ROUNDTABLE: CISA’s prominent role sharing threat intel could get choked off this weekend

By Byron V. Acohido

Once again, politicians are playing political football, threatening a fourth partial government shutdown in a decade.

Related: Biden’s cybersecurity strategy

As this political theater runs its course one of the many things at risk is national security, particularly on the cyber warfare front.

Given the divergent paths of the U.S. Senate and the U.S. House of representatives, federal agencies could see funding largely choked off on Sunday, resulting in the furloughing of hundreds of thousands of federal workers.

A wide range of federal government services, once more, would slow to a crawl —  everything from economic data releases to nutrition benefits for poor children. And the Cybersecurity and Infrastructure Security Agency (CISA) may be forced to send home some 80 percent of its workforce, drastically shrinking its capabilities as a catalyst for public-private sharing of fresh threat intelligence.

Out of 3,117 employees, only 571 will remain active during a shutdown, based on the Department of Homeland Security’s updated plan for “lapse in appropriations.” This plan contrasts with most other DHS sectors, where employees like airport screeners and FEMA staff will continue their duties during the shutdown.

Last Watchdog caught up with Rep. Lou Correa, D – Calif., who serves on the House Homeland Security Committee, and is the top Democrat on the Border Security and Enforcement Subcommittee. Here’s Correa’s observation:


“Our national security will be put at risk because of the political stunts being pulled by my Republican colleagues right now. Whether it’s the Cybersecurity and Infrastructure Security Agency or the Department of Homeland Security, thousands of federal workers who serve on the front lines of our nation will be doing so with little-to-no agency support—and will be forced to work without pay.

“That takes a toll on morale, will cause staffing shortages, and will put American lives at risk. My colleagues on the other side of the aisle must put political gamesmanship aside and pass clean government spending bills—to prevent catastrophe, keep our constituents safe, and our government open for its citizens.”

Last Watchdog also sought commentary from cybersecurity thought leaders: here’s what they had to say:

Martin Jartelius, CISO, Outpost24


CISA ceasing to function will lead to organizations being less prepared to respond to the same threats we would see with or without them in operations. CISA is just one of several sources to turn to for information and support, many organizations start by finding a trusted provider and as they grow and mature tap into several sources to get a good insight. Backing this with solid inventory of your attack surface so you can prepare to defend . . . should replace those bits many rely on CISA for with something more tangible and hands-on.

Tim Helming, security evangelist, DomainTools


CISA’s ability to carry out the same level of intelligence gathering and analysis that they usually do may be affected. It may mean that the staff remaining available after the shutdown will be stretched thin and overtaxed. CISA has been quite prolific with advisories and it’s likely that the pace could slow during the shutdown. None of this means that we’re going to see an uptick in successful attacks . . . as always, we need to be highly vigilant; there have been several high-profile breaches in the last couple of weeks unrelated to the shutdown, and those certainly warrant tight operations.

Colin Little, security engineer, Centripetal


A federal government shutdown can weaken the nation, leaving it more vulnerable to cyberattacks and potentially harming international cooperation in the realm of cybersecurity. Maintaining robust cybersecurity practices during a shutdown should be a top priority to mitigate these risks and ensure the continued protection of critical systems and sensitive data. Think of it in terms of an active warzone; if 80 percent of front-line units stopped receiving troop pay, reinforcements and supplies, the result would be disastrous especially over a protracted period of time.

John Gunn, CEO, Token


A prolonged government shutdown could mean fewer employees doing critical cybersecurity work at key agencies including the FBI, DHS and CISA. The impact on the private sector would be less immediate, but valuable cyber attack information from resources such as the National Cybersecurity and Communications Integration Center and the Cyber Information Sharing and Collaboration Program could be interrupted meaning less threat intelligence and greater vulnerabilities for those that rely on it, which is many.


Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.



Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone