Introduction

Nationalsecurity and the security of critical infrastructure depend on strong cybersecurity. From electric grids and financial markets to elections and communications, U.S. networks must be resistant to rapidly changing threats. While funding cyber is a balancing act for policymakers, continued funding must be sustained and maintained to prevent the cracks in cyber defense from growing any wider. 

Debate has swirled in recent years about the impact of “Trump administration cybersecurity funding cuts” on America’s readiness. This article overviews the development of cyber initiatives up until 2017, analyzes budget requests and actions under President Trump, evaluates the response for federal agencies (directly affected institutions include DHS/CISA and NSA), and discusses expert speech. 

Finally, it compares these choices to the Biden Administration’s emphasis and funding increases, underscoring the importance of long-range cybersecurity as it pertains to the security of the United States. Between about 2013 and 2017, the United States was gradually building its base for national cyberdefense. The Obama Administration promulgated Executive Order 13636 (2013) mandating the creation of a voluntary Cybersecurity Framework by NIST. By 2014, NIST had published guidelines that advised operators of critical infrastructure on how to “improve their cybersecurity posture” by adopting best practices.

In 2017, DHS even designated election systems as critical infrastructure, giving states access to DHS cyber resources for threat monitoring and vulnerability assessments. Programs like US-CERT, industrial control systems security centers and interagency sharing (such as Information Sharing and Analysis Centers) were also shaped over the decades. These included increased budgets in agencies like DHS and the intelligence community, and increased cooperation with state, local and private partners.

Trump Administration Budget and Policy Proposals

When President Trump took office, he pledged to modernize cybersecurity, but his budgets shifted emphasis. In his FY2018 “skinny budget,” Trump proposed a $1.5 billion increase for DHS cybersecurity to “safeguard” federal networks and critical infrastructure (fedtechmagazine.com). However, that outline also signaled deep cuts to many other civilian programs as defense spending rose sharply. For FY2019, the Trump budget submission increased overall government cyber spending ~4%, with notable hikes for DHS and the Pentagon, but simultaneously slashed some civilian programs. For example, the National Institute of Standards and Technology (NIST) – the agency that maintains federal cyber standards – was cut by about 18% in the FY2019 plan (nextgov.com) even as overall cyber funding grew. A Nextgov analysis noted this meant reduced support for the NIST Cybersecurity Framework just as agencies were being mandated to follow it.

By FY2020, the White House proposed an overall cyber budget of roughly $17.4 billion – about 5% above FY2019 – but prioritized defense over civilian agencies. The Department of Defense’s cyber budget got a 10% boost to about $9.64 billion (fedscoop.com), while civilian agencies saw their cyber budgets trimmed or flat. The Trump plan was “mixed,” according to FedScoop: up 10% for DoD, but down about 1.5% for all other agencies (fedscoop.com). In DHS’s 2021 budget outline, Secretary Nielsen touted expanded cybersecurity posture, including $1.1 billion for CISA programs like the Continuous Diagnostics and Mitigation tools (dhs.gov). In reality, however, much of Trump’s funding strategy favored physical security and military systems, and the proposed cuts to civilian cyber were a point of contention.

Notably, Trump presided over the creation of the Cybersecurity and Infrastructure Security Agency (CISA) in November 2018. He signed the CISA Act into law on November 16, 2018, establishing CISA as the DHS agency “to lead the federal government’s civilian response” to cyber threats (trumpwhitehouse.archives.gov). The White House lauded CISA as putting “the best in the world” on the front lines of cyber defense (trumpwhitehouse.archives.gov). Thus, early on, the Administration publicly supported stronger cyber leadership. But subsequent budgets and memos moved to pare back or refocus CISA’s role, especially around election security and information-sharing. Over successive budget cycles, Trump’s proposed plans repeatedly targeted CISA for cuts. For instance, White House budget letters in 2025 (for FY2026) described eliminating CISA’s election misinformation offices as a way to “refocus” the agency (computerweekly.com). In sum, Trump’s budgets offered higher funding for defense cybersecurity while reducing or restructuring programs at civilian agencies like CISA, and even at times branding some efforts as “low-value” or linked to political bias.

Impact on Federal Cyber Agencies

The Trump-era budget and policy decisions had palpable effects on agencies charged with cybersecurity. At DHS, which houses CISA, rhetoric emphasized “strengthening our defenses,” but resource shifts told a mixed story. For example, DHS press statements in 2019 claimed nearly $1 billion for IT and vulnerability protection (dhs.gov). CISA itself was stood up in 2018 with bipartisan support, but soon faced funding squeezes. By 2020, Trump administration officials took a hard line on CISA’s election programs: one report noted that “CISA’s entire election security program” was paused and staff placed on leave, after tensions over election mis/disinformation (cybersecuritydive.com). In early 2021, news outlets revealed that CISA stopped providing about $10 million per year to the Center for Internet Security’s election support services (businessreport.com). (CISA also disbanded an FBI task force on foreign influence around this time.) At the same time, CISA’s workforce was being cut: between early retirements, buyouts and firings, roughly 1,000 of ~3,200 CISA staff departed by mid-2025 (cybersecuritydive.com).

