The end of the ODNI's Cyber Threat Intelligence Integration Center (CTIIC) and the firings of 24 IT FEMA employees are just the latest in US cyber cuts.
This year has seen significant cuts to federal cybersecurity organizations as part of the Trump’s administration’s efforts to downsize government. As early as the first week of the new administration, the Department of Government Efficiency (DOGE) and cabinet officials have been working to shrink the Cybersecurity and Infrastructure Security Agency (CISA) and limit cyber initiatives, ending the Cyber Safety Review Board, and putting contracts from companies that support national cybersecurity under scrutiny. These past weeks were no different, with another previously established cybersecurity body being cut.
On August 20, 2025, Tulsi Gabbard, the director at the Office of the Director of National Intelligence (ODNI) announced the “long-overdue transformation” of the ODNI in a press release. This transformation is expected to scale the ODNI by more than 40% by the end of fiscal year 2025, thereby saving taxpayers over $700 million per year.
The release describes the creation of the ODNI as a response to the failings of the Intelligence Community (IC) around the terrorist attacks on 9/11. Gabbard condemned the current state of the office, saying: “Over the last 20 years, ODNI has become bloated and inefficient, and the intelligence community is rife with abuse of power, unauthorized leaks of classified intelligence, and politicized weaponization of intelligence…Under President Trump’s leadership, ODNI 2.0 is the start of a new era focused on serving our country, fulfilling our core national security mission with excellence, always grounded in the U.S. Constitution, and ensuring the safety, security, and freedom of the American people.”
Some of the “bloat” that Gabbard refers to is detailed in the accompanying fact sheet. The Foreign Malign Influence Center (FMIC), for example, is accused of being “used by the previous administration to justify the suppression of free speech and to censor political opposition” online, and is therefore first on the chopping block. The other groups being cut, either for believed redundancy with the functions of other federal departments or for more political slights not aligned with the current administration, are the National Counterproliferation and Biosecurity Center (NCBC), the Cyber Threat Intelligence Integration Center (CTIIC), the National Intelligence University (NIU), External Research Council (ERC), and the Strategic Futures Group (SFG).
The end of the CTIIC is causing some concern for the cybersecurity experts who were more familiar with the project. During the Obama administration, Michael Daniel managed the development of the CTIIC as the White House cyber coordinator. In a conversation with the Federal News Network, Daniel said the Center was put together to collate intelligence on critical cyber events, “...to support not just assessments of past incidents, but also support real-time national security activities, such as cyber-enabled disruption campaigns against cybercriminal organizations or foreign intelligence services or diplomatic negotiations with adversaries regarding cybersecurity issues”.
The fact sheet says that the CTIIC’s functions are already covered by the National Intelligence Council (NIC), and other agencies in the Executive Branch organize coordination on cyber issues. Daniel was skeptical of the NIC’s ability to operate on the same depth as the CTIIC, saying: “It won’t be able to perform the functions that the CTIIC did…Or if it does, it won’t have time for its long-term research (and it would need more people focused on cyber). This action continues the trend of weakening U.S. government cyber capabilities and reducing its ability to understand what is happening in cyberspace.”
More recently, the Federal Emergency Management Agency (FEMA) lost 24 employees in their IT department because of alleged cybersecurity failures. On August 29, 2025, the Department of Homeland Security (DHS) Secretary Kristi Noem shared the news about the firings in a press release, which said that a review of FEMA’s operations (ordered by Noem) unveiled serious cyber vulnerabilities and efforts to hide these problems by several employees. Noem explained the situation in scathing terms: “FEMA’s career IT leadership failed on every level. Their incompetence put the American people at risk... These deep-state individuals were more interested in covering up their failures than in protecting the Homeland and American citizens’ personal data, so I terminated them immediately.”
CNN reported that these terminations surprised FEMA staff, with longtime officials saying the leaders who were fired (like FEMA Chief Information Officer (CIO) Charles Armstrong, and Chief Information Security Officer (CISO) Gregory Edwards) were “extremely competent” and “highly respected.” FEMA has had continued issues with the new administration, with even more employees being fired and lambasted for inappropriate behavior with government devices on the job this week.
Even outside of the cuts to the ODNI and FEMA cyber related government workers are leaving - by choice. Doug Beck, head of the Defense Innovation Unit in the Department of Defense and a former vice president at Apple, stepped down without warning in the last week of August.
The pattern of a dwindling cyber workforce does not seem to be stopping soon, but the changes continue to gain a mixed reception, with some fearing less collaboration between the government and the private sector due to the dwindling capacity of the current administration’s cyber agencies, while others argue that the cuts redirect funds to more high impact programs.
In any case, the US will likely understand the full impact of these changes before the year ends, as the not-so-far-off holiday period has repeatedly proven to be an enticing opportunity for threat actors.