They Gutted CISA on Purpose, and Everyone Knows It
Let’s not pretend this is about budget discipline.
The Trump administration’s proposed FY2027 budget cuts CISA by somewhere between $361 million and $707 million — they can’t even get their own numbers straight — which drops the agency from roughly $3 billion down to barely over $2 billion. That’s after already gutting a third of its workforce, shuttering entire divisions, and leaving it without a Senate-confirmed director for over a year. The agency responsible for defending civilian networks, energy grids, water systems, and local government infrastructure from nation-state attackers has been systematically dismantled.
This week, in a rare display of bipartisan coherence, Reps. Don Bacon (R-NE) and James Walkinshaw (D-VA) went on record at the National Cyber Innovation Forum and said what the security community has been saying for months: the cuts have gone too far, the timing is terrible, and the threat environment has never been worse.
Bacon, who chairs the House Armed Services Subcommittee on Cyber, put it plainly: China is already in our energy grid. Not theoretically. Not as a future concern. Right now. His framing was stark: “On Day 1 of the war, they want to turn off our energy.” Salt Typhoon is not a hypothetical. These intrusions are documented, ongoing, and specifically targeting the infrastructure that CISA exists to help defend.
Walkinshaw made the point that anyone who has worked in public sector IT already knows: most of the targets cannot defend themselves. He used Fairfax Water as his example — one of the best-funded water utilities in the country — and noted that even they struggled to keep pace with the volume and sophistication of attacks. If Fairfax Water is struggling, what do you think is happening at the rural co-op in central Louisiana or the small-town municipal government running decade-old software on a skeleton IT staff? Those entities have no realistic path to defending against a nation-state adversary without federal support. That’s the whole reason CISA exists.
So why is it being gutted?
Because CISA told the truth in 2020.
That’s it. That’s the whole reason. After the 2020 election, CISA — under Chris Krebs — called it the most secure election in American history, directly contradicting the narrative that the administration needed to be true. Krebs got fired for it. And CISA has been marked ever since as a hostile agency, an internal enemy, something to be punished and reduced until it can’t do anything that might ever contradict the right political narrative again.
This is not a governance decision. It’s a vendetta dressed up in budget language.
The bipartisan agreement in Congress is welcome, and I mean that genuinely — it’s not nothing to have a Republican subcommittee chair on record saying the administration got this wrong. But it almost certainly won’t matter. Congress can want CISA restored. Appropriators can write strongly-worded letters. Think tanks can publish white papers. None of that changes the fact that the executive branch views CISA as an adversary, and as long as that’s true, the agency will continue to be starved.
The optimistic read is that a major incident — something clearly attributable to the capability gaps created by these cuts — forces a course correction. The realistic read is that even then, the response will be to stand up some new parallel structure unburdened by CISA’s political baggage, staffed with loyalists, and accountable to no one who might ever push back on a narrative.
Meanwhile, China is patient. Russia is patient. Iran and North Korea are patient. They do not care about our domestic political dramas. They are mapping our infrastructure, sitting on our networks, and waiting.
We are actively making their job easier, and we are doing it on purpose.
That’s the part that should keep people up at night.