Cyber security analysts work in the "watch and warning center" at the DHS's secretive cyber defense lab in Idaho Falls, Idaho.

Cyber security analysts work in the "watch and warning center" at the DHS's secretive cyber defense lab in Idaho Falls, Idaho. Mark J. Terrill/AP

How a Homeland Security Shutdown Would Imperil US Cyber Defense

An agency official told House lawmakers a partial shutdown at the Department of Homeland Security would do more than just slow a timely response to critical threats.

The Department of Homeland Security is warning lawmakers a shutdown at the agency would not spare its cybersecurity operations.

"I'm gravely concerned about the impact of a shutdown on our cybersecurity efforts,” Andy Ozment, DHS assistant secretary for cybersecurity and communications, said Thursday in testimony before a House subcommittee hearing.

Ozment told lawmakers a partial shutdown would affect basic cyber operations at the agency, potentially delay two key acquisition programs -- including a contract award under its multibillion-dollar continuous monitoring program -- and curtail its information-sharing activities with the private sector.

There are just 16 calendar days -- and five scheduled legislative days -- before DHS runs out of funding and would be forced to partially shut down and furlough some staff. Funding for the agency has been mired in a rancorous partisan fight over President Barack Obama’s recent executive order on immigration.

Funding for the rest of the government was settled by Congress in a catch-all spending bill two months ago.

Nearly all of the department’s cyber employees would be exempt from furloughs -- meaning they would remain on the job, albeit without pay during any funding gap.

However, during a shutdown, Ozment said DHS would “lose the support” of more than 140 staff at the agency’s 24-hour National Cybersecurity and Communications Integration Center.

“Without these staff, the NCCIC's capacity to provide a timely response to agencies or critical infrastructure customers seeking assistance after a cybersecurity incident will be decreased and we will be less able to conduct expedited technical analysis of cybersecurity threats,” he added.

A lapse in funding would also likely delay two acquisition programs "essential to protecting federal agencies from cybersecurity attacks and intrusions,” Ozment said, including an expansion of its Einstein 3 intrusion-detection system and a task-order award under the $6 billion Continuous Diagnostics and Mitigation program that DHS manages.

The CDM program "is on the verge of issuing a contract that will allow federal agencies to identify critical cyber vulnerabilities and expedite their resolution,” Ozment said. “A shutdown would delay the issuance of this award and, again, leave agencies unprotected and less able to patch and be even cognizant of the vulnerabilities that they have."

Finally, a shutdown would “significantly reduce the volume and timeliness” of the cyberthreat information DHS shares with other agencies and the private sector, Ozment testified.

DHS will be unable to bring on board new companies to its information-sharing program, he added, and planning for “next-generation information-sharing capabilities that are necessary to make our information sharing real-time and automated” would also come to a halt, he added.

The funding brouhaha and potential impact on DHS’ cyber mission comes as the Obama administration is promoting the creation of a new agency and other steps to share cyberthreat information across the government and with private industry.

The Congressional Research Service says the governmentwide shutdown in the fall of 2013 provides a “reasonable understanding” of how operations would be affected during DHS-only shutdown. During that shutdown, about 85 percent of DHS staff continued with their duties, including DHS cyber employees, CRS analyst William Painter testified.

During the last shutdown, DHS was forced to issue stop-work ordersunder the CDM program.