Possible Government Shutdown Has Cybersecurity Experts Worried

A federal government shutdown would likely weaken national security, which is good news for cybercriminals across the globe.

In the event of a government shutdown, the Cybersecurity and Infrastructure Security Agency (CISA) would furlough more than 80% of its workforce, potentially leaving the agency with a drastically limited crew to initially respond to attacks on the networks of federal agencies and critical infrastructure.

The Department of Homeland Security (DHS) plan for a “lapse in appropriations,” updated Thursday, shows CISA estimates it would retain 571 employees out of the 3,117 it had on board as of mid-June. Retained staff would be required to work during a government shutdown, while the rest would be furloughed.

CISA leads the national effort to understand, manage and reduce risk to the nation’s cyber and physical infrastructure. Its mission expands across three primary areas: cybersecurity, infrastructure security and emergency communications.

CISA issues warnings over actively exploited vulnerabilities, helps investigate high-impact cyberattacks, creates guidance and helps critical infrastructure organizations beef up their security, conducting cyber exercises and assisting with incident response.

Government Shutdown ‘National Security Crisis’

Tom Kellermann, senior vice president of cyber strategy at Contrast Security, said a government shutdown would become a “national security crisis.”

Contrast Security’s Tom Kellermann

“We are already dealing with a historic cyber insurgency.” he said. “We don’t have enough watchers on the wall to sustain our defenses.”

Debrup Ghosh, staff product manager at Synopsys Software Integrity Group, said when the nation’s infrastructure has been threatened – for example, the Colonial Pipeline – the industry leans on CISA for guidelines and best practices related to incident detection, response and prevention for novel threats and vulnerabilities.

Synopsys’ Debrup Ghosh

“With reduced staffing at CISA, these timelines to react may be impacted, and business leaders should have contingency plans in place to engage cybersecurity consulting firms at short notice to protect critical infrastructure and respond quickly to potential cyberattacks,” he said.

Scroll through our slideshow above for more from cybersecurity experts on a possible government shutdown and cybersecurity.