Government
,
Industry Specific
US Cyber Defense Agency Faces 65% Furlough Rate Amid Federal Shutdown
Cybersecurity teams in the Department of Homeland Security bore the sharpest personnel cuts Wednesday as the U.S. federal government furloughed civil servants due to a government shutdown that began shortly after midnight the night before.
See Also: Maximizing data utility in mission delivery, citizen services, and education
More than 90% of the Homeland Security workforce remains on duty, but the nation’s cyber defense agency – the Cybersecurity and Infrastructure Security Agency – lost about 65% of its staff due to lack of appropriations to pay their salaries. Furloughs at CISA mean that fewer than 900 employees are still on the job, marking a low point for staff since the agency’s creation in 2018.
A spokesperson said the agency “will sustain essential functions and provide timely guidance to minimize disruptions” in a statement attacking Democratic lawmakers. The congressional minority party is “forcing many of our frontline cybersecurity experts to work without pay even as nation-states intensify efforts to exploit Americans and critical systems,” the spokesperson said.
Other key federal cyber entities are also constrained: the National Institute of Standards and Technology is retaining just 34% of its workforce, likely delaying work that underpins agency cybersecurity guidelines.
Private-sector partners with the federal government told Information Security Media Group the impact could soon be felt in slower alerts and fewer updates from CISA and the federal systems they depend on, including vulnerability scanning and other mitigation efforts. Several industry CISOs said they expect routine guidance and analytic products to lag for as long as furloughs stretch on, leaving operators of critical infrastructure to rely more heavily on commercial feeds.
Current and former government officials and staffers say many of CISA’s programs – which depend on daily staff engagement and collaboration across teams – are effectively frozen. A senior federal cyber official who requested anonymity to discuss internal operations described a security posture where active incident response and emergency directives are prioritized, leaving analytic and outreach work suspended or delayed.
“It’s a frightening moment – that’s the only way to describe it,” the official said, pointing to the shutdown and a White House plan to convert furloughs into permanent reductions of the civil service. “Everyone here is just hoping this ends before there is real, lasting damage done.”
Uncertainty extends beyond federal agencies into state and local governments, with the shutdown having halted grant funding that many communities rely on to keep basic cyber defenses running. The state and local cybersecurity grant program, which invests federal dollars into helping states and municipalities shore up their cyber defenses, is in a state of limbo after its authorization also expired on Sept. 30.
As a result of the lapse, officials said grant awards will no longer be issued at the current time and project investments will stall. State and local governments have already warned of fiscal uncertainty because DHS and its grants staff are offline and unable to process applications.
A federal cooperative agreement with the Center for Internet Security additionally ended Tuesday, cutting off funding for the CIS-run MS-ISAC, which has provided state and local governments with no-cost cyber hygiene scans, phishing tests, vulnerability management, performance goals and evaluation tools, regional advisors, incident response support and regular security operations center updates.
Former federal cybersecurity officials said the loss of dedicated federal funding for the MS-ISAC is concerning, but argued it reflects a shift toward CISA taking a more direct role in supporting state and local cyber readiness. One former White House cybersecurity adviser said the new funding model is intended to give local governments more control over how resources are applied to their own priorities, adding: “CISA was created to quarterback cybersecurity protection for state and local governments, not do the work for them.”
Those officials said collaboration with MS-ISAC doesn’t need to necessarily end, since CISA can maintain information-sharing ties through agreements and partnerships. But whether those relationships can be sustained through staffing cuts and constrained resources remains an open question.
The Department of Justice, by contrast, has kept nearly 90% of its workforce on duty, including all FBI cyber agents and support staff, ensuring that criminal investigations and national security cases involving hacking continue without disruption. Former officials warned that while the FBI cyber mission remains largely operational, the loss of support from agencies like CISA means investigators could face slower intelligence feeds and fewer analytic products to support their work.
The Department of Defense designated U.S. Cyber Command and NSA operations as fully exempt from furloughs, allowing military cyber missions and offensive operations to proceed. An extended shutdown may complicate coordination efforts with civilian counterparts, including programs that rely on public-private data or interagency task forces now running with skeleton crews.
Furloughs across federal agencies coincided with the expiration of the Cybersecurity Information Sharing Act of 2015. Its lapse creates legal uncertainty that could chill the flow of threat intelligence through the private sector (see: What Happens to Cyberthreat Sharing After CISA 2015?).
