As the first year of the Trump administration approaches its end, government cybersecurity experts and even some United States government officials are warning that recent White House initiatives—including downsizing and restructuring of the US federal workforce—risk setting the government back on improving and expanding its digital defenses.
expired: US cybersecurity struggling tired: US cybersecurity improving wired: US cybersecurity backsliding Read more Expired/Tired/WIRED 2025 stories here.
For years, the federal government was playing catch-up on cybersecurity, scrambling to replace ancient software, apply security patches to newer systems, and deploy other baseline protections across a massive and disparate population of PCs and other gadgets. With so many agencies and offices that needed upgrading, it was slow going. But as repeated government data breaches drew urgent attention to the issue, and as the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency—founded in 2018—established itself during the early 2020s, minimum standards seemed to be rising. Now, with major staffing cuts at CISA and in other key departments across the government, that incremental progress could quickly erode.
“We’ve spent a lot of time trying to encourage the government to do more, and CISA was doing, you know, a better job,” retiring comptroller general Gene Dodaro told the US Senate Committee on Homeland Security and Governmental Affairs on December 16. He added that the Government Accountability Office has “a lot of open recommendations still for them to do. But I’m concerned that we’re taking our foot off the gas at CISA, and I think we’ll live to regret it.”
CISA lost about 1,000 people, more than a third of its staff, as a result of cuts that seemed to be motivated by the Trump administration’s anger about the agency’s election security work. Cybersecurity Dive reported in mid-November that the agency is planning to rebuild in 2026.
“The recent reduction in personnel has limited CISA’s ability to fully support national security imperatives and administration priorities,” acting CISA director Madhu Gottumukkala wrote in a memo to staff at the beginning of November. He added that that agency has “reached a pivotal moment” but is “hampered by an approximately 40 percent vacancy rate across key mission areas.”
When asked for comment about staffing cuts at CISA and the administration’s plans for maintaining and improving federal cybersecurity and critical infrastructure defenses, the White House referred WIRED to the Department of Homeland Security.
CISA director of public affairs Marci McCarthy told WIRED in a statement that the agency is focused on executing its statutory mission. “Claims that staffing adjustments are weakening cybersecurity miss the truth,” she said in the statement. “We are accelerating innovation, deepening operational collaboration, and directing resources where they yield the greatest return.”