The government shutdown is affecting US cybersecurity

The partial shutdown of the US federal government, now approaching three weeks, is having at least one impact not felt during the shutdowns of the 1970s, 1980s, and 1990s. As our online lives have grown dramatically in the last couple of decades, so have our cyber-vulnerabilities, with everything from home appliances to nuclear power plants now hackable by malefactors. And among the 800,000 government workers either furloughed or working without pay are some responsible for US cybersecurity, as Fifth Domain reported this week.

The brand new Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security (DHS), has seen around 40 percent of its staff furloughed. (The new agency, still in the process of getting up to speed, “is responsible for protecting the Nation’s critical infrastructure from physical and cyber threats,” per its website.) At the National Institute of Standards and Technology, which publishes the federal cybersecurity standards that both government and private companies use, 85 percent of staff are off without pay. Former DHS undersecretary Suzanne Spaulding, writing for The Hill, adds two additional concerns: As a result of the shutdown, DHS canceled a major cybersecurity conference and will miss several deadlines it was supposed to hit on new cybersecurity provisions.

None of this is reassuring. As cybersecurity blogger Patrick Nohe wrote on Wednesday,  “even at full strength the US cyber defense apparatus is being pushed to the brink by foreign, state-sponsored hackers and cyber cells.” But many in the field are more worried about the long-term impact of the shutdown. Cybersecurity experts can command high salaries, and after a government shutdown in 2013, federal agencies saw a brain drain of talent to the private sector.

On Thursday, WNYC radio show The Takeaway broadcast an interview with Patrick, a NASA cybersecurity contractor. He said he could make the rent for February, but that if the shutdown continued, he was going to have to find another job, and that it wouldn’t be difficult to do so in Silicon Valley. He observed, “Most of the people that are in my position … are here for the mission, not the money. But now that it’s clear that our employment isn’t stable—we have families and we have bills, and I think many people are just going to leave, and the government is going to have a very hard time recruiting people back to refill those positions, because they’ll see the experience that those of us have had.”