House lawmakers are discussing a reauthorization of the National Quantum Initiative, with lawmakers eyeing agency prize challenges, workforce issues and supply chain concerns among other key updates.
During a hearing hosted by the House Committee on Science, Space and Technology on Thursday, lawmakers sought input from agencies leading quantum information science efforts. Chairman Brian Babin (R-Texas) said he is working with Ranking Member Zoe Lofgren (D-Calif.) on a reauthorization of the NQI.
“This effort seeks to reinforce U.S. leadership in quantum science, technology and engineering, address workforce challenges, and accelerate commercialization,” Babin said.
The National Quantum Initiative Act of 2018 created a national plan for quantum technologies spearheaded by agencies including the National Institute of Standards and Technology, the National Science Foundation and the Energy Department.
As the House committee works on its bill, Senate lawmakers earlier this month introduced a bipartisan National Quantum Initiative Reauthorization Act. The bill would extend the initiative for an additional five years through 2034 and reauthorize key agency programs.
The Senate bill would also expand the NQI to include National Aeronautics and Space Administration’s (NASA) research initiatives, including quantum satellite communications and quantum sensing.
Meanwhile, in September, the White House named quantum information sciences as one of six priority areas in governmentwide research and development budget guidance. “Agencies should deepen focused efforts, such as centers and core programs, to advance basic quantum information science, while also prioritizing R&D that expands the understanding of end user applications and supports the maturation of enabling technologies,” the guidance states.
During the House hearing on Thursday, lawmakers sought feedback on several proposals to include in the reauthorization bill. Rep. Valerie Foushee (D-N.C.) said the Energy Department had sent lawmakers technical assistance in December, including a proposal to provide quantum prize challenge authority to agencies that sit on the quantum information science subcommittee of the National Science and Technology Council.
Tanner Crowder, quantum information science lead at Energy’s Office of Science, said the prize challenges would help the government use “programmatic mechanisms” to drive the field forward.
“We’ve talked a little bit about our notices of funding opportunities, and the prize challenge would just be another, another mechanism to drive the field forward, both in potential algorithmic designs, hardware designs, and it just gives us more flexibility to push the forefront of the field,” Crowder said.
Crowder was also asked about how the reauthorization bill should direct resources for sensor development and quantum network infrastructure.
“We want to be able to connect systems together, and we need quantum networks to do that,” Crowder responded. “It is impractical to send quantum information over classical networks, and so we need to continue to push that forefront and look to interconnect heterogeneous systems at the data scale level, so that we can actually extract this information and compute upon it.”
Lawmakers also probed the witnesses on supply chain concerns related to quantum information sciences. James Kushmerick, director of the Physical Measurement Laboratory at the National Institute of Standards and Technology, was asked about U.S. reliance on Europe and China for components like lasers and cooling equipment.
“One of the things we are looking for within the reauthorization is to kind of refocus and kind of onshore or develop new supply chains, not even just kind of duplicate what’s there, but move past that,” Kushmerick said. “Through the Quantum Accelerator Program, we’re looking to focus on chip-scale lasers and modular, small cryo-systems that can be deployed in different ways, as a change agent to kind of move forward.”
Several lawmakers also expressed concerns about the workforce related to quantum information sciences, with several pointing out that cuts to the NSF and changes to U.S. immigration policy under the Trump administration could hamper research and development.
Kushmerick said the NIST-supported Quantum Economic Development Consortium polled members in the quantum industry to better understand workforce challenges.
“It’s not just in quantum physicists leading the efforts,” Kushmerick said. “It’s really all the way through to engineers and technicians and people at all levels. So I really think we need a whole government effort to increase the pipeline through certificates to degrees and other activities.”
This Feb. 27, 2018, photo shows electronics for use in a quantum computer in the quantum computing lab at the IBM Thomas J. Watson Research Center in Yorktown Heights, N.Y. Describing the inner workings of a quantum computer isn’t easy, even for top scholars. That’s because the machines process information at the scale of elementary particles such as electrons and photons, where different laws of physics apply. (AP Photo/Seth Wenig)
The Cybersecurity and Infrastructure Security Agency’s acting director testified that CISA is “getting back on mission,” but he provided few specifics after the agency lost nearly a third of its staff over the past year.
Acting Director Madhu Gottumukkala testified in front of the House Homeland Security Committee on Wednesday. Asked by Chairman Andrew Garbarino (R-N.Y.) about reports of plans for a reorganization at CISA, Gottumukkala said there are no plans to reorganize the cyber agency.
“We do have a lot of changes in the last year, but we have not planned any organizational changes,” Gottumukkala said. “But we are continuing to look at how we rescope our existing work that we have so that we can get back on our mission of protecting the critical infrastructure. And if there is any organizational changes, I will assure that we will communicate with you.”
CISA has gone from roughly 3,400 staff at the start of last year to 2,400 employees at the end of December. Most of those who left departed under the Trump administration’s workforce reduction programs, with many leaving government service earlier than planned due to uncertainty at CISA under the Trump administration.
Gottumukkala is leading CISA as the Senate has yet to approve Sean Plankey to serve as director. During Wednesday’s hearing, Gottumukkala declined to provide details on recent reports that he failed a polygraph exam needed to access a sensitive cyber program and that he had worked to oust CISA’s chief information officer.
Gottumukkala also said multiple times that CISA was “getting back on mission.” But he said little about what the agency was doing differently with markedly less staff.
“The way we are supporting back on mission is to make sure that we are protecting our critical infrastructure from physical and cyber threats, and our divisions are properly equipped, and we are making sure that we are aligning our existing resources,” he said.
Asked by Ranking Member Bennie Thompson (D-Miss.) about potential vacancies at CISA after the mass wave of departures, Gottumukkala said, “we have the required staff that is supporting the mission we do.”
Thompson said that was contrary to a November memo CISA shared with the committee. Lawmakers are advancing a homeland security spending bill that would provide CISA with funding to fill some “critical” positions. It would also stipulate that CISA “not reduce staffing in such a way that it lacks sufficient staff to effectively carry out its statutory missions.”
Gottumukkala was also asked by Rep. Tony Gonzales (R-Texas) how many cyber intrusions CISA expects from foreign adversaries as part of the 2026 midterm elections.
“We look at it as incident by incident, and we look at what the risks are. I don’t have a specific number in mind,” Gottumukkala said.
“Well, we should have that number,” Gonzales shot back. “It should first start by how many intrusions that we had last midterm and the midterm before that. I don’t want to wait. I don’t want us waiting until after the fact to be able to go, ‘Yeah, we got it wrong, and it turns out our adversaries influenced our election to that point.’”
CISA’s budget request for fiscal 2026 would eliminate its election security program. But the appropriations agreement released this week would continue funding CISA’s election security work.
Rep. James Walkinshaw (D-Va.) pressed Gottumukkala on whether CISA had analyzed if it could meet its mission with current staffing levels.
“The work that we do is mission focused, which means capability is measured by outcomes, not headcount,” Gottumukkala said.
Walkinshaw also asked about threats to state and local governments after CISA pulled funding for the Multi-State Information Sharing and Analysis Center in September. But Gottumukkala didn’t address the question head on, frustrating the Virginia lawmaker.
“You’ve managed to answer none of my questions. You haven’t answered a single question. But thank you for coming,” Walkinshaw said.
Lawmakers are moving to extend key cybersecurity information authorities and grant programs, while also providing funds for the Cybersecurity and Infrastructure Security Agency to fill “critical” positions.
The “minibus” appropriations agreement released by House and Senate negotiators on Tuesday includes fiscal 2026 funding for the Department of Homeland Security. DHS funding could be a sticking point in moving the bill forward, as some Democrats want more restrictions around the Trump administration’s immigration enforcement operations.
The bill also extends the Cybersecurity Information Sharing Act of 2015 (CISA 2015) and the State and Local Cybersecurity Grant Program through the end of fiscal 2026. Both laws are set to expire at the end of this month.
Ross Nodurft, executive director of the Alliance for Digital Innovation, also applauded the extension of the Technology Modernization Fund included in the minibus.
“Reauthorizing the Technology Modernization Fund and the State and Local Cyber Grant Program for the rest of the fiscal year allows the government to invest money in new technology modernization and cyber security projects at the federal and state level while we work on more permanent, longer term reauthorizations and funding,” Nodurft said. “I am encouraged to see Congress put forward these stop gap measures and will continue to work with members to reauthorize these critical programs beyond 2026.”
CISA funding
The bill would include a cut for the agency CISA, with fiscal 2026 funding level set at $2.6 billion, about $300 million less than its current annual budget.
The appropriations agreement would specifically provide $20 million for CISA to hire additional staff to “critical positions,” according to the joint explanatory statement on the DHS appropriations measure.
That funding would be evenly split across five CISA programs: Threat Hunting; Vulnerability Management; Continuous Diagnostics and Mitigation; Security Programs; and Security Advisors.
The bill would also require CISA to “not reduce staffing in such a way that it lacks sufficient staff to effectively carry out its statutory missions.” Both Democrats and Republicans have expressed concerns about CISA losing roughly one-third of its staff over the past year.
Secret Service burnout
Appropriators are also taking aim at burnout within the Secret Service’s ranks. The funding measure provides $3.3 billion for the Secret Service as it embarks on a major recruiting initiative over the next two years.
That total would allow the Secret Service to “maintain ‘zero-fail’ mission by funding aggressive recruitment and retention to eliminate officer burnout, while modernizing high-tech training facilities and armored fleets to stay ahead of evolving threats
to our nation’s leaders,” according to a DHS spending bill summary provided by Senate appropriators.
The bill includes an increase of $46 million for Secret Service hiring in fiscal 2026. It also provides the agency with advance funding to prepare for the 2028 Olympic and Paralympic Games in Los Angeles.
But appropriators also want updates on the Secret Service’s recruitment and retention efforts. The explanatory statement directs the agency to provide briefings on its employee resiliency program and hiring projections, respectively.
“The briefing shall also include ongoing efforts to decrease the time to hire and increase yield rates from applicants to hires, as well as the impact that these hiring efforts will have on overtime costs,” lawmakers wrote.
FEMA staffing
The spending agreement also includes a “rejection” of staffing cuts made at the Federal Emergency Management Agency in fiscal 2025, according to the joint explanatory statement. The bill would provide $32 billion for FEMA, including $26.4 billion for the Disaster Relief Fund.
FEMA lost more than 2,000 employees to workforce reduction programs last year. And the agency has undertaken further staff reductions by not renewing Cadre of On-Call Response/Recovery Employees (CORE) in recent weeks. FEMA headquarters officials have also contemplated cuts totaling up to 50% of its workforce as part of a planning exercise shared with agency leaders in December.
Now, appropriators want FEMA to provide monthly briefings on the agency’s staffing levels and workload requirements.
“Such briefings shall also include projected staffing levels for the remainder of the fiscal year in light of the agreement’s rejection of the position reductions implemented in fiscal year 2025,” the joint explanatory statement reads.
The bill also requires FEMA to maintain staff “necessary to fulfill the missions” required of the agency by six separate laws and various other authorities. That staffing requirement, lawmakers emphasize, also applies to FEMA reservists and CORE staff.
The Trump administration has moved to shift more emergency management responsibilities to state and local governments. FEMA staffing reductions and policy changes over the last year have sparked concerns that the administration is implementing that plan despite there being no changes in the agency’s lawful responsibilities.
FEMA team members in Martin County, Florida, canvas with local residents to help register them for assistance and help disaster survivors after Hurricane Milton. (Photo source: FEMA/Patrick Moore)
A federal judge has blocked the Transportation Security Administration and the Department of Homeland Security in their latest attempt to dissolve TSA’s union agreement.
In a Jan. 15 ruling, U.S. District Judge Jamal Whitehead granted an emergency motion to prohibit TSA from eliminating a collective bargaining agreement covering approximately 47,000 airport security screeners. TSA had been planning to dissolve the CBA effective Jan. 18.
The American Federation of Government Employees, which represents transportation security officers under the CBA, celebrated the ruling.
“TSA officers – many of whom are veterans – are patriotic public servants who swore an oath to protect the safety of the traveling public and to ensure that another horrific attack like September 11 never happens again,” AFGE National President Everett Kelley said in a statement. “The administration’s repeated efforts to strip these workers of a voice in their working conditions should concern every person who steps foot in an airport.”
The ruling is the latest development in the Trump administration’s effort to eliminate TSA union rights.
Homeland Security Secretary Kristi Noem first moved to eliminate TSA’s union last March. AFGE sued to block that effort, and in June, the court issued a preliminary injunction that prohibited TSA from moving forward with eliminating TSO union rights while the court case played out.
But in September, Noem signed a separate determination that directed TSA to strip security screeners of union rights and eliminate the CBA. DHS and TSA did not announce the new determination until early December.
TSA argued that the determination was based on a new analysis of the costs associated with the union agreement.
In Whitehead’s latest ruling, however, he pointedly criticized TSA’s latest attempt to eliminate the union agreement. He wrote that officials “do not cite, quote, or otherwise engage with the operative language” in the preliminary injunction, which prohibits TSA and DHS from denying AFGE and TSO’s “any and all rights and/or working conditions guaranteed in the 2024 CBA.”
“The question before the court is straightforward: does defendants’ planned implementation of the September Noem Determination violate the existing preliminary Injunction? The answer is plainly yes,” Whitehead wrote.
He directed TSA to notify bargaining unit TSO’s that the Noem determination will not take effect on Jan. 18, “the 2024 CBA remains applicable and binding, and the currently pending grievances and arbitrations submitted under the 2024 CBA will continue to be processed.”
The case is still scheduled to go to trial in September 2026, absent any new developments or updates.
A top House lawmaker is developing legislation to codify the National Institute of Standards and Technology’s Center for AI Standards and Innovation into law.
The move to codify CAISI comes as lawmakers and the Trump administration debate and discuss the federal government’s role in overseeing AI technology.
Rep. Jay Obernolte (R-Calif.), chairman of the House Science, Space and Technology Committee’s research and technology subcommittee, said he has a “forthcoming” bill dubbed the “Great American AI Act.”
During a Wednesday hearing, Obernolte said the bill will formalize CAISI’s role to “advance AI evaluation and standard setting.”
“The work it does in doing AI model evaluation is essential in creating a regulatory toolbox for our sectoral regulators, so everyone doesn’t have to reinvent the wheel,” Obernolte said.
Last September, the center released an evaluation of the Chinese “DeepSeek” AI model that found it lagged behind U.S. models on cost, security and performance. More recently, CAISI released a request for information on securing AI agent systems.
Despite the Trump administration’s rebranding, however, Obernolte noted the NIST center’s functions have largely stayed consistent. He argued codifying the center would provide stability.
“I think everyone would agree, it’s unhealthy for us to have every successive administration spin up a brand new agency that, essentially, is doing something with a long-term mission that needs continuity,” he said.
Obernolte asked Michael Kratsios, the director of the White House Office of Science and Technology Policy, what he thought about codifying the center into law.
Kratsios said CAISI is an “very important part of the larger AI agenda.” He also said it was important for the administration to reframe the center’s work around innovation and standards, rather than safety.
“It’s absolutely important that the legacy work around standards relating to AI are undertaken by CAISI, and that’s what they’re challenged to do,” Kratsios said. “And that’s the focus that they should have, because the great standards that are put out by CAISI and by NIST are the ones that, ultimately, will empower the proliferation of this technology across many industries.”
Later on in the hearing, Kratsios said the NIST center would play a key role in setting standards for “advanced metrology of model evaluation.”
“That is something that can be used across all industries when they want to deploy these models,” he said. “You want to have trust in them so that when everyday Americans are using, whether it be medical models or anything else, they are comfortable with the fact that it has been tested and evaluated.”
Obernolte and Rep. Sarah McBride (D-Del.), meanwhile, have also introduced the “READ AI Act.” The bill would direct NIST to develop guidelines for how AI models should be evaluated, including standard documentation.
Asked about the bill, Kratsios said it was worthy of consideration, but added that any such efforts should avoid just focusing on frontier AI model evaluation.
“The reality is that the most implementation that’s going to happen across industry is going to happen through fine-tuned models for specific use cases, and it’s going to be trained on specific data that the large frontier models never had access to,” he added.
“In my opinion, the greatest work that NIST could do is to create the science behind how you measure models, such that any time that you have a specific model – for finance, for health, for agriculture – whoever’s attempting to implement it has a framework and a standard around how they can evaluate that model,” Kratsios continued. “At the end of the day, the massive proliferation is going to be through these smaller, fine-tuned models for specific use cases.”
Discussion around the role of the NIST center comes amid a larger debate over the role of the federal government in setting AI standards. In a December executive order, President Donald Trump called for legislative recommendations to create a national framework that would preempt state AI laws.
But during the hearing, Kratsios offered few specifics on what he and Special Adviser for AI and Crypto David Sacks have been considering.
“That’s something that I very much look forward to working with everyone on this committee on,” Kratsios said. “What was clear in the executive order, specifically, was that, any proposed legislation should not preempt otherwise lawful state actions relating to child safety protections, AI compute and data infrastructure, and also state government procurement and use of AI.”
“But, we look forward over the next weeks and months to be working with Congress on a viable solution,” he added.
The Department of Homeland Security’s inconsistent hiring practices present major challenges at a time when DHS is surging recruitment across its law enforcement components, according to the department’s watchdog.
The DHS inspector general, in an annual report on top management and performance challenges, flagged “fragmented law enforcement hiring” as one of the department’s top three issues.
