October is “cybersecurity awareness month,” which is meant to promote digital safety while encouraging the public to adopt safer online habits. This year is unique because it coincides with a government shutdown that began on October 1, which could result in cuts at the Cybersecurity and Infrastructure Agency (CISA).
Even if the shutdown is resolved soon, the danger could be lasting, as departments have been forced to send home IT and cybersecurity staff. Hackers, cyber criminals, and foreign adversaries could take advantage of the shutdown if they haven’t done so already.
“The world’s major adversaries have been in an online war for decades,” warned Roger Grimes, chief information security officer advisor at cybersecurity provider KnowBe4.
The danger is that the federal government’s shutdown could lead to a different kind of shutdown.
“Any country can shut down any other country’s critical infrastructure and business, almost at will,” Grimes told ClearancesJobs. “Nearly every secret accessible online can or has been stolen.”
Grimes further suggested that now isn’t the time to reduce IT staff, and certainly isn’t the time to have deep cuts at CISA.
“We need to significantly increase the size of CISA, not cut it,” Grimes continued. “Cutting the department that has the most impact on our cybersecurity doesn’t seem logical. Instead of letting anyone go, we need to be hiring hundreds of thousands of cybersecurity experts—we have them and they are looking for jobs—and giving them the best AI-enabled tools that our money can buy and that our resources can make. We are in a war. When are we going to start acting like it?”
Risks Are Real
The longer the shutdown lasts, the greater the threat could be, and it might continue once workers return to their posts. Many will be playing catch-up, which could result in lowering their guard.
“The U.S. federal government shutdown can increase the risk to national cybersecurity for several reasons. First, with a larger number of employees in federal cyber units furloughed, activities such as threat monitoring, security system updates, and incident response can be delayed,” explained Dr. Lance Hunter, professor of International Relations and faculty member within the Master of Arts in Intelligence and Security Studies Program at Augusta University.
Hunter further suggested that in this environment, the sharing of cyber intelligence data may stop or slow, which can in turn weaken situational awareness for the federal government and private companies. Following the shutdown, it won’t be business as usual immediately.
“Furloughs and potential layoffs can harm worker morale, leading to retention issues and a loss of institutional knowledge,” Hunter told ClearanceJobs. “Overall, the combined effects of the shutdown can increase the extent to which the U.S. government, state and local governments, and private companies are vulnerable to cyberattacks by adversaries.”
Operational and Strategic Impacts
During any shutdown, the government is forced to suspend “non-essential” operations. There can often be disagreements on what is actually essential. Still, it certainly can have a direct and compounding impact on cybersecurity, suggested Professor Justin Miller, associate professor of practice in the School of Cyber Studies at the University of Tulsa.
That effect can include weakened defenses, heightened insider-threat risks, and delayed national response capacity.
As a result, any lapses in federal appropriations resulting from a government shutdown do not pause cyber threats; they amplify them, Miller told ClearanceJobs.
“When funding halts, many cybersecurity professionals and contractors are furloughed, leaving only mission-critical personnel to sustain operations. Security Operations Centers (SOCs) may run with reduced coverage, patch management slows, and monitoring of intrusion alerts or system logs may be delayed,” said Miller. “Threat actors, foreign and domestic, recognize this diminished posture as an opportunity to exploit gaps in coverage. The federal digital ecosystem remains live and interconnected, but its human defenders and administrative processes are temporarily constrained, creating an asymmetry that adversaries can leverage.”
In addition, during a shutdown, seemingly basic cybersecurity measures aren’t taken. This can include a failure to update expired system certificates, delays in vulnerability scanning, and even lapses in vendor coordination. All of that can lead to exposure to phishing, spoofing, and denial-of-service attacks.
“This disruption creates an imbalance within the federal defense-in-depth and defense-in-breadth ecosystem, exposing vulnerabilities across the enterprise and its partner networks while amplifying cyber threat activity against the United States,” said Miller. “Even brief shutdowns can create backlogs in digital forensics, incident response, and vulnerability management, delaying containment and remediation efforts once operations resume. Strategically, prolonged shutdowns signal internal instability, emboldening adversaries and undermining public trust in the federal government’s ability to maintain cyber resilience under fiscal pressure.”
Windows 10 Support Ending
The other part of the story is that the shutdown is also coming as support for Windows 10 has arrived. While it was a long time coming, there are still tens of millions of users, many of whom are in the federal government. Now isn’t an ideal time for IT and cybersecurity staff to figure out if the computers running that operating system will remain secure.
“Microsoft can’t simply abandon them,” said Grimes. “But what does support look like when Microsoft no longer provides support? If history is any indicator, in the past, Microsoft was forced to release a few critical patches that were being widely exploited in the world, but the practical reality is that any Windows 10 user needs to move to a newer version or use something else. A Windows 10 computer is a high-risk computer and needs to be treated like it.”
