’s got to be some reasoning behind all these moves, moving the people around, or layoffs or whatever. I want to give him the benefit of the doubt that he is the technical guy that has been given a non-technical job to do.”

Schwartz and some others largely blame Congress for CISA’s current woes, since they haven’t approved Plankey as a full-time, permanent leader. “A lot of the issue is the fact that just doesn’t have the leadership to be able to participate in senior-level discussions,” he said.

What’s left to build on

Despite myriad complaints, many observers still see value in the current iteration of CISA. Some are hopeful about its ability to rebound, too.

CISA says it’s still devoted to its missions. The agency published a 2025 year-in-review about its accomplishments.

“CISA remains steadfast in its mission to safeguard the systems Americans rely on by strengthening federal network defenses, empowering businesses, and fortifying critical infrastructure nationwide,” Gottumukkala said in a statement to CyberScoop.

Moving forward, “we will deepen collaboration with trusted partners, prioritize highly skilled technical professionals, and direct resources for maximum impact—accelerating innovation, operational coordination, and workforce right-sizing to reduce long-term risks while maintaining strong industry partnerships and cost efficiency,” he said. “The CISA leadership and workforce remains committed to this mission despite a small minority who are upset that accountability and reform have come to the agency.”

It’s a message Gottumukkala recently delivered to Congress. “He tried to give the impression that we haven’t lost any capacity,” Thompson said. “I wasn’t impressed.”

Others said CISA is still carrying out many of its old tasks, such as issuing public alerts on vulnerabilities and threats.

“There’s still some good reporting coming out,” Greene said. “But what I can’t know is the volume of what they can put out versus what they used to be able to put out.”

Weiss said “CISA still has tremendous value in areas only the federal government can truly provide: national‑level visibility, cross‑sector coordination and the ability to marshal resources across agencies in a crisis.” But it’s not clear whether CISA can rise to the occasion like it did during the 2024 Change Healthcare crisis.

“All of this means it’s more important than ever for the private sector to take the initiative,” he said. “Critical infrastructure owners and operators cannot assume the federal government will have the capacity to step in the way it once did.”

Weiss and others also said that CISA has refocused on federal networks, but others, such as Lewis, said it’s also diminished there. “That’s their primary mission, and they don’t have the policies or the bodies to do that,” Lewis said.

Garbarino and a number of industry sources say they’re encouraged by the idea that the Trump administration could write less onerous regulations for CIRCIA, with an earlier draft drawing bipartisan and industry criticism.

A Senate-confirmed leader could further brighten the agency’s prospects, many agree. “They still have some good talent there. It’s not totally that we’ve lost everything there,” Schwartz said. “If you have leadership in there, then you can build it up.”

DiEmidio said some of the staff changes have made sense. Election security had more people than other sectors that needed the help, she said. 

“In some ways, I think the external attention to CISA’s mission in the media and with Congress was completely focused on one or two things, and the focus on the things that really matter, and the good work that CISA is doing got overshadowed,” she said. For the agency’s cybersecurity division and other cyber teams, “there were several incidents over the summer where those teams were incredible. They were working evenings, weekends.”

But many agree that rebuilding CISA’s workforce will be difficult.

The Trump administration has deliberately made working for the federal government challenging as a matter of policy. Russell Vought, head of the Office of Management and Budget, said before the election that the goal was to put federal workers “in trauma.” Morale at CISA has been particularly bad, they say. Periodic DHS shutdowns haven’t helped.

On the plus side for CISA, it’s a bad labor market, Lewis said.

Some of what CISA needs to do going forward is about managing expectations, said DiEmidio.

“What I would want to make sure is that CISA has a hiring plan in place to start hiring, especially in those key technical positions at all levels,” she said. “ I think you have to have an understanding that people are going to rotate in and out of government. Not everyone wants to stay in government long term and that’s okay.”

But there are some worries about CISA recruiting going forward. “Just the way they handle the departures, for a lot of folks, I don’t think it gives a lot of encouragement to individuals that ‘Hey, this is a great place to work,’” said one former DHS official.

The post Across party lines and industry, the verdict is the same: CISA is in trouble appeared first on CyberScoop.

The acting head of the Cybersecurity and Infrastructure Security Agency faced pointed questions from lawmakers Wednesday over CISA personnel decisions and staffing levels.

Members of the House Homeland Security Committee asked Madhu Gottumukkala about a reported attempt to fire the agency’s chief information officer, efforts to push out a large number of staff and whether CISA had enough people to do the job.

Gottumukkala at times sidestepped the questions, with the probing coming from both sides of the aisle. However,  Democrats exhibited deeper worries about the agency’s workforce and its ability to do its job.

