A US government shutdown affects about 800,000 federal employees out of 1.8 million full-time civil servants. About 380,000 are furloughed, meaning they cannot work or get paid. The rest are working without pay. A government shutdown can cause financial hardship for many federal employees, who may have to use their savings to survive while furloughed.
Nearly 85% of US cybersecurity agency CISA staff may be sent home at the end of the week as a government shutdown looms. The US government will partially shut down on Sunday unless lawmakers reach a deal on a funding bill. A shutdown will result in the furlough of hundreds of thousands of non-essential federal employees and the suspension of many services.
The US Department of Homeland Security (DHS) has announced the number of employees that would stay on during a shutdown for each agency. In the case of CISA, which had 3,117 employees as of 17 June 2023, only 571 would remain during a lapse in appropriations. This means that more than 80% of its workers would be furloughed.[1] “Following notification of the lapse in appropriations, the non-exempt CISA staff will need four business hours to complete an orderly cessation of all other activities,” the DHS said.
A US government shutdown can significantly impact cybersecurity, including increasing criminal activity, failure to renew digital certificates, failure to deploy security patches, and denting the government’s ability to recruit talent. In CISA’s case, the agency is important in protecting the government and the private sector against cyber threats.
This includes issuing warnings over actively exploited vulnerabilities, helping investigate high-impact cyberattacks, creating guidance, aiding critical infrastructure organizations to beef up their security, conducting cyber exercises, and assisting with incident response. “The silver lining for cybersecurity in any government shutdown is that most government personnel involved with cybersecurity operations will likely be classified as essential and exempt from furlough. These would include roles like security monitoring and incident response, but generally not roles like security governance,” commented Jake Williams, veteran cybersecurity expert and faculty at IANS Research.
“The dark cloud is that in many government agencies, large percentages of the tactical security operations work is performed by contractors, who have historically not had the same exemptions to remain in place. In any shutdown scenario, there will be fewer staff available for security monitoring and response,” Williams added.
In the case of CISA, Williams stated, “I think it’s important to distinguish tactical network security operations (monitoring and incident response) from strategic program development and governance. The latter, which makes up most of CISA’s mission, will almost certainly be furloughed. The former will still see staff furloughed, but I’m trying to communicate that we shouldn’t think furloughs mean that security ops centers stop functioning because everyone goes home. That did not happen in the last shutdown, and it won’t happen here either.”
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and has reported extensively on AI technology. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance.org/
- Website: https://www. redskyalliance.com/
- LinkedIn: https://www. linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5993554863383553632
[1] https://www.securityweek.com/80-of-cisa-staff-at-risk-of-furlough-as-government-shutdown-looms/
Comments