The IG warns that those longstanding issues have been amplified by a recent influx of funding from the One Big Beautiful Bill Act passed last year. Immigration and Customs Enforcement, Customs and Border Protection, and the Secret Service have all embarked on major hiring initiatives over the past year, backed by billions of dollars in funding.
“There is overlapping, competitive, law enforcement hiring among ICE, CBP, and USSS,” the report warns. “These competing interests can undermine the hiring process when conducted without departmentwide planning. Law enforcement hiring will endure additional stresses in the coming years due to the OBBBA, which funds an increase in departmental law enforcement personnel.”
DHS recruiting is “further complicated by inconsistent vetting requirements and application processes” across law enforcement agencies, according to the report.
“These inconsistencies make it difficult to implement a more centralized, efficient hiring process, resulting in duplication of effort, higher costs, and slower onboarding across the department,” the IG states.
The report comes as the Trump administration touts ICE’s hiring of 12,000 new employees in less than a year. However, the vetting and training of ICE officers has come under increasingscrutiny amid the rapid hiring blitz.
Cyber and AI hiring
The IG report also highlights challenges with DHS’s hiring of cybersecurity, IT and artificial intelligence specialists. For instance, DHS’s Office of Intelligence and Analysis and the Coast Guard, respectively, face administrative challenges in recruiting personnel with AI-related skillsets, according to the IG.
Those types of challenges could delay key DHS AI projects, the report states.
“These challenges are magnified by inconsistent hiring practices across components, pay disparities with the private sector, and complex clearance requirements,” it continues.
Meanwhile, DHS’s Cyber Talent Management System has not met its original goal to help recruit thousands of cyber experts. Hiring using CTMS has reached just several hundred staff since the system was launched in 2021.
“Although there has been some success using CTMS, the department continuously improves it in partnership with hiring managers to make it a more effective tool,” the IG report states.
Furthermore, the Cybersecurity and Infrastructure Security Agency last year terminated many probationary staffers who were part of CTMS, further shaking confidence in the novel talent system.
Still, the IG report recommends DHS deepen centralized hiring efforts like CTMS to address its tech talent gaps.
“These centralized hiring efforts are a step in the right direction,” the report states. “However, it is unclear that these hiring efforts are sufficient to meet the hiring surges required by the OBBBA or keep pace with evolving Department needs as AI and machine learning are integrated into all operations. Since previous hiring surges did not achieve intended outcomes, DHS should pivot to more successful recruitment methods.”
FILE - Customs and Border Patrol agents question occupants of a vehicle they pulled over, during an immigration crackdown in Kenner, La., Dec. 5, 2025. (AP Photo/Gerald Herbert, File)
The Cybersecurity and Infrastructure Security Agency is on the verge of going a full year without a permanent leader, as cyber experts say the void is preventing CISA from moving forward on key issues and leaving an already reeling workforce in the lurch.
The Senate earlier this month returned Sean Plankey’s nomination to the White House after lawmakers failed to vote on it during last year’s session. President Donald Trump formally nominated Plankey in March of last year.
Plankey is a widely respected official whose nomination had broad backing from industry and bipartisan support on Capitol Hill.
But his nomination was placed under multiple holds, some of them unrelated to CISA or cybersecurity. Most recently, Sen. Rick Scott (R-Fla.) had reportedly placed a hold on Plankey after the Department of Homeland Security terminated a Coast Guard cutter contract with a shipyard in Florida. Plankey has been serving as a senior advisor in the Coast Guard while he awaits confirmation.
On Tuesday, Trump re-nominated Plankey to lead the cyber agency. CISA is currently being led in an acting capacity by Deputy Director Madhu Gottumukkala, who was chief information officer for the state of South Dakota when Homeland Security Secretary Kristi Noem was governor there.
Mark Montgomery, the executive director of the Cyberspace Solarium Commission 2.0, said the uncertainty comes at a time when CISA “desperately needs strong leadership.”
“I think they can’t focus,” Montgomery said. “They can’t come up with a strategic plan that’s going to drive a four-year administration. They’ve already lost a year. Every day, every week, every month, that you don’t have your Senate confirmed person, you take risk. This is the civilian cyber defense agency. It needs strong, focused leadership.”
Senate-confirmed leaders are typically more capable of advocating for their agencies, both within the administration and on Capitol Hill in front of lawmakers. Plankey’s nomination fell by the wayside as cyber threats to U.S. critical infrastructure continued to rise last year, noted Bob Ackerman, a venture capitalist who founded AllegisCyber Capital.
“CISA owns the essential national security mission of protecting the homeland from such society-crippling cyber-attacks,” Ackerman said. “Yet, while we wouldn’t charge the U.S. Marines with executing their missions without a leader, CISA’s mission to block and deter our adversaries has been left leaderless at this urgent moment of need.
Over the past year, Montgomery said CISA has not advanced public-private collaboration “in any meaningful way.”
For instance, he said the cyber agency has yet to take significant actions to address Volt Typhoon. U.S. officials have accused the China-linked group of hacking into critical infrastructure networks, like power and water systems. In January 2024, then-FBI Director Chris Wray said the goal of the hacks was to “destroy or degrade” those systems during a future conflict.
“We’re 24 months since [Director] Wray laid out the Volt Typhoon challenge, and we still don’t have an integrated policy to address it,” Montgomery said. “That should come from CISA. It should have come from the Joint Cyber Defense Collaborative, the Joint Cyber Planning Office, and we haven’t gotten it. And the reason is it takes interagency leadership, which you’re not going to get from an acting director.”
Cyber experts also pointed to stalled efforts like the reinstatement of the Critical Infrastructure Partnership Advisory Council (CIPAC) as an example of where Plankey could make a difference.
The Department of Homeland Security disbanded CIPAC last spring as part of a broader purge of federal advisory councils. CIPAC had provided authorities for government officials and industry to collaborate on cybersecurity issues through various sector coordinating councils.
Industry officials had been encouraged by Noem’s speech at the RSA Conference in late April 2025, during which she said CIPAC would be reinstated and “will bring more people to the table and be much more action oriented.”
But since then, DHS has not acted to revive CIPAC or any related authorities. Since the council was disbanded, there has been “less engagement and less communication,” Ari Schwartz, coordinator of the Cybersecurity Coalition, told Federal News Network.
“I do think we do need to see some action on that,” Schwartz said. “I don’t think that that can really wait around at this point.”
CISA’s workforce, meanwhile, has experienced deep cuts under the Trump administration, driven by deferred resignation and early retirements. Many who left were experienced staff that led CISA programs.
Office of Personnel Management data shows CISA’s headcount has gone from a high of 3395 employees in 2024 to 2376 staff at the start of this year.
One CISA employee, who requested anonymity to speak candidly, said the last year at the agency was “extremely difficult.”
“From the onslaught of policy changes targeting us – like return-to-office, standard hours, contract delays and cuts – to the huge amounts of departures and the lack of new leadership in place, we as an agency made little to no progress and in some instances went backwards in my opinion,” the employee said. “For 2026, I was expecting to finally get some concrete leadership direction and priorities, but with the CISA director still not in place and another possible shutdown looming, I’m expecting another year of chaos and little progress.”
Both Montgomery and Schwartz said one positive at CISA over the last year has been Nick Andersen, who joined the agency in August as a political appointee leading CISA’s cybersecurity division. Andersen has spoken at multiple public events, briefed the media on agency cyber directives, and met with industry groups.
But Montgomery noted that doesn’t outweigh not having a Senate-confirmed director.
“You lead CISA from the top and to go fight battles within DHS for the restoration of manpower, to lead interagency work to develop and execute an integrated defense plan against Volt Typhoon’s operational preparation of the battlefield,” he said.
The Federal Emergency Management Agency’s workforce continues to face uncertainty amid abrupt cuts to disaster response staff and planning emails that show FEMA has been contemplating deeper reductions.
Late last month, FEMA sent non-renewal notices to 50 Cadre of On-Call Response/Recovery Employees (CORE) whose terms ended between Jan. 1 and Jan. 4. CORE employees are hired for two-to-four year terms, but they are often renewed to continue ongoing disaster work. CORE staff make up the majority of FEMA’s workforce, constituting 39% as of 2022.
FEMA did not respond to a request for comment. In other stories on the CORE cuts, a FEMA spokesman has characterized them as “a routine staff adjustment of 50 staff out of 8,000.”
But a current FEMA supervisor and former FEMA supervisor, who were granted anonymity to candidly discuss the situation, both disputed the characterization of the terminations as “routine.”
They said FEMA CORE staff are almost always renewed due to demand for staff to respond to an increasing rate of disasters and other agency tasks in recent years.
CORE staff are often among the first FEMA employees to be deployed in a disaster, according to Rafael LeMaitre, a former FEMA director of public affairs who now serves on the advisory council for the advocacy group Sabotaging Our Safety.
“While they serve two-year contract terms, those are routinely renewed, because the number of disasters that the nation has been dealing with has not gone down,” LeMaitre said. “If anything, it’s increased, both in the number of disasters and the severity of disasters, given changes to the climate, and frankly, additional pressures that FEMA has been put under to respond to non-traditional types of emergencies.”
