Key Takeaways
- CISA’s Stakeholder Engagement Division has lost about one‑third of its staff since January 2025, and its FY 2027 budget would shrink it further to roughly one‑third of its current size.
- The dissolution of the Critical Infrastructure Partnership Advisory Council (CIPAC) removed a legal framework that enabled structured, protected engagement between CISA and the private sector, leaving many information‑sharing initiatives at a standstill.
- Witnesses warned that reduced staffing and funding impair CISA’s ability to support state, local, tribal, and territorial (SLTT) entities, threatening cyber‑resilience for small utilities and public‑health infrastructure.
- Despite cuts, CISA has increased the volume of unclassified intelligence briefings and advisories to the private sector, which stakeholders view as a positive development.
- Experts continue to push for expanding the list of designated critical‑infrastructure sectors to include space systems and data centers, arguing that current authorities do not adequately address emerging risks in those domains.
Staffing Reductions at CISA’s Stakeholder Engagement Division
During a House Homeland Security cybersecurity and infrastructure protection subcommittee hearing, witnesses highlighted that CISA’s Stakeholder Engagement Division has lost roughly one‑third of its personnel over the past year. Specifically, the division declined from 189 staff members in January 2025 to just 93 by the time of the hearing—a loss of 96 positions. Representative Delia Ramirez (D‑Ill.), the subcommittee’s new ranking member, linked these cuts to a broader “vindictive campaign” against the agency, noting the irony of discussing DHS modernization while the very agency tasked with sector risk management is being dismantled.
Budget Proposals Would Further Shrink Engagement Capacity
The agency’s fiscal‑year 2027 budget request proposes cutting the Stakeholder Engagement Division to only 62 positions. This plan would eliminate the division’s Council Management offices, Stakeholder Engagement activities and offices, and the International Affairs external‑engagement offices. CISA’s budget justification states that the changes are intended to “shift the stakeholder engagement mission space to solely support the SRMA efforts and align with CISA’s priorities to strengthen critical infrastructure security while optimizing operational effectiveness.” Critics, however, argue that such cuts undermine the very mechanisms needed for effective partnership with industry.
Importance of Stakeholder Engagement for Information Sharing
Mark Montgomery, senior director and senior fellow at the Center on Cyber and Technology Innovation (Foundation for Defense of Democracies), stressed that the Stakeholder Engagement Division is essential for establishing information‑sharing agreements with critical‑infrastructure sectors. He warned that without this division, CISA lacks the capacity to set up the legal and operational frameworks required for timely, secure exchanges of threat intelligence between the government and private‑sector operators. The loss of these capabilities, he argued, leaves the nation more vulnerable to ongoing cyber attacks.
Impact of CIPAC’s Elimination on Sector Collaboration
The Stakeholder Engagement Division’s Council Management offices had previously supported the Critical Infrastructure Partnership Advisory Council (CIPAC), a body that gave DHS and CISA statutory authority to work with the private sector on security matters, including cyber threats. DHS disbanded CIPAC last year, and a promised replacement has not yet materialized. Scott Algeier, executive director of the IT‑Information Sharing and Analysis Center (IT‑ISAC), testified that the dissolution removed the legal framework that enabled and protected strategic engagement between CISA and industry, causing most collaborative work to stall. He emphasized that adversaries have not paused their activities, underscoring the urgency of restoring a formal engagement mechanism.
Government Shutdown Complicates Coordination Efforts
CISA officials noted that the ongoing federal government shutdown has further hampered the agency’s ability to coordinate with private‑sector partners and other stakeholders. The shutdown disrupts funding streams, limits staff availability, and hinders the timely dissemination of alerts and guidance, compounding the challenges posed by staffing cuts and the loss of CIPAC.
Positive Trends in Intelligence Sharing Despite Cuts
Robert Mayer, senior vice president of cybersecurity and innovation at USTelecom, offered a counterpoint, citing a “marked increase” in the number of intelligence briefings CISA has delivered to the private sector over the last two years. He acknowledged progress in sharing threat data at the unclassified level, which has been valuable for operators seeking actionable insights. However, Mayer also stressed the need to improve the delivery of that information to local and regional communication providers, who often operate with limited resources and require rapid, accessible alerts to defend against threats.
Challenges Facing State, Local, Tribal, and Territorial Partners
Montgomery elaborated on how the combination of CIPAC’s elimination, the withdrawal of federal funding for the Multi‑State Information Sharing and Analysis Center (MS‑ISAC), and Congress’s failure to reauthorize the State and Local Cybersecurity Grant Program has left SLTT entities—especially small public utilities—without sufficient resources to invest in cybersecurity. He warned that this gap leaves critical public‑health and safety infrastructure exposed to ransomware and nation‑state actors, creating a vulnerability at the most foundational level of national resilience.
Calls to Expand Critical‑Infrastructure Designations: Space Systems
Amid these internal challenges, several experts urged Congress to broaden the list of designated critical‑infrastructure sectors. Representatives have introduced legislation that would direct the Secretary of Homeland Security to classify space systems, services, and technology as a critical‑infrastructure sector. Sam Visner, chairman of the board of directors for the Space Information Sharing and Analysis Center (Space‑ISAC), argued that space assets are integral to national security, economic stability, and the security of all other critical‑infrastructure domains. He referenced a Council on Foreign Relations report advocating for a comprehensive assessment of space vulnerabilities and remediation steps, noting that despite staffing declines, DHS and CISA personnel have maintained productive engagements with Space‑ISAC and expressed strong interest in deepening that cooperation.
Data‑Center Security: Need for a Separate Designation
Subcommittee Chairman Andy Ogles (R‑Tenn.) pointed out that the current U.S. policy framework lacks a clear, unified approach to data‑center security, leaving uncertainty about which federal agency should lead risk‑mitigation efforts. While data‑center protections largely reside under the IT sector today, Montgomery advocated for creating a distinct critical‑infrastructure designation for data centers and cloud services—similar to the approach taken by the United Kingdom. He argued that the growing scale and importance of data centers and cloud infrastructure warrant an independent national‑critical‑infrastructure classification to ensure focused resources, clear authority, and coordinated defense against evolving threats.
Conclusion: Balancing Cuts with Evolving Threat Landscape
The testimony collectively paints a picture of an agency at a crossroads: CISA faces significant staffing and budget reductions that impair its stakeholder‑engagement functions, yet it continues to deliver valuable intelligence products and maintains interest in emerging sectors such as space and data centers. Lawmakers and experts agree that restoring robust engagement mechanisms—whether through revitalizing CIPAC‑like structures, re‑funding MS‑ISAC, or reauthorizing grant programs—is essential to safeguarding both traditional critical infrastructure and the newer, high‑impact domains that increasingly underpin national security and economic prosperity. Without such measures, the nation’s ability to defend against relentless cyber adversaries will remain compromised.