Federal Government Shutdown Now Impacting Cybersecurity
Cybersecurity experts are starting to show concern about the ongoing U.S. government shutdown. Many say that without federal institutions functioning at full strength ,there is significant pressure on the country’s cybersecurity infrastructure.
“Cyberthreats don’t operate on Washington’s political timetable, and they don’t stop because of a shutdown,” said Lisa Monaco, former assistant to the president for Homeland Security and Counterterrorism, in an Axios report.
For those providing cybersecurity services, the threats are real, especially when federal government agencies are no longer providing intelligence, threat information, cybersecurity advice and support to the nation’s businesses and organizations.
David Tan, CTO of CHIPS Technology Group, echoes many of those concerns with some real world examples.
“I have a few clients that do annual policy reviews in January, and we’ve had to delay those conversations since we rely pretty heavily on NIST and most of those resources are offline, Tan told Channel Futures.
The National Institute of Standards and Technology (NIST) is one of the agencencies hardest hit by the shutdown. Duo Security reports that 85 percent of the agency’s staff have been furloughed.
Yet the concerns don’t just end and begin with the NIST; other agencies that play in the cybersecurity game are feeling the pain of understaffing and a lengthy shutdown. For example, The National Protection and Programs Directorate, which helps manage both US-CERT’s Continuous Diagnostics (CDM) and Mitigation and Automated Indicator Sharing (AIS) programs, also has up to 80 percent of its cyber workforce on furlough. US-CERT has become a clearinghouse of cyberthreat data that many cybersecurity vendors have come to rely on as a resource.
“The shutdown has severely limited US-CERT programs,” Tan added. “I’m definitely worried we’ll have less of an ‘early warning’ system for possible threats and vulnerabilities.”
Other agencies impacted by the shutdown include The Department of Homeland Security’s newly established Cybersecurity and Infrastructure Security Agency, which has furloughed nearly half (43 percent) of its workforce.
While the interruption of services and the reduction of staffers have an immediate impact on cybersecurity initiatives, there might be some long-term damage as well. Many important services and security-related functions remain available, but are operating on short-term cash reserves. The longer it takes for the government to reopen, the more likely that those cash reserves are depleted, which in turn will force agencies to shutter some of these services.
What’s more, many of the problems created by the government shutdown might have a long lasting impact.
“Government shutdowns tend to affect support activities disproportionately, such as hiring or vetting contracts,” noted Michael Daniel, former White House cybersecurity coordinator and current president and CEO of industry group Cyber Threat Alliance. “Thus, over time, personnel slots will go unfilled and contracts will expire, making it difficult to sustain the workforce or upgrade equipment.”
With many solution providers working with federal agencies, there are some concerns to …