The federal agency charged with defending American infrastructure from cyberattacks is about to lose roughly a quarter of its budget. That’s not a trim. That’s an amputation.
The Cybersecurity and Infrastructure Security Agency — CISA, the Department of Homeland Security’s primary cybersecurity arm — faces approximately $700 million in cuts under the Trump administration’s latest budget proposals, according to TechCrunch. The reductions would affect personnel, threat-hunting programs, and partnerships with state and local governments that have become the backbone of America’s cyber defense posture since the agency’s founding in 2018.
The timing is terrible.
Chinese state-backed hacking groups have been burrowing into U.S. critical infrastructure — power grids, water systems, telecommunications networks — with an aggressiveness that intelligence officials have described as unprecedented. Russia continues its relentless campaigns against government agencies and private-sector targets. Ransomware gangs, many operating with tacit Kremlin approval, have hit hospitals, school districts, and municipal governments with increasing frequency. And into this environment, the White House wants to shrink the one agency specifically designed to coordinate the federal response.
CISA’s current budget sits at roughly $3 billion. A $700 million reduction would bring it to its lowest funding level, adjusted for inflation, since before the SolarWinds attack in 2020 — the breach that demonstrated just how vulnerable federal networks were and catalyzed bipartisan support for expanding the agency’s authorities and resources. The proposed cuts would reportedly eliminate hundreds of positions, including analysts who monitor for intrusions across federal civilian networks and specialists who provide free cybersecurity assessments to election offices, water utilities, and other entities that lack the resources to defend themselves.
Former CISA Director Jen Easterly, who led the agency during the Biden administration, has been vocal about the risks. Speaking at multiple cybersecurity conferences in recent months, she warned that dismantling CISA’s capabilities would create gaps that adversaries would exploit within months, not years. Her predecessor, Chris Krebs — fired by Trump in 2020 after contradicting claims of election fraud — has likewise pushed back, arguing that the agency’s work transcends partisan politics because the threats it addresses are fundamentally apolitical. A Chinese hacker probing a water treatment plant in rural Texas doesn’t care who’s in the White House.
But the administration sees things differently. Senior officials have framed the cuts as part of a broader effort to reduce government waste and eliminate what they describe as mission creep within CISA. The agency’s work on election security and combating disinformation has drawn particular ire from Republican lawmakers and conservative media figures who view those programs as government overreach — or worse, as tools for censoring political speech. Elon Musk’s Department of Government Efficiency, known as DOGE, reportedly flagged CISA as a priority target for budget reductions, according to TechCrunch.
That political context matters. CISA didn’t just grow because bureaucrats wanted bigger budgets. It grew because Congress — including many Republicans — voted repeatedly to expand its mission after a string of devastating cyberattacks exposed how poorly prepared the country was. The Colonial Pipeline ransomware attack in 2021, which caused fuel shortages across the Eastern Seaboard, was a wake-up call. So was the Microsoft Exchange hack attributed to Chinese intelligence. So was the discovery that Russian operatives had been sitting inside federal agency networks for months during the SolarWinds campaign.
Each of those incidents led to new funding, new authorities, and new programs. CISA built out its Joint Cyber Defense Collaborative, a public-private partnership that allows the agency to share threat intelligence with major technology companies and critical infrastructure operators in near-real time. It expanded its vulnerability disclosure programs. It hired hundreds of specialists to help organizations across the country improve their defenses. Much of that work would now be scaled back or eliminated entirely.
The private sector is watching with alarm. Major technology and cybersecurity firms have benefited from close collaboration with CISA, and many depend on the agency’s threat alerts and vulnerability advisories to protect their own customers. The Information Technology Industry Council, a trade group representing companies like Microsoft, Google, and Amazon, has urged Congress to preserve CISA’s funding, arguing that the agency provides capabilities that no private company can replicate on its own.
