CYBERSECURITYFederal Shutdown Deals Blow to Already Hobbled Cybersecurity Agency
Unfortunately, adversaries do not reduce their attacks against the U.S. based on available federal cyber defense funding or the status of cybersecurity laws. In fact, malicious hackers often strike when their target’s guard is down.
As the United States experiences its latest government shutdown, most of the daily operations of the federal government have ground to a halt. This includes much of the day-to-day work done by federal information technology and cybersecurity employees, including those at the nation’s leading civilian cybersecurity agency, the Cybersecurity and Infrastructure Security Agency.
CISA is among the entities that will see the deepest staffing reductions during the shutdown that began Oct. 1, 2025, according to Department of Homeland Security documentation. Only about one-third of its employees remain on the job after federal employees were furloughed. As if cybersecurity wasn’t challenging enough, fewer CISA employees are being asked to do more and more work protecting American cyberspace during the shutdown. And they’ll be working with the promise of getting paid for their efforts at some date in the future once the shutdown ends.
The current CISA situation is grim, from my vantage point as a cybersecurity researcher and former industry practitioner. The agency was already experiencing deep cuts to its staff and resources before the shutdown. And now, coinciding with the shutdown, a key law that enabled the agency to facilitate information-sharing with the private sector has expired.
Taken together, the cyberdefense agency is being hobbled at a time when the need for its services has never been greater, from the ongoing China-led Salt Typhoon attack on U.S. telecommunications networks to ransomware, data breaches and threats to infrastructure.
CISA was created in 2007 within the Department of Homeland Security. As its name implies, the agency is charged with digital security matters across the federal government. The agency also works with the companies that operate and secure the numerous critical infrastructure sectors of the American economy, such as phone networks, the electric grid and energy pipelines. Additionally, it helps state and local governments across the country secure their vulnerable networks and data.
CISA also publishes threat and vulnerability alerts for the government and cybersecurity community and engages with public and private stakeholders on best practices in response to emerging vulnerabilities. Prior to the recent expiration of the 2015 Cybersecurity Information Sharing Act, the agency also made it easier for organizations to share useful information with the government to help cybersecurity teams better protect their systems.
