Skip to main content
Geopolitics & DefenseGovernment & Policy

Trump Proposes Cybersecurity Cuts Amid Ballroom, Slush Fund Spending Spree

Split scene contrasting modest cybersecurity meeting space with lavish out-of-focus ballroom.

"Budgets are moral documents, and spending a billion dollars on a ballroom, which is what the president wants, or $1.7 billion to incentivize insurrectionists while we still are waiting for the reauthorization of this critical grant program, says a lot about where priorities are right now with this administration," Rep. Delia Ramirez (D-IL) told a House Homeland Security subcommittee hearing on state and local cybersecurity.

Rep. Delia Ramirez frames the choice in dollars

Ramirez used precise dollar figures to sharpen a political and policy contrast: the president has proposed a $1 billion White House security and ballroom project and a nearly $1.8 billion "slush fund" tied to January 6 allies, while Congress is considering reauthorizing the State and Local Cybersecurity Grant Program (SLCGP). The SLCGP, the congresswoman noted, began in 2022 and was earmarked for $1 billion to state and local governments over the next four years to help mitigate cyber risks.

CISA budget cuts and the MS-ISAC funding shift

Representative James Walkinshaw (D-VA) highlighted changes at the Cybersecurity and Infrastructure Security Agency (CISA) as part of the same hearing. He said CISA's 2025 budget was about $3 billion and that President Trump proposed slashing the agency’s spending by $707 million in 2027, to just over $2 billion. Walkinshaw also cited $135 million in cuts to CISA and the loss of about a third of its workforce — close to 1,000 people — since the president returned to office, saying, "So we are looking at a one-third cut in federal funding for cybersecurity."

Walkinshaw tied the arithmetic together: if the White House spending items were approved, "we'd be spending a billion dollars for the ballroom and $1.8 billion for the January 6 slush fund – $2.8 billion just on those two items, $800 million more than his total commitment to cybersecurity." The congressman framed that comparison as a budgetary choice with direct implications for state and local cyber resilience.

MS-ISAC moves to a fee model; access and affordability decline

Members and witnesses discussed the Multi-State Information Sharing and Analysis Center (MS-ISAC). Walkinshaw noted that CISA eliminated federal support for MS-ISAC, which previously provided free and low-cost threat detection and response services to state and local governments. The MS-ISAC has since shifted to a fee-based model to support the state threat sharing program.

Samir Jain, vice president of policy for the Center for Democracy and Technology, warned this change would hit the jurisdictions most in need. "Jurisdictions that most need the help are least likely to be able to afford it," Jain testified, adding that smaller jurisdictions "probably also don't have the resources and the money to buy equipment, to buy network monitoring tools, to have cybersecurity staff. It's the ones who need it the most are the least likely to be able to get it as a result."

State and local IT leaders pressed for more funding

IT and security chiefs from Tennessee, New York, and Florida testified that demand for cybersecurity support outstrips available funding. Tennessee CIO Kristin Darby told lawmakers state and local governments run critical systems — emergency services, schools, utilities, courts, and public infrastructure — and that "demand for cybersecurity support far exceeds the current funding levels."

Darby said many local governments in Tennessee have "little or no dedicated cybersecurity staff," creating "a dangerous imbalance between highly sophisticated attackers and severely resource-constrained defenders" as AI-enabled attacks, ransomware, and cloud-based intrusions accelerate.

New York state director of security and intelligence Colin Ahern urged lawmakers to "reauthorize and fully fund the state and local cybersecurity grant program, which is the single most consequential investment in the cyber protection of state and local governments in this country." Ahern also advocated for frontier-model AI access for state and local governments, saying "We cannot do that while frontier defensive AI capabilities are restricted to federal partners and a handful of large enterprises." He added, "Cybersecurity is the silent partner of democracy."

How state and local governments, CISA, and local IT teams are affected

  • State and local governments: Facing growing operational threats to utilities, schools, and public health systems, they are pressing Congress to reauthorize and fully fund the SLCGP to fill capability gaps left by reduced CISA support and the MS-ISAC fee model.
  • CISA: According to testimony cited at the hearing, the agency's proposed budget reduction and prior cuts have narrowed its capacity, and its withdrawal of federal support for MS-ISAC shifted a previously free/low-cost service into a paid model.
  • Local IT teams and smaller jurisdictions: Expert witnesses warned jurisdictions with limited budgets are least able to pay for ISAC membership or buy monitoring tools and cybersecurity staff, increasing the likelihood that the most vulnerable local systems remain under-protected.

The hearing made a stark, numerical case: lawmakers and local officials juxtaposed specific presidential spending proposals against concrete program dollars and cuts to argue that reauthorization and full funding of the SLCGP should be a congressional priority. Congress is weighing that reauthorization now; witnesses testified that funding decisions will determine whether smaller jurisdictions can afford threat detection, incident response, and defensive AI tools that, in the witnesses’ framing, underpin public services and democratic life.

Original story