Nearly a year into the second Trump administration, concerns are mounting within the cybersecurity community. Budget cuts and the perceived weakening of federal agencies are raising red flags about the nation’s ability to prepare for and respond to increasingly sophisticated cyberattacks, particularly those leveraging artificial intelligence (AI).
A recent assessment, benchmarking progress against goals established by the bipartisan U.S. Cyberspace Solarium Commission, reveals a concerning slippage in the nation’s cyber defense capabilities. According to Ret. Admiral Mark Montgomery, executive director of Cybersolarium.org, the assessment highlighted shortcomings in achieving the Commission’s 82 objectives. These goals encompass a broad range of improvements, from streamlining regulations for critical infrastructure companies and bolstering cyber capabilities within the FBI and intelligence agencies, to enhancing cybersecurity education at the K-12 level.
Montgomery attributes this decline to budgetary constraints at the Cybersecurity and Infrastructure Agency (CISA), compounded by earlier administration initiatives that significantly reduced resources at key agencies like the State Department, the National Science Foundation, the National Institute of Standards and Technology, and the U.S. Department of Commerce. The impact of these cuts extends beyond mere staffing reductions; they also hamper critical research, development, and coordination efforts essential for maintaining a robust national cybersecurity posture.
Adding to these challenges, the lapse of legislation that facilitated the sharing of cybersecurity threat information among companies without fear of antitrust or liability repercussions further complicates the landscape. This expiration potentially discourages timely and collaborative responses to emerging cyber threats.
Despite public pronouncements by the Trump administration emphasizing cyber defense improvements, including a June executive order outlining a strategy for “sustaining select efforts to strengthen the nation’s cybersecurity,” the assessment from the Cyberspace Solarium Commission paints a less optimistic picture. This disconnect raises questions about the effectiveness of the administration’s approach and the allocation of resources dedicated to cybersecurity.
A CISA spokeswoman conveyed via email that the agency remains committed to its core mission under President Trump and Secretary Noem, citing ongoing operational collaboration, accelerated intelligence sharing, and a strengthened defense of cybersecurity and critical infrastructure.
“I agree that we have a more pessimistic view of government cybersecurity efforts over the past eight months, as opposed to the administration’s self-assessment,” said Montgomery.
The timing of these concerns is particularly sensitive, given the escalating frequency and sophistication of nation-state-linked cyberattacks. The recent hack targeting the Congressional Budget Office, attributed to a foreign nation-state actor, underscores the persistent threat faced by government entities and critical infrastructure providers. The potential for future attacks could have significant economic and strategic implications.
Furthermore, the confirmation process for Sean Plankey, the Trump administration’s nominee to lead CISA, remains stalled in Congress, creating a leadership vacuum at a critical agency responsible for coordinating the nation’s cybersecurity defense.
National security experts express concern that the federal government is becoming less proactive in cybersecurity efforts. This shift of responsibility to states and the private sector is problematic without the necessary resources to support them, argued Carole House, former National Security Council Special Advisor and CEO of Penumbra Strategies. The failure to reauthorize key information sharing legislation creates a gap in the nation’s cyber defenses.
Concerns are also growing over the rollback of regulations intended to make big tech companies responsible for developing safer software for businesses and consumers. Without effective enforcement mechanisms, the risk of vulnerabilities in software supply chains increases, making US businesses more vulnerable to cyber attacks.
Military agencies aren’t necessarily positioned to fill the void left by the federal government. “I’ve been very concerned about the top leadership at Cyber Command and the (National Security Agency) being vacant for eight months. That translates to inertia and lack of direction,” said U.S. Rep. Don Bacon, a Republican from the second district of Nebraska who is not running for re-election. “Further, this Administration has been significantly cutting the budget and personnel for CISA, which is out on the front lines to defend our private sector and infrastructure from cyberattack.”
‘Death by a thousand papercuts’
Montgomery highlights the 2023 discovery of Volt Typhoon, a Chinese cyber attacker infiltrating critical infrastructure companies across various sectors, as a stark example. This underscores the risks inherent in a diminished federal cybersecurity role. In the event of discovery, organizations like CISA can share recommendations. But the government’s budget cuts are hindering information sharing.
“The only way you’re going to detect this is with assistance from the government,” said Montgomery. “There are tell-tale signs that can be shared.”
Cybersecurity experts have termed the current climate of incremental losses “death by a thousand papercuts”. The current approach shifts the responsibility for cybersecurity onto private companies and organizations across the country.
Among a series of reductions, the Trump administration dissolved CIPAC, which was responsible for information sharing with infrastructure owners, ranging from water systems to finance companies to electric grid operators to hospitals. The effectiveness of industry information-sharing councils, including groups focused on defending the industrial base, has also been significantly affected.
Industry responses have been fragmented and inconsistent. While some initiatives, like the E-ISAC for the electric industry, remain active, others, such as the elections infrastructure council, have faced defunding.
“The biggest regression is not technology, it is coordination,” said Evan Reiser, CEO of Abnormal AI. A lack of coordination and communication between stakeholders is a major problem, he argued, because critical telemetry data remains stranded across agencies and vendors.
AI makes retreat on cyber defense more dangerous
The threat landscape is changing and growing rapidly because of artificial intelligence, according to Kaitlin Betancourt, a partner at Goodwin who specializes in cybersecurity, and AI strategy and governance.
Cybercriminals are increasingly integrating AI into their attack strategies, from victim profiling to automated service delivery and identity creation. Generative artificial intelligence can create effective extortion threats. The impact of these AI-powered attacks could extend to broader markets, if there is a continued downturn in cybersecurity.
Most cyberattacks are done through legacy systems such as email. Current measures require software companies to attest that they had secure software, but the new presidential order has removed language that allows the attestation that fail validation to the attorney general.
“Trump’s order retains an emphasis on software supply chain cybersecurity. It retains much of the Biden administration’s framework but scales back prescriptive directives and enforcement mechanisms, particularly those related to secure software development “attestations,” Betancourt and her colleagues said.
Cybercriminals often seek to steal data for extortion or to shut down systems. Many of these criminals work with nations such as North Korea whose mission is to harm US economy and fund their own nations.
In other cases, it is about simply undermining the U.S. economy without triggering a conventional war. United States can also be doing its own cyberattacks on other countries. What officials have said that both offense and defense are needed.
“I think we can recover from this,” said Montgomery. “But you can’t continue to cut.”
Original article, Author: Tobias. If you wish to reprint this article, please indicate the source:https://aicnbc.com/12492.html
