\u201cTraditionally, we have a huge contingent from the U.S.,\u201d David Koh, the head of Singapore\u2019s Cyber Security Agency, told<\/a> an audience at a cybersecurity conference in Washington a few weeks later, sitting onstage with his counterparts from Australia and Japan. \u201cThis year was different because almost no one from the U.S. administration came.\u201d<\/p>\n The Biden administration made multilateral cyber-engagement<\/a> one of its key policy priorities, appointing the United States\u2019 first-ever ambassador-at-large for cyberspace and digital policy to head a new State Department bureau focused on international cyber- and technology cooperation. It supplemented its leadership of the CRI with a multilateral pledge<\/a> to curb the misuse of commercial spyware, put forward an international cyberspace and digital strategy, and oversaw a significant expansion<\/a> of the Cybersecurity and Infrastructure Security Agency (CISA), tasked with defending the United States from cyberthreats. But widespread cuts to the U.S. government workforce under President Donald Trump over the past year have impacted nearly all of those efforts.<\/p>\n In explaining why that matters, Koh did not mince words. \u201cYou can\u2019t look people in the eye if you\u2019re not showing up,\u201d he said. \u201cMy concern is that if we don\u2019t do enough of it, then someone else will take the narrative.\u201d<\/p>\n That someone else, he made clear during his remarks, is China. The world\u2019s second-largest economy has positioned itself as a formidable technological rival to the United States, establishing a near-equal footing (and in some cases, leading) in critical technologies such as semiconductors, artificial intelligence, batteries, biotechnology, and quantum computing. On many of those fronts, Beijing is now providing countries in the middle with viable alternatives<\/a>. And at the same time, China has emerged as the prime cyber-adversary to the United States and its traditional allies.<\/p>\n \u201cThe U.S. plays a unique role because of the global space we operate on across law enforcement, diplomatic, cyberdefense, and intelligence,\u201d said Anne Neuberger, who served as the deputy national security advisor for cyber and emerging technology in the Biden administration\u2014a role in which she created and spearheaded the CRI. \u201cSo, when we step back, it clearly has an impact.\u201d<\/p>\n In assessing the nature of this impact, I spoke to more than a dozen current and former diplomats and government officials from the United States and a half-dozen other countries. Many spoke on the condition of anonymity because they were not authorized to speak on the record. Just about all of them share a nascent but nagging concern: that amid mounting cyberthreats around the world, Washington is pulling back from leadership at the worst possible time.<\/p>\n A man is seen from behind at a table of microphones as he testifies before a group of senators on an arched dais above him.<\/p>\n U.S. Army Lt. Gen. William Hartman, the acting head of U.S. Cyber Command and acting director of the National Security Agency, testifies during a Senate Armed Services Committee hearing in Washington on April 9, 2025. Kevin Dietsch\/Getty Images <\/p>\n In 2024, a group of cyberattackers linked to the Chinese government and dubbed Salt Typhoon infiltrated at least eight major U.S. telecommunication networks. The group\u2019s attack included targeting<\/a> cellphones used by then-candidates Donald Trump and J.D. Vance months before the election that put them in the White House.<\/p>\n Ultimately, that hack not only stole the data of millions of Americans but also targeted \u201ctelecommunications, government, transportation, lodging, and military infrastructure networks\u201d globally, according to a joint update<\/a> issued by more than a dozen countries last year. Even with China\u2019s long history<\/a> of cyber-espionage and data theft<\/a>, Salt Typhoon was seen as unprecedented in scale and scope.<\/p>\n That\u2019s not the only \u201ctyphoon\u201d (an industry naming convention applied to Chinese hacking groups) giving U.S. officials sleepless nights over the past few years. In 2023, Microsoft revealed<\/a> that a group it named Volt Typhoon had infiltrated several critical infrastructure networks across the United States, including water, energy, and transportation providers. U.S. security agencies have described<\/a> its objectives as \u201cpre-positioning\u201d to disrupt those key sectors in the event of a conflict.<\/p>\n Australia\u2019s spy chief, Mike Burgess, called out<\/a> those groups as recently as last November in a speech in Melbourne. \u201cImagine the implications if a nation-state took down all the networks?\u201d Burgess said. \u201cOr turned off the power during a heat wave? Or polluted our drinking water? Or crippled our financial system?