For the first time in years, the United States is no longer making progress in bolstering its cyber defenses and is instead “stalling” and “slipping” in its ability to protect itself and allies, the successor organization to the U.S. Cyberspace Solarium Commission (CSC) revealed in a report published Wednesday.
CSC 2.0, led by the Foundation for the Defense of Democracies, said that while presidential transitions tend to slow cybersecurity progress, the Trump administration’s recent personnel cuts at the Cybersecurity and Infrastructure Security Agency (CISA) and the State and Commerce Departments have “further eroded momentum.”
“This year’s assessment makes clear that technology is evolving faster than federal efforts to secure it,” the report says.
The CSC, established in 2019, was congressionally chartered to develop a comprehensive strategy to defend the United States against cyber threats and strengthen the nation’s overall cybersecurity posture.
This year’s report found that just 35% of the commission’s 82 recommendations are fully implemented – down from 48% last year – marking the first significant reversal in progress, as nearly a quarter of completed actions have slipped backward, and overall implementation has stalled.
The CSC’s approach to cybersecurity is through layered cyber deterrence, which aims to reduce the risk and impact of significant cyberattacks. While many policies have followed suit with this framework, “more work must be done,” the report states.
That work will require confirming a Senate-approved head of the State Department’s Bureau of Cyberspace and Digital Policy, strengthening the national cyber director role, empowering CISA, building the cyber workforce, and restoring diplomatic tools and foreign assistance “to extend U.S. reach abroad.”
“What began as a forward-looking vision has become an urgent set of unfinished tasks. The challenge is to reinforce what has been built and address the gaps that remain,” the report reads.
The report also notes that “reestablishing bipartisan consensus on cybersecurity as a core element of national security” will be important to achieve the goals outlined by the commission.
“The United States faces a pivotal decision point. It is up to the administration and Congress to seize this opportunity to secure the gains of the past five years; reinforce its cyber deterrence posture; and send a clear signal of capability, intent, and continuity to its adversaries,” the report says.
Since entering office, the Trump administration has dramatically cut down the federal workforce, laying off tens of thousands and attempting to cut budgets for agencies typically responsible for critical cybersecurity protections.
Earlier this year, the administration recommended a 17% cut to CISA’s budget and eyed a 29% cut to CISA’s workforce – which has reportedly undergone major reassignments during the government shutdown to other Department of Homeland Security components focused on immigration enforcement.