Trump Administration Cyber Policy Shifts: Regulatory Rollbacks and Reduced Federal Election Security Support
National Cyber Director Sean Cairncross called on industry to help the Trump administration reduce cybersecurity regulatory burden and improve “friction” points in cyber information sharing, while also urging companies to lobby Congress to renew the expired Cybersecurity Information Sharing Act of 2015 with a proposed 10-year extension. Cairncross framed the administration’s approach as partnering with industry rather than expanding private-sector mandates, and said a forthcoming administration cybersecurity strategy would be released “sooner rather than later.”
Separately, state election officials are increasingly planning to self-fund and self-organize election security as CISA scales back election security support, including work related to disinformation, and as election security specialists are reportedly fired or sidelined. With reduced federal staffing and no dedicated congressional election security grant funding, states described feeling they are “going it alone”; Arizona, for example, advanced a $650,000 state package to patch vulnerabilities and recover from a prior cyberattack on its political candidate portal. A third report described U.S. manufacturers expanding collaboration through MFG-ISAC—including tabletop exercises, OT training, and incident response playbooks—but this activity is sector-focused and not directly tied to the federal policy and election-security pullback described elsewhere.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
7 events from the most recent confirmed update back to the earliest known activity.
White House pushes Congress to renew CISA 2015 for 10 years
Sean Cairncross urged industry to lobby Congress to renew the Cybersecurity Information Sharing Act of 2015 and said the administration wants a 10-year extension without changes. He also said a new Trump administration cybersecurity strategy would be released soon.
National Cyber Director seeks industry help to cut cyber regulations
National Cyber Director Sean Cairncross said the Trump administration wants industry input to reduce cybersecurity regulatory burdens and improve information-sharing processes. He said the administration prefers partnership with industry over imposing new rules.
Acting CISA director tells Congress election security services remain in place
Acting CISA Director Madhu Gottumukkala told Congress that election security services were still fully available. His testimony directly conflicted with accounts from state and local officials who said support had diminished.
States turn to grants and local partners to fill election security gap
As federal support was perceived to decline, states increasingly relied on limited Election Assistance Commission funding, ISACs, fusion centers, universities, and the National Guard for election security help. West Virginia also highlighted use of HAVA funds for voting-system upgrades amid broader resource constraints.
Trump administration begins reducing federal election security engagement
During Trump's second term, state election officials and Democrats said CISA reduced election security support, staffing, communication, and incident-response and intelligence-sharing assistance. Multiple states reported the shift happened suddenly and without warning, increasing reliance on state and local resources.
Cybersecurity Information Sharing Act of 2015 expires
The Cybersecurity Information Sharing Act of 2015 expired after previously receiving only short-term extensions. Its lapse set up later calls from the Trump administration for Congress to renew it for a longer term.
Arizona candidate portal hit by cyberattack and pro-Iranian defacement
Arizona experienced a cyberattack on its online portal for political candidates, and the site was defaced with pro-Iranian propaganda. The incident later became part of the state's push to fund additional election cybersecurity improvements.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
US Cyber Operations Disrupted Election Interference as Federal Defenses Were Cut
US Cyber Command and the NSA have repeatedly used covert cyber operations to blunt foreign election interference, including ejecting Iranian hackers from a municipal website used to post unofficial 2020 results before false information could be spread and disrupting Russian influence operators targeting voters ahead of the 2024 election. Officials said the 2020 intrusion did not affect voting, ballot tabulation, or certified results, and described the broader mission as a joint effort with CISA, the FBI, DHS, and other agencies to counter cyberattacks, troll farms, fake websites, and AI-enabled propaganda tied to Russia, Iran, China, North Korea, and non-state actors. At the same time, the US government has reduced parts of the election security apparatus built after 2016. Reporting says the Trump administration put CISA election security staff who worked with states on leave and dismantled or downsized programs across ODNI, the FBI, the State Department, and CISA that tracked and exposed foreign influence campaigns. Current and former officials warned that the cuts weaken coordination with state and local election officials, reduce visibility into ongoing threats, and leave the country less prepared for future elections even as harassment of election workers and concern over the safety of cyber personnel have pushed agencies to keep some leadership roles out of public view.
May 25, 2026
US Cybersecurity Policy Setbacks and Calls for Legislative Action
The annual implementation report from the Cyberspace Solarium Commission (CSC 2.0) has concluded that the United States is regressing in its efforts to strengthen national cybersecurity. The report highlights that, for the first time since the commission began tracking progress, the nation has moved backward in enacting key recommendations, with implementation percentages dropping across all measured categories. The report attributes this decline to several factors, including budget and personnel cuts initiated during the Trump administration, which have affected critical cyber diplomacy and science programs. The absence of stable leadership at major agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) and the State Department is also cited as a significant barrier to progress. The commission recommends reversing these budget cuts, empowering the Office of the National Cyber Director, and expanding federal workforce initiatives to address the growing gap between technological advancement and federal cybersecurity efforts. The report underscores that the pace of technology evolution is outstripping the government's ability to secure it, leaving the nation and its allies increasingly vulnerable to cyber threats. In parallel, the U.S. electric utility sector is prioritizing the reauthorization of the Cybersecurity Information Sharing Act (CISA) of 2015, which lapsed earlier in the month. Industry leaders argue that the law is essential for fostering trust and enabling the sharing of sensitive operational information between utilities and the government without fear of reprisal. The lapse of this legislation has raised concerns among utility executives and cybersecurity experts, who emphasize that robust information sharing is critical in the face of escalating threats to the power sector. Multiple industry associations, including the American Public Power Association and the Edison Electric Institute, have urged Congress to reauthorize the act to maintain effective collaboration and threat mitigation. The convergence of these developments points to a broader challenge in U.S. cybersecurity policy, where legislative and organizational setbacks are undermining national resilience. The lack of progress in implementing strategic recommendations and the expiration of key information-sharing laws are seen as compounding risks for critical infrastructure. Experts warn that without renewed commitment and legislative action, the U.S. may continue to lose ground in the global cybersecurity landscape. The reports collectively call for immediate policy reversals, leadership stabilization, and legislative renewal to restore momentum in national cyber defense. The situation is further complicated by the increasing sophistication of cyber threats targeting both government and private sector entities. Stakeholders across sectors are advocating for a unified approach to address these vulnerabilities and ensure the security of essential services. The urgency of these recommendations is underscored by the potential consequences of inaction, which could include increased exposure to cyberattacks and diminished national security. The reports serve as a wake-up call for policymakers to prioritize cybersecurity funding, leadership, and legislative frameworks. The need for a coordinated and well-resourced response is emphasized as essential for safeguarding the nation's digital infrastructure. The findings highlight the interconnectedness of policy, leadership, and industry collaboration in achieving effective cybersecurity outcomes. The overall message is clear: reversing recent setbacks and renewing key laws are critical steps toward regaining lost ground in U.S. cybersecurity.
Mar 21, 2026
U.S. Federal Cyber Leadership Turmoil and CISA Policy Disruptions
U.S. federal cyber operations faced heightened uncertainty amid **leadership turnover and staffing reductions at CISA**, raising concerns about the agency’s capacity to execute its mission. Reporting indicated acting director **Madhu Gottumukkala** was replaced by **Nick Andersen** following controversies including alleged mishandling of sensitive information, while CISA also lost its CIO and reportedly saw staffing reduced by roughly one-third. Separately, Senate confirmation dynamics continued to affect cyber leadership, with Sen. Ron Wyden opposing the nomination of Lt. Gen. **Joshua Rudd** to lead **U.S. Cyber Command and the NSA**, citing concerns about experience and constitutional-rights familiarity as the agencies remained without a permanent chief. CISA’s policy and guidance output continued but faced headwinds from broader federal disruptions. CISA published new insider-threat program guidance centered on the **POEM framework** (*Plan, Organize, Execute, Maintain*) to help organizations build multi-disciplinary insider threat management teams spanning physical security, cybersecurity, HR/personnel, and reporting/analysis functions. At the same time, a **partial DHS shutdown** was reported to be stalling progress on the **Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA)** rulemaking, complicating compliance planning for critical infrastructure entities awaiting clarity on incident reporting requirements and enforcement expectations.
Apr 3, 2026