\u201d (Beijing has repeatedly denied any involvement in malicious cyberactivity.)<\/p>\n Despite that growing threat, the Trump administration has pulled back from measures that would have made life more difficult for Chinese hackers. The Federal Communications Commission in November rescinded<\/a> a Biden administration rule put in place after Salt Typhoon that sought to impose<\/a> minimum cybersecurity requirements on telecom companies. The Trump administration also reportedly<\/a> nixed the imposition of sanctions on China\u2019s top spy agency over the Salt Typhoon hack weeks after Trump and Chinese President Xi Jinping reached a trade truce in October, sparking concerns<\/a> that Trump is compromising U.S. national security in search of deals.<\/p>\n In November 2023, a month into the Israel-Hamas war, an Iran-linked hacking group called \u201cCyberAv3ngers\u201d targeted<\/a> products made by the Israeli company Unitronics, many of which happened to be used in water treatment plants across the United States.<\/p>\n It was a new type of attack, said Jennifer Lyn Walker, the director of infrastructure cyberdefense at the Water Information Sharing and Analysis Center, an industry body that helps water utilities protect themselves from external threats. \u201cFast-forward, and we have self-proclaimed hacktivists targeting devices that are managing the flow and quality of our water.\u201d<\/p>\n In January 2024, cyberattackers breached multiple local water utilities in rural Texas, resulting in one small-town water tank overflowing<\/a> for 30 to 45 minutes. The prominent cybersecurity firm Mandiant later attributed<\/a> that hack to a group in Russia, revealing that the hackers had also claimed credit for an attack on a water provider in Poland during the same time.<\/p>\n Alongside nation-states, ransomware groups are pulling off some of the biggest attacks in recent memory. Russian groups were behind the 2021 Colonial Pipeline<\/a> hack that shut down much of the U.S. East Coast\u2019s fuel supply for a week, leading to long lines at gas stations, as well as the 2024 hack of the insurance payments platform Change Healthcare that impacted<\/a> nearly 200 million people.<\/p>\n For Washington\u2019s European allies, threats from China and other adversaries persist, but the Russian cyberthreat is far more immediate. Russian cyberattacks against NATO countries increased by 25 percent in 2025, according to a recent report<\/a> from Microsoft. The problem is particularly acute in countries near Ukraine, where Moscow\u2019s yearslong ground war has been supplemented by constant cyberattacks against the country and its supporters.<\/p>\n Take Ukraine\u2019s neighbor Poland. In 2024, the country\u2019s three national Computer Security Incident Response Teams, or CSIRTs, together handled more than 110,000 cyber-incidents, according to Rafal Rosinski, the undersecretary of state in the country\u2019s Ministry of Digital Affairs. As of November 2025, the biggest of the three CSIRTs had faced more than 224,000 incidents.<\/p>\n \u201cSince the outbreak of Russia\u2019s war against Ukraine, we have identified a significant increase in attempted attacks on the transportation sector,\u201d Rosinski said.<\/p>\n The attack surface has never been larger, and the threat landscape has never been greater.<\/p>\n \u201cHow often have you ever heard anyone speak to you when you\u2019ve asked about the threat landscape and they say, \u2018No, it\u2019s getting better, actually\u2019?\u201d said Tobias Feakin, who served as Australia\u2019s first-ever cybersecurity ambassador between 2017 and 2023. \u201cIt never does.\u201d<\/p>\n The borderless nature of cyberattacks, coupled with the increasingly digital nature of nearly every aspect of our societies, means that international cooperation and information sharing are more important than ever. When everything is connected, everyone is vulnerable.<\/p>\n \u201cFolks sometimes treat cyber as a separate domain. Countries like China and Russia view it as integrated with the geopolitical competition and into their approach to warfare,\u201d Neuberger said. \u201cThere\u2019s no longer this line between battlegrounds and homeland.\u201d<\/p>\n Most cybersecurity officials I spoke to stressed the need to temper the alarmism about a possible U.S. pullback. Every new U.S. administration undergoes a transition period, coordination continues at the operational level where it\u2019s most needed, and Washington has remained engaged in a few multilateral forums, such as the Pall Mall Process<\/a>, a grouping of 25 countries led by France and the United Kingdom aimed at combating commercial spyware. The Trump administration\u2019s participation in the CRI, while scaled back, has also not gone the way of the Paris Agreement<\/a> on climate change, for example. <\/p>\n Trump\u2019s proclivity for bilateral engagement has also made its way into cybersecurity, with mentions of cooperation in recent engagements with Thailand<\/a>, Japan<\/a>, and South Korea<\/a>. Washington also went ahead with the 10th annual Japan-U.S. Cyber Dialogue<\/a> in June 2025.