But the FEMA supervisors also described how, contrary to the recent non-renewals, decisions about extending CORE appointments are typically done on a case-by-case basis. The process typically includes an analysis of the employee’s workload and the need for them to continue working on a given disaster.
“We never fire people just because their renewal dates happened to fall in a given time frame,” the current FEMA supervisor said.
The renewal process typically starts 90 days before the employee’s “not-to-exceed” date, which refers to when their term ends.
But in early December, emails show FEMA divisions and regions received a tasking from the agency’s chief human capital office to submit justification packages for every CORE staff with an NTE date falling in January.
Those packages were submitted, but FEMA CORE staff with renewals falling Jan. 1-4 still received termination letters in late December.
It’s unclear what will happen to other FEMA CORE staff whose terms expire in January. With approximately 9,000 total FEMA CORE staff, hundreds could be up for renewal in any given month.
Earlier this week, FEMA leaders received new direction to submit justification packages for CORE staff whose terms expire in February, according to the current supervisor.
“This is not a targeted workforce reduction – this is using a sledgehammer when you should be using a scalpel,” the current FEMA supervisor said.
CNN first reported on FEMA’s CORE cuts.
Workforce reductions exercise
The cuts and uncertainty around CORE staff renewals come as FEMA has been analyzing much deeper cuts to its workforce, agency emails show.
In a Dec. 23 email viewed by Federal News Network, FEMA’s chief human capital office sought leadership input on a “Workforce Capacity Planning Exercise.” The email references how the exercise is “consistent” with a recent executive order and corresponding White House guidance on federal hiring.
The email included a “draft workforce plan” with a table laying out FEMA’s workforce totals as of Sept. 30 and fiscal 2026 “target” reductions.
The reductions listed in that table include a 50% overall reduction to FEMA’s total workforce of 23,000, including a 15% reduction the permanent full-time workforce and a 41% reduction to the disaster full-time workforce, which includes CORE staff.
The email states that the exercise is “pre-decisional in nature” and that “no staffing actions or personnel decisions are being directed or implemented as part of this request.”
But current and former FEMA staff say it would be highly unusual to conduct such an exercise without planning for some form of workforce reductions.
The Washington Post first reported on the workforce planning email.
FEMA cuts criticized
The latest FEMA cuts come after a year of turmoil at the agency that saw more than 2,000 employees depart through voluntary programs and some terminations. Those departures included two dozen senior leaders, according to the Government Accountability Office.
However, both President Donald Trump and Homeland Security Secretary Kristi Noem have expressed a desire to eliminate or downsize FEMA, and instead shift more disaster recovery responsibilities to state and local governments.
Democrats in Congress were quick to criticize the latest FEMA CORE cuts and reports of deeper potential reductions.
“Even considering cuts of this scale is more evidence of the Trump administration’s reckless and dangerous behavior and sends a clear message that the administration is willing to gamble with Americans’ lives and violate federal law that Congress passed to ensure readiness for disasters,” House Homeland Security Committee Ranking Member Bennie Thompson (D-Miss.) said in a statement.
House Transportation and Infrastructure Committee Ranking Member Rick Larsen (D-Wash.) is among the lead sponsors of a bipartisan bill to overhaul FEMA. The legislation would notably remove FEMA out from under the Department of Homeland Security and have it report directly to the president.
“After multiple Transportation and Infrastructure Committee hearings, we keep concluding FEMA needs more staff to meet the response needs of more frequent and severe disasters — like the recent flooding in my district,” Larsen said in a statement. “Cutting CORE staff will leave remaining FEMA workers scrambling and disaster survivors waiting longer for assistance. This is the exact opposite of what we should be doing. The administration must reverse this decision.”
FILE - A sign for the Federal Emergency Management Agency is pictured at FEMA headquarters, April 20, 2020, in Washington. (Al Drago/The New York Times via AP, Pool)
The Secret Service is aiming to boost its ranks by thousands of officers over the next two years, part of a still swelling recruiting push across federal law enforcement agencies.
The Secret Service is aiming to hire 4,000 new employees by 2028, an agency spokesman confirmed. That would bring the Secret Service’s ranks to 6,800 law enforcement personnel and 10,000 total employees.
The Secret Service currently employs about 8,300 staff, according to agency budget figures. That includes 3,200 special agents and 1,300 uniformed division officers, per the Secret Service website.
“Last year, the agency launched a dynamic recruitment strategy aimed at both reducing inefficiencies in the hiring process and increasing the visibility of agency jobs to audiences with the requisite knowledge, skills and abilities to perform the mission,” the Secret Service spokesman said. “We are focusing on targeting our recruitment efforts to individuals with a demonstrated track record of excellence, teamwork and trustworthiness — this includes former military, law enforcement, and top university graduates.”
The agency is also aiming to retain retirement-eligible agents, the spokesman added. Group retention incentives are being offered to special agents, uniformed division officers, cybersecurity professionals and specialty teams.
The Secret Service has long struggled with morale and attrition issues. A 2021 National Academy of Public Administration study found the agency’s mission demands have grown, while staffing levels have not kept up, requiring agents and officers to work longer hours.
But the Secret Service has been unsuccessful in previous attempts to grow its ranks to 10,000 employees.
The agency is now focused on streamlining the hiring process, including through new Accelerated Candidate events. The Secret Service says the events reduce the time to job offer by up to 120 days. The current average from application to entry-on-duty is 326 days for special agents and 256 days for the uniformed division.
The Washington Post first reported on the details of the Secret Service’s hiring goals.
In a post on X Tuesday, FBI Director Kash Patel said 2025 was a “huge year” for recruiting.
Patel didn’t cite how many employees the FBI hired. But he said the agency received 45,000 special agent applications and 30,000 professional staff applications in fiscal 2025.
He also said the FBI expanded the Reserve Service Program for retired FBI special agents to work as criminal investigators in field offices.
“These RSP-Special Agents will fill critical field office needs with experienced investigators – the first group will begin their assignments in January 2026,” Patel wrote.
Meanwhile, the Department of Homeland Security this week announced that Immigration and Customs Enforcement has already hired more than 12,000 officers and agents over the last 11 months. The recruiting drive, backed by billions in funding from the One Big Beautiful Bill Act, has spiked ICE ranks from 10,000 to 22,000 law enforcement personnel, DHS said.
Though the Trump administration’s original goal was to hire roughly 10,000 new ICE agents, DHS said this week that ICE is continuing to accept job applications.
Customs and Border Protection is also on a recruiting drive, aiming to hire 5,000 customs officers and 3,000 border patrol agents through 2029. Both CBP and ICE are offering massive recruitment and retention incentive packages.
The widespread recruiting push across federal law enforcement agencies is expected to put a strain on classes at the Federal Law Enforcement Training Centers. FLETC itself announced in September it was hiring 100 new instructors to support the “onboarding of thousands of new law enforcement officers nationwide.”
09 July 2024, USA, Washington: Police officers from the Secret Service stand in front of the White House in the early morning before the start of the NATO summit. The NATO summit begins in the capital with celebrations to mark the 75th anniversary of the defense alliance. Photo by: Kay Nietfeld/picture-alliance/dpa/AP Images
Congressional appropriators are looking to maintain, and in some cases increase, the National Institute of Standards and Technology’s work in areas like artificial intelligence, cybersecurity and quantum research.
The agreement includes $1.25 billion for NIST’s research and services division, more than $542 million above the Trump administration’s request. The White House had proposed cutting NIST funding and positions in areas like cybersecurity and privacy; health and biological systems measurements; and physical infrastructure and resilience.
Meanwhile, industry and lawmakers had urged Commerce Secretary Howard Lutnick to protect NIST’s budget and workforce.
The agreement also $405 million for NIST’s “Community Project Funding,” more commonly referred to as earmarks. The White House had proposed phasing out that funding in fiscal 2026.
The appropriations agreement also includes $175 million to continue funding NIST’s Hollings Manufacturing Extension Partnership Program. The MEP program includes 97 positions and helps fund a national network of centers across all 50 states and Puerto Rico that provide services to small- and medium-sized U.S. manufacturers.
The Trump administration had proposed defunding the MEP program, arguing it was outdated and had struggled to address challenges facing the U.S. manufacturing sector.
Language in the explanatory section of the appropriations agreement, however, includes strong language that forbids Commerce from revising the MEP program without gaining “explicit approval” from the committees as part of the appropriations process.
“The secretary is directed to continue the program under the same terms and conditions as were required in fiscal year 2024 and to issue awards at no less than the amounts in fiscal year 2024,” appropriators wrote. “Further, the agreement directs that no funds are provided to execute or plan for a program that reduces the number of active MEP Centers and that the secretary shall minimize, by rapidly executing funding competitions and renewing existing Centers in a timely manner, the periods of time when no MEP Center is active in any state or Puerto Rico.”
The funding in the agreement includes $55 million for NIST’s AI research and measurement efforts. Up to $10 million is intended to expand NIST’s Center for AI Standards and Innovation. NIST plays a key role in the Trump administration’s AI agenda.
Lawmakers also want NIST to conduct various evaluations, including one comparing Chinese and U.S. AI capabilities and another evaluating foreign AI models.
The bill also includes $128 million in base construction funding to repair and upgrade major research facilities, including facilities at NIST’s main campus in Gaithersburg, Md.
The past year in federal cybersecurity policy was full of uncertainty, as a change in administration, expiring authorities and the emergence of artificial intelligence converged and led to plenty of questions about the future of the cybersecurity landscape.
Going into 2026, cyber policymakers and experts are expecting some clarity, especially around the interplay of AI and cyber. Here are five things to watch when it comes to federal cyber issues as the new year gets underway:
New national cyber strategy
The White House is expected to issue a new national cyber strategy early in the new year. During an appearance at the Aspen Institute’s Cyber Summit in November, National Cyber Director Sean Cairncross said the strategy won’t be a lengthy document.
“It’s going to be a short statement of intent and policy and then it will be paired very quickly with action items and deliverables under that,” Cairncross said. “As a topline matter, it’s going to be focused on shaping adversary behavior, introducing costs and consequences into the mix.”
Cairncross said the strategy will feature six pillars. And he said the Office of the National Cyber Director is also working on a “workforce initiative” to address cyber talent gaps.
“There’s over half a million cyber jobs just on the decks now that need filling and there will be a need for more,” Cairncross said. “We need to align industry incentives, academic incentives, vocational school incentives, [venture capital] and bring them together collaboratively to better the workforce for the country.”
Morgan Adamski, a former National Security Agency leader and executive at PWC, said the cyber strategy’s expected focus on influencing adversarial behavior and offensive cyber operations points toward a shift toward “active defense.”
“Active defense is essential because it shifts security from a passive, reactive posture to a proactive one that actively reduces risk,” Adamski told Federal News Network. “Instead of waiting for threats to materialize and cause damage, active defense emphasizes continuous monitoring, rapid detection, and timely response. This approach shortens the window between intrusion and containment, limits the attacker’s ability to escalate, and protects critical assets before harm spreads. In an environment where threats evolve quickly and adversaries adapt, relying solely on static controls is insufficient.”
AI and cyber
Industry will be closely reading the strategy for what it says about the multifaceted issue of AI. Cyber experts generally divide the issue into three broad categories: securing AI systems and data; defending against AI-enabled cyber attacks; and using AI for cyber defense.
Drew Bagley, Crowdstrike’s vice president for privacy and cyber policy, pointed to how federal agencies have embraced the “zero trust” concept in recent years, as well as technologies like endpoint detection and response, and log management.
“Now it’s going to be increasingly important to think about how those same concepts are applied to AI,” Bagley told Federal News Network. “If AI is going to continue to be embraced at this rapid speed without there being visibility into what’s going out the door with AI, then you have a problem. You have another attack surface.”
Bagley said he’s watching for the Cybersecurity and Infrastructure Security Agency to provide the federal government with leadership on AI security.
“CISA can provide guidance to those who are implementing AI in federal agencies as far as what the security standards need to be to make sure that that AI is secure and that AI is not introducing a security threat in and of itself,” he said.
Meanwhile, agency chief information security officers are also considering how they can use AI to improve cyber defenses. Adamski said CISOs will have to focus on both securing AI systems and harnessing AI for cybersecurity at the same time.
“AI is becoming a genuine force multiplier for defense, especially in security operations where teams are overwhelmed and attackers move fast,” she said. “It can improve detection, speed up investigation, enhance threat hunting, and help prioritize what matters most. In many environments, that kind of leverage is the difference between containing an incident quickly and getting buried by volume.”
CISA 2015 reauthorization
While Congress typically doesn’t move major pieces of legislation during an election year, the reauthorization of cybersecurity information sharing authorities remains a pressing priority when lawmakers return from their holiday recess.
The Cybersecurity Information Sharing Act of 2015 lapsed on Oct. 1. Congress gave it a temporary revival as part of the continuing resolution to reopen the government, but the CISA 2015 authorities are set to expire again on Jan. 30.
Reauthorizing the law has broad bipartisan support, including from the White House. But House Homeland Security Committee Chairman Andrew Garbarino (R-NY) has acknowledged the path to reauthorizing CISA 2015 remains murky at best.
In the House, lawmakers have advanced Garbarino’s bill, the Widespread Information Management for the Welfare of Infrastructure and Government Act (WIMWIG Act), through the committee. The bill would extend CISA 2015 for another decade and provide key definitional updates.
“Our colleagues in the Senate have different ideas. Some of them want to do a 10-year clean [reauthorization]. I don’t know if I can get that passed in the House, with concerns from the Freedom Caucus,” Garbarino said at an event hosted by Auburn University’s McCrary Institute in December.
Meanwhile, Senate Homeland Security and Governmental Affairs Committee Chairman Rand Paul (R-Ky.) also opposes a “clean” reauthorization due to his concerns about agencies working with social media companies on disinformation, which occurred under separate authorities from CISA 2015.
“I don’t know how it gets done on its own,” Garbarino said. “I feel like we have to attach it to another piece of legislation, whether that’s government funding. But we need it passed and unfortunately I don’t think we’re close enough with the discussions on the Senate to figure out which bill will pass and what will get done.”
The upshot, Garbarino continued, is another possible short-term extension of CISA 2015.
“Which is unfortunate because we worked very hard to get our bill out of committee,” he added. “It took a lot of requests or advice from the private sector on updates. So we love our piece of legislation that we got done. When you get the trial attorneys to not object to your bill giving liability protection, that’s a pretty good thing.”
CIRCIA rule
CISA the agency, meanwhile, is set to issue a landmark cyber incident reporting rule that will apply to vast swaths of the 16 U.S. critical infrastructure sectors.
Congress passed the Cyber Incident Reporting for Critical Infrastructure Act in 2022. The law generally requires critical infrastructure organizations – in sectors like energy, water and telecommunications – to report significant cyber incidents to CISA within 72 hours.
The law represents the most far-reaching federal cybersecurity regulation ever passed by Congress.
Industry has criticized the proposed rule for being overly broad and is also encouraging CISA to “harmonize” the rule with many existing cyber incident reporting mandates.
The Trump administration has delayed the release of the final rule until May 2026, providing CISA with more time to respond to those concerns.
Cyber leader gaps
Meanwhile, CISA also heads into 2026 without a Senate-confirmed leader. Trump nominated Sean Plankey to serve as CISA director in March. But Plankey’s nomination has been held up in the Senate for various reasons.
Most recently, Sen. Jacky Rosen (D-Nev.) has placed a hold on Plankey’s nomination due to concerns about the Coast Guard’s implementation of a new hate speech policy. Plankey has been serving as a senior advisor in the Coast Guard.
Meanwhile, the National Security Agency and U.S. Cyber Command is also still under acting leadership at the start of the new year.
The dual-hat role of NSA director and CYBERCOM commander is a key cybersecurity post, especially with the Trump administration’s emphasis on offensive cyber operations. The role had been held by Air Force Gen. Timothy Haugh, but Trump ousted Haugh in April, reportedly at the behest of far-right influencer Laura Loomer.
According to multiple reports, Trump now intends to nominate Army Lt. Gen. Joshua Rudd to lead the NSA and CYBERCOM.
And in Congress, Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) announced that he will not seek re-election in 2026, meaning he will retire effective January 2027. Peters has been one of the most influential members of Congress on cyber policy over the last decade.
At the Department of Homeland Security, where you stand at the end of 2025 depends on where you sit.
With the Trump administration emphasizing border security and mass deportations as top priorities, DHS components that work in those areas saw both major funding increases and workforce boosts.
Meanwhile, other DHS components were swept up in the administration’s workforce reduction efforts. Some of those components were also in the crosshairs of new political leadership for program and funding cuts.
The “One Big Beautiful Bill Act” tax and reconciliation measure passed in July only deepened those differences.
The legislation provided billions in additional funding for select DHS components like Customs and Border Protection and Immigration and Customs Enforcement. Meanwhile, other offices such as the Cybersecurity and Infrastructure Security Agency have been hit by workforce reductions and funding cuts, ending support for programs and services like CISA’s Multi-State Information Sharing and Analysis Center.
Workforce fluctuates
DHS is one of the only departments to gain a net increase in employees over the last two years, according to an analysis of agency shutdown contingency plans compiled by the Partnership for Public Service.
While most agencies saw staffing reductions driven by the Department of Government Efficiency, DHS’s workforce grew by 6%, to 271,927 employees listed in its 2025 contingency plan.
