Cyber Experts Urge House Committee to Avoid Federal ShutdownAnnual Federal Funding Will Expire in 12 Days
Cybersecurity experts urged Congress to avoid a government shutdown on Oct. 1 - the start of the new federal fiscal year - telling a House panel that a lapse would damage efforts to keep the nation secure.
Congress has yet to approve any of the dozen funding bills that expire annually and are necessary to keep most federal agencies operational. The legislature has 12 days before the current federal fiscal year ends, along with the funding Congress appropriated for it.
A shutdown would cause delays of critical work by the U.S. Cybersecurity and Infrastructure Security Agency, and some projects would come to a halt, testified Brian Gumbel, president of security firm Armis, in a Tuesday hearing before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection.
The longer the funding delay, "the more time adversaries will have to get in front of us," Gumbel said. "The delays are just terrible for this nation and this is going to cause some major impact."
The subcommittee chair, Rep. Andrew Garbarino, R-N.Y., said CISA is "under attack" by some of his congressional colleagues, who he said are advocating for defunding agency salaries and cutting the budget by up to 25%.
A push for the legislature to approve a stopgap measure known as a continuing resolution, which temporarily extends current funding levels, faces opposition from a voluble Republican minority in the GOP-controlled House of Representatives that is calling for cuts to domestic spending and policy measures such as restrictions on asylum seekers. Even if the House Republican caucus coalesces behind a continuing resolution - something that currently appears unlikely - an effort to slash federal spending and impose new immigration policy would face opposition in the Democratic-controlled Senate.
Once rare, federal shutdowns sparked by funding disputes are now a semiregular occurrence. When one occurs, most of the federal workforce is furloughed, apart from "excepted" civil servants whose job duties are considered vital to national security or "exempted" workers whose salaries are funded separately from annual appropriations bills.
During a 35-day partial shutdown that took place in December 2018 and January 2019 and included the Department of Homeland Security, of which CISA is a component, much of the federal cybersecurity workforce stayed on the job. But even then, the workforce was "only cleared to do the essential duties that protect against imminent threats," wrote former DHS cybersecurity official Suzanne Spaulding at the time.
"Our federal networks are likely still being monitored for malicious activity," she said. "But that leaves a lot that is not getting done," such as working with operators of critical infrastructure to mitigate vulnerabilities.
During Tuesday's hearing, Joe Head, co-founder and CTO of security firm Intrusion, testified that even a continuing resolution to keep the government running would hurt the nation's cyber defenses.
"The big programs under a CR continue at the previous funding levels, or 80%. The thing that hits you the hardest are the new initiatives that just stop completely," he said. "We need a lot of innovation in cybersecurity, so I think you all need to fund these new programs."
CISA is currently conducting market research for an upgrade to its National Cybersecurity Protection System, a federal civilian cybersecurity program that includes the Einstein network monitoring system.
Rob Sheldon, director of public policy and strategy at CrowdStrike, testified that federal cybersecurity programs need to adopt and integrate newer and emerging technologies, such as XDR, identity threat detection and response, and artificial intelligence.
"While the application of AI to cybersecurity is not new, it is advancing," he said. "This will drive speed, efficiency, and even make some tools more accessible through the integration of a natural language interface," he testified. "Federal cybersecurity executives should view this opportunity holistically, consult broadly with industry and academia, and engage in long-term planning."