TechNet Cyber 2026: the FY27 cyber budget, the new national strategy, the talent gap.
Two weeks out from Baltimore, the storyline is already set: the first TechNet Cyber under Trump's new National Cyber Strategy and the $1.5T FY27 budget. The money and the doctrine arrive together. Whether they arrive resourced is the question the hallway will actually argue about.
Why this one matters
TechNet Cyber is the year's gathering point for the people who actually run and defend DoD networks: DISA, JFHQ-DODIN, USCYBERCOM staff, the federal CIO/CISO layer, and the industry that sells to them. Baltimore, June 2-4. This year it lands two weeks after the FY27 budget and the new national cyber strategy both dropped, so for once the conference isn't reacting to last year's news. It's the first room where the new money and the new doctrine meet the operators who have to make them real.
The year's headline: the strategy and the money arrive together (resourced is the open question)
Two signals define this edition. First, the Department of War released President Trump's FY27 budget, a $1.5T topline framed as a 'generational investment,' with the FY27 IT-modernization line explicitly mapping AI, drones, and missile defense alongside network upgrades. Second, the administration published 'President Trump's Cyber Strategy for America,' which leans hard on government-industry coordination across both offensive and defensive capability. That is the doctrine TechNet Cyber exists to operationalize. The counter-signal is just as loud: an analysis titled 'America's Cyber Strategy Has a Budget Problem' argues the topline doesn't actually convert into cyber capability at the rate the threat demands. So the headline isn't 'big budget, big strategy.' It's: this is the first venue where DISA and JFHQ-DODIN leaders have to say, on a stage, how the strategy gets resourced inside a budget that prioritized hardware. Read every keynote against that gap.
Sessions worth showing up for
The agenda isn't public yet (typical two weeks out), so watch roles, not names. (1) The DISA director's keynote: listen for whether 'government-industry coordination' comes with a procurement vehicle attached or stays at the principle level. If they name a contract mechanism, the strategy is real; if it stays doctrinal, it's a paper push. (2) The JFHQ-DODIN session: this is where the defend-the-network reality check on the FY27 priorities happens. Ask what got cut to fund the hardware line. (3) The 'Meet the Seniors and Program/Portfolio Managers' informal outreach blocks (already promoted in pre-event coverage): these two-way sessions are where the actual FY27 acquisition timelines leak, far more than the main stage. (4) Any workforce/talent panel: the DoW CIO office has been promising an enterprise-wide cyber talent management system and the Cyber Workforce Rotation Program is open for applications, so a talent session this year is a signal, not a filler slot.
Breakouts with signal density
The main stage will be strategy framing; the signal is in the small rooms. Three to prioritize: the FY27 cyber resourcing mechanics breakout (whatever it's titled, it's the one where program managers say what's actually funded vs. authorized); the zero-trust / continuous-encryption technical deep-dives (a vendor in this lane, Donoma Software's Seshat continuous-encryption platform, just took a 2026 AFCEA Entrepreneurial/R&D Innovation Award, which tells you continuous encryption is the architecture conversation this year); and any session touching the USSOCOM cyber pivot. That last one is a continuation thread from SOF Week: SOCOM signaled a cyber resourcing shift in the spring, and TechNet Cyber is the next venue where the practical money conversation happens. If a SOCOM J6-adjacent voice is on a panel, that's the room.
Companies to track at the booths
From confirmed pre-event exhibitor signal: Donoma Software says it sells continuous encryption (Seshat); what it's actually selling at this show is the award itself, as third-party validation that continuous encryption belongs in the FY27 architecture conversation. Horizon3.ai says cyber resilience and modern defensive strategy; what it's actually selling is autonomous pentest as a way to do more defense with the workforce you already have, which maps directly onto the talent-gap story. Telos and Parsons are running the integrator play: they say secure networks and quantum-resilient infrastructure, they're actually positioning for the FY27 IT-modernization line before the vehicles are set. Diné Development Corp (DDC) and CGI are the small-business / 8(a) channel presence: their booth conversations are where set-aside acquisition routes get discussed, which matters more than usual in a budget year. The read: every serious booth this year is implicitly answering the same question, 'how do you deliver the strategy without more people,' whether they say it or not.
Conversation patterns: three hallway debates, one nobody is saying
Debated in the hallway: (1) Whether the FY27 'generational investment' actually reaches cyber operations or gets absorbed by the hardware lines (the 'budget problem' critique will be quoted by name). (2) Whether the new national strategy's offensive-coordination language survives contact with the lawyers and the interagency, or stays a slide. (3) Whether the SOCOM cyber pivot is funded or aspirational, and what that signals for the rest of the combatant commands. The thing nobody is saying out loud: the binding constraint isn't budget or doctrine, it's people. The DoW CIO office is quietly standing up an enterprise-wide cyber talent management system and reopening the workforce rotation program because the $1.5T cannot buy cleared cyber operators on a FY27 timeline, and a strategy that assumes it can is already behind. The talent panel is the most important room at the show and it will be the least attended. That gap is the story.
After the badges come off
Baltimore is a three-day, federal-cyber-dense room: DISA, JFHQ-DODIN, program offices, the integrator bench, the 8(a) channel. You will leave with a stack of cards from people whose follow-up window is short and whose inboxes are behind a CAC-locked workstation the moment they're back. The conversation you had at the Donoma booth or in the program-manager outreach block is worth exactly as much as the follow-up that lands before Friday. Met exists for that window: capture the context while you still remember which conversation was which, send the follow-up that references the actual thing you discussed, before the week swallows it.
Download Met for iPhone
Read by operators heading to Baltimore for TechNet Cyber, pre-event analysis pulled from AFCEA's public signal, the FY27 budget release, the new national cyber strategy, and last year's themes. No signup, nothing stored on our servers.
