America Can’t Afford to Hollow Out Its Cyber Defenses

Author

Jaya Baloo

Date Published

america-no-text

In recent months, the United States has been quietly dismantling parts of its own cyber defense. Nearly 1,000 seasoned experts have left or been laid off from the Cybersecurity and Infrastructure Security Agency (CISA), following significant budget reductions. Key intelligence units that once monitored Russian and other foreign cyber operations have been disbanded. At the same time, reports confirm that Russia’s APT28 is now using large language models (LLMs) to generate malicious Windows commands — the first publicly documented example of AI-enabled autonomous hacking.

Combined, these developments paint a troubling picture. AI is enabling threat actors to become more aggressive, efficient, and effective, yet America appears to be weakening the very cyber defenses necessary to counter them. Make no mistake: a one-third loss of our top cyber forces since the start of the current administration, combined with a proposed 17% CISA budget cut, equates to strategic self-sabotage.

The AI-Powered Digital Arms Race

Cyber policy experts warn that America is entering a digital arms race just as it’s hollowing out its defensive ranks. We’re facing the battle with fewer soldiers and less ammunition. Many are speaking out, including security experts such as Bruce Schneier, a Harvard fellow and renowned cryptographer; Heather Adkins, Google’s founding director of information security; and Gadi Evron, a cyber intelligence leader and early pioneer in botnet defense. They have all warned that AI is becoming an asymmetric weapon — empowering adversaries far faster than it equips defenders. The tools that once required months of expert development can now be generated by LLMs in minutes. Malware creation, vulnerability discovery, and exploitation are being automated at an unprecedented scale.

Meanwhile, defenders are being asked to do more with less. CISA’s work — from protecting critical infrastructure and federal networks to supporting state and local election systems — is foundational to national security. Reducing the agency’s budget or its workforce doesn’t just create gaps; it signals to adversaries that the United States is willing to accept greater risk in the digital domain.

This risk extends far beyond government networks. Our power grids, water treatment plants, financial systems, hospitals, and communications infrastructure are all connected to and dependent on the same digital backbone. Water may be the most fragile link of all, as hospitals can operate for only minutes without it. Unlike our European counterparts, water resources in the U.S. are not treated as a top-tier national security concern, and weakened cyber defense leaves them vulnerable. We must remember that the systems that sustain our world are online, remotely managed, and increasingly exposed.

The Global Impact of Weakened U.S. Defenses

Today, nation-state actors can weaponize code at superhuman speed, but the erosion of federal cyber capacity is not merely a domestic concern. The impact can be felt throughout the global fabric of the internet and its interconnected systems. They depend on American digital resilience. Water infrastructure, power grids, telecommunications, financial networks, and even the integrity of democratic elections hinge on having a properly resourced, expert-led cyber defense.

Allies rely on American intelligence and coordination. The disbanding of specialized units focused on Russian operations has already strained those relationships and emboldened our adversaries. In an era of growing geopolitical instability, the shadow cast by U.S. cyber policy reaches far beyond our borders. Cyber risks and threat actors will continue to evolve with the weaponization of AI, and we simply cannot afford to cede ground.

The Future of U.S. Cybersecurity

Although we are under tremendous pressure to reinforce our digital infrastructure, we cannot address this challenge by pointing fingers. This is not a partisan issue — it is a universal one.

Fortunately, we can still reverse course, but only if we act decisively. Every day we delay, we trade preparedness for fragility. Appealing to Washington alone won’t be enough. The private sector operates and secures most of the systems that keep America running. Corporate leaders, from utilities to finance to technology, have as much at stake as the intelligence community. They have a voice and it’s time to use it. Everyone who values security and stability must take part in reversing this decline.

Cybersecurity and corporate leaders must stand together and make it clear that weakening the nation’s digital defenses weakens the entire global economy. The prosperity we enjoy depends on peace and stability in cyberspace, and that stability depends on a united front that encompasses both public and private as well as domestic and international interests.

The United States once led the world in building the secure foundations of the internet. We can lead again, but only if we treat cybersecurity as an essential part of our national security.