The Cybersecurity and Infrastructure Security Agency (CISA) faces significant challenges as it navigates the increasingly complex landscape of AI cyber threats amid shrinking resources and a diminished operational role. Established in 2018, CISA is tasked with protecting federal systems and critical infrastructure but has seen its workforce decline by about a third due to budget cuts and staff reductions. As advanced AI models like Anthropic’s Mythos emerge, there are growing concerns over CISA’s capacity to respond effectively, especially as a recent draft executive order proposes a more limited coordinating role for the agency in vulnerability management alongside other agencies. This shift underscores the urgency for CISA to enhance its position and capabilities in order to safeguard national security against evolving cyber threats.

Chris Krebs: Chris Krebs is the former director of the Cybersecurity and Infrastructure Security Agency. His public statements on election security during the previous administration led to ongoing friction with President Trump. This history has shaped the current administration’s approach to the agency.
Donald Trump: Donald Trump is the President of the United States serving his second term. He has directed significant staff reductions and budget adjustments across federal agencies, including those focused on cybersecurity. These actions have contributed to a reduced operational role for CISA in addressing emerging AI cyber risks.
Jen Easterly: Jen Easterly is the former director of CISA. She has advocated for empowering the agency to collaborate with frontier AI labs, cloud providers, software vendors, and international partners on vulnerability mitigation. Her calls underscore the urgency of addressing AI-driven risks to infrastructure.
Nick Andersen: Nick Andersen serves as the acting director of the Cybersecurity and Infrastructure Security Agency. He has participated in early interagency discussions on AI model implications but operates with constrained resources and limited influence on policy development. His leadership occurs amid broader agency uncertainty and personnel changes.
Michael Daniel: Michael Daniel is a former White House cyber coordinator who served under President Obama. He has noted that CISA typically provides essential ground-level insight into the evolving threat landscape and industry responses. Recent agency constraints have limited its ability to contribute effectively to policy discussions.
Suzanne Spaulding: Suzanne Spaulding is a former DHS undersecretary who led the office that evolved into CISA. She has emphasized the need for the agency to actively participate in developing cyber plans rather than awaiting direction. Her perspective highlights concerns over CISA’s diminished capacity in the current environment.
Office of the National Cyber Director: The Office of the National Cyber Director is a White House entity that coordinates national cyber policy and leads responses to emerging threats. It has convened calls with technology and cybersecurity leaders regarding advanced AI models. The office currently directs much of the administration’s strategy while CISA plays a supporting role.
Cybersecurity and Infrastructure Security Agency: The Cybersecurity and Infrastructure Security Agency is the U.S. government’s lead civilian agency responsible for protecting federal systems and critical infrastructure such as the power grid and water utilities from cyber threats. It was created in 2018 and coordinates efforts with industry partners on threat intelligence and vulnerability management. In the current context, the agency has been sidelined in the White House’s multi-agency response to AI-powered cyber threats despite its core mission.

Policy Development: A draft executive order on AI security proposes assigning CISA a coordinating function alongside other agencies for vulnerability management and remediation efforts.
AI Threat Landscape: Advanced AI models are positioned to significantly enhance the capabilities of cyberattacks targeting critical infrastructure.
Administration Approach: The White House is coordinating a multi-agency effort involving several departments to address risks from AI-enabled hacking tools.