Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Stay on top of the latest market trends
Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Photo: Jorge Villalba/Getty
The government is on hiatus. Enemies of the U.S. are not.
Why it matters: During the government shutdown, essential personnel are exempt from the furlough — so in theory, anyone preventing cybersecurity calamities is still showing up for work. But experts believe the loss of support staff makes the cybersecurity effects of a shutdown bad in the short term and worse in the long term.
The fallout: Consider the difficulty of maintaining security in government networks before a government shutdown. Now try doing that with fewer people.
- "Defending federal networks is already an act of triage, due to personnel shortages, legacy IT overhang, uneven risk management practices and a hostile threat environment. Furloughs make a hard job even harder," said Andrew Grotto, a former White House cybersecurity adviser for Presidents Obama and Trump and a current employee of Stanford's Hoover Institution.
- While critical personnel are still on duty during a shutdown, he added, "What that means as a practical matter is that these people have to do even more than usual."
Those problems will stick around after the shutdown. It's likely, say multiple former federal employees Codebook spoke to, that federal networks will fall behind on basic hygiene tasks.
- "Government shutdowns tend to affect support activities disproportionately, such as hiring or vetting contracts. Thus, over time, personnel slots will go unfilled and contracts will expire, making it difficult to sustain the workforce or upgrade equipment," noted Michael Daniel, former White House cybersecurity coordinator and current president and CEO of the industry group Cyber Threat Alliance.
In the long term, this could do irreparable damage to the federal government's ability to hire cybersecurity talent.
- The unemployment rate for trained cybersecurity personnel is famously at 0%, the private sector pays better and the only advantage the government has in hiring is the importance of the work and the gratitude of a nation.
- Willingness to shutter the government doesn't speak too highly to the perceived value of the job or its employees.
- *Government people go to work because of the mission, and we’re kicking them in the teeth," said Phil Reitinger, president and CEO of the Global Cybersecurity Alliance.
Departments devoted to cybersecurity policies will grind to a halt.
- The National Institute of Standards and Technology, which is developing a widely awaited privacy framework, is seeing its staff reduce to 49 out of its normal cohort of roughly 3,000 employees.
- The Department of Homeland Security's newly christened Cybersecurity and Infrastructure Security Agency will be without a substantial amount of support staff. By DHS' tally, 43% of the workforce — over 1,500 employees — are furloughed.
Security-related investigations and prosecutions at the FBI and Department of Justice will continue with all employees carried over.
The bottom line: Furloughing cybersecurity staff creates both short-term and long-term vulnerabilities.
- "Cyber threats don’t operate on Washington’s political timetable, and they don’t stop because of a shutdown," said Lisa Monaco, former assistant to the president for homeland security and counterterrorism.
Go deeper: The fear of a painful shutdown is kicking in
Editor's note: This story has been updated with Phil Reitinger's statement.