Former CISA Director Jen Easterly recently told Reuters that the Trump administration’s dismissal of top NSA officials and its investigation into her predecessor, Chris Krebs, are part of a broader pattern “that risks hollowing out — and worse, politicizing — the U.S. federal cyber ecosystem when we can least afford it.”

For Easterly, the drawdown of cybersecurity resources is dangerous. But the politicization of cybersecurity, she suggests, may be even more destabilizing. Why?

A Brief History of Bipartisan Cyber Consensus

Since the George W. Bush administration, each White House has issued rare but meaningful cybersecurity orders, helping to shape the nation’s evolving digital defense strategy. These efforts have typically been met with broad bipartisan support.

Congress has also approached cybersecurity with rare unity. In 2008, Senators Joe Lieberman (I-CT) and Susan Collins (R-ME) pushed for greater congressional oversight of the Department of Homeland Security’s newly created National Cyber Security Center — one of the earliest examples of bipartisan engagement in federal cyber policy.

That collaboration deepened during the Obama era, with the bipartisan passage of the 2014 Cybersecurity Enhancement Act and the 2015 Cybersecurity Information Sharing Act (CISA). The spirit of cooperation also continued into Trump’s first term, when Congress passed the bill creating the Cybersecurity and Infrastructure Security Agency (also called CISA), appointing Chris Krebs as its first director.

Trump later fired Krebs in the closing days of his first presidency, after Krebs publicly refuted the adminstration’s claims that a supercomputer had altered election results. Upon returning to office in 2025, Trump renewed his attacks — this time leading to Krebs’s resignation from his private-sector role at SentinelOne.

In a time of increasing digital threats, the bipartisan legacy of cybersecurity policy has served as a rare point of national consensus. If it becomes a political wedge issue, the consequences could reach far beyond party lines.

What’s at Stake If We Let Cybersecurity Become Partisan

1. Weakened Federal Coordination

Cybersecurity works best when agencies, industries and all levels of government coordinate and share information freely. But that cohesion is already under strain. Cyber professionals at home and abroad have voiced concern over the future of intelligence sharing between the U.S. and its allies, as Washington’s foreign policy grows more insular and adversarial. If cybersecurity continues to become a partisan battleground, intelligence sharing even within our own agencies could slow down or stop altogether.

The administration’s decision to shift cybersecurity responsibility to state and local governments only deepens that fragmentation. These decentralized entities operate with uneven capabilities and resources, and without sustained support, the result will be a patchwork of vulnerabilities. Nation-state adversaries know how to exploit misalignment. And when coordination breaks down, they gain the upper hand.

2. Erosion of Cyber Workforce and Expertise

Political firings, partisan investigations and targeted budget cuts send a chilling message to cybersecurity professionals: these roles are no longer apolitical — or stable. That perception may continue to drive experienced talent out of government service, while deterring the next generation from entering it in the first place.

Over time, this erosion of the federal cyber workforce means the loss of institutional memory, hard-earned partnerships and technical leadership, all at a time when adversaries are scaling up. In a January 2024 congressional hearing on “The CCP Cyber Threat to the American Homeland and National Security,” FBI Director Christopher Wray issued a stark warning:

“If each one of the FBI’s cyber agents and intelligence analysts focused exclusively on the China threat, China’s hackers would still outnumber FBI cyber personnel by at least 50 to 1.”

The U.S. already faces a massive cyber talent deficit. Creating an adversarial relationship with its own cybersecurity community puts the entire national defense apparatus at risk.

3. Slower, More Fragmented Incident Response

CISA is the federal government’s lead agency for responding to cyber incidents. Cutting its funding while shifting responsibility to the states weakens the U.S. response posture in a time of escalating threats. (No other federal entity is specifically tasked with coordinating civilian incident response across sectors.)

In 2025, disaster preparedness must include a robust cyber incident response strategy that can restore disrupted systems before cascading effects cripple public services, supply chains or healthcare infrastructure. That kind of response requires pre-established playbooks, seamless coordination between federal and state agencies and real-time intelligence sharing across both government and industry.

Politicizing the system introduces legal ambiguity, delays decision-making and muddies the chain of command — all of which can extend attacker dwell time and increase the potential for damage.

4. Loss of Global and Industry Trust

U.S. cyber leadership relies on trust and consistency among allies and private-sector partners. Members of the Five Eyes alliance, multinational tech companies and infrastructure providers all look to the U.S. as a stable, strategic partner in the global cyber ecosystem. Political infighting and abrupt policy reversals weaken that trust and make cooperation riskier for both political and commercial allies.

Historically, the U.S. has worked closely with international partners to accomplish goals like establishing shared norms for state behavior in cyberspace, coordinating cyber defense and incident response, and jointly investigating and prosecuting cybercrime. But when cybersecurity becomes a partisan tool at home, it undercuts our ability to lead abroad. Allies watch how we treat our own cyber officials, how we fund our defenses and how predictably we govern. Global leadership starts with credibility and stability.

5. Increased Vulnerability at the Local Level

Many state and local agencies rely on federal cybersecurity grants, frameworks and technical expertise to secure their systems. If those supports become politicized, local governments may underinvest, delay or distrust federal guidance. This is especially dangerous for rural and under-resourced communities, where federal assistance can be the only buffer against threats to water systems, emergency services or energy infrastructure.

We’re already seeing signs of this shift. On April 29, 2025, the Washington Post reported that the Trump administration proposed conditioning election security funding on the removal of diversity, equity and inclusion (DEI) programs — signaling that cybersecurity support could be tied to unrelated political priorities. Weaponizing cybersecurity defense for political gain not only puts those communities at risk, it potentially gives nation-state adversaries a foothold from which to launch wider-spread attacks.

Why Unity Still Matters in U.S. Cyber Defense

Cybersecurity is a national security issue, not a partisan one. For decades, U.S. cyber strategy has benefited from rare bipartisan consensus, steady federal leadership and strong public-private coordination. That foundation is now at risk. Politicizing cybersecurity alienates experts, delays policy decisions and weakens our collective defenses at every level.

As cyber threats grow more complex and state-sponsored adversaries ramp up their operations, the United States cannot afford to turn inward. We need a stable cyber workforce, unified incident response, trusted partnerships and smart, consistent investments. Most of all, we need to treat cybersecurity as the public good it is, not as a political bargaining chip.