CISA Budget and Staffing Cuts Undermine National Cyber Readiness, Officials Warn
U.S. federal cybersecurity progress has regressed for the first time since the Cyberspace Solarium Commission began tracking reforms in 2020, the commission warned Wednesday, citing leadership churn, workforce cuts and waning political will.
See Also: Agentic Commerce: The Technology Shaping the Future of Payments
The bipartisan Cyberspace Solarium Commission was created by Congress in 2019 and tasked with developing a national strategy to defend the U.S. against major cyberattacks. In a fifth annual report, the commission detailed erosion of progress at federal agencies including at the Cybersecurity and Infrastructure Security Agency and the Office of the National Cyber Director, each targets of Trump administration budget cuts and shrinking cyber diplomacy efforts.
“CISA’s effectiveness has been weakened by steep workforce and budget cuts that undermine its ability to support operators on the ground,” the report reads. The commission recommended the White House to develop an action plan to “restore staffing and budget levels” with the goal of “establishing and reinforcing CISA’s role as national coordinator for the security and resilience of critical infrastructure.” (see: CISA in Disarray Amid Shutdown and Growing Political Threats)
The report shows only 35% of the commission’s original 82 recommendations have been fully implemented. “What began as a forward-looking vision has become an urgent set of unfinished tasks,” the report read.
Commission members urged the administration to strengthen the authorities of the Office of the National Cyber Director, restore cyber diplomacy funding and personnel at the Department of State and rebuild CISA to its pre-January staffing levels during an event hosted by the Foundation for Defense of Democracies marking the report’s release.
“I’m very frustrated with the reductions at CISA,” said Mark Montgomery, senior director of the FDD’s Center on Cyber and Technology Innovation. “We need to have people – and I think that reduction hurts … to me, that’s the one that stings the most.”
The commission’s 2025 report outlines five top priorities for the administration and Congress, starting with a call to grant ONCD formal convening authority and budget oversight powers. The report says ONCD currently lacks the positional authority needed to enforce cybersecurity decisions across federal departments, warning that fragmented regulatory oversight and competing agency mandates have slowed progress on urgent cyber reforms.
It calls on President Donald Trump to clarify national incident response responsibilities and to establish ONCD as the central driver of federal cyber policy and regulatory harmonization. The report also presses for renewed cyber diplomacy and international capacity-building after the State Department’s Bureau of Cyberspace and Digital Policy lost staff and resources during the upheavals that have characterized this administration’s tenure so far (see: US Cyber Diplomacy at Risk Amid State Department Shakeup).
“It would be one thing if we were winning,” said Sen. Angus King, I-Maine, who serves as co-chair of the Cyberspace Solarium Commission 2.0. “But the threat is getting worse.”
King said workforce reductions under the Trump administration have triggered a regression in national cyber readiness, leaving states without a federal support system to combat major cyberattacks. “Trust is now diminishing” among states that “don’t want to work with Washington” on cybersecurity due to a lack of stable resources and support, he said.