The White House has instructed federal agencies to avoid cutting cybersecurity personnel as they submit workforce reduction plans to meet budget constraints. This guidance was conveyed in an email from US federal chief information officer Gregory Barbaccia, issued on Wednesday and seen by Reuters.
The message responded to concerns about whether cybersecurity roles should be classified as essential for national security and exempt from layoffs. In the email, Barbaccia stated that cybersecurity is integral to national security and urged agency-level Chief Information Officers to account for this when assessing budget reductions.
“We are confident federal agencies will be able to identify efficiencies across their non-cyber mission areas without negatively affecting their agency’s cyber posture,” Barbaccia wrote.
The Office of Management and Budget has not commented. The email reflects concerns that mandated spending reductions under President Donald Trump and adviser Elon Musk could affect the government’s ability to manage cybersecurity threats.
Cybersecurity workforce reductions raise security concerns
Federal restructuring has led to concerns from cybersecurity professionals and former officials. Rob Joyce, former cybersecurity director at the National Security Agency, testified that reducing cybersecurity personnel could affect national security operations, particularly in monitoring and mitigating cyber threats from foreign adversaries.
The Department of Government Efficiency (DOGE), responsible for cost-cutting, has drawn scrutiny. Some cybersecurity experts have cautioned that granting DOGE broad access to federal networks could introduce security risks, especially given the increase in cyberattacks targeting critical infrastructure.
At the Social Security Administration, DOGE reportedly obtained access to sensitive data despite objections from senior officials. A former agency employee warned in a legal filing that operational disruptions could increase the risk of data exposure and unauthorised access to personal records.
The Cybersecurity and Infrastructure Security Agency (CISA) has seen more than 130 cybersecurity positions eliminated, with further reductions expected.
CISA denied reports of layoffs affecting its Red Team, a specialised unit that tests vulnerabilities in critical infrastructure. The agency stated that contract terminations did not result in direct job losses and that Red Teams continue to support federal agencies.
Reports are also surfacing that budget reductions have impacted cybersecurity partnerships as well. Independent journalist Eric Geller reported that CISA had terminated a $10m agreement with the Center for Internet Security (CIS), which funded cyber-threat information-sharing hubs.
Additionally, cybersecurity professional Christopher Chenoweth announced that his government contract had been terminated in late February.
Meanwhile, President Trump has nominated Sean Plankey as the next director of CISA, as revealed by the US Congress website. Plankey previously held cybersecurity roles under Trump’s first tenure, worked with US Cyber Command, and served as Chief Information Officer for the US Navy.
Read more: US DHS dismisses claims of CISA ending Russian cyber threat monitoring
