DOGE Fallout: How Federal Cuts Are Reshaping State and Local Cybersecurity

Executive Summary

Federal grant freezes and cybersecurity program cuts are landing hardest on state, local, and tribal governments that built election security and infrastructure protection on federal pass through funding. This article outlines the funding cliff and the immediate priorities for SLTT defenders.

The Department of Government Efficiency's federal workforce and spending reductions were designed to affect federal agencies. In practice, they have reshaped the security landscape for state and local governments that depend on federal funding, federal coordination, and federal threat intelligence. The intergovernmental structure of American cybersecurity means that federal stress translates into local exposure faster than most policy makers anticipated.

The Grant Pipeline

State and local cybersecurity programs have grown significantly in the past decade, funded largely by federal grants. The Department of Homeland Security's State and Local Cybersecurity Grant Program, the Election Security Grants administered through the Election Assistance Commission, and the broader Homeland Security Grant Program all provided direct funding to sub-federal entities for security investments.

Under DOGE-directed budget reviews, several of these programs saw funding freezes, clawbacks of unobligated balances, or delays in the award cycles that local governments had planned around. A city that budgeted for a security operations center buildout based on a federal grant award found the award delayed or reduced. A county that planned to hire its first full-time security staff based on election security funding had to defer the hire. A state that was constructing a shared cyber operations center for its localities saw the federal match disappear mid-project.

The operational consequence is that state and local governments are now trying to maintain or expand security programs with less money than they planned for. Most cannot make up the difference from their own tax bases. The result is deferred investments, delayed hires, and in some cases the cancellation of projects that were already underway.

Shared Services and Federal Support

Beyond direct grants, state and local governments rely on federal services that have been degraded by workforce reductions. CISA's regional cybersecurity advisors, who provided direct on-site support to state and local entities, have been reduced in number. The vulnerability scanning services that CISA provided at no cost to state and local governments have experienced backlogs. The incident response support that CISA could surge during a major local event is now less available.

The Multi-State Information Sharing and Analysis Center, which coordinates threat intelligence across state governments, depends on federal funding for a portion of its operations. That funding has been uncertain, and the center has had to reduce staffing and services. State members receive less timely intelligence and have fewer channels to escalate concerns.

Election Security at the Local Level

The local election office is one of the most vulnerable nodes in American democracy's digital infrastructure. These offices are small, often with one or two IT staff for an entire county, and they manage voter registration databases, election night reporting systems, and in some cases direct recording electronic voting machines. Federal election security grants had funded vulnerability assessments, incident response planning, and workforce training for these offices.

With federal support reduced or delayed, local election offices are operating with fewer resources than they had in the last cycle. Some states have backfilled with state funds, but many have not. The variation in security posture between well-funded and under-funded jurisdictions is widening. Adversaries who study American election infrastructure can identify the jurisdictions that are stretched thinnest.

The Rural-Urban Divide

The impact of federal reductions falls unevenly across geography. Large cities and wealthy states have more capacity to absorb grant reductions. They have larger tax bases, established security programs, and the ability to redirect funds. Rural jurisdictions and poorer states do not. A small rural county that loses a federal grant may not have any alternative funding source for cybersecurity.

The rural-urban divide in cybersecurity was already significant before the DOGE reductions. It is now larger. Rural hospitals, rural water systems, and rural election offices all face elevated risk because the federal support that was helping them close the gap has been withdrawn or delayed.

The Workforce Pipeline

State and local governments have historically struggled to hire and retain cybersecurity talent. Salaries are lower than the private sector and lower than federal employment. The pipeline of candidates interested in public service careers has been damaged by the political environment surrounding federal employment. State and local hiring managers report that candidates who previously considered government service are now opting for private sector roles exclusively.

The reduction in federal internship and scholarship programs also affects state and local hiring. Many of the candidates who entered state and local cyber roles had federal training or education support. With those programs reduced, the pipeline is narrower at every level.

What Resilience Looks Like

State and local governments that want to maintain security posture despite federal reductions have a limited set of options, most of which require political will and budget creativity.

Regional collaboration is the most promising path. Counties and municipalities that cannot afford standalone security programs can share services through regional authorities or state-managed shared service organizations. Several states have expanded their shared cyber operations centers to absorb local governments that previously operated independently.

State-level funding is the second path. States that recognize the national security and economic development value of cybersecurity are creating their own grant programs, tax incentives for security investment, and public-private partnerships that do not depend on federal support. These programs are small relative to the federal programs they replace, but they are more reliable because they are controlled locally.

Private sector partnerships are the third path. Local governments are increasingly turning to commercial security services, incident response retainers, and managed security providers to fill gaps they cannot fill with internal staff. The cost is higher than federal support was, but the availability is more predictable.

The Federal Recovery Question

The ultimate question is whether federal support will return, and if so, in what form. Political environments shift, and the underlying need for state and local cybersecurity does not disappear. A future administration may restore or expand the programs that were reduced. State and local governments that maintain a baseline capacity during the lean years will be positioned to scale up when funding returns. Those that allow their programs to atrophy will face a steeper climb.

The adversaries that target state and local governments are patient and observant. They note which jurisdictions are well-defended and which are not. The current period of federal constraint is an opportunity for them, and the jurisdictions that understand that are the ones investing in resilience however they can.

Sources and Citations

1. CISA, State and Local Cybersecurity Grant Program guidance and award announcements, fiscal years 2023 through 2025.
2. National Association of State Chief Information Officers (NASCIO), State CIO Top Ten Priorities, 2024 and 2025.
3. Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure ISAC bulletins, 2024 and 2025.
4. Brennan Center for Justice, election security funding analyses, 2024 and 2025.
5. Center for Internet Security, annual State of Cybersecurity for State and Local Governments report, 2024.