Trump Cybersecurity Cuts Risk Nation, NY Cyber Chief Warns

Concerns Rise Over Cybersecurity Budget Reductions

In the initial months of the new presidential term under Donald Trump, substantial reductions were implemented to cybersecurity budgets, staffing levels, and ongoing initiatives within the White House. This has prompted concern from various stakeholders, including cybersecurity professionals and members of the legislative branch.

New York's Perspective on Federal Cybersecurity

Colin Ahern, serving as the chief cyber officer for the state of New York, has voiced apprehension regarding these cuts. He and Governor Kathy Hochul share a worry that diminished federal cybersecurity resources could potentially compromise national security, as revealed in a recent TechCrunch interview.

Ahern emphasized the importance of a strong federal role, stating, “We work with the federal government day in and day out. We need and want the federal government to be effective.” He further expressed concern over what he termed the “Big Ugly Bill” and associated rescissions.

Scope of the Budgetary Changes

The Trump administration’s adjustments to cybersecurity funding have been extensive. Over one hundred employees were dismissed from the Cybersecurity and Infrastructure Security Agency (CISA), with some subsequently reinstated following a judicial review.

Significant cuts were made to cybersecurity spending across numerous federal agencies, totaling over $1.2 billion. This included a $135 million reduction to CISA’s budget. Simultaneously, $1 billion was allocated over four years for offensive cyber operations targeting overseas entities.

Additional Policy Shifts

Further changes included criticism directed at the White House’s nominee for national cyber director due to a perceived lack of relevant experience.

Additionally, the U.S. Department of Education temporarily suspended a cybersecurity support program designed for K-12 schools.

Ahern reiterated the need for a robust federal cybersecurity posture, saying, “Everybody wants a federal government that has significant capabilities to deter our adversaries that is resilient against cyberattacks and other attacks from our enemies.” He believes current actions in Washington are jeopardizing these capabilities.

State Responsibilities and Federal Funding

While the U.S. federal government bears primary responsibility for national cybersecurity, individual states also have a crucial role in protecting their own networks, public schools, and critical infrastructure like water utilities.

A portion of the funding for these state-level efforts originates from Washington.

New York Seeks Homeland Security Grants

Governor Hochul recently sent a letter to U.S. Secretary of Homeland Security Kristi Noem requesting funding through the Homeland Security Grant Program (HSGP). This program provides financial assistance to state and local agencies for enhancing security measures, both physical and digital.

Hochul highlighted the importance of HSGP funding for securing vital infrastructure, including transportation hubs, power grids, water systems, and communication networks, and urged for its immediate availability.

New York's Proactive Approach

Despite challenges with federal support, Ahern affirmed that New York is not remaining inactive.

“We’re continuing to invest our time, our resources, and our energy in building relationships across state lines, across party lines, [and] relationships with our county and our local governments so that we can continue to provide the safe, resilient and affordable New York that we think has really made New York the cultural, financial, and economic center that it remains,” he stated.

Strengthening Cybersecurity within New York State

Governor Hochul has been actively pursuing improvements to cybersecurity within New York State.

She recently signed legislation mandating cybersecurity awareness training for all individuals working with computers in state, city, county, or district government offices.

The new law also requires state government offices to report cyberattacks to the state’s homeland security office within 72 hours and ransomware payments within 24 hours.

Investment in Water Infrastructure Security

Hochul also announced proposed regulations to establish a new grant program for water and wastewater organizations, assisting them in funding necessary upgrades to meet upcoming regulatory requirements.

New York City Cybersecurity Office

Ahern revealed plans to open a new office in New York City, staffed with technologists, including cybersecurity professionals.

He expressed hope of recruiting individuals who were affected by job losses resulting from the Trump administration’s cuts, stating, “DOGE says you’re fired. New York says you’re hired.”

(Note: A correction was made to clarify that Hochul announced regulations, not legislation, regarding the water and wastewater grant program.)