By the time Jen Easterly handed in her badge as director of the Cybersecurity and Infrastructure Security Agency (CISA), the threats to U.S. national security had multiplied and mutated into something far more volatile than most Americans realize. Ransomware attacks now strike with near-routine frequency, China’s cyberespionage operations have grown more aggressive and insidious, and political currents—particularly those swirling around Donald Trump’s proposed budget cuts—threaten to gut the very agency designed to hold the digital line.
In an exit interview with WIRED, Easterly didn’t mince words: the United States is underprepared, underfunded, and dangerously complacent. And with her departure, one of the most vocal and forceful defenders of the nation’s cybersecurity infrastructure is stepping away just as the storms overhead gather strength.
A Nation Under Siege—Byte by Byte
Easterly, a former Army officer, NSA veteran, and cyber strategist, knows the stakes better than most. During her tenure at CISA, she faced an unrelenting tide of threats—foreign adversaries targeting critical infrastructure, ransomware groups paralyzing hospitals and municipalities, disinformation campaigns eroding public trust, and a domestic environment that sometimes seemed more interested in undermining CISA than supporting it.
“The threats aren’t hypothetical,” Easterly said. “They’re here. They’re active. And they’re getting worse.”
Take the Microsoft Exchange hack in 2021, widely attributed to Chinese state-sponsored actors. It compromised tens of thousands of systems across the U.S. and globally, targeting everything from local governments to small businesses. Or consider the Colonial Pipeline ransomware attack, which forced fuel shortages along the East Coast. These weren’t just wake-up calls—they were alarm bells clanging in broad daylight. But according to Easterly, the most dangerous threat may not be coming from hackers in Moscow or Beijing. It might be the political disinterest in investing in cybersecurity.
Trump’s Budget Axe Looms
Under the Trump administration, cybersecurity wasn’t exactly a top-line priority. And if Trump returns to office in 2025, that trend seems poised to continue. His budget proposals have repeatedly included dramatic cuts to cyber spending, including significant reductions to CISA’s already lean budget. Critics inside and outside the intelligence community warn that such cuts would be nothing short of catastrophic.
CISA, under Easterly’s leadership, transformed from a relatively obscure agency into a key player in the nation’s digital defense strategy. It partnered with private industry, worked to secure the software supply chain, and built tools to help critical sectors—from water utilities to election systems—defend themselves from sophisticated digital threats.
“If you pull funding from CISA,” Easterly warned, “you’re not just weakening an agency—you’re weakening the entire country’s ability to defend itself in cyberspace.”
The Invisible Front Line
One of Easterly’s main frustrations was the invisibility of the work. When cyberattacks are prevented, no one notices. When they succeed, people demand to know why more wasn’t done. It’s a thankless job, she admits, but it’s also a mission. And that mission, she argues, can’t be fulfilled without robust support from both the federal government and the public.
Cybersecurity is no longer just a tech issue; it’s a national security imperative. The electric grid, transportation networks, financial systems, and even emergency services are now tied to digital systems. A well-placed ransomware worm could cause real-world chaos in minutes. Easterly describes it as “a battlefield where the enemy is always evolving, and the terrain is constantly shifting.”
CISA’s role is akin to that of FEMA in the digital world—responding to cyber disasters, helping communities rebuild, and creating national plans to withstand the next big hit. But without sufficient funding or political backing, its ability to do so is drastically compromised.
From Reactive to Resilient
During her time in office, Easterly pushed hard to move the nation’s cyber posture from reactive to resilient. That meant focusing not just on responding to incidents, but preparing for them before they happen. It meant building strong partnerships with private industry, which owns and operates roughly 85% of the country’s critical infrastructure. And it meant changing the national mindset—treating cybersecurity not as an IT problem, but as a shared responsibility.
She also championed transparency and information sharing. Under her leadership, CISA began issuing regular advisories on vulnerabilities and threats, worked with companies to shore up weak defenses, and encouraged organizations to adopt practices like multifactor authentication and zero-trust architecture.
Still, she admits, it’s a long road—and one that could be derailed if budgetary or political shifts undercut the progress made.
What Comes Next?
With Easterly gone, the question is: Who will carry the torch? The cyber threats aren’t slowing down. If anything, the rise of generative AI, increasingly sophisticated malware, and global geopolitical tensions mean the digital landscape is about to become even more dangerous.
And yet, CISA’s future remains uncertain. Without vocal leadership and adequate resources, its ability to protect the country diminishes. Easterly has handed over the reins, but her parting message is clear: cybersecurity isn’t optional, and CISA isn’t a luxury—it’s a lifeline.
“The threats we face aren’t going away,” she said. “They’re growing. And the only way we’ll survive them is by treating cybersecurity as the critical, national issue that it is.”
As the digital battlefield expands, America’s ability to respond hangs in the balance. Whether CISA survives and thrives may depend not on technology—but on the political will to defend it.
