The cybersecurity sector in the United States has found itself in a period of budget cuts and job cuts, while Europe, which has so far based its defense on the competences and resources of mainly American institutions, intends to focus more on local solutions – according to data from ESET and DAGMA IT Security collected in the report “Cyberportret polskiego biznesu 2025”.
It was reported that the United States Cybersecurity and Infrastructure Security Agency (CISA) is planning a significant reduction of over 1,000 positions in 2026 – from 3,732 employees, 2,649 were expected to remain in their positions. Most employees have already decided to leave their jobs.
Additionally, CISA could be affected by a planned budget cut, estimated at nearly $500 million, as part of President Donald Trump's budget proposal. Meanwhile, the White House has a significant say in negotiations or is engaged in diplomatic outreach to China, Russia, Iran, and North Korea.
Advertisement See also: Take part in our stock market multi-thlon! Disciplines: sprint for stocks, dive into ETFs, and push your wallet for the prize.
“Ongoing armed conflicts and tensions in various parts of the world are taking on a hybrid form – traditional military operations are being combined with cyberspace activities, for example in the form of the activity of APT cyberespionage groups. Their activity in the last six months (October 2024 – March 2025) coincides with military operations in specific regions of the world or tensions generated by specific governments,” said Kamil Sadkowski, an analyst at the ESET antivirus laboratory, quoted in the report.
“ESET data shows that the most active APT groups come from China – they are responsible for over 40% of cyberattacks, Russia (25.7%), North Korea (14.4%) and Iran (9.1%),” he added.
It was reported that recent budget cuts and staff reductions in key cybersecurity institutions in the United States will undoubtedly weaken the health and security of not only the administration, but also companies and entities using their knowledge and guidance.
This influences future technological innovations, which in turn will weaken the effectiveness of cybersecurity systems for individual users as well.
“Some of the effects of funding and employment reductions in the cybersecurity sector will be immediately visible – through a decline in the quality of ongoing preventive measures and threat analysis. On the other hand, remaining members of smaller, leaner teams will be exposed to greater fatigue and burnout, which may prompt them to leave the industry for less stressful jobs,” said Kamil Sadkowski.
“However, underinvestment will still make its mark in a few years. The slowdown in innovation and the implementation of new cybersecurity technologies is revealed with a delay, and is caused, for example, by the gradual outflow of the most valuable talent,” he added.
As experts point out, the decline in funding in the US may also manifest itself in less visible and dramatic ways—for example, delays in developing standards or difficulties in disseminating information about threats, which often result from public-private collaboration. In reality, however, the impact will be felt across all agencies, institutions, companies, and even ordinary consumers.
According to ESET data, as many as 39% of global cyberattacks in 2024 were recorded in Europe. To protect themselves, many organizations rely on cybersecurity providers from various regions of the world.
The increasingly frequent and larger trade disputes and intensifying cyber threats are risks also recognized by the European Commission. The announced spending package related to the implementation of the continent's defense plan, including cybersecurity, amounts to €800 billion by 2030.
“We are observing clear geopolitical tensions and growing polarization around the world. Investing in technologies or solutions that transmit data to countries that raise doubts from the perspective of political cooperation raises the question of whether we can actually use them safely? This is a question that should be asked by both entrepreneurs concerned with the digitization of their businesses and government officials,” said Marcin Mazur from DAGMA IT Security.
“The domestic market for cybersecurity solutions is still developing, but the European Union already has tools available that are as effective as global ones. However, importantly, due to their European origins, they are less vulnerable to political and commercial turmoil, which can pose risks to the continuity of many organizations and businesses,” he added.
Awareness and the need to build digital sovereignty are already evident in the vast majority of Polish companies. It has been reported that as many as 7 in 10 cybersecurity specialists at Polish companies have declared that in recent years they have become more vigilant about how a software vendor's country of origin might impact their company's cybersecurity.
Every second surveyed company believes that dependence on software providers from outside Poland and Europe poses a potential threat to their business, while 59% say they prefer cybersecurity solutions from Europe. (PAP Biznes)
alk/ ana/
