America’s Cyber Strategy Has a Budget Problem

The United States faces a cyber threat environment that rivals any conventional security challenge. Adversaries such as China, Russia, Iran and North Korea are probing ports, pipelines, hospitals and supply chains, exploiting gaps in information sharing and coordinated response. Federal agencies—particularly CISA—serve as the connective tissue that aggregates threat intelligence, disseminates best practices, and aligns private‑sector defenses with national priorities. When that tissue is weakened, the entire cyber‑defense ecosystem becomes fragmented, raising the risk of cascading disruptions across critical infrastructure.

The FY2027 budget proposal intensifies that fragmentation. By slashing $707 million from CISA and eliminating the Stakeholder Engagement Division, the administration removes the very offices that facilitate state‑level coordination and public‑private partnerships. Simultaneous reductions—$3 million from the National Cyber Director’s office and $40 million from the Department of Energy’s cyber program—further erode the federal capacity to protect energy grids and other essential services. While Treasury receives a $15 million boost for cyber sanctions and the State Department sees a modest IT uplift, these increments cannot compensate for the systemic underinvestment in coordination and resilience.

Policy analysts warn that underfunding civilian cyber defenses is not a cost‑saving measure but a strategic liability. A coherent national cyber strategy requires sustained investment in institutions that enable rapid information sharing, joint incident response, and international collaboration. Without it, the burden shifts to state, local and private actors who often lack the resources to counter nation‑state attacks. Lawmakers and industry leaders must close the funding gap to preserve the United States’ cyber deterrence posture and protect the economic engine that depends on secure digital infrastructure.