The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security’s (DHS) lead cyber defense entity, is reportedly preparing to undertake a sweeping round of workforce reductions that may impact as many as 1,300 employees — nearly a third of its current workforce — in the coming days. The move follows a series of earlier cuts and is being framed by administration officials as part of a broader effort to streamline federal agencies and eliminate redundancies, though it has drawn strong concern from cybersecurity professionals.
Scope and Nature of the Cuts
According to Nextgov and CBS News, every division of CISA may be affected, with reduction-in-force (RIF) notices and additional voluntary resignation offers expected to be distributed this week. The layoffs could impact both federal employees and contract workers, including critical cyber threat-hunting teams. Axios reports that contracts with key private-sector partners like Nightwing and Peraton have already been terminated, potentially removing dozens of cybersecurity personnel from ongoing threat-hunting operations.
The cuts are also expected to deeply affect CISA’s mission support offices, with some units facing reductions of up to 90%, which would significantly affect administrative and operational capabilities.
Strategic Justification
The Trump administration has defended the reductions as part of a strategic realignment intended to make CISA more efficient and focused. Secretary of Homeland Security Kristi Noem stated earlier this year that the agency needs to be “smaller, more nimble.”
Sean Plankey, the nominee for Director of CISA and a veteran of U.S. Cyber Command and the National Security Council, is reportedly aligned with this view.
Some experts argue that overlapping responsibilities with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Department of Defense (DOD) have justified a reassessment of CISA’s scope, particularly as automation and artificial intelligence transform cybersecurity operations.
Court-Ordered Reinstatements and Legal Challenges
The agency has already faced legal challenges over earlier layoffs. Following widespread federal terminations initiated by the Department of Government Efficiency (DOGE), a U.S. District Court judge ordered CISA to reinstate approximately 130 probationary employees in March. These included entire red teams tasked with identifying system vulnerabilities.
Fallout and Concerns from Stakeholders
Cybersecurity experts and lawmakers have expressed growing alarm about the potential consequences of the reductions. Senator Angus King (I-Maine) called the news “grave,” noting the ongoing daily cyber threats facing American institutions. The National Association of State Chief Information Officers also voiced concerns, citing the risks to state and local cyber defenses.
Former officials like Mark Montgomery of the Foundation for Defense of Democracies warned that the cuts “go beyond disruption and are actually destabilization,” arguing that the downsizing weakens the critical collaboration between the public and private sectors that underpins national cyber resilience.
A Complex Transition
While some in the administration characterize the cuts as a strategic correction after years of rapid expansion — CISA added thousands of positions following its 2018 founding and the implementation of the Cyber Talent Management System — others fear that abrupt downsizing during heightened cyber threat levels could create gaps in federal readiness and reduce morale across the cyber workforce.
Although the private sector may absorb some of the displaced talent, experts caution that the transition must be carefully managed to prevent a loss of institutional knowledge and capability at a time when cyberattacks from foreign adversaries remain a pressing concern.
What’s Next
The exact timing of the reduction remains fluid, with some sources expecting a second “Fork in the Road” email to initiate the voluntary departure process before RIFs are formally issued. DHS has not publicly confirmed the cuts, and CISA has declined comment.