Congress narrowly averted a government shutdown ton Saturday by striking a temporary deal— referred to as a continuing resolution — which will keep the doors open and government funding at current levels until Nov. 17.
However, before the weekend, many government agencies and organizations were bracing for what felt like an enviable shutdown. This included the Cybersecurity and Infrastructure Security Agency (CISA), which as of late last week was preparing to furlough more than 80% of its workforce.
This isn’t the first time a shutdown was looming, and it probably won’t be the last. Here security leaders discuss what a government shutdown would mean for security professionals and how it could affect the security industry.
Security leaders weigh in
Landen Brown, Federal CTO at Symmetry Systems:
Gone are the days that looming government shutdowns only impact our government workers' pay. With top cybersecurity leaders and our presidential cabinet aggressively pursuing the 2023 Cyber Strategy plan, government shutdowns now impact our ability to maintain cyberspace capability and defense. Many cyberspace operators will be absent from critical operations, and those remaining Tier 1 personnel will be tasked with doing the mountainous job of many, often without pay. Today, our adversaries recognize this. It is of the highest importance that our political leaders come together at this time to avoid granting our adversaries the ability to operate in relative freedom and hinder our ability to be prepared to fight and win our nation’s wars.
Dave Gerry, CEO at Bugcrowd:
CISA is a critical resource in our nation's proactive defense against cyber criminals and attackers. Any disruption to that team as a result of a government shutdown increases the cyber risk we face, and, given the rate at which we see nation-state adversaries ramping up attacks, unnecessarily slows down the great progress the Agency has made and makes us more vulnerable to attacks as a result.
Justin Williams, managing partner at Optiv:
Any furlough of CISA staff degrades our national security operational readiness — impacting the security of our national supply chain
CISA provides critical linkages by and between our commercial organization and government — this linkage includes support for organizations who are under duress or otherwise dealing with a cyber event or incident — putting commercial organization and industry sectors at risk when indicators of compromise (IOC) are not shared among the proper groups to slow or stop the movement of adversaries throughout our commercial organizations
Our nations supply chain includes critical infrastructure, healthcare, transportation, energy, among others — degraded readiness is a national security matter.
Patrick Harr, CEO, SlashNext:
Approximately 80% of the staff at CISA could be furloughed in the event of a partial U.S. government shutdown. This has greater implications than simply having fewer hands on deck to maintain security controls, respond to alerts, etc. A shutdown signals to cybercriminals that this is a perfect time to launch attacks — nefarious actors love to operate in times of confusion and doubt. We can expect to see an increase in breach attempts, likely with many of these furloughed government employees being targeted with message-based attacks attempting to trick them into sharing credentials or revealing other sensitive information. Just because employees won’t be checking their work emails during this time, doesn’t mean they’re immune to phishing/BEC. Hackers are moving more and more to mobile and personal communication channels like social media, WhatsApp, Signal, etc. to reach victims. It’s entirely plausible that an attacker could pose as a colleague and reach out via one of these platforms, and even claim they’re doing so because they know the victim can’t check their work email or work phones and this was the best way to get in contact during the shutdown. Government employees need to be on high alert for these types of messages.
Additionally, a shutdown will likely disrupt government efforts to respond to/mitigate emerging cyber threats such as AI-fueled attacks. This is a rapidly evolving area of cybercrime that requires attention and new approaches to maintain security. With roughly 80% of CISA employees on furlough, we are sure to see setbacks in the government’s approach to protecting against these types of attacks.
Cybersecurity professionals must ensure that security protections in place continue without disruption during the shutdown. This could include ensuring that all patches are up to date or set to patch automatically, renew any security subscriptions that might lapse during the shutdown, and leverage automation to thwart/respond to threats as much as possible.