<\/p>\n Still, driving particular concern among many foreign partners are the enormous cuts the Trump administration has made to the United States\u2019 own cybersecurity agencies.<\/p>\n CISA, the country\u2019s top cyberdefense agency, has been hit with several rounds of layoffs<\/a> and departures<\/a>, including further cuts during the recent U.S. government shutdown that reportedly slashed<\/a> the agency\u2019s Stakeholder Engagement Division, tasked with working with international partners. Trump\u2019s nominee<\/a> for CISA director, Sean Plankey, has not yet been confirmed by the Senate, and the agency continues to operate under acting leadership.<\/p>\n Also operating under acting leadership are the Defense Department\u2019s Cyber Command<\/a> and the National Security Agency, whose former head, Gen. Timothy Haugh, Trump abruptly fired<\/a> in April 2025.<\/p>\n The shuttering of the U.S. Agency for International Development (USAID) by the Trump administration cut more than $175 million<\/a> worth of cybersecurity assistance to U.S. partners that the agency oversaw.<\/p>\n Multiple diplomats also called out the impact of Trump\u2019s downsizing<\/a> of the National Security Council as curtailing a key avenue for U.S. engagement on cybersecurity.<\/p>\n People push and pull a cart of belongings across a parking lot in front of a and office building.<\/p>\n Fired U.S. State Department employees push their belongings in a shopping cart as they leave their offices in Washington on July 11, 2025. Saul Loeb\/AFP via Getty Images <\/p>\n But the biggest loss by far is being felt at the State Department. Its Bureau of Cyberspace and Digital Policy (CDP)\u2014set up in 2022 by the Biden administration with Nathaniel Fick as the first U.S. cybersecurity ambassador\u2014gave allies and partners a \u201cgood entry point and a clear interlocutor in the system,\u201d one diplomat said. That bureau was split up and significantly diminished<\/a> as part of a broader reorganization<\/a> of the State Department that eliminated hundreds of jobs. The bureau\u2019s cybersecurity functions have been moved into the new Bureau of Emerging Threats, which also oversees policies on artificial intelligence and bioweapons.<\/p>\n International engagement has suffered in the reshuffle.<\/p>\n \u201cThere is a serious question about capacity,\u201d said Adam Segal, who served as a senior advisor in CDP from April 2023 to June 2024 and led its international cyberspace and digital policy strategy<\/a>. Given the cuts, he said, there is a \u201cquestion about how much manpower and bandwidth and attention these things can get with few people there.\u201d<\/p>\n A current State Department employee, who also spoke on condition of anonymity because they weren\u2019t authorized to speak to the press, said the uncertainty prevails internally as well. \u201cThe reorganization didn\u2019t give us clarity on where cyber would live and who would run it,\u201d the employee said. \u201cIt feels like we\u2019ve just stopped talking about it.\u201d<\/p>\n The cuts have also made it \u201cvery hard to get anything done. Every bureaucratic process has just gotten much more difficult,\u201d the employee added\u2014and \u201cyou\u2019ve just lost the people who knew how to do it.\u201d<\/p>\n Even if the U.S. cyber-shakeup can send a disconcerting signal, to many partners all that matters is that the work gets done. \u201cThe real measure at the end is the investment and buildup of capabilities and what those capabilities are able to do,\u201d one European official said. \u201cIt\u2019s not so important whether we have some cyber ambassadors and what their exact title is.\u201d<\/p>\n In addition, the Trump administration has argued that some correction and consolidation are necessary. This represents a sharp reversal from the Biden administration, where the many prominent cybersecurity officials and agencies each had their own\u2014albeit sometimes intersecting and overlapping\u2014remit.<\/p>\n \u201cIf there\u2019s a broader effort to streamline that and make policy clearer, that\u2019s probably not a bad thing,\u201d said Jennifer Ewbank, who served as the CIA\u2019s deputy director for digital innovation from 2019 to 2024. \u201cBut I\u2019m concerned about the loss of cyberdefenders at a time when we do need them.\u201d<\/p>\n According to CyberSeek<\/a>, a U.S. government-backed tool that tracks the cybersecurity workforce in the United States, there are 74 employees for every 100 open jobs, with more than half a million job openings across the country.