Key federal cybersecurity initiatives would come to a standstill if Congress and the White House can’t agree on how to fund the Homeland Security Department and it shuts down on Feb. 28.
Andy Ozment, the assistant secretary of the Office of Cybersecurity and Communications within the National Protections and Programs Directorate (NPPD), said Friday that a DHS shutdown “grinds to a halt” programs such as the continuous diagnostics and mitigation (CDM) and Einstein 3A.
“We are working with departments and agencies to select and roll out sensors right now and that would not happen at all during a shutdown,” Ozment said during a briefing before the American Bar Association’s Committee on Law and National Security in Washington.
DHS is expected to make an award under CDM phase 1, task order 2 in the coming weeks, and quickly move to task order 3 and so forth to bring other agencies into the continuous monitoring fold.
Ozment told a House Homeland Security subcommittee hearing Feb. 12 that DHS expects CDM to cover 45 percent of all civilian personnel across seven agencies by the third quarter of 2015. He said by the first quarter of 2016, 25 agencies, 95 percent of all civilian personnel would have started to deploy the continuous monitoring tools.
If a shutdown occurs, all of those plans would be delayed.
Ozment said DHS’ plans to roll out the Einstein 3A program to a broader set of agencies also would be put on hold in the event of an agency shutdown. He said about 20 percent of the government currently uses the intrusion protection and detection software. DHS’ plan is to increase that percentage to about 50 over the next few weeks.
Ozment said a few days, weeks or months matters even if the government doesn’t already have these cyber tools today. He said any delay would mean agencies are at further risk of cyber attacks and data exfiltration.
At the recent House hearing, Ozment said E3A currently is deployed at 11 departments and agencies, covering approximately 25 percent of all dot-gov traffic.
He added 46 agencies signed memorandum of agreements (MOA) with DHS to participate in E3A services which would eventually cover 90 percent of all federal civilian Internet traffic.
DHS requested $463.9 million for Einstein 3A implementation in 2016.
And it’s not just the programs that would be affected. Ozment said during the 2013 shutdown about half of the cyber staff received furlough notices. He said he would expect about the same this year.
“The people standing watch on the National Cybersecurity and Communications Integration Center (NCCIC) would continue to work there, but the number of contract support staff would be reduced and that would be disruptive,” he said. “We would have less timely analysis, fewer resources to look at things like malware and we would have less timely information sharing.”
At the House Homeland Security hearing, DHS and lawmakers focused on what a shutdown would mean for the agency more broadly than just cybersecurity.
“In 2013, roughly 85 percent of the department’s functions continued during the shutdown, but 96 percent of science and technology, 95 percent of Domestic Nuclear