Overall, CISA’s budget was effectively flat or shrinking. (Trump’s FY2021 budget proposal actually sought to reduce CISA from $2.2B to about $1.96B, a roughly 10% cut.) A Cybersecurity Dive analysis noted that a later Trump FY2026 proposal would have slashed $495 million from CISA’s ~$3B budget and cut about 30% of its positions (cybersecuritydive.com). These cuts were said to fall on divisions responsible for helping state/local governments, training, and election monitoring. Meanwhile, intelligence agencies like the NSA and U.S. Cyber Command continued to receive robust funding (NSA budgets are not public, but DoD cyber was explicitly up). In effect, the focus on threats shifted toward national defense and away from domestic cyber infrastructure support. Many cybersecurity professionals worried this would leave government networks and private sector partners less defended.

Consequences and Cybersecurity Incidents

Did these funding and policy shifts have measurable fallout? Some observers point to significant cyber incidents coinciding with this period. The SolarWinds hack – discovered December 2020 – was one of the largest known breaches of federal networks. Analysts described the campaign as “the worst intrusion in the country’s history” (impacting multiple agencies and companies) and criticized the Trump Administration for under-prioritizing cybersecurity (nextgov.comnextgov.com). In January 2021, President-elect Biden explicitly said the breach occurred “on Donald Trump’s watch when he wasn’t watching,” charging that “the Trump administration failed to prioritize cybersecurity” (nextgov.com). While SolarWinds involved advanced persistent threats at the intelligence level, it underscored how even well-resourced agencies remained vulnerable.

Closer to elections, during the November 2024 vote (as depicted by the case of widespread bomb threats), years of prior investment in election security paid off. Analysts credited “behind-the-scenes” work by CISA (threat alerts, training, inter-agency coordination) with preventing chaos and enabling a calm voting day (votebeat.org). But soon after, the Trump Administration’s abrupt overhaul of CISA’s election teams and the halting of federal support left many state officials alarmed. Officials warned that “they’re concerned about what it could mean for the future of the nation’s voting systems,” since funds and information flows that states had come to rely on were suddenly in doubt (businessreport.comvotebeat.org). A 2025 POLITICO investigation concluded that Trump’s cuts left some states “more vulnerable to interference” because they risked losing access to emerging threat information and key security services (politico.com).

Beyond elections, criminal ransomware and foreign cyberattacks continued apace. Critics argue that reducing budgets for civilian cyber hunting and information-sharing at DHS may have weakened early warning systems. While no single incident can be pinned solely on budget changes, experts stress that underinvesting in preventive cyber measures and coordination can make the nation “less secure.” In sum, during the Trump years, the U.S. faced a mixture of traditional and novel threats; observers note that the reduced emphasis on domestic cyber agency capacity could have blunted the response to these evolving dangers (brennancenter.orgnextgov.com).

Expert and Industry Reactions

Tech leaders, election officials, and security experts voiced strong concerns about the Trump-era cyber funding moves. A Brennan Center report warned that the administration had launched “a far-reaching effort to dismantle much of the federal support, funding, and infrastructure” built to protect elections (brennancenter.org). State-level election officials echoed this alarm: the National Association of Secretaries of State described the sudden funding changes as deeply unsettling. One bipartisan panel hearing found that officials were “worried that U.S. elections will not be as robustly monitored and secured” if CISA’s restructuring continued (votebeat.org).

In cybersecurity circles, many praised CISA’s earlier work and blasted the cuts. The departing deputy head of CISA’s Cybersecurity Division, Matt Hartman, noted during his exit that career staff remained “steadfast in our mission” despite morale issues, implicitly highlighting institutional strain (cybersecuritydive.com). News outlets reported on cybersecurity industry voices warning that proposals to cut CISA’s budget and workforce would “undermine US election integrity” and broader infrastructure defense. For example, an InfoSecurity Magazine headline flatly declared: “Trump CISA cuts threaten US election integrity”, citing experts who said the cuts could leave systems more exposed. And when Biden later revealed the SolarWinds hack, he remarked that it showed the previous administration “failed to prioritize cybersecurity” (nextgov.com).

