惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Scott Helme
Scott Helme
N
Netflix TechBlog - Medium
AI
AI
Security Latest
Security Latest
GbyAI
GbyAI
P
Proofpoint News Feed
Y
Y Combinator Blog
A
Arctic Wolf
G
Google Developers Blog
U
Unit 42
爱范儿
爱范儿
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
V
Vulnerabilities – Threatpost
Know Your Adversary
Know Your Adversary
Cisco Talos Blog
Cisco Talos Blog
T
Tor Project blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Threatpost
L
Lohrmann on Cybersecurity
C
CERT Recently Published Vulnerability Notes
C
Check Point Blog
B
Blog RSS Feed
The GitHub Blog
The GitHub Blog
Microsoft Azure Blog
Microsoft Azure Blog
博客园 - 【当耐特】
博客园 - Franky
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
C
Cisco Blogs
云风的 BLOG
云风的 BLOG
NISL@THU
NISL@THU
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Microsoft Security Blog
Microsoft Security Blog
T
The Blog of Author Tim Ferriss
阮一峰的网络日志
阮一峰的网络日志
Latest news
Latest news
L
LINUX DO - 最新话题
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
美团技术团队
WordPress大学
WordPress大学
L
LangChain Blog
Stack Overflow Blog
Stack Overflow Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
酷 壳 – CoolShell
酷 壳 – CoolShell
大猫的无限游戏
大猫的无限游戏
The Hacker News
The Hacker News
Simon Willison's Weblog
Simon Willison's Weblog
V
V2EX
Project Zero
Project Zero
博客园_首页

SECURITY.COM

Daxin Returns: Stealthy Malware Resurfaces in Taiwan Alongside a New Backdoor The Detection Gap: MITRE ATT&CK T1140 and T1105 Humble Brag: Symantec® Data Center Security Achieves Common Criteria Certification GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver to Disable Defenses Tips to Harden Your Air Gapped Environments The Visibility Challenge Nobody Asked For AV-TEST Gives Symantec® Endpoint Security Complete a Perfect Score The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security 🎙️SECURITY.COM The Podcast: The Parasite in the Machine: Unmasking the Speagle Infostealer Your DLP Incident Backlog Owes You Closure Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker 5 Reasons Symantec® CBX Delivers Total Endpoint Visibility 8 XDR Questions From the Show Floor Another Year, Another Win: SE Labs® Recognizes Symantec® Endpoint Security Hidden in Teams: DragonForce Attackers Weaponize Microsoft Teams Relays to Stay Hidden Locking Down the Server 🎙️SECURITY.COM The Podcast: The Death of SIEM Threats Rise on a Tide of Global Unrest When Nation-States Stop Caring About Size Espionage Campaign Targeted Stock Exchange Executive for Five Months Data Security Is Having A Moment 5 Ways XDR Helps SOCs Act Faster 🎙️SECURITY.COM The Podcast: The Evolution of Cybersecurity PR with W2 Communications The Maximalism Trap: When More Becomes Too Much Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need Symantec DLP Cloud and DSPM are the Power Couple Security Strategists Need The Future of the Partnership: AI, Automation, and Ecosystems Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations 🎙️SECURITY.COM The Podcast: Iran’s Cyber Warfare Playbook: What Defenders Need to Know Right Now 5 Ways To Keep AI in Check Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign Navigating Compliance and Insurance as a Competitive Edge Is SIEM Trying to Do Too Much? Every Defender Deserves Frontier AI The New Partner-Vendor Relationship DLP Made Easier on the Teams Running It The EU Digital Wallet: Why Waiting is Not an Option Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft Stopping Data Leaks at the Speed of AI Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor How AI Increases the Load on Security Teams Web Traffic Visibility is the New Non-Negotiable The Agentic AI Tsunami is Here: Is Your Legacy IAM Sinking or Swimming? Technical Enablement vs. Marketing Noise Enterprise-Grade Security for All in 2026 Architecting for Margin Beyond the Initial Sale 🎙️SECURITY.COM The Podcast: A Brief History of Data Loss Prevention Symantec CBX Through the Paparazzi Lens The U.S. Navy’s Playbook for Cost-Controlled, Reliable Cybersecurity The Modern Threat Landscape and The Partner’s New Burden Symantec CBX Rocked RSAC 2026 Conference For Financial Services, a Wake-Up Call for Reclaiming IAM Control The Next Identity Shift Cyber Legends: Behind the Scenes of CBX Built for This Moment (and All Those to Come)
Doing More with Less: How Government Agencies are Rethinking Cybersecurity
About the Author · 2026-05-07 · via SECURITY.COM

In December 2025, Carahsoft and Broadcom commissioned Forrester Consulting to survey 212 U.S. Government cybersecurity decision makers about the state of public sector security operations following the budget and headcount reductions of early 2025. 