The Trump administration’s high-profile focus on immigration enforcement operations brings with it more funding and personnel for agencies like ICE and CBP. According to shutdown contingency plans, ICE’s workforce increased by more than 500 employees between June 2024 and September 2025. CBP’s workforce grew by more than 1,500 employees over the same period.
The Coast Guard’s workforce has swelled by nearly 2,000 as part of a recruiting campaign started by the Biden administration and further boosted under the Trump administration through the “Force Design 2028” initiative.
Many positions at DHS, including law enforcement positions, were exempt from workforce reduction efforts like deferred resignations and earlier retirements.
But some components, including CISA and the Federal Emergency Management Agency, underwent stark staff reductions driven by program cuts and voluntary departures.
CISA’s workforce has dropped by nearly one-third, from 3,400 employees in June 2024 to 2,500 staff as of May 31, 2025, according to the contingency plans. More CISA employees may have departed since the latest tally.
FEMA, meanwhile, has seen the number of active employees decrease from roughly 25,800 at the start of the year to 23,350 as of June 1, according to the Government Accountability Office. That includes 24 FEMA senior executives, “widely respected agency leaders who departed voluntarily given the uncertainty around the agency’s future,” GAO noted.
The Trump administration has also proposed some cuts to the Transportation Security Administration. Homeland Security Secretary Kristi Noem is further moving to eliminate TSA employees’ collective bargaining rights.
It includes $4.1 billion for CBP to hire 5,000 customs officers and 3,000 border patrol agents over the next four years, and $8 billion for ICE to hire 10,000 new officers. DHS says ICE has already reached that goal as 2025 comes to a close.
The bill also includes billions in funding for new immigration detention facilities, border security infrastructure, training facilities, vehicles, Coast Guard ships and more.
Industry will be watching closely as DHS’s spend plans for the reconciliation bill come together.
Senior leaders
With Year 1 of the second Trump administration nearly complete, many presidentially appointed, Senate-confirmed positions at DHS remain vacant or filled by acting personnel. Trump has yet to nominate a FEMA administrator, a TSA administrator or a DHS under secretary for management, among other positions.
Meanwhile, Deputy Homeland Security Secretary Troy Edgar will soon depart DHS after being nominated to serve as U.S. ambassador to El Salvador. The administration has not yet named a replacement.
CISA has been without a permanent director since January. Sean Plankey was nominated to serve as CISA director in March, but his nomination has been held up in the Senate over multiple issues unrelated to concerns about his appointment.
FILE - Police officers block a street as demonstrators march at a protest opposing "Operation Midway Blitz" and the presence of ICE, Sept. 9, 2025, in Chicago. (AP Photo/Erin Hooley, File)
During his decade of service at the National Institute of Standards and Technology, Rodney Petersen has had a front-row seat to the evolving state of the cyber workforce across government, industry and academia.
In his role as director of education and workforce at NIST’s Applied Cybersecurity Division, Petersen led efforts to standardize cyber workforce job descriptions and better understand skills gaps that are now a recurring theme in cyber policy discussions.
He served as second director of the National Initiative for Cybersecurity Education, which is now just known as its acronym, “NICE.” NIST’s “NICE Framework” is now an internationally accepted taxonomy to describe professional cyber roles, as well as the knowledge and skills needed to work in the fast-evolving field.
“One of the biggest changes in my 11 years here has just been the proliferation and the growth and expansion of education and workforce efforts,” Petersen said. “And so that’s mostly a good thing, because it shows that we’re prioritizing and putting investments in place to both increase the supply and also find the demand. But at the same time, it makes NICE’s mission all the more important to make sure we’re creating a coordinated approach across the U.S.”
Petersen is set to retire from his post at the end of the year. He recently sat down with Federal News Network to discuss his career at NIST, the evolution of cyber workforce initiatives over the last 10 years, and the future of the cybersecurity career field amid the rise of artificial intelligence.
(This interview transcript has been lightly edited for length and clarity).
Justin Doubleday What led you to where you are, to NIST and to the NICE program, in the first place?
Rodney Petersen Since NICE works so much on cybersecurity careers, you have to remind people that it’s not always linear, or maybe you don’t end up where you expect it to be, and that’s certainly been true of me.
In undergraduate and through law school, I certainly expected to be in a legal career. I got quickly introduced to higher education and education policy. So my first job out of law school was actually at Michigan State University and then subsequently University of Maryland. So that was maybe my first pivot to move into academia, but continuing to use the law and policy expertise. And then back in the mid ‘90s, there was something called the world wide web and the internet that started hitting college campuses, and I began to combine my legal policy expertise with the growing field of information technology and work for the first CIO and vice president of information technology at the University of Maryland.
And that eventually led me to cybersecurity, where, once again, it was an emerging field and topic. Not a lot of history, certainly within colleges and universities, of having personnel doing that work. The Association of Colleges and Universities that focused on it was EDUCAUSE, and they brought me in to establish their first program in cybersecurity and eventually the Higher Education Information Security Council. Then maybe my final pivot from there was to NIST, which was a position in the federal government, but not just focusing on cybersecurity from an operational or an IT perspective but from an education and workforce perspective. So again, I appreciated the opportunity to pivot and continue to work on another dimension of cybersecurity, which was: Now, how do we create the next generation of cybersecurity workers that the nation needs?
Justin Doubleday As you reflect on that last decade, what were some of the biggest challenges or successes, just things that immediately pop up into your mind as, ‘Wow, it’s 2025. I can’t believe we worked through that just five or 10 years ago?’
Rodney Petersen I didn’t say what really attracted me to the government was NIST, the National Institute of Standards and Technology, not only because it’s a standards organization, but it’s widely respected among industry and in my case academia, for providing some common standards, guidelines, best practices for cybersecurity. I really didn’t know a lot about the NICE program, certainly not the NICE framework, which I’m sure we’ll talk more about in a moment, but that provided a similar kind of common taxonomy and lexicon.
Now, when I say I didn’t know much about NICE framework, it’s a little misleading, because I was involved in some of the early days when DHS was trying to create a common body of knowledge for cybersecurity, and both a combination of that work and then the work I was doing with EDUCAUSE across higher education, you know, 4000-plus colleges and universities in the United States. We were trying to find some common ground and do things that could lead to shared services or shared approaches and the like. NIST was a great place to bring that all together.
The NICE framework specifically evolved over the years starting from common body of knowledge, the CIO Council recognizing the need, from an employer’s perspective, to have some commonality across the cybersecurity workforce. NIST began working with the Department of Defense and the Department of Homeland Security, culminating in the 2017 NIST special publication for the first time with the NICE framework. And then fast forwarding to today, where we work increasingly with private sector employers as well as academia to really create some common vision, common strategy and a mission that really teaches us to integrate approaches across the various ecosystems.
Justin Doubleday How challenging has that been in terms of getting to this widespread adoption of the NICE framework. I’m sure you measure that in different ways at NIST. How far have we come in terms of that standardization and how far do we still have to go?
Rodney Petersen If you’re an organization or a sector who’s starting from ground zero, and if you discover the NICE framework or the NIST cybersecurity framework or any other similar guidance document, you’re in a perfect situation to adopt it wholesale, because you haven’t started anything else, or you don’t have to retrofit something else. And there are certainly examples, in fact, internationally, where other countries start to get into the cybersecurity workforce space, and they discover the NICE framework. It really gives them a starting place, a jump start to building their own unique framework that meets their needs.
Where it’s more challenging is where there’s existing work and efforts that you either have to retrofit or try to modify or adjust. An example for that is we work closely with the NSA and CISA and the National Centers of Academic Excellence and Cybersecurity. They provide designations to colleges and universities that meet their guidelines for what a cybersecurity education program should look like, and it’s based upon what they call knowledge units. And those knowledge units, which actually have some preceding standards and organizations that they were building upon, weren’t necessarily built in the NICE framework.
We use the word ‘aligned’ to make sure that we’re aligned, that they can learn from what we’re doing and apply it, and we can learn from what they’re doing and apply it as well. So I think the biggest challenge is to take those existing organizations or initiatives that already are making great progress and have a lot of momentum, and making sure they’re in step with what we’re doing and vice versa.
Justin Doubleday Part of your work at the NICE program has been launching the CyberSeek database as well, which I think is probably one of the most publicly visible and publicly cited databases that the NIST cybersecurity program puts out there. It publishes data and statistics on cybersecurity job openings across the public and private sectors and other cyber workforce stats. Back when you launched it in 2016, what was the initial goal, and how do you think it’s helped to define some of the cyber workforce challenges that the country has faced over the last decade?
Rodney Petersen At the time, there was a lot of speculation and a lot of survey data about what the cybersecurity workforce needed to be. If you asked any chief information security officer, how many workers do they need? They may say 10. When you ask the same question of, how many can you afford and how many do you plan to hire? The answer might be one. And so thankfully in 2014 when I came in, the Cybersecurity Enhancement Act that Congress passed asked us to forecast what the workforce needs were, starting with the federal government and then looking also at the private sector.
