Federal cyber funding looks uneven

Washington is moving in two cyber directions at once. President Donald Trump’s fiscal 2027 budget would cut broad civilian cybersecurity spending, while the Department of Justice is separately asking Congress for $110.3 million to speed up a “zero trust” rebuild inside its own networks. (whitehouse.gov) (fedscoop.com) The split starts with who pays for what. Central civilian cyber programs sit in agencies like the Cybersecurity and Infrastructure Security Agency, while zero trust projects are often bought by each department the way each homeowner pays for new locks on their own house. (csoonline.com) (cisa.gov) The biggest proposed cut lands at the Cybersecurity and Infrastructure Security Agency, or CISA, the Department of Homeland Security office that helps defend civilian federal networks and shares threat warnings with state governments and private infrastructure operators. Budget documents and reporting say the fiscal 2027 plan would remove about $707 million from CISA before internal adjustments. (govexec.com) (nextgov.com) Other civilian cyber-related lines are also under pressure. Reporting on the budget says cuts hit the National Institute of Standards and Technology and the Internal Revenue Service, even though the White House is still proposing $75.7 billion in total civilian information technology spending for fiscal 2027, up from $67.9 billion in fiscal 2026. (govexec.com) (fedscoop.com) That means the squeeze is not “less technology” in general. It is more like moving money away from shared guardrails and toward selected agency systems, with cybersecurity losing ground in some places even as overall information technology totals rise. (csoonline.com) (fedscoop.com) The Department of Justice request shows what the favored spending looks like. Its Justice Information Sharing Technology account would rise to about $149 million in fiscal 2027 from $38.5 million in fiscal 2026, with roughly $110.5 million of that increase tied to zero trust work. (justice.gov) (fedscoop.com) Zero trust is a simple idea with an expensive implementation. Instead of letting a logged-in employee roam widely inside a network, agencies check identity, device health, and access rights over and over, like a building that rechecks your badge at every floor and every locked room. (cisa.gov) (justice.gov) Justice has a concrete reason to push it. The department was hit in the 2020 SolarWinds espionage campaign, and FedScoop reports that its cyber funding later dropped by $108 million in fiscal 2024, leaving officials trying to modernize after a major breach with less money than they wanted. (fedscoop.com) So the federal message for 2027 is not “cyber is being cut” or “cyber is being funded.” It is that Washington may spend less on shared civilian cyber capacity while still writing large checks for department-by-department zero trust upgrades, which could leave agencies with stronger internal doors but fewer common neighborhood patrols. (csoonline.com) (fedscoop.com)