<\/p>\n It\u2019s a problem that Sean Cairncross, the Trump administration\u2019s top cybersecurity official, seems acutely aware of. \u201cThere is a huge gap in the cyber workforce,\u201d he said<\/a> at the same Washington conference where Singapore\u2019s Koh spoke, adding that the U.S. government was working on an initiative to bridge that gap as one of the pillars of its upcoming National Cybersecurity Strategy, expected<\/a> to be published in January. <\/p>\n The Trump administration released its National Security Strategy<\/a>\u2014typically a precursor to the cybersecurity strategy\u2014in early December, hinting at the \u201cespionage\u201d and \u201ccybersecurity\u201d risks that come with Chinese foreign assistance in Latin America and outlining a U.S. government plan to help U.S. companies \u201charden\u201d networks in the region.<\/p>\n As for cybersecurity, it\u2019s all about U.S. companies. The \u201cU.S. Government\u2019s critical relationships with the American private sector help maintain surveillance of persistent threats to U.S. networks, including critical infrastructure,\u201d the strategy said, while the government focuses on defending those networks.<\/p>\n Largely absent in the strategy is any emphasis on cyber-cooperation with allies, save for \u201cencouraging Europe to take action to combat \u2026 technological theft, cyber espionage, and other hostile economic practices.\u201d<\/p>\n Cairncross, who was confirmed as the national cyber director by the Senate in August, has largely stuck to those themes in his public comments thus far.<\/p>\n \u201cWe\u2019re focused on \u2026 partnership with industry and streamlining the regulatory environment,\u201d he said at the Washington conference. He did not provide an exact timeline for releasing the cybersecurity strategy but said that \u201cit\u2019s going to be focused on shaping adversary behavior, introducing costs and consequences.\u201d<\/p>\n Cairncross also did not mention allies and partners or how the United States plans to engage them, though he has done so\u2014if somewhat cursorily\u2014in previous public comments since assuming his role. \u201cI\u2019m committed to marshaling a unified, whole-of-nation approach on this, working in lockstep with our allies who share our commitment to democratic values, privacy, and liberty,\u201d he said<\/a> at another Washington cybersecurity conference in early September, his first public remarks after getting confirmed. On the diplomatic side, Cairncross said<\/a> during another public appearance in late October that the Trump administration\u2019s goal is to \u201cpush the clean American tech stack\u201d to counter China\u2019s \u201cattempt to export a surveillance state across planet Earth.\u201d<\/p>\n Cybersecurity diplomats around the world are hoping that the United States will not just remain engaged but revert to playing the traditional leadership role it has somewhat pulled back from over the past year.<\/p>\n \u201cThe U.S. leaves a uniquely sized gap if and when they are not present,\u201d one diplomat said. \u201cWe go into 2026 being more aware than ever about that uniquely sized gap.\u201d\n <\/p>\n","protected":false},"excerpt":{"rendered":"In October 2025, representatives from dozens of countries gathered in Singapore for the annual meeting of the International…\n","protected":false},"author":2,"featured_media":388707,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[23,144,188851,801,3,1206,13455,18066,98244,21,19,22,20,25,24,188852],"class_list":{"0":"post-388706","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-united-states","8":"tag-america","9":"tag-china","10":"tag-cyber-security-hacking","11":"tag-iran","12":"tag-news","13":"tag-russia","14":"tag-science-and-technology","15":"tag-u-s-foreign-policy","16":"tag-u-s-china-competition","17":"tag-united-states","18":"tag-united-states-of-america","19":"tag-unitedstates","20":"tag-unitedstatesofamerica","21":"tag-us","22":"tag-usa","23":"tag-winter-2026"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/388706","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/comments?post=388706"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/388706\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media\/388707"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media?parent=388706"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/categories?post=388706"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/tags?post=388706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"A](\"https:\/\/www.newsbeep.com\/us\/wp-content\/uploads\/2026\/01\/cybersecurity-us-GettyImages-2209421916.jpg\")
<\/p>\n![\"People](\"https:\/\/www.newsbeep.com\/us\/wp-content\/uploads\/2026\/01\/cybersecurity-us-cuts-GettyImages-2224016631.jpg\")
<\/p>\n