As the clock ticks down to another potential shutdown of the U.S. federal government, concerns are mounting over the impact such an event could have on the cybersecurity of the United States.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the agency tasked with safeguarding the nation's critical infrastructure and defending against cyber threats, is facing the possibility of losing a significant portion of its workforce. CISA is estimated to retain only 571 out of its 3,117 employees if a shutdown occurs, according to a document released by the Department of Homeland Security (DHS).
The threat of a government shutdown arises from the annual appropriation bills required to fund the government's activities and bureaucracy. If these bills are not passed, a partial government shutdown is scheduled to begin at 12:01 a.m. ET on Sunday, October 1. This would lead to thousands of federal employees being instructed not to report for work until the bills are passed, resulting in a severe disruption of government operations.
Amidst growing concerns over a potential government shutdown and its repercussions on cybersecurity, Justin Williams, Managing Partner at Optiv, shared his thoughts with SecureWorld News:
"Any furlough of CISA staff degrades our national security operational readiness—impacting the security of our national supply chain.
CISA provides critical linkages by and between our commercial organizations and government. This linkage includes support for organizations who are under duress or otherwise dealing with a cyber event or incident, putting commercial organizations and industry sectors at risk when indicators of compromise (IOC) are not shared among the proper groups to slow or stop the movement of adversaries.
Our nation's supply chain includes critical infrastructure, healthcare, transportation, and energy, among others. Degraded readiness is a national security matter."
Landen Brown, Federal CTO at Symmetry Systems, echoed a similar sentiment:
"Gone are the days that looming government shutdowns only impact our government workers' pay. With top cybersecurity leaders and our presidential cabinet aggressively pursuing the 2023 Cyber Strategy plan, government shutdowns now impact our ability to maintain cyberspace capability and defense.
Many cyberspace operators will be absent from critical operations, and those remaining Tier 1 personnel will be tasked with doing the mountainous job of many, often without pay.
Today, our adversaries recognize this. It is of the highest importance that our political leaders come together at this time to avoid granting our adversaries the ability to operate in relative freedom and hinder our ability to be prepared to fight and win our nation's wars."
The previous government shutdown in 2018-19 saw the expiration of 80 government web certificates without renewal, illustrating the tangible consequences of such events on cybersecurity.
As the countdown to a possible government shutdown looms, the nation's preparedness in cybersecurity hangs in the balance. The ability of CISA to safeguard critical infrastructure, counter cyber threats, and fortify the nation's defenses against evolving adversaries may encounter significant challenges if a shutdown occurs.
Follow SecureWorld News for more stories related to cybersecurity.