Congressional staffers and cybersecurity experts have raised serious concerns about the Cybersecurity and Infrastructure Security Agency's (CISA) ability to protect federal networks amid ongoing staffing reductions.
During a panel discussion at the RSAC 2025 Conference, officials highlighted the challenges of maintaining cyber readiness while facing budget constraints and political turbulence. The discussion came after Homeland Security Secretary Kristi Noem spoke about refocusing CISA on its primary mission of safeguarding federal networks and critical infrastructure.
"We don't want to lose any more workforce, authorities, or programs," said Moira Bergin, minority staff director at the House Homeland Security Committee. She emphasized that CISA's growth since its 2018 creation has been driven by genuine needs rather than excessive spending.
The House Homeland Security Committee is currently investigating the impact of program cuts and contract terminations on national security. Of particular concern is the potential loss of institutional knowledge built up since CISA's establishment.
Alexandra Seymour, staff director for the Cybersecurity and Infrastructure Protection subcommittee, highlighted workforce development as a key focus for the 119th Congress. She pointed to the PIVOTT Act, which aims to rapidly train cybersecurity professionals through two-year programs at technical schools and community colleges.
The workforce challenges come at a critical time, with over 500,000 cybersecurity positions vacant nationwide. The shortage is particularly acute in regions responsible for maintaining critical infrastructure.
The staffing concerns extend beyond CISA. During a separate House hearing on telecommunications security, experts criticized the early termination of a Cyber Safety Review Board investigation into recent Chinese hacking incidents. Laura Galante, former director of the Cyber Threat Intelligence Integration Center, warned that cutting federal cybersecurity resources while shifting responsibilities to state and local authorities could compromise national security.
As CISA faces these workforce reductions, questions remain about how the agency will maintain its effectiveness in protecting critical infrastructure and federal networks from evolving cyber threats.