The U.S. Government is on Hiatus, Cybersecurity Threats Are Not

Guy Franklin of SOSA discusses the lasting effects of the government shutdown.

• By Sydny Shepard
• Jan 14, 2019

One unforeseen consequence of the United States government shutdown is the reduction in federal cybersecurity staff and support. By Department of Homeland security tally, 43 percent of the workforce — over 1,500 employees — are furloughed. This creates opportunities for not only immediate risk but also risks that will likely stick around long after the shutdown is over.

Security Today asked Guy Franklin, the GM of SOSA, a global innovation platform with a network of over 150 multinational corporations and investors recently selected by the New York City Economic Development Corporation to develop this Global Cyber Center, for insights on what could happen if the government shutdown lasts months, or even years, as President Donald Trump has been quoted as saying.

Franklin pinpointed three risks that are evident as the government shutdown continues including vulnerability, retaining talent and the lasting events of the shutdown even when things are up and running again.

A Government Shutdown Acts as an Invitation for Hackers

Franklin explains that the continued shutdown conveys to bad actors that our country is not currently putting full efforts into national security, including the security of our networks and data.

"When adversaries detect that a nation is not operating at full-power, they often increase their attempts to breach its systems," Franklin said. "Although there will always be members on the ground during a shutdown, those numbers fall far short of what is necessary to meet national security standards. The reduction in available personnel harms the country's ability to protect its assets, including vulnerable energy grids, financial information, military bases, and telecommunication networks."

Cybersecurity Talent will Become Even Harder to Retain

Due to the increasing amount of government shutdowns, federal cybersecurity staff may begin to rethink the line of work they are in. Why continue to work when you are unsure of being paid? Here's what Franklin had to say:

"With two government shutdowns last year alone, the prospect of repeated shutdowns and staffing fluctuations is highly likely and has an impact on workplace morale and retention of government cybersecurity workers," Franklin said. "Morale drops at even the warning of a government shutdown, extending its impact beyond an actual government shutdown itself. Over time, the lack of prioritization of personnel will cause employee vacancies to linger, creating short- and long-term problems potentially beyond repair. Almost 2 million cybersecurity jobs will go unfilled by 2022 according to the Global Information Security Workforce Study conducted by Frost and Sullivan and the International Information System Security Certification Consortium."

Vulnerabilities Will Remain Long After the Shutdown has Ended

Even when things get back to normal, the state of national security will remain vulnerable. Due to the fluctuating staff and lengthy time left unmonitored on a full scale, the effects could last even after our government comes to a conclusion on funding. Research shows that breaches sometimes take days, weeks or years to detect.

"Aside from obvious short-term risks to national security, the longer a shutdown persists, the more exposed a nation becomes," Franklin said. "And with less staff to defend critical national infrastructure from ongoing threats, these impacts can deepen, in some cases beyond repair. Without proper staffing, vital improvements and updates cannot be made. Nations need to look to global teams for support when navigating these types of damaging situations."