Politicians also questioned the direction. In 2025, lawmakers grilled DHS leadership over proposed cuts to CISA and other homeland security programs, with staff warning that losing $491 million (≈20% of CISA’s budget) would cripple cyber defenses. Federal News Network reported senators asking how slashing funds and programs could be squared with rising cyber threats. Overall, industry and government insiders generally reacted that while trimming low-value work is reasonable, the abrupt cuts (especially in election security and workforce) risked creating dangerous gaps.

Biden Administration’s Cybersecurity Focus

Under President Biden, the emphasis shifted back toward expanding cyber defenses. On his first day in office, Biden signed an executive order on cybersecurity (EO 14028, May 2021) directing agencies to strengthen IT security across the board – from mandating multi-factor authentication and zero-trust architectures to creating a Cybersecurity Safety Review Board and improving software supply-chain security (gsa.gov). Congress also approved new funding: for instance, the FY2022 omnibus budget provided roughly $2.6 billion to CISA (about $570 million more than the previous year), after lawmakers explicitly increased its topline.

Biden’s FY2022 budget request sought $9.8 billion for civilian cybersecurity – up from about $8.7 billion in 2021 (fedscoop.com) – and an additional $500 million for the federal Technology Modernization Fund. In March 2022, his FY2023 request called for $11 billion in civilian cyber funding (an 11% hike over 2022), including about $2.5 billion for CISA (cybersecuritydive.com). These budgets aimed to rebuild staff capacity, modernize federal IT, and support state/local election security. For FY2025, the Biden plan targeted $13 billion for cyber programs and boosted CISA to $3.0 billion (federalnewsnetwork.com).

Beyond budgets, the Biden Administration relaunched partnerships. DHS reconstituted election security teams, and agencies resumed information-sharing initiatives paused previously. White House cybersecurity officials frequently cite the need for continuous investment. The contrast has been clear: where the Trump team trimmed certain civilian cyber roles, the Biden team has moved to enlarge them, reflecting the enduring belief among experts that cybersecurity is national security.

Key Takeaways

• Shift in Priorities: The Trump administration proposed major reallocations of cyber funding – boosting defense and military cyber spending while aiming to cut or restructure civilian cybersecurity programs (fedscoop.comnextgov.com). In practice, this meant tighter budgets for agencies like CISA, FEMA (cyber division), and NIST, even as DoD cyber budgets grew.
  
• CISA and Election Security: Although Trump signed the bill creating DHS’s Cybersecurity and Infrastructure Security Agency in 2018 (trumpwhitehouse.archives.gov), his later policy moves targeted its election-security functions. CISA’s election and misinformation programs were paused and funding (e.g. $10M/year to election partners) was ended (businessreport.comvotebeat.org), prompting warnings that future elections could be “less secure.”
  
• Expert Warnings: Cybersecurity experts and officials warned that cutting these programs risked leaving U.S. networks vulnerable. Reports noted the administration’s intent to “dismantle much of the federal support, funding, and infrastructure” for election security (brennancenter.org). Industry voices argued that slashing CISA and NIST resources could undermine the nation’s ability to detect threats quickly and defend critical systems.
  
• Visible Incidents: High-profile cyber incidents during this period amplified concern. The SolarWinds breach in late 2020, for example, was criticized as a failure of priorities: President-elect Biden said it happened “on Donald Trump’s watch” as proof of insufficient focus on cybersecurity (nextgov.com). On Election Day threats (bomb hoaxes, etc.), officials credited prior CISA efforts for the calm response (votebeat.org), underscoring what could be lost if those programs are cut.
  
• Reversals Under Biden: The Biden administration moved to reverse many of these cuts. Biden’s budgets and policies have increased civilian cyber funding – from $8.7B (2021) to $11B (2023) (fedscoop.comcybersecuritydive.com) – and expanded CISA’s budget and staff. New executive orders have mandated tougher cyber controls and restored support for election infrastructure. These changes reflect a consensus that sustained investment in cybersecurity is essential to national defense.
  

Conclusion

Strong cyber defenses demand consistent support and foresight. The Trump era’s budget maneuvers illustrate how quickly policy changes can shift resources – sometimes in ways that alarm cybersecurity professionals. While national security requires powerful military cyber capabilities, it also depends on robust protection of civilian infrastructure and information-sharing networks. As experts warned, dismantling those efforts – even unintentionally – risks leaving the nation more exposed. The lessons of this period are clear: sustained investment in cybersecurity (not temporary cuts) is critical to deter adversaries, secure critical systems, and ensure the resilience of American infrastructure. Future policymakers should heed these lessons and maintain a stable, bipartisan commitment to funding and modernizing our cyber defenses (gsa.govcybersecuritydive.com).