Cutbacks at CISA after employees were “bullied into quitting” — among other methods of reducing CISA’s size — have “weakened our defenses and left our critical systems and infrastructure more exposed, and the American people more vulnerable,” said Rep. James Walkinshaw, D-Va.

Said Chairman Andrew Garbarino, R-N.Y.: “This committee supports the administration’s goal of aligning department [of Homeland Security] resources towards urgent homeland security priorities. At the same time, workforce continuity, clear leadership and mission readiness are essential to effective cyber defenses.”

The extent of those CISA personnel reductions was something lawmakers wanted Gottumukkala to be exact about in his answers.

The top Democrat on the panel, Mississippi’s Bennie Thompson, entered a chart into the hearing record that showed the number of personnel had fallen from 3,387 before President Donald Trump’s inauguration to 2,389 by the middle of December, or a loss of 998 people. Those figures aligned closely with the numbers Gottumukkala gave in testimony.

Under questioning from Thompson, Gottumukkala said CISA’s attrition rate was 7.5% last year, a figure he said was lower than most agencies. Gottumukkala said the agency has “the required staff” to do its work, but Thompson said he was still awaiting an expected letter from Gottumukkala on workforce needs and wanted a more precise number on current vacancies.

Gottumukkala also wouldn’t say whether the agency had carried out a study to determine whether its staffing was sufficient. In response to questions from Garbarino, Gottumukkala said there were no further planned organizational changes at CISA.

“We recognize that a disciplined mission requires the right workforce — not a larger one, but a more capable and skilled one,” Gottumukkala said in his opening remarks.

Democrats pressed Gottumukkala repeatedly on whether any CISA personnel had been reassigned to working on immigration enforcement, something he said hadn’t happened during his time at the agency, contradicting published reports to the country and a claim from Gottumukkala that Democrats said was false. The chart Thompson referenced showed 65 employees being reassigned out of CISA.

At times, GOP lawmakers gave Gottumukkala backing on CISA personnel numbers. Rep. Andy Ogles, who chairs the panel’s cybersecurity subcommittee, said, “You’re doing more with less, and you’re doing it more efficiently.” Republican appropriators recently released a homeland security funding bill that would cut CISA’s budget from nearly $3 billion to $2.6 billion.

Responding to a report that Gottumukkala had tried to force out Robert Costello, the agency’s CIO, Gottumukkala said individual agency personnel “decisions are not made in vacuum. It is a leadership-level [decision] at the highest levels, and we work according to how we see the roles fit.” 

Garbarino told reporters after the hearing that “ I don’t know whose decision it is making that personnel [move], but it was stopped, which is probably a good thing.”

Asked about a news story that he failed a counterintelligence polygraph test, Gottumukkala said that “I do not accept the premise of that characterization,” and any answer would have to be discussed in a closed hearing. Garbarino said he hoped an investigation into the polygraph incident would be settled soon.

Democrats repeatedly expressed frustration about Gottumukkala’s testimony. “You’ve managed to answer none of my questions,” Walkinshaw said.

Gottumukkala wouldn’t take questions from reporters after the hearing.

The post Lawmakers probe CISA leader over staffing decisions appeared first on CyberScoop.

Amid budding sentiment in the Trump administration and Congress to expand offensive cyber operations, some lawmakers and experts are warning that the United States needs to get its defenses in order before going too far down that road.

A House Homeland Security subcommittee on Tuesday examined how to deter foreign cyberattacks, with an emphasis on the role U.S. attacks could play in countering them. One long-running concern about improving U.S. offense is how it might provoke further attacks.

“I’m concerned we’re putting the cart before the horse, when we have not had a hearing on why the [Cybersecurity and Infrastructure Security] Agency has lost one-third of its workforce in the last year,” the top Democrat on the full committee, Bennie Thompson of Mississippi, said. “We ought to be cautious about pursuing an approach involving the use of offensive cyber tools that could result in retaliation or escalation if we’re not in a position to help defend U.S. networks.”

Other panel Democrats invoked a sentiment from sports about the importance of defense over offense. “Both are still important,” Rep. James Walkinshaw, D-Va., said during the hearing of the Cybersecurity and Infrastructure Protection Subcommittee.

Emily Harding with the Center for Strategic and International Studies, a D.C.-based think tank, testified that as the United States takes steps toward a more aggressive posture in cyberspace, it also needs to fund important defensive upgrades for federal government networks.

The chair of the subcommittee, Andy Ogles, R-Tenn., said that while defense was important, “defense alone is not sufficient,” and that “deterrence in cyberspace doesn’t exist without operational cyber offensive capabilities.”

