- Joined
- Jun 8, 2018
- Messages
- 11,143
- Reaction score
- 8,176
- Gender
- Undisclosed
- Political Leaning
- Undisclosed
A good piece on CNN pointing out
(side comment: how lucky for Russians!)
Some specific vulnerabilities stem from ...
The shutdown is a call to action for cyber criminals at home and around the globe to probe for vulnerabilities and strategically position themselves for decisive strikes in the future.
(side comment: how lucky for Russians!)
Some specific vulnerabilities stem from ...
First, routine cybersecurity "hygiene" tasks, like firewall maintenance, are likely being postponed because they often require the buy-in of federal employees that might be furloughed and of federal contract workers who might have been deemed nonessential.
Second, getting to the bottom of whether an "incident" is a false alarm or a major security breach is impossible to do without support staff ...
Third, hiring for key federal cybersecurity and IT positions has slowed -- and perhaps altogether stalled -- diminishing the pipeline of candidates for several months. For those federal workers and contractors who already have those jobs but aren't getting a paycheck, they may well look for more reliable work in the private sector where they're less likely to be victims of our nation's dysfunctional politics.
...
So too key decisions on contracts and initiatives for cybersecurity are being postponed indefinitely. For example, Congress recently approved the new Cybersecurity and Infrastructure Security Agency (CISA) at DHS. CISA is just getting off the ground. Running at full speed requires a lot of work and resources, but according to shutdown guidance, over 40% of CISA's staff is furloughed.
And just last month, President Donald Trump signed the SECURE Technology Act, which addresses supply chain vulnerabilities. The funding and program implementation behind SECURE has now ground to a halt.
Cybersecurity is hard enough when we're fully staffed and operating effectively. On a good day, we are outmanned, outgunned and out-funded by bold and creative cybercriminals and adversaries. Due to the shutdown, America's cyber defenses are more vulnerable than ever.