DHS Secretary Markwayne Mullin appeared before the House Homeland Security Committee for his first congressional hearing since his March confirmation and signaled that CISA will undergo significant structural changes — with a new staffing target well below current headcount and more than $700 million in additional budget cuts proposed for fiscal year 2027.
Mullin’s Testimony: Staffing Targets, Budget Cuts, and a New CISA Director
Mullin’s testimony before the committee on June 3, 2026 addressed the agency’s direction under the Trump administration. The staffing framework he outlined targets approximately 2,800 employees for CISA — a figure below the agency’s authorized capacity of 3,400 and reflecting a further reduction from its current workforce of approximately 2,200, after the agency already lost roughly one-third of its staff in prior cuts. Whether the 2,800 target represents a floor or ceiling for agency staffing was not clarified in the hearing.
President Trump’s fiscal year 2027 budget proposes cutting more than $700 million from CISA’s budget on top of the personnel reductions already implemented. The combined effect of workforce contraction and budget reduction would mean CISA operates at substantially lower capacity relative to recent years — affecting its ability to maintain the pace and scope of its current programs.
Mullin also announced that a new Senate-confirmed CISA director will be nominated to lead the agency. CISA has operated without a confirmed director since the Trump administration took office, with Nick Andersen serving as Acting Director. A permanent Senate-confirmed director would restore a confirmable leadership structure to the agency, though the timeline for nomination and confirmation remains unspecified.
$700M Proposed Cut and the 2,800 Staffing Target Against an Authorized 3,400
The budget and staffing numbers frame the restructuring in concrete terms. CISA was authorized for 3,400 employees; current headcount following existing cuts is approximately 2,200. If the 2,800 target represents a rebuilding of the current workforce, it would still fall short of authorized capacity. If it represents a ceiling, it locks in a permanent reduction from the agency’s original mandate.
The $700 million in additional proposed cuts translates into program eliminations, not just headcount reductions. CISA’s functions span the Known Exploited Vulnerabilities catalog, federal incident response coordination, election security operations, information sharing with private sector partners, and Shields Up advisories that alert organizations to active threat campaigns. These outputs require sustained staffing and operational investment; budget reductions at the proposed scale would require prioritization choices about which programs are preserved.
Garbarino’s Bipartisan Concern Over the Cybersecurity Workforce Pipeline
Committee Chair Mark Garbarino — a Republican — expressed concern at the hearing that personnel cuts and the elimination of cybersecurity education programs could negatively affect the pipeline of skilled federal cybersecurity professionals. The concern represents a notable instance of the committee’s own chair pushing back against the administration’s position on agency capacity.
The workforce pipeline issue carries long-term implications beyond the current staffing reduction. Federal cybersecurity roles are filled from a pipeline of talent that moves through academic programs, apprenticeships, and entry-level federal positions — many of which are funded or coordinated through CISA’s education and workforce development programs. Eliminating those programs removes the supply-side infrastructure that feeds replacements into the federal cybersecurity workforce over time.
Implications for CISA’s Core Programs and Private Sector Coordination
The KEV catalog, which provides organizations with authoritative guidance on actively exploited vulnerabilities and mandatory remediation timelines for federal agencies, depends on sustained analyst capacity to identify, verify, and categorize new entries. Election security operations require dedicated staffing cycles tied to election calendars. Information sharing programs with private sector critical infrastructure operators require relationship management and coordination capacity.
How the administration balances the proposed budget reductions against these operational requirements will become clearer when the full FY2027 budget proposal moves through the appropriations process — and when a Senate-confirmed director is nominated and confirms the agency’s restructured mandate before the committee.