The private sector could have a bigger role to play in boosting the country’s offense, since cybersecurity companies, tech providers and other businesses often have the best vantage point on attacks as both victims and investigators, Ogles said.

But much of the kind of things companies could do to bolster offense “exists in legal and policy gray space,” he said. “Companies face uncertainty about liability, retaliation and regulatory risk.”

A hybrid approach with private sector companies supporting government offensive operations rather than directly carrying them out generated the broadest support at the hearing. Harding said Congress could provide legal protections to companies in those circumstances.

CISA should play a key role in coordinating any public and private sector offensive activity, said Drew Bagley, chief privacy officer at CrowdStrike.

“This committee can ensure that CISA is properly focused and resourced to perform this mission,” he said in written remarks. “From an oversight perspective, you can ensure it has authorities, talent and capabilities to maximize its impact.”

The post Hill warning: Don’t put cyber offense before defense appeared first on CyberScoop.

A landmark program that offers scholarships in exchange for federal service is threatening to saddle students with hundreds of thousands of dollars worth of debt amid hiring freezes and budget cuts, raising questions about the future of an initiative proponents say has helped close the government’s cyber workforce gap.

Some CyberCorps: Scholarship for Service participants have had federal agency job and internship offers rescinded this year due to cutbacks and freezes. It’s a condition of their scholarship contract that they must work for the government: Those who can’t find employment there will see their grants, often reaching six-figure sums, converted into loans after 18 months.

Numerous participants who spoke to CyberScoop said they regret signing up for the program, and wouldn’t have done so if they knew then what they know now about the government fulfilling its side of the bargain. They also criticized the communication from the agencies overseeing the program, saying it has been difficult to get clear information about how to fulfill their service obligations or receive updates about job fairs connected to the program. Additionally, they expressed frustration over being told to “get creative” in their job searches, as one email suggested.

One participant said that if CyberCorps can’t meet its obligations due to the federal personnel reductions, it should consider ending the program. The Trump administration has proposed cutting funding for it by 65% in fiscal 2026. And policy experts who have worked to build up the program are fearful about what the current woes mean for future participants.

“I feel like I’ve put my future in jeopardy, my entire future, and I’ve risked lifelong debt because of the whims of someone else,” said a master’s degree student who got a scholarship through CyberCorps. “Whenever my school has brought on a new cohort of students, I cringe at the thought of it, because it’s just more people who are dancing with lifelong debt and possibly no careers.”

While past federal government shutdowns have thrown temporary wrenches into CyberCorps participants’ job hunts, the current environment for federal jobseekers appears to present more enduring challenges. 

“It wasn’t really a concern that people would be able to land [a job] and pay back their debt to the government through time and service,” said Nick Leiserson, senior vice president for policy at the Institute for Security and Technology think tank, and a former Hill aide whose boss, then-Rep. Jim Langevin, D-R.I., was a big supporter of CyberCorps. “And now that has been shaken, and I don’t know how you get that trust back.”

Mississippi Rep. Bennie Thompson, the top Democrat on the House Homeland Security Committee, was critical of the potentially lengthy impact on the CyberCorps program.

“It’s a bait-and-switch where everyone loses, and it will frustrate future efforts to recruit cyber talent into the government,” he said. “The consequences will be felt for decades.”

CyberCorps’ track record

CyberCorps sprang into existence in 2000 in response to a 1998 presidential directive. Since then, the program has had between 4,000 and 5,000 participants, said Mark Montgomery, who worked on the legislation that formalized the program’s creation.

The National Science Foundation and Office of Personnel Management jointly operate the program. An email from NSF said the agency wouldn’t be responding to messages during the current government shutdown. After publication of this story, OPM Director Scott Kupor provided a statement to CyberScoop.

“Bringing top cybersecurity and AI talent into the federal government are critical to our national security. Scholarships for Service is an innovative program that covers the tuition for students who specialize in these areas in exchange for a federal service commitment,” he said. “OPM is committed to the success of SFS and is working closely with the National Science Foundation to ensure CyberCorps participants are supported during this challenging time. Once the shutdown ends, we will issue guidance to agencies encouraging them to fully leverage the program to bring these highly skilled professionals into public service.”

Graduates must get at least one internship with, and then work in the federal government for a period of time equal to the length of their scholarship, although a relatively small percentage are permitted to seek positions in state or local government. (Participants say cyber jobs have been just as few and far between there.) In addition to the scholarships, students also receive stipends.

The internships give students and agencies a chance to determine whether they want to keep working together, and their security clearances are processed ahead of time. “That produces tailored, ready cyber warriors for the federal government,” said Montgomery, now senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies think tank.

