As a leading expert in national security and government policy, Chloe Maraina brings a data-driven perspective to the complex world of federal infrastructure protection. With an extensive background in business intelligence and data science, she has spent years analyzing how large-scale management shifts impact the resilience of critical systems. Her insights are particularly timely as the Cybersecurity and Infrastructure Security Agency (CISA) faces a transformative period defined by significant budgetary constraints and a refocusing of its primary mission.
This discussion explores the far-reaching implications of the proposed $707 million reduction in CISA’s funding, moving the agency away from broad stakeholder engagement toward a narrow focus on federal network defense. The conversation summarizes key concerns regarding the elimination of centralized engagement divisions, the transfer of security burdens to local governments, and the strategic risks of downsizing a specialized workforce while global cyber tensions with nations like China and Iran continue to escalate.
A proposed 30% budget reduction would remove $707 million from the Cybersecurity and Infrastructure Security Agency’s funding. How would a cut of this magnitude alter daily operations, and what specific protective measures or federal network defenses would likely be the first to be deprioritized?
A reduction of this scale, which strips away nearly a third of a $2.4 billion budget, fundamentally redefines the agency’s ability to act as a shield for the nation. Daily operations would shift from a proactive, collaborative stance to a reactive, “fortress-style” defense focused exclusively on federal networks. We would likely see the immediate deprioritization of programs that provide technical assistance to private sector partners, such as small-scale water utilities or local power cooperatives. The sensory details of this shift are stark: fewer monitors on duty, reduced real-time threat hunting, and a significant pullback from the collaborative defense models that have been built over the last decade to protect the non-governmental systems Americans rely on every day.
There are concerns that past efforts to monitor online misinformation have detracted from the core mission of securing critical infrastructure. What steps can be taken to isolate cybersecurity functions from political controversies, and how can the agency rebuild trust with private sector partners who fear government overreach?
To isolate technical functions from political headwinds, the administration is moving to strictly define what constitutes “core” mission work, specifically targeting the $2 million previously allocated for addressing misinformation. Rebuilding trust requires a transparent commitment to hard-coded security metrics rather than the management of public discourse, which critics labeled as a “Censorship Industrial Complex.” Private sector partners need to feel that their data is being used for threat mitigation rather than political monitoring, but this is a difficult sell when the agency has already lost one-third of its workforce, including key personnel who served as the primary bridges to the industry. The agency must demonstrate a renewed focus on physical and digital hardening of assets, like pipelines and ports, to prove that its value lies in engineering and defense rather than influencing speech.
The Stakeholder Engagement Division, which manages relationships with foreign governments and universities, faces potential elimination to streamline operations. What are the practical risks of losing these centralized hubs, and how would industry leaders maintain a direct line of communication with the government for threat intelligence?
Eliminating the Stakeholder Engagement Division (SED) effectively severs the neural pathways that CISA uses to communicate with the outside world. By cutting nearly all employees in this division and leaving only a single subdivision to handle eight of the 16 critical infrastructure sectors, the government is creating a massive information vacuum. For industry leaders, the “direct line” for threat intelligence becomes a tangled web of fragmented agencies, making it significantly harder to receive timely warnings about foreign state-sponsored attacks. This loss of a centralized hub means that universities and foreign allies, who often provide the first signals of a global cyber campaign, will no longer have a dedicated entry point into the U.S. defensive apparatus, leaving our domestic systems more isolated and vulnerable.
Current plans involve shifting responsibilities like school safety and infrastructure protection back to state and local governments. Do these smaller entities currently possess the technical resources to manage these threats independently, and what specific support systems would they need to avoid a fragmented national security posture?
The reality on the ground is that most state and local governments are ill-equipped to handle the sophisticated cyber threats that were previously managed at the federal level. We have already seen the impact of this shift; when the federal government stopped subsidizing the information sharing and analysis center for states, many local communities were forced to drop out because they simply could not afford the fees. Forcing smaller entities to manage their own school safety and infrastructure protection without federal experts is like asking a volunteer fire department to manage a forest fire with a garden hose. To avoid a fragmented and weak national posture, these entities would need massive grants and a standardized technical framework, yet the current budget trajectory suggests they will instead be left to navigate these complexities with dwindling resources.
With heightened cyber tensions involving nations like China and Iran, how does a significant reduction in agency staffing impact long-term national resilience? What metrics should be used to evaluate if a smaller workforce can still effectively monitor global threats against the domestic power grid and water systems?
Downsizing the agency while adversaries like China and Iran are becoming more aggressive is a high-stakes gamble with our national resilience. A smaller workforce means there are fewer eyes watching the telemetry from our power grids and water systems, which are the primary targets of state-sponsored actors seeking to cause societal chaos. We should measure effectiveness by tracking the dwell time of adversaries within our systems—how long they remain undetected—and the frequency of successful intrusions into those 16 critical sectors. If we see a spike in successful attacks or a slowdown in response times, it will be clear evidence that the “leaner” agency is failing to maintain the defensive perimeter necessary to protect American citizens from physical harm caused by digital means.
What is your forecast for CISA?
My forecast for CISA is a period of contraction and defensive retreat that will likely create a more dangerous environment for the average American community. While the agency may become more efficient at protecting the “dot-gov” domain, the withdrawal from broader stakeholder engagement will leave local utilities, schools, and private enterprises to face global adversaries alone. We are moving toward a tiered security landscape where the federal government is a hardened target, but the interconnected systems that support our daily lives—like water, electricity, and local transportation—become the path of least resistance for our enemies. Ultimately, the true cost of this $707 million cut will not be measured in dollars saved, but in the speed and severity of the next major infrastructure failure we are unable to prevent.
