In an escalating critique of the Cybersecurity and Infrastructure Security Agency (CISA), Arizona election officials have expressed deep concerns regarding the agency’s diminished capacity to support state cybersecurity efforts, attributing these shortcomings directly to the Trump administration’s policy decisions.
Following a cyberattack on an Arizona candidate portal attributed to Iranian operatives, officials highlighted their decision to exclude CISA from their response efforts, opting instead to collaborate with the FBI and other federal entities. Arizona Secretary of State Adrian Fontes articulated a sense of disillusionment with CISA, describing it as “weakened and politicized” since 2024, marking a stark departure from previous bipartisan cooperation. This decline in capability coincides with CISA’s past actions against false election claims.
Arizona election officials have turned away from CISA in favor of the FBI, citing disillusionment with the agency’s weakened and politicized state.
The absence of CISA during this critical incident raises significant questions about the effectiveness and reliability of the agency, which had previously been an indispensable partner for election security. Fontes acknowledged that he had relied on CISA for election training and threat exercises, particularly regarding disinformation campaigns, crediting its support for the successful management of Arizona’s 2024 elections. These efforts had included providing cybersecurity experts to enhance the state’s defenses against emerging threats.
Conversely, CISA’s capabilities have been sharply curtailed because of budget cuts, which under President Trump eliminated approximately 1,300 positions and reduced contractor support by 40%. This contraction included the closure of regional offices, diminishing the federal presence necessary for timely cybersecurity support.
The broader context of the Iran-inspired attack, occurring in the wake of U.S. military operations, highlights the vulnerability of aging technological infrastructure in Arizona’s election systems. The compromised candidate portal served as a clear illustration of these weaknesses, with CISA’s warnings arriving too late to facilitate a proper response.
Earlier, CISA had played a critical role in providing real-time incident response coordination and threat intelligence, directly contributing to the preparation of state officials for Election Day scenarios. The stark contrast with CISA’s current capacity emphasizes a troubling reality for Arizona, as local officials navigate a framework fraught with geopolitical tension and compromised cybersecurity resources.
