Nistha Kumari Singh is a Ph.D. Research Scholar and Dr. TMA Pai Fellow at the Department of Geopolitics and International Relations, Manipal Academy of Higher Education (Institution of Eminence), Manipal.
Following his inauguration on 20 January 2025, US President Donald Trump signed several executive orders, one of which terminated the advisory committee members, including the Cyber Safety Review Board (CSRB) and the Cybersecurity Advisory Committee (CSAC) within the Department of Homeland Security (DHS). The dissolution of the advisory body, which reports directly to the Critical Infrastructure Security Agency (CISA), has elicited significant concerns regarding the future role of CISA and DHS within the broader US National Security frameworks.
The dismantling of advisory bodies coincides with a period of escalating cyberattacks on critical infrastructure in the US, particularly those originating from China. The activities of the state-sponsored Salt Typhoon hacking group, which has ties to China’s Ministry of State Security, necessitate a critical review. The emergence of “alarming” and increasingly precise and sophisticated cyberattacks, as exemplified by Chinese state-sponsored cyberattacks into the US Treasury Department breach in December 2024, may face challenges in mitigation given the current circumstances. The termination of CSRB and CSAC has given rise to concerns regarding the politicisation of federal security agencies and excessive reliance on private sector entities for cybersecurity oversight. For instance, the Republican Party accused the CISA of overreach and bias in its investigation of foreign interference in the 2020 election. Such accusations potentially undermine public trust in CISA’s neutrality and effectiveness as a federal agency tasked with cybersecurity and critical infrastructure protection. The reduction in funding for CISA and total budget cuts of US$24.4 million from 2023 to a lower level in 2024 directly impacts the agency’s ability to fulfil its mission. While CISA requested US$3.1 billion to support 3756 positions in the financial year, the budget allocated is US$1.8 billion for federal cybersecurity. As Dave Mulligan, CISA’s threat specialist, warned:
“As our nation [the US] continues to face complex and urgent cyber threats, funding at levels below the amounts that the administration has requested would put the safety and security of the critical infrastructure Americans rely on every day at serious risk…any cuts to the agency, whether targeted or across-the-board, will do measurable damage to our ability to protect our critical infrastructure and maintain system security across the federal government.”
The dissolution of CISA-affiliated bodies, coupled with allegations of politicisation and budget reductions, has raised concerns about the independence and expertise of CISA. Resource constraints are further exacerbated by the increasing political divide over CISA’s role. The growing divergence in views of key stakeholders will have significant consequences. For instance, Trump’s DHS nominee Kristi Noem, aligned with President Trump’s agenda, advocated for CISA as a “smaller and more efficient agency” and supported greater reliance on state-led initiatives to counter cybersecurity threats, including protecting critical infrastructure. However, within the same party, Senator Rand Paul has expressed concerns about CISA’s potential overreach, particularly its role in curtailing free speech under the guise of countering election-related misinformation. His push to disband or restructure the agency further exacerbates the challenge of CISA’s authority and funding. This internal Republican debate highlights the contrasting priorities of balancing national security needs against concerns of federal overreach and potential misuse of CISA’s authority. The discussion over an appropriate roadmap for CISA centers on achieving the necessary efficiency to counter threats, particularly from China, while addressing internal criticism.
Initially, CISA’s mandate focused on coordination with federal agencies such as the FBI, NSA, DOJ, and State Department to investigate and mitigate cyberattacks targeting critical infrastructure sectors such as energy, health, and transport. Subsequently, its role expanded to include countering disinformation, particularly in response to foreign interference in the US elections by nations such as China and Russia. However, its effectiveness in this expanded role is under scrutiny, following allegations that the agency failed to adequately prevent foreign interference during the 2020 presidential election.
The emergence of technological advancements has raised concerns about increasing disinformation in electoral processes. To address election security and counter disinformation, CISA initiated close collaboration with the Privacy Office and Civil Rights Division, as well as the FBI, the State Department, the Department of Defense, and private-sector entities to mitigate foreign interference. However, the resurgence of AI-driven disinformation and the threat of Chinese and Russian interference in the 2024 presidential election forced CISA and the FBI to resume discussions to resume discussion on disinformation.
The disinformation campaign is closely associated with the disbandment of the CSRB, which was established in 2021 under Executive Order 14028 by the Biden Administration to review significant cyber incidents against critical infrastructure and provide recommendations for the public and private sectors. It comprises 20 members from federal agencies (e.g., DoS, DoJ, DHS, CISA, NSA, ONCD, and FBI) and private sector experts. CSRB notably contributed to the Log4j vulnerability, Lapsus$ criminal tactics, and Microsoft Security Breach. However, the CSRB faced criticism for its decision to investigate Lapsus$ over the ‘SolarWinds’ cyberattack, raising questions about its efficacy during crises and its ability to prioritise the most significant threats.
The political landscape surrounding Trump 2.0 and the broader debate of election security and disinformation encompassed claims that the 2020 election result was compromised by fraud and foreign interference. In response to these assertions, the Election Infrastructure Government Coordinating Council and the Sector Coordinating Council, along with cybersecurity officials, affirmed the security and integrity of the 2020 election. To address further disinformation campaigns, a federal judge exerted pressure on the Biden administration regarding its communications with social media platforms, resulting in increased scrutiny. The opposition, particularly from the Republican Party, has accused the Biden administration of being part of the ‘deep state,’ suggesting a government with strong federal alliances that suppress opposition viewpoints.
The regulation of disinformation campaigns and the politicization of CISA’s role reflects a broader tension between national security and freedom of expression. CISA’s future has become increasingly uncertain and contentious, particularly following disinformation campaigns and election infrastructure. The concern for emerging AI-based cyberattacks targeted Trump and US Vice President J D Vance’s phones, according to a New York Times report, heightened cyberattack concerns at the executive level. The release of Chinese ‘DeepSeek’ on Trump’s inauguration day and the reported cyberattack incident highlight that innovation requires robust cybersecurity coordination to protect critical infrastructure and technological advancements. The proliferation of inexpensive and open-access technology challenges US technology companies’ dominance. Despite chip supply restrictions, Chinese firms continue to innovate and disrupt the national economy and security through cyber intrusion into critical infrastructure. Chinese cyber operations such as APT 41 (hacking group) and campaigns such as the Salt Typhoon, Volt Typhoon, and Flax Typhoon not only threaten national security but also undermine economic and social stability by disrupting essential services.
Therefore, under Trump 2.0, there is uncertainty over the future of CISA and the US’ cyber governance. The shift is likely to emphasise private sector expertise and intelligence coordination for cyber defence and offence capability building. The US is likely to continue its ‘defend-forward’ strategy against China, which also reflects the broader recognition of cyber threats and major challenges of funding constraints due to political gridlock, potentially hampering impeding domestic mechanisms of proactive US cybersecurity in the future.
Disclaimer: The views expressed in the article are personal.
