CISA sidelined as White House scrambles to address AI cyber threats

The federal agency responsible for defending America’s critical infrastructure from cyberattacks has lost roughly one-third of its workforce since early 2025. And it’s about to get worse.

The Cybersecurity and Infrastructure Security Agency, better known as CISA, is facing a proposed $707 million budget cut in Fiscal Year 2027 that could eliminate another 766 full-time positions. This is happening at the exact moment AI-driven cyber threats are evolving faster than most organizations can patch their systems.

The AI threat that changed the calculus

On April 7, 2026, Anthropic released Claude Mythos Preview, an AI model capable of identifying thousands of zero-day vulnerabilities and executing autonomous attacks.

Zero-day vulnerabilities are security flaws that software makers don’t yet know about. They’re the most dangerous kind of exploit because there’s no patch available when attackers strike. Historically, finding them required elite hackers with deep expertise spending weeks or months probing systems. Claude Mythos Preview compressed that timeline dramatically.

Acting CISA Director Nick Andersen has been described as “at the table, not in the game” during early White House discussions about the AI threat response. That’s a polite way of saying the agency’s input is being heard but not driving decisions.

Making matters worse, CISA has not replaced its chief AI officer since that position was vacated in 2025. So the agency tasked with defending the nation’s digital infrastructure has no senior leader dedicated to understanding the very technology reshaping the threat landscape.

Staffing losses meet escalating threats

CISA’s workforce reduction of approximately one-third came through a combination of planned buyouts and budget actions.

CISA operates the Known Exploited Vulnerabilities program, or KEV, which maintains a catalog of actively exploited security flaws and sets deadlines for federal agencies to patch them. Current discussions are exploring whether to compress those patching timelines from weeks down to as few as three days.

Former officials have publicly expressed concern that the strategic pivot away from CISA’s traditional role could undermine vulnerability management at a moment when AI-driven capabilities are making rapid response more important than ever.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.