CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?



Government Shutdown Could Bench 80% of CISA Staff

Roughly 80% of CISA staff will be sent home at the end of the week in case of a government shutdown. 

CISA staff government shutdown

Roughly 80% of the staff at US cybersecurity agency CISA may be sent home at the end of the week as a government shutdown looms. 

The US government will partially shut down on Sunday unless lawmakers reach a deal on a funding bill. A shutdown will result in the furlough of hundreds of thousands of non-essential federal employees and the suspension of many services.

The Department of Homeland Security has announced the number of employees that would stay on during a shutdown for each of its agencies. In the case of CISA, which had 3,117 employees as of June 17, only 571 would remain during a lapse in appropriations. This means that more than 80% of its workers would be furloughed.

“Following notification of the lapse in appropriations, the non-exempt CISA staff will need four business hours to complete an orderly cessation of all other activities,” the DHS said. 

A government shutdown can have a significant impact on cybersecurity, including increasing criminal activity, failure to renew digital certificates, failure to deploy security patches, and denting the government’s ability to recruit talent. 

In CISA’s case, the agency plays an important role in protecting the government and the private sector against cyber threats. 

This includes issuing warnings over actively exploited vulnerabilities, helping investigate high-impact cyberattacks, creating guidance, aiding critical infrastructure organizations beef up their security, conducting cyber exercises, and assisting with incident response

“The silver lining for cybersecurity in any government shutdown is that most government personnel involved with cybersecurity operations are likely to be classified as essential and will be exempt from furlough. These would include roles like security monitoring and incident response, but generally not roles like security governance,” commented Jake Williams, veteran cybersecurity expert and faculty at IANS Research. 

Advertisement. Scroll to continue reading.

“The dark cloud is that in many government agencies, large percentages of the tactical security operations work is performed by contractors, who have historically not had the same exemptions to remain in place. In any shutdown scenario, there will be fewer staff available for security monitoring and response,” Williams added.

In the case of CISA, Williams told SecurityWeek, “I think it’s important to distinguish tactical network security operations (monitoring and incident response) from strategic program development and governance. The latter, which makes up the vast majority of CISA’s mission, will almost certainly be furloughed. The former will still see staff furloughed, but what I’m trying to communicate is that we shouldn’t be thinking furloughs mean that security ops centers just all stop functioning because everyone goes home. That didn’t happen in the last shutdown and it won’t happen here either.”

Max Shier, CISO at Optiv, noted, “The furlough affects more than just the government agency workers, it also affects all of the contractors that support the agency as well, as the funding for all contracts would be affected.”

“The longer-term affects could be the difficulty of retaining staff and recruiting new employees as there could be a fear of future furloughs.  This is an extremely important consideration as there are already a shortage of cybersecurity practitioners, and any movement of personnel out of the government vertical could significantly exacerbate the problem.  I personally had been affected by a previous furlough when I worked for the Government, and it was one of the determining factors for me to find other work,” Shier added.

Landen Brown, Federal CTO at Symmetry Systems, also commented, telling SecurityWeek, “Gone are the days that looming government shutdowns only impact our government workers’ pay. With top cybersecurity leaders and our presidential cabinet aggressively pursuing the 2023 Cyber Strategy plan, government shutdowns now impact our ability to maintain cyberspace capability and defense. Many cyberspace operators will be absent from critical operations, and those remaining Tier 1 personnel will be tasked with doing the mountainous job of many, often without pay.  Today, our adversaries recognize this. It is of the highest importance that our political leaders come together at this time to avoid granting our adversaries the ability to operate in relative freedom and hinder our ability to be prepared to fight and win our Nation’s wars.”

*updated with comments from Max Shier and Landen Brown

Related: CISA Unveils New HBOM Framework to Track Hardware Components

Related: Faster Patching Pace Validates CISA’s KEV Catalog Initiative

Related: CISA Hires ‘Mudge’ to Work on Security-by-Design Principles

Related: MITRE and CISA Release Open Source Tool for OT Attack Emulation

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.


Private equity giant plans to buy Forcepoint’s Global Governments and Critical Infrastructure (G2CI) business unit for $2.5 billion.


US National Cybersecurity Strategy pushes regulation, aggressive 'hack-back' operations.


Companies have announced securing billions of dollars in cybersecurity-related contracts with the United States government in 2022.


CISA has described and published a set of principles for the development of security-by-design and security-by-default cybersecurity products.


The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

Redmond is accused of “negligent cybersecurity practices” that enabled a successful Chinese hack of the United States government.


TSA instructs airport and aircraft operators to improve their cybersecurity resilience and prevent infrastructure disruption and degradation.