In recent months, the United States has entered a dangerous phase of digital vulnerability just as adversaries accelerate their use of artificial intelligence. Anthropic recently disclosed that a nation state-linked threat actor attempted to use its commercial AI models to enhance cyber espionage operations, one of the first publicly documented attempts to operationalize AI for real-world intelligence gathering and offensive cyber activity. The company ultimately blocked the activity, but it demonstrated how quickly hostile actors are adapting and how easily these tools can be repurposed for malicious use.

At the same time, the U.S. is grappling with a significant loss of cyber expertise across agencies, including nearly 1,000 seasoned experts from the Cybersecurity and Infrastructure Security Agency. Attrition and budget reductions over recent years have hollowed out capabilities the nation relies on for critical infrastructure protection and threat coordination. Key intelligence units that once monitored Russian and other foreign cyber operations have been disbanded. CISA is now planning a major hiring surge to rebuild its workforce, which has vacancy rates hovering around 40%, but the gap between where the agency stands and what the threat environment demands remains significant.

Combined, these developments paint a troubling picture. AI is enabling threat actors to become more aggressive, efficient and effective, yet the U.S. appears to be weakening the very cyber defenses necessary to counter them. Make no mistake: A one-third loss of our top cyber forces since the start of the current administration, combined with a proposed 17% CISA budget cut, equates to strategic self-sabotage.

The AI-powered digital arms race

Cyber policy experts warn that the U.S. is entering a digital arms race just as it’s hollowing out its defensive ranks. We’re facing the battle with fewer soldiers and less ammunition. Many are speaking out, including security experts such as Bruce Schneier, a Harvard fellow and renowned cryptographer; Heather Adkins, Google’s founding director of information security; and Gadi Evron, a cyber intelligence leader and early pioneer in botnet defense. They have all warned that AI is becoming an asymmetric weapon empowering adversaries far faster than it equips defenders. The tools that once required months of expert development can now be generated by large language models in minutes. Malware creation, vulnerability discovery and exploitation are being automated at an unprecedented scale.

Meanwhile, defenders are being asked to do more with less. CISA’s work, from protecting critical infrastructure and federal networks to supporting state and local election systems, is foundational to national security. Reducing the agency’s budget or its workforce doesn’t just create gaps; it signals to adversaries that the U.S. is willing to accept greater risk in the digital domain.

Critical infrastructure’s expanding attack surface

This risk extends far beyond government networks. Our power grids, water treatment plants, financial systems, hospitals and communications infrastructure are all connected to and dependent on the same digital backbone. And while it’s true that most critical infrastructure in the U.S. is privately owned and regulated and that the federal government and industry have spent more than a decade trying to harden these systems, those efforts have not eliminated the underlying vulnerabilities and the cascade effect compromise can have.

Many of the improvements have focused on legacy perimeter defenses, voluntary standards or incremental upgrades to aging operational technology. But the attack surface has expanded faster than regulations or investments can keep pace. Water systems, in particular, carry a disproportionate risk. Utilities operated at the local level often lack dedicated security staff, rely on remote access software and operate equipment that was never designed for an environment of persistent, AI-assisted cyber threats. According to CISA, hospitals lose their ability to provide basic patient care, sanitation and medical procedures within just two hours. Unlike electricity, where backup generators commonly provide redundancy to ensure continuous operations, there is no equivalent resilience for water treatment or distribution.

Researchers like Joshua Corman, who leads the UnDisruptable27 initiative at the Institute for Security and Technology, have warned about the cascading consequences when cyber or physical incidents compromise critical functions. Corman said U.S. critical infrastructure was never built to withstand deliberate, persistent attacks and the nation continues to underestimate how quickly a disruption in one lifeline sector cascades into others. Water and wastewater systems, emergency medical care, food supply chains and power are tightly interdependent; losing even one can trigger rapid, compounding failures.

So while critical infrastructure is more secure in some respects, it is also more interconnected, more digitized and more exposed than ever. Hardening alone cannot offset the impact of weakened federal cyber capacity. The systems that sustain our world are online, remotely managed and increasingly targeted by adversaries who now have faster, cheaper, AI-driven tools at their disposal.

The global impact of weakened U.S. defenses

Today, nation-state actors can weaponize code at superhuman speed, but the erosion of federal cyber capacity is not merely a domestic concern. The impact can be felt throughout the global fabric of the internet and its interconnected systems. They depend on American digital resilience. Water infrastructure, power grids, telecommunications, financial networks and even the integrity of democratic elections hinge on having a properly resourced, expert-led cyber defense.

Allies rely on American intelligence and coordination, and multiple federal agencies contribute to that ecosystem. The Office of the Director of National Intelligence leads the classified intelligence-sharing mission across the “Five Eyes” and other international partners. But CISA plays a critical role in global cyber defense.

CISA is the primary U.S. agency responsible for sharing unclassified, actionable threat information with foreign computer emergency readiness teams (CERT), multinational companies, critical infrastructure operators and technology vendors who sit outside the intelligence community. Its Joint Cyber Defense Collaborative routinely coordinates with international partners to issue joint advisories, publish analytic reports on nation-state activity and align defensive playbooks across borders. These are often the first public warnings about nation-state activity. When CISA’s capacity shrinks, these real-time channels of global coordination weaken.

That’s why the disbanding of specialized units focused on Russian operations has strained relationships and emboldened our adversaries. The loss is not only in classified analysis, but in the day-to-day operational coordination, warnings and technical guidance that CISA provides to governments and private-sector operators worldwide. In an era of growing geopolitical instability, the shadow cast by U.S. cyber policy reaches far beyond our borders and shared defense efforts are essential. Cyber risks and threat actors will continue to evolve with the weaponization of AI, and we simply cannot afford to let any part of the ecosystem erode.

The future of U.S. cybersecurity

Although we are under tremendous pressure to reinforce our digital infrastructure, we cannot address this challenge by pointing fingers. This is not a partisan issue; it is a universal one.

Fortunately, we can still reverse course, but only if we act decisively. Every day we delay, we trade preparedness for fragility. Appealing to Washington alone won’t be enough. The private sector operates and secures most of the systems that keep the U.S. running. Corporate leaders, from utilities to finance to technology, have as much at stake as the intelligence community. They have a voice, and it’s time to use it. Everyone who values security and stability must take part in reversing this decline.

Cybersecurity and corporate leaders must stand together and make it clear that weakening the nation’s digital defenses weakens the entire global economy. That means demanding Congress restore cyber funding, publicly supporting stronger baseline security requirements for critical infrastructure, participating in joint advisories with CISA and international CERTs, and committing to shared defense initiatives through industry coalitions, such as the Cyber Threat Alliance or one of the industry-focused Information Sharing and Analysis Centers (ISACs). The prosperity we enjoy depends on peace and stability in cyberspace, and that stability depends on a united front that encompasses both public and private as well as domestic and international interests.

The U.S. once led the world in building the secure foundations of the internet. We can lead again, but only if we treat cybersecurity as an essential part of our national security.

Jaya Baloo is the co-founder, chief operating officer and chief information security officer of AISLE.

The post America can’t afford to hollow out its cyber defenses first appeared on Federal News Network.