The Cybersecurity and Infrastructure Security Agency must refocus its mission to sharpen its core capabilities and expand its authority, moving away from bureaucratic distractions such as disinformation monitoring. CISA’s primary mission is to secure federal networks and critical infrastructure, yet recent years have seen the agency’s focus drift into areas like policing social media. Simultaneously, overlapping regulations from other federal agencies have added unnecessary complexity for businesses, diluting CISA’s effectiveness.
The Trump administration has a unique opportunity to enhance CISA’s capabilities by honing in on its core responsibilities, thus streamlining operations and improving efficiency. This involves reducing mission creep and enhancing CISA’s ability to detect and respond to cyber threats while fostering better coordination with state and local governments to create a more unified national cybersecurity strategy. However, this focus must be balanced to ensure CISA can still address emerging threats effectively and adapt to the rapidly changing cyber landscape.
The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) provides a pivotal opportunity to strengthen CISA’s authority. By empowering the agency to enforce critical cyber incident reporting rules, CISA can better secure vital infrastructure against threats. To bolster national cybersecurity effectively, it’s crucial for the Trump administration to focus on strengthening CISA rather than simply reducing regulatory overlaps, which could inadvertently create cybersecurity coverage gaps due to the unique expertise each agency brings. Strategic investments should be prioritized over budget cuts to ensure CISA can attract and retain top talent and focus on critical initiatives.
1. Enhance threat intelligence sharing
A crucial step in strengthening cybersecurity is improving threat intelligence sharing between the government and the private sector. The administration should develop a model that facilitates a robust bidirectional exchange of threat information between critical infrastructure operators, cybersecurity vendors, and federal agencies. This initiative would enhance the security of both federal and commercial networks, providing vendors with critical intelligence to better protect their clients.
2. Conduct comprehensive cyber preparedness exercises
Regular large-scale cyber exercises, similar to those conducted by Israel, are essential for testing defenses and improving national readiness against cyber threats. By simulating large-scale attacks, the administration can identify vulnerabilities and enhance the nation’s overall cyber resilience. These exercises will help ensure that the nation is prepared to respond effectively to cyber incidents, minimizing potential impacts on critical infrastructure.
3. Foster public-private partnerships
To effectively safeguard critical infrastructure, which is vital to U.S. national security, the administration should strengthen public-private partnerships. Cyberattacks on critical infrastructure can have massive impacts, as demonstrated by last summer’s ransomware attack on Change Healthcare, which affected roughly a third of Americans. Leveraging the innovation and resources of the private sector is essential to addressing sophisticated cyber threats. This collaboration can enhance military superiority and economic stability by integrating private sector capabilities into national defense strategies. In this regard, the Cybersecurity Review Board (CSRB) badly missed the mark. It is crucial that public-private partnerships benefit both the government and all critical infrastructure sectors — not serve as an “in-crowd” for tech executives.
4. Enhance incident response and recovery
Developing rapid response teams and improving existing frameworks for incident response and recovery will ensure swift action in the event of a cyberattack. This can minimize damage and facilitate quick recovery, maintaining the integrity of critical infrastructure. CISA’s efforts in finalizing and publishing the National Cyber Incident Response Plan (NCIRP), in coordination with interagency and industry partners, will be essential in this regard. This plan should be a living document, regularly updated and exercised by key stakeholders.
5. Establish a cybersecurity marketplace
The administration should consider creating a cybersecurity marketplace comprising accredited managed service providers who meet stringent certification standards. By mandating that companies in critical infrastructure sectors engage with these certified vendors, the administration can ensure a consistent and robust defense against cyber adversaries. This marketplace would incentivize innovation and competition, thereby elevating cybersecurity standards nationwide.
6. Centralize policy and regulatory frameworks
To enhance national cybersecurity and prevent mission creep, the administration should designate CISA as the central hub for cyber incident reporting for all critical infrastructure entities under CIRCIA. By centralizing this function, CISA can streamline the reporting process, ensuring that critical information is efficiently gathered and disseminated to relevant stakeholders while eliminating overlapping regulations, such as the Securities and Exchange Commission’s cyber rule. This move will create a coherent policy framework that aligns cybersecurity practices with national security goals, balancing the need for regulation with the flexibility to innovate. By making CISA the focal point, the administration can ensure that guidelines are clear and effective, facilitating better coordination, quicker response times, and a more unified national cybersecurity strategy while avoiding the pitfalls of regulatory overlap.
7. Promote international collaboration
Cybersecurity is a global issue, and international collaboration is essential for bolstering both our own defenses and those of our allies. The administration should expand CISA’s overseas missions that involve public and private entities working together to strengthen critical infrastructure defenses. By collaborating with international allies, these missions can share intelligence, develop joint strategies, and effectively combat global cyber threats. This approach not only enhances the security posture of allied nations but also reinforces our own defenses by learning from diverse threat landscapes and leveraging shared resources and expertise. Through coordinated efforts, we can create a more resilient global cybersecurity network that is better equipped to address emerging threats.
8. Build a resilient cyber ecosystem
To support a resilient cyber ecosystem, the administration should focus on reducing barriers for small businesses by subsidizing cybersecurity services through tax credits or allowable costs. Additionally, addressing digital redlining is crucial, as it can significantly enhance digital literacy and expand the cyber workforce. By ensuring equitable access to digital resources and education, more individuals can gain the skills needed to enter the cybersecurity field. Investing in workforce development, particularly in emerging technologies like artificial intelligence, is essential to address the shortage of cybersecurity professionals. These efforts will cultivate a diverse and skilled workforce capable of tackling advanced cyber threats, ultimately strengthening our national cybersecurity posture.
9. Encourage research and development
To effectively promote research and development in cybersecurity technologies, government grants and contracts must adapt to the fast pace of technological advancement, moving beyond the archaic procurement processes currently in place. By streamlining these processes, the government can more swiftly support innovation and the development of advanced tools and strategies to combat cyber threats. Encouraging partnerships with academic institutions and research organizations is vital, but these collaborations need to be facilitated by a procurement system that is agile and responsive to the rapid evolution of technology. This approach will ensure that cutting-edge cybersecurity solutions are developed and deployed in a timely manner, enhancing our ability to address emerging threats effectively.
10. Focus on emerging threats
The administration should prioritize the reshoring of critical technologies and emphasize the rapid adoption of innovative solutions in areas such as artificial intelligence, quantum computing and encryption. By bringing essential technology development and manufacturing back to the U.S., the nation can strengthen its supply chain security and technological independence. The focus should be on harnessing cutting-edge advancements to address emerging threats, ensuring that the U.S. remains at the forefront of global cybersecurity capabilities. JCDC should play a pivotal role in this effort by anticipating technological risks and mitigating AI-related threats, aligning with the broader goal of maintaining a strategic advantage against future challenges.
By adopting a comprehensive approach, the Trump administration can significantly enhance CISA’s capabilities and strengthen the nation’s cybersecurity posture. Rooted in collaboration and innovation, refocusing CISA’s efforts promises to defend against current threats while anticipating and mitigating future challenges, securing America’s cyber future.
Michael McLaughlin is principal of government relations at Buchanan Ingersoll & Rooney.
Copyright
© 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