There’s a reason for that. CISA occupies a unique position: it has the legal authority to scan federal civilian networks for vulnerabilities, the intelligence community relationships to understand what foreign adversaries are doing, and the operational capacity to coordinate responses across thousands of disparate organizations. No single company — not even the biggest cloud providers — can match that combination. When CISA issues an emergency directive telling federal agencies to patch a critical vulnerability, those agencies move. When a private company issues the same warning, compliance is optional.
State and local governments stand to lose the most. Many of them rely on CISA for free penetration testing, incident response support, and cybersecurity training. Election offices in particular have become dependent on the agency’s services. Before CISA began its election security work in 2018, most county election offices had no relationship with the federal government on cybersecurity issues at all. Many had no dedicated IT staff. CISA changed that, deploying Albert sensors — network monitoring tools — across hundreds of election networks and providing tabletop exercises to help officials prepare for cyber incidents during voting.
Cutting those programs doesn’t just save money. It removes a safety net.
Some conservative critics argue the private sector should fill the gap. Let companies and state governments buy their own cybersecurity services on the open market, the thinking goes. But this ignores a fundamental market failure: the entities most vulnerable to cyberattack — small water utilities, rural hospitals, underfunded school districts — are precisely the ones that can’t afford commercial cybersecurity tools. CISA’s free services exist because those organizations would otherwise have nothing.
And the threat environment isn’t static. FBI Director Christopher Wray — before his departure — testified that Chinese hacking group Volt Typhoon had pre-positioned itself inside U.S. critical infrastructure with the apparent intent of disrupting services during a potential conflict over Taiwan. His successor has not publicly walked back that assessment. Intelligence officials have described the Chinese cyber threat as the most significant strategic challenge facing the United States, one that demands more resources, not fewer.
Congressional reaction has been mixed. Some Republican hawks, particularly those on the intelligence and armed services committees, have expressed reservations about cutting CISA’s budget so deeply. Senator Angus King, an independent from Maine who co-chairs the Cyberspace Solarium Commission, called the proposed reductions “strategically incoherent” during a recent hearing. But other Republicans have been supportive, echoing the administration’s argument that CISA strayed too far from its core mission by wading into election security and counter-disinformation work.
The legislative battle is far from over. Congress ultimately controls the purse strings, and appropriators in both chambers will have the final say. But the administration’s budget request sets the terms of debate. Even if Congress restores some funding, the signal has been sent: CISA is not a priority. That signal carries consequences beyond the budget numbers themselves. Talented cybersecurity professionals — already difficult to recruit into government given the pay differential with the private sector — will think twice about joining an agency that might not exist in its current form in two years. Morale among existing staff, already battered by DOGE-related reviews and political attacks, is reportedly cratering.
The broader pattern is what concerns cybersecurity professionals most. CISA isn’t the only federal cyber program facing cuts. The State Department’s cyber diplomacy bureau, created to coordinate international cybersecurity policy, has also been targeted. So has NIST’s cybersecurity division, which develops the frameworks and standards that underpin much of the private sector’s approach to risk management. Taken together, the cuts represent a wholesale retreat from the federal government’s role in defending cyberspace — a role that has been expanding steadily, under both parties, for more than a decade.
Whether that retreat is deliberate policy or collateral damage from a broader cost-cutting campaign is a question that doesn’t much matter to the operators monitoring networks at three in the morning. What matters to them is whether they’ll have the tools, the intelligence, and the personnel to detect and respond to the next intrusion. With $700 million less, the honest answer is: probably not all of them.
The adversaries aren’t cutting their budgets. China’s Ministry of State Security has been expanding its cyber operations. Russia’s GRU and SVR continue to target Western governments and companies. North Korean hackers stole more than $1.5 billion in cryptocurrency in a single heist earlier this year. Iran has been probing U.S. water and energy infrastructure. These are not hypothetical threats. They’re daily realities that CISA analysts track in real time — or at least they do today.
What happens when those analysts are gone?
Nobody in Washington seems eager to answer that question. But the adversaries watching from Beijing, Moscow, Pyongyang, and Tehran probably already have their own answer. And it’s not one that favors American security.


WebProNews is an iEntry Publication