Fears Mount That US Federal Cybersecurity Is Stagnating—or Worse

The Stagnating State of US Federal Cybersecurity: A Threat to National Security

As the first year of the Trump administration approaches its end, government cybersecurity experts and even some United States government officials are warning that recent White House initiatives, including downsizing and restructuring of the US federal workforce, risk setting the government back on improving and expanding its digital defenses.

A Decade of Catch-Up

For years, the federal government was playing catch-up on cybersecurity, scrambling to replace ancient software, apply security patches to newer systems, and deploy other baseline protections across a massive and disparate population of PCs and other gadgets. With so many agencies and offices that needed upgrading, it was slow going. But as repeated government data breaches drew urgent attention to the issue, and as the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) - founded in 2018 - established itself during the early 2020s, minimum standards seemed to be rising.

CISA's Challenges

CISA lost about 1,000 people, more than a third of its staff, as a result of cuts that seemed to be motivated by the Trump administration's anger about the agency's election security work. Cybersecurity Dive reported in mid-November that the agency is planning to rebuild in 2026. Acting CISA director Madhu Gottumukkala wrote in a memo to staff at the beginning of November that the agency has "reached a pivotal moment" but is "hampered by an approximately 40 percent vacancy rate across key mission areas."

Government Shutdown and Cybersecurity Concerns

This fall's weekslong government shutdown only added to concerns about the state of federal cybersecurity - creating the possibility of blind spots or gaps in monitoring while so many workers were furloughed and contributing in general to the already extensive IT backlog at agencies across the government. "Federal IT workers, they are good jobs, there's not enough resources for the issues that they have to deal with," one former national security official, who requested anonymity because they are not authorized to speak to the press, told WIRED. "It's always underfunded. They always have to catch up."

Disrupting Relationships with Contractors

Amélie Koran, a cybersecurity consultant and former chief enterprise security architect for the Department of Interior, notes that one of the most significant impacts of the shutdown likely involved disrupting, or in some cases potentially ending, relationships with specialized government contractors who may have needed to take other jobs in order to get paid but whose institutional knowledge is difficult to replace. Koran adds, too, that given the limited scope of the continuing resolution Congress passed to reopen the government, "no new contracts and extensions or options are probably being done, which will cascade to next year and beyond."

The Risk of a Major Cybersecurity Incident

While it is unclear if the shutdown was a contributing factor, the United States Congressional Budget Office said more than five weeks into the ordeal that it had suffered a hack and had taken steps to contain the breach. The Washington Post reported at the time that the agency was infiltrated by a "suspected foreign actor." And after years of incredibly consequential US government data breaches - including the 2015 Office of Personnel Management hack perpetrated by China and the sprawling, multi-agency breach launched by Russia in 2020 that is often called the SolarWinds hack - experts warn that inconsistent staffing and reduced hiring at key agencies like CISA could have disastrous consequences.

The Brain Drain

"When, not if, we have a major cybersecurity incident within the federal government, we can't simply staff up with additional cybersecurity resources after the fact and expect the same outcomes we would get from long-tenured staff," says Jake Williams, a former NSA hacker and current vice president of research and development at Hunter Strategy. Brain drain, Williams says, and any loss of momentum on digital defense, is a serious concern for the US. "On a daily basis I'm worrying that federal cybersecurity and critical infrastructure protection may be backsliding," Williams says. "We must stay ahead of the curve."

A Call to Action

As the US federal government continues to grapple with the challenges of cybersecurity, it is essential that policymakers and agency leaders take a comprehensive and proactive approach to addressing these issues. This includes investing in the necessary resources and personnel to support CISA and other key agencies, as well as implementing effective policies and procedures to protect against cyber threats. The stakes are high, and the consequences of failure could be severe. It is time for the US to take a leadership role in cybersecurity and ensure that its digital defenses are robust and effective.

Source: https://www.wired.com/story/expired-tired-wired-federal-cybersecurity/