What they found was a sector under sustained pressure, actively searching for smarter, more resilient ways forward. The findings provide a candid, realistic assessment of where agencies stand today and the steps needed for them to strengthen their cybersecurity posture in an era of constrained resources.

The budget crunch in government cybersecurity 

Budget instability remains widespread, with 38% of agency budgets still classified as mostly or completely fiscally unstable, according to the Forrester study. About one in five agencies reported no change since the initial cuts were enacted. The result is a cybersecurity landscape where teams are being asked to protect increasingly complex digital environments with fewer people, fewer tools and less financial runway than they had a year ago. 

Over half of the respondents reported that budget constraints have moderately or significantly impacted their ability to maintain core security operations. Perhaps most telling, just 38% of cybersecurity leaders expressed confidence in their agency’s security posture following headcount reductions.

The study found that the areas most exposed under current resource limitations are network security, data protection and incident response. Roughly a third of respondents also flagged concerns around endpoint security, visibility, analytics and compliance. For agencies already navigating a complex threat  and regulatory environment, these vulnerabilities represent more than operational friction—they signal genuine risk to mission-critical systems and the sensitive data agencies are entrusted to protect. 

As leadership teams map out  investments for the year ahead, two priorities rise to the top: strengthening critical infrastructure against bad actors and integrating AI and cybersecurity capabilities.  

When resources shrink but risks don’t

Understanding today’s risk landscape is the first step toward addressing it effectively. According to the findings, 86% of respondents anticipate an increase in potential compromises or breaches in the coming year due to the recent staffing and funding reductions. More than a quarter expect breach numbers to climb by 1–10%, while over 20% anticipate increases of 31% or more. 

For agencies responsible for protecting sensitive government data and public-facing services, this trajectory demands immediate strategic attention. The link between reduced resources and elevated risk is already showing up across teams, where fewer personnel are creating measurable gaps in detection, response, and remediation.

And the data just reinforces the trend. Roughly 6 out of 10 respondents report that security incidents overall have increased in frequency. Meanwhile 65% say their mean time to remediate (MTTR) has been negatively affected. Over half say their ability to secure technology and architecture delivery has also suffered. 

Taken together, these signals point to a compounding effect where each unaddressed gap creates the conditions for the next. Agencies that fail to prioritize their highest-risk exposure areas may  face growing difficulty to maintain the compliance posture and operational resilience their missions demand.

How AI and automation help lean teams stay ahead 

Amid these challenges, a clear opportunity emerges. Agencies are increasingly recognizing that AI and automation can help maintain security effectiveness when human capacity is stretched thin. In fact, 72% of respondents said they are open to adopting automation tools to enhance cybersecurity resilience. The top priority areas include incident response, network security, compliance and data protection—the same domains where resource gaps are most prevalent.

Forrester’s recommendations align with this shift. Using AI to automate tasks like network traffic analysis, policy validation, and alert triage allows teams to focus on higher-confidence threats. These can include data exfiltration and lateral movement, rather than being consumed by manual tasks. When applied effectively, AI can even help offset staffing shortfalls, reduce analyst burnout and preserve (or even improve) mean time to investigate (MTTI) or mean time to remediate (MTTR) metrics.

Agencies that invest in AI-driven security tools today aren’t simply responding to a short-term resource problem. They're building a more adaptive, scalable security model that can sustain performance even as uncertainty continues.

Strategic consolidation carves a path forward

The data all points toward a clear strategy: working smarter, not just harder, with the resources available.

When it comes to investment priorities, respondents are concentrating limited resources where they can to have the greatest impact: threat detection, incident response, network infrastructure modernization, and process automation. 

Forrester recommends that agencies rationalize their security stacks, eliminating overlapping capabilities and reducing tool sprawl

Unified platform solutions can simplify operations while improving visibility and response. 

Critically, agencies should plan for sustained lean operations rather than assume a return to pre-2025 staffing or budget levels. Redesigning operating models around automation, risk prioritization, and efficiency will be the defining factor for long-term resilience.

Where agencies go from here

The findings from this Forrester study make one thing clear: the agencies that emerge strongest from this period of constraint will be those that treat resource limitations as a catalyst for smarter, intentional security strategy. The end goal should be a leaner, more resilient security posture—one that holds up under pressure today and in the years ahead.

A commissioned study conducted by Forrester Consulting on behalf of Carahsoft and Broadcom, March 2026.