So CyberSeek really came on the scene as an analytics tool, of course, in partnership with CompTIA and now Lightcast, to look at what are the actual jobs that are posted, to begin to quantify that, and then to do it in the context of the NICE framework. We’re looking more specifically at jobs to align to the NICE framework categories and work roles, and to do it not only nationally, but to do it by state and major metro area. And so whether you’re a member of Congress, or you may be at a college university, or you may be a local workforce board, and you really want to see what the demand is in your area, the CyberSeek tool not only gives you a number of open jobs in cyber security, but you can dissect that number to look at the types of jobs, what the requirements or qualifications are necessary to compete for those jobs, what’s the compensation for those jobs. I think bringing that all together really allows us to better forecast what the cybersecurity workforce needs are, both now and in the future.
Justin Doubleday One of the major points in this conversation around cyber workforce was the 2023 national cyber workforce and education strategy. As you reflect on this cyber workforce and education issue becoming a national strategy led out of the White House, whether there are any really impactful outcomes from that strategy over the last couple of years, or whether there’s still some things on the to-do list that you’re particularly keeping track of even as you get ready for retirement?
Rodney Petersen NICE really was an outgrowth of the 2008 Comprehensive National Cybersecurity Initiative. And as that later evolved and established the NICE program office, one of the things we were asked to do was provide some unification across the different investments happening in the federal government, and then by extension things that are happening in academia, in the private sector. And again, back in 2014 when Congress passed the Cybersecurity Enhancement Act, they asked us to build upon successful existing programs. And then later in 2018 when the first Trump administration created an executive order asking us to come up with findings and recommendations. One of the things they asked us to do was an environmental scan of, again, existing programs and assess and evaluate their effectiveness.
So I think as a starting point, any new strategy, any new administration, any new person to this field, needs to acknowledge and research what currently exists and what’s being successful. What should we continue to do, versus what should we stop, or what should we change, or what should we introduce as a new initiative or a new platform? So I think when that previous administration’s National Cyber Workforce and Education Strategy came out, there was a lot of effort, after some time, to take a step back and look at all the existing programs, not only in the federal government, but at the state and local level, in the private sector and academia, and then to build upon that.
And I think they did an excellent job of recognizing some of the good efforts that were already underway. And then fast forward to the present, I think the same is true. One of the biggest changes in my 11 years here has just been the proliferation and the growth and expansion of education and workforce efforts. And so that’s mostly a good thing, because it shows that we’re prioritizing and putting investments in place to both increase the supply and also find the demand. But at the same time, it makes NICE’s mission all the more important to make sure we’re creating a coordinated approach across the U.S.
Justin Doubleday One of the facets of that [2023] strategy was strengthening the federal cyber workforce, and that’s, of course, a big area of interest for our audience. Do you have any assessment of all these different initiatives across the federal workforce, civilian side, defense side? As you mentioned, a lot of has sprung up over the last five or 10 years. How cohesive those are and how successful those have been, as we know this new administration is now looking at its own strategy?
Rodney Petersen In 2015, Congress passed the Federal Cybersecurity Workforce Assessment Act, and that was an early effort to try to essentially identify the number of cybersecurity workers we had in the federal government and that we needed in the federal government. And again, to do that, we had to have some kind of standard to measure against. So the NICE framework was the required tool to use to do that measurement, especially to answer, how many cybersecurity workers do we need? We need a recruitment and retention strategy.
And I would say again, there were a lot of positive efforts led by the national cyber director, but also in partnership with the Office of Personnel Management, Office of Management and Budget, and all the departments and agencies like Commerce, NIST and others who needed that workforce to try to really continue to build momentum and fine tune the federal practices. One of our community subgroups talks about modernizing talent management, and this isn’t meant explicitly for the federal government, but for the private sector as well.
But I would say the federal government is in need of a lot of modernization. Going back to how we currently classify federal jobs, often that OPM classification series, a lot of them are 2210, IT or information security workforce [roles]. And yet the jobs, as the NICE framework represents, the work roles are much more specific than that. So I think there is an ongoing need to evolve that process, but I think some good progress has been made over the years.
Justin Doubleday How much progress do you think we’ve made in the shift towards skills based hiring?
Rodney Petersen At a minimum, there’s increased awareness and the value and the importance that it brings. And really it comes down to relying less on traditional credentials like academic degrees and maybe even certifications and experience, and looking more specifically at the skills, knowledge, capabilities that a job candidate would bring to the workforce. I would think that most organizations, most hiring managers, most cybersecurity professionals, are on board with that.
On the other hand, I think the practices still continue to lag. We still have job announcements that require the degrees, the experiences and things that really disqualify a vast majority of individuals who are probably quite capable. In fact, not only capable today, but have the potential to be the future workforce that is needed. So we need to limit those job announcements or job descriptions that disqualify people due to the lack of those traditional credentials, and really double down on the skills, the competencies that are needed.
Justin Doubleday More generally, you’ve written about the need for cybersecurity awareness among the workforce dating back to at least a decade now in your role at NIST. We now live in a world of annual cybersecurity trainings and PSAs. How would you grade cybersecurity awareness efforts over the past decade and just the level of acumen that we all generally have about cybersecurity?
Rodney Petersen My answer is probably pretty similar to the one I just gave about, how are we doing for skills based education? The awareness programs, I would give an ‘A.’ The awareness efforts and the initiatives are very prolific. The outcomes, the behavioral change, is probably more a ‘C-minus.’ And I think what we’re all discovering with that gap is not that there isn’t good intentions, requirements or educational efforts in place. But it really comes down to changing behaviors, and we need to continue to look for more active ways to influence how employees or citizens or consumers make choices about what they do online and what they do with their computer and how they respond to phishing emails or whatever the case may be. The training, the one-way directional information flow, is not going to be enough. We need to look for more opportunities to simulate, to provide multimedia, to use exercises, to use performance based assessments and exams that really reinforce the behavior change we’re striving to direct.
Justin Doubleday I have to bring it up: artificial intelligence. AI is on everyone’s mind. If you go on LinkedIn, there’s just so much speculation about how AI is going to completely change the future of a cybersecurity career field . . . I’d love to get your thoughts just on how you think about that and how the NIST NICE program has started to perhaps incorporate just some of the taxonomies and the skills that we’re seeing around AI come into play.
Rodney Petersen It’s not just that AI is going to impact the future. AI is impacting the present, and I think we see that all around us. One example is in education. How is AI being used by students? How is it or can it be used by teachers and faculty members? How can it be used by the organizations or the enterprises that run schools and universities? Just last week, we had our K-12 cybersecurity education conference where we had a student panel, and much of their discussion was around their use, their daily use, their hourly use of AI. And they encourage teachers and administrators to embrace it, because it’s not going to go away, and it’s going to be, in their opinion, a helpful part of their learning and educational experience.
A lot of NICE’s focus starts around the impact on the education or the learning enterprise. But from a cybersecurity perspective, I think NIST and NICE as well, and I would add the Centers of Academic Excellence and Cybersecurity, have been primarily focused on three impacts. One is, how do we make sure AI technology is secure? How do we make sure security is built in by design, which is fundamental to all software, all hardware, all kind of technology considerations? And again, the NICE framework talks about design and development as a phase of the technology process life cycle where we need good cybersecurity practices.
We also think about how can AI be used for cybersecurity? How can those that are cybersecurity practitioners leverage AI for their benefit, all the way from writing code, monitoring against attacks and using it for defense, a variety of ways that we can leverage the benefits of AI for the cybersecurity of organizations. And then, thirdly, how do we defend against AI-generated attacks, which we are going to see increasingly. We’re seeing it presently. So it’s those three aspects: building it securely, how do we use it to our advantage, and how do we defend against that?
Customs and Border Protection is increasing its total recruitment and retention incentives, as the Department of Homeland Security touts a record year for job applications.
CBP says new Border Patrol agents can now get up to $60,000 in incentives, including $10,000 after completing academy training and $10,000 for those assigned to a remote locations. Newly appointed Border Patrol agents can then qualify for up to $40,000 in retention incentives over the next four years.
Current Border Patrol agents are eligible to receive up to $50,000 in retention incentives.
Meanwhile, new officers assigned to “hard-to-fill and most difficult-to-fill locations” under CBP’s Office of Field Operations are eligible for up to $60,000 in retention incentives over a three year contract. CBP is also offering up to $60,000 in retention incentives for “experienced supervisors and officers eligible to retire in certain locations.”
New CBP Air and Marine Operations agents are also eligible for $10,000 signing bonuses, while new and current AMO agents can get up to 25% of their salary in retention incentives.
The increased incentives are funded under the One Big Beautiful Bill Act. The bill provided $4.1 billion for CBP to hire 5,000 customs officers and 3,000 border patrol agents over the next four years.
CBP for several years has offered both recruitment and retention incentives, as it prepares for an expected officer retirement surge starting in fiscal 2027.
The Department of Homeland Security, in an annual review, said CBP’s monthly hiring averages increased by 42.5% compared to the same time period last year. Meanwhile, hiring of Border Patrol agents increased by 84% over the same time last year, according to DHS.
ICE hiring surges, but under scrutiny
DHS also said Immigration and Customs Enforcement is on track to hire 10,000 new officers by the end of 2025. ICE has also offered $10,000 recruitment incentives and changed its minimum officer age to 18 years old to facilitate the recruitment campaign.
DHS said it has received a record number of job applications in 2025 at agencies including ICE, U.S. Citizenship and Immigration Services and the Secret Service.
The One Big Beautiful Bill Act, which passed in July, included $8 billion for the ICE hiring spree.
“Some” of the new ICE officers are already on the job, according to DHS.
But House Homeland Security Committee Democrats are now asking the Government Accountability Office to review ICE’s hiring practices.
In a Dec. 18 letter led by Ranking Member Bennie Thompson (D-Miss.) to GAO, the lawmakers point to media reports that ICE has put some new recruits into training without doing background checks and other standard vetting.
“This rapid expansion – the most significant staffing increase in the agency’s history – raises important questions about how ICE has changed its hiring standards and training protocols to meet its staffing aims,” the letter to GAO states.
FILE - Greg Bovino, the chief patrol agent for the U.S. Border Patrol El Centro sector, center, stands with federal immigration agents near an Immigration and Customs Enforcement facility in Broadview, Ill., Oct. 3, 2025. (AP Photo/Erin Hooley, File)
House Democrats are urging the Transportation Security Administration to abandon efforts to do away with a collective bargaining agreement covering some 47,000 TSA airport screeners.
In a Dec. 23 letter to Homeland Security Secretary Kristi Noem and acting TSA Administrator Ha Nguyen McNeill, 12 Democrats on the Homeland Security Committee say they have “deep concern” about the latest attempt to overturn TSA’s union agreement.
The letter signees include Homeland Security Committee Ranking Member Bennie Thompson (D-Miss.) and subcommittee on transportation and maritime security Ranking Member LaMonica McIver (D-N.J.).
Their letter points to an ongoing case in federal court over the Department of Homeland Security’s directive to end TSA’s collective bargaining agreement. The judge in that case issued a preliminary injunction in June blocking DHS’s previous efforts to dissolve the agreement.
“DHS’s renewed effort to unilaterally void a valid, seven-year collective bargaining agreement – without a resolution to the pending litigation – displays a clear and flagrant disregard for the rule of law and workers’ rights,” the lawmakers write.
TSA has said it plans to eliminate the collective bargaining agreement and implement a new “labor framework” for the agency starting Jan. 11.
The American Federation of Government Employees represents most TSA staff under the 2024 collective bargaining agreement. AFGE joined with several unions in filing the lawsuit challenging DHS’s prior attempt to dissolve the CBA.
Lawyers representing DHS in federal court recently filed a motion to dismiss the case, arguing that Noem’s new September determination to end TSA union rights is based on “an entirely different supporting record and data unavailable” at the time of Noem’s previous directive, which led to the court case and the preliminary injunction.
AFGE’s lawyers have since countered with an emergency motion to enforce the preliminary injunction. They argue DHS is attempting to “evade the court’s injunction.”
The judge overseeing the case recently directed the parties to confer on a briefing schedule for the emergency injunction.
The Trump administration has sought to do away with most federal employee unions. At DHS, leaders have argued that collective bargaining for TSA officers “is inconsistent with efficient stewardship of taxpayer dollars and impedes the agility required to secure the traveling public,” according to TSA’s statement on the new labor framework.
“Our Transportation Security Officers (TSOs) need to be focused on their mission of keeping travelers safe not wasting countless hours on non-mission critical work,” Adam Stahl, senior official performing the duties of TSA deputy administrator, said as part of a press release. “Under the leadership of Secretary Noem, we are ridding the agency of wasteful and time-consuming activities that distracted our officers from their crucial work.”
But in their letter, House Democrats argue that the 2024 union agreement was negotiated “in good faith to address long-standing issues at TSA, such as high attrition rates, inconsistent workplace policies, and the lack of a proper system for employees to voice safety and operational concerns.”
“Eliminating collective bargaining protections for TSOs will not improve efficiency or security,” they wrote. “It will silence workers who are best positioned to identify safety risks, exacerbate attrition at a time of ongoing staffing challenges, and ultimately make air travel less safe for the American public.”
Republicans on the Senate Appropriations Committee have put forward a 2026 homeland security spending bill that would staunch some workforce cuts at the Department of Homeland Security.
The committee released a draft version of the fiscal 2026 homeland security appropriations measure on Friday. Lawmakers will return to Capitol Hill after the holidays with a deadline to pass annual spending bills for most federal agencies by Jan. 30, when the current continuing resolution expires.
Lead appropriators in the House and Senate reached an agreement on funding allocations for the remainder of fiscal 2026 over the weekend. While they did not release specific numbers, House Appropriations Committee Chairman Tom Cole (R-Okla.) said the allocations would fall below projected spending levels under the CR.
“This pathway forward aligns with President Trump’s clear direction to rein in runaway, beltway-driven spending,” Cole said in a statement. “We will now begin expeditiously drafting the remaining nine full-year bills to ensure we are ready to complete our work in January.”
What’s the topline Senate DHS funding package?
Senate appropriators’ draft homeland security spending bill includes $92.3 billion for DHS in fiscal 2026, including nearly $66 billion in discretionary spending and $26.3 billion for the Disaster Relief Fund.
However, Senate Appropriations Committee Vice Chairwoman Patty Murray (D-Wash.) slammed the Senate committee’s draft proposal, calling it a “partisan bill” and saying Republicans didn’t work with Democrats to finalize a negotiated bill.
“We need more accountability from President Trump’s out-of-control Department of Homeland Security, and as we proceed to conference negotiations on this bill and the remainder of our bills, I am going to keep working to produce the strongest possible legislation,” Murray said. “American families should be able to count on their own government to support them through serious natural disasters and to enforce our immigration laws humanely and in accordance with the law.”
FEMA staffing concerns
The report on the draft homeland security spending bill, however, shows committee Republicans have some concerns about workforce cuts at the Federal Emergency Management Agency.
Roughly 2,500 FEMA staff have left the agency since the spring. The Trump administration has also expressed a desire to move more of FEMA’s responsibilities to state and local governments.
“The committee is concerned that staffing levels are insufficient to effectively and efficiently execute FEMA’s statutory missions,” the report on the draft bill states.
The bill would provide an additional $40 million for FEMA to hire staff to critical positions in its regional operations, and response and recovery divisions, respectively.
The report on the draft bill also stipulates that FEMA “shall maintain a workforce consistent with the personnel and full-time equivalents funded by the pay and non-pay amounts provided in this act.”
“FEMA shall not reduce staffing in such a way that it lacks sufficient staff to issue guidance, provide payments, and provide technical assistance and operational support to grantees in a timely manner; review and approve plans for obligating and expending Federal funds; review expenditures and reports for waste, fraud, and abuse; and perform all other necessary duties to allow recipients to proceed without unnecessary interruption,” the report continues.
CISA cut softened
Like their House counterparts, Senate appropriators are also looking to shore up funding at the Cybersecurity and Infrastructure Security Agency, rejecting steeper CISA cuts proposed by the Trump administration.
The draft Senate bill includes roughly $2.8 billion for CISA in fiscal 2026, just below 2025 funding levels for the cyber agency.
The bill would also reject proposed cuts at CISA’s National Risk Management Center. It would provide $126 million for the NRMC to maintain fiscal 2024 service and staffing levels.
Lawmakers direct CISA to provide a briefing “on the NRMC’s strategic engagement with election stakeholders, including engagement progress to date, future engagement plans and priorities, and information regarding any identified election security risks and shortfalls that should be mitigated in the near-, mid-, and long-terms.”
CISA has lost one-third of its workforce, roughly 1,000 staff, since the spring through a combination of voluntary departures, early retirements and terminations.
Like with FEMA, Senate appropriators also include language in their bill that CISA “shall maintain a workforce consistent with the personnel and full-time equivalents funded by the pay and non-pay amounts provided in this act.”
“CISA shall not reduce staffing in such a way that it lacks sufficient staff to effectively carry out its statutory missions,” the bill states, pointing to the agency’s efforts to secure federal civilian executive branch agencies, work with state and local governments, other sector risk management agencies, international partners and other stakeholders.
It further stipulates that CISA should maintain “no fewer” than 10 regional field offices across the country and directs CISA to employ at least one cybersecurity advisor per state.
FILE - The seal of U.S. Department of Homeland Security is seen before the news conference with Acting director of U.S. Immigration and Customs Enforcement (ICE) Todd Lyons at ICE Headquarters, in Washington, on May 21, 2025. (AP Photo/Jose Luis Magana, File)
Login