It also gives the federal government a talent pipeline it wouldn’t otherwise have, Leiserson said. While some of the participants CyberScoop spoke to said they had already aspired to government service, some said it wasn’t on their radar prior to signing up for CyberCorps, which they viewed instead as a means to an end: paying for their education.

There have been relatively few criticisms of CyberCorps or how it’s administered. Henry Young, senior director of policy for the Business Software Alliance, said he viewed CyberCorps more as a relatively small piece of the workforce development pie that needs to include more K-12 education, a focus on other federal programs and more coordination with industry. There are an estimated 500,000 cyber jobs open in the United States.

“It’s a well-meaning and reasonable effort to try and recruit more cybersecurity workers to federal, state and local governments,” Young said. “And I think it is probably working, but not really at the scale of the challenge.”

Student experiences

In response to the current administration’s workforce policies, a group of students have informally organized to seek solutions to their looming debt dilemma; an organizer said there were more than 200 who had joined forces. They say they’ve been frustrated to date in their lobbying to agencies and lawmakers. CyberScoop granted several current participants anonymity to speak about their experiences because they fear potential retaliation as they continue seeking employment.

Some of them are creeping up on the 18-month deadline. One had a job offer rescinded this spring. Another had an internship offer pulled.

Past participants received regular communications about openings that were more prolific in prior years, emails show. A recurring theme among current participants CyberScoop spoke with is criticism of what they see as a lack of assistance or even communication about activities that were once common, like job fairs. For example, they were told to expect a job fair in October to replace the annual January event that was canceled, but the October fair never took place.

Participants say that even when job fairs have been held, they have not been as helpful as in the past, despite attending multiple fairs. A September job fair that participants were “strongly encouraged” to participate in included agencies that didn’t have any roles to fill, and for the others, “the majority of the roles offered were not aligned with cybersecurity, and were not qualified as roles that would count towards our SFS work obligation period,” one program participant wrote.

In-person fairs converted to virtual fairs are a bad option, some said. One said they waited stuck in a queue at a virtual fair for hours only to be told the agency had no openings. 

At the same time, participants have bristled at emails like one in July that urged students to “Get creative in your search!”

Some of the participants were interested in cybersecurity because they were drawn to the technical aspects of working with computers. Others said they felt compelled to join by a desire to do good in the world and protect others.

Some were attracted to government work specifically. That’s made the current situation a deflating experience, one said.

“I am less optimistic about working for the government now than I was before,” a participant said. “It’s just the way they’re treating their employees. It kind of feels like I’m walking into a trap, like they want to fire me more than they want to hire me right now.”

What can be done

There are few alternatives available to CyberCorps participants who aren’t able to find federal employment. They could pursue additional degrees, like a Ph.D, but that doesn’t relieve them of their obligation — it just pushes it back. One participant CyberScoop spoke to was able to get a “research exception” that allows them to study a topic at their school in lieu of the obligation.

Going into the military — potentially for a lengthy term of service — could give students an option to repay the loans, but that’s not an option that anyone who CyberScoop spoke to wanted to pursue.

“We have already experienced federal priorities being ‘shifted’ — multiple of my peers report being forced to transition into immigration work during Summer internships and co-ops, when that was not in the original scope of their work,” one wrote.

One participant struggled with the notion of pursuing a private-sector job, which would potentially offer higher wages that would pay off a loan. But in addition to worrying about fierce competition for those roles, they felt pangs of guilt about the idea of accepting such a role after agreeing to work for the government, and whether it would cause blowback on their university.

Some participants had ideas about how to solve the current dilemma. They suggested things like waiving the payback requirement for students who simply couldn’t fill job openings (they’re competing with each other for those jobs, as well as competing with more seasoned jobseekers); making it a condition of the program that if a scholarship is offered, a job exists for a participant to fill; or simply retiring the program.

Montgomery said Congress could appropriate money for the program beyond what the Trump White House’s fiscal 2026 budget sought. And there’s the possibility that jobs cut as part of the early 2025 Department of Government Efficiency reductions could be reversed.

“I can’t guarantee it, but I think the excesses of DOGE will be walked back,” he said.

Thompson called on the Trump administration to act.

“The Trump administration keeps pretending that cybersecurity is a top priority, but everything they do tells us that it’s a lie,” he said. “Actions matter more than words, and if this Administration wants us to believe they care about cybersecurity, they should act to get CyberCorps back on track.”

Updated, 11/3/25: to include comment from the director of OPM.

The post Cyber scholarship-for-service students say government has pulled rug on them, potentially burdening them with debt appeared first on CyberScoop.