Top cybersecurity professionals warned House lawmakers on Tuesday that a government shutdown would expose U.S. agencies to a crush of new cyberattacks and damage the Biden administration’s response.
Executives from top cybersecurity companies told the House Homeland Security Committee that any shutdown would hamper the Biden administration’s ability to respond to dangerous digital attacks.
Armis President Brian Gumbel said the immediate effects of a shutdown will be to cause delays and bring some cyber projects to a screeching halt.
“The longer we delay, the longer the adversaries will have the chance to get in front of us,” Mr. Gumbel told lawmakers. “Delays are just terrible for this nation and it’s going to cause some major impact.”
Federal officials are already working to overcome a China-linked hack that spread through the Commerce and State departments earlier this year, with the prospect of a government shutdown this fall hanging over their heads.
CGI Federal Vice President Stephen Zakowicz, whose company works with the Commerce Department, said he has witnessed previous government shutdowns disrupt cyber defenses.
He said shutdowns inhibit continuity planning and stymie the government’s cyber defenders from making progress to prevent hacks.
CrowdStrike’s Robert Sheldon similarly told Congress to expect bad results if the government shutters.
“You don’t get to have good cybersecurity outcomes if you don’t have continuity in your cybersecurity programs, and the absence of funding could disrupt that,” Mr. Sheldon said.
But a temporary funding bill to postpone a shutdown until broader agreement on government spending could be reached may also yield bad outcomes.
Intrusion co-founder Joe Head said Congress needs to develop ways to fund new cyber programs and responses to new digital breaches while operating under stopgap spending legislation.
Mr. Head told lawmakers that new cyber efforts cannot get started under the stopgap legislation, and that government cybersecurity workers need to tackle emerging threats each day.
“This is all new,” Mr. Head said. “It’s new every day with a new breach, a new zero-day, a new attack.”
Armis, CGI Federal and CrowdStrike all work with the federal government and likely stand to benefit financially from future taxpayer spending for the agencies that are their customers and users.
Disastrous hacks have slammed the federal government and private sector during President Biden’s tenure, regardless of whether the federal government was open for business.
For example, a China-linked breach hitting Microsoft customers ripped through the Commerce and State departments, and its known victims include one lawmaker, Rep. Don Bacon, Nebraska Republican.
The Department of Homeland Security’s Cyber Safety Review Board is among the federal groups investigating the hack of Microsoft, and its results may yield changes in how the government does business with private companies.
As federal investigators dig in, the FBI is urging private companies to include federal agents in their strategy to combat hackers. FBI Director Christopher A. Wray said Monday he was requesting that companies not only make incident-response plans but make the FBI a part of the plan.
“We know the private sector hasn’t always been excited about working with federal law enforcement, but when you contact us about an intrusion, we won’t be showing up in raid jackets,” Mr. Wray said at a Mandiant cybersecurity conference in Washington. “Instead, we’ll treat you like the victims you are — just like we treat all victims of all crimes.”
• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.
Please read our comment policy before commenting.