Cybersecurity and the Trump Administration
What happens in our government affects each of us, often in unexpected ways. Every American has the right to understand what's at stake for us, our families, and our communities. Why It Matters is a project dedicated to making that possible. By offering clear, straightforward Q&As on important topics, we want to help everyone understand why it matters.
Cybersecurity and the Trump Administration
A Guide for Citizens
Why it matters: The Trump Administration has been cutting down and politicizing the nation’s cybersecurity defenses, putting ordinary Americans in grave danger of malicious cyber attacks
What is cybersecurity, and why does it matter?
Cybersecurity is the protection of computer networks, devices, applications, and data from attack, damage, and unauthorized access. Our world has moved online, as government, business, and even our personal lives all depend on computer networks. By protecting our technology and our data, cybersecurity enables social stability, promotes democracy, and helps to secure our critical infrastructure from crime, espionage, terrorism, and war.
Americans face two major threats to our data: cybercriminals and hostile foreign states. Cybercriminals operate for profit. For example, they might steal our data to sell on the black market, use it to commit fraud, or hold it for ransom.
Hostile foreign states use cyberattacks to destabilize America’s economy, infrastructure, and democracy. In particular, Russia, China, North Korea, and Iran are among the nations American intelligence has identified as regularly conducting attacks. For example, in December 2020, we learned that major corporations and U.S. government agencies had been compromised in an espionage campaign linked to a Russian intelligence service, in which attackers inserted malicious code into popular business software and gained access to sensitive systems. We still don’t know the full impact of this breach.
The federal government plays a central role in defending Americans from cyberattacks. Our intelligence agencies and military coordinate nationwide defense and work with allied nations, private companies, and other organizations to share intelligence and prevent attacks on Americans and our institutions.
What actions has the Trump Administration taken so far on cybersecurity?
In its first months in office, the Trump Administration has rapidly and substantially weakened our national cybersecurity defense. Across the agencies tasked with cybersecurity, the administration has made severe cuts, including eliminating investigators that were already working on critical attacks by foreign powers and stopping all election security work. These cuts are ongoing. For example, the administration is proposing to cut 17% of the budget of the Cybersecurity and Infrastructure Security Agency (CISA).
The administration is also retaliating against former cybersecurity officials who have disagreed with President Trump in the past. For example, Chris Krebs was the director of CISA in 2020 and stated that the presidential election was secure, and that President Trump’s claims of fraud and tampering were unsubstantiated. President Trump fired Krebs in November 2020, and in April 2025 ordered an investigation into him, stripped him of his security clearance, and stripped the security clearance of everyone working at SentinelOne, a cybersecurity firm where Krebs worked.
Cybersecurity experts warn that the rapid and dramatic cuts to our cybersecurity capabilities and the politicization of government agencies are leaving America’s public and private networks increasingly vulnerable to attack. As the administration’s actions erode trust in its handling of cybersecurity and create a climate of fear, the cooperation with allies and private companies that is so essential to our security is at risk of falling apart.
Why is the Trump Administration weakening our cybersecurity?
The administration claims that these actions were taken in service of government efficiency, and to end censorship and the weaponization of the nation's cybersecurity agencies.
Other rationales are more plausible. For example, by issuing expert and factual information to the public, cybersecurity professionals like Krebs weaken the administration’s ability to promote its own misinformation. As the administration has tried to consolidate its control of sensitive government systems and data, its actions amount to an unprecedented data breach. Weakening the nation’s cyber defense eliminates a check on the administration’s ability to execute its agenda.
Why does this matter to us?
Weakened cybersecurity does not just put governments and businesses at risk. The administration’s actions put all of us in harm’s way by making it easier for criminals and hostile states to attack the digital infrastructure we rely on every day, for everything from our hospitals to banks to schools and more.
Specifically, the administration is putting Americans at risk in three ways:
Personally: Our bank accounts and credit cards can be stolen; our private health records and photos can be exposed and/or manipulated; our phones and computers can suddenly, maybe irretrievably fail
Communally: Our electronic infrastructure — i.e., our cars, airplanes, hospitals, water supplies, and power grids — can be suddenly shut down
Societally: America's allies now trust us less, which will result in degraded intelligence with which to defend American life, liberty, and property.
The first job of our government is to secure the nation and defend its people from harm. In the twenty-first century, cybersecurity is central to that mission. By weakening our national cybersecurity capability, politicizing our security, and destroying trust with critical partners, the administrations is inviting malicious actors to attack Americans, putting all of us at risk.
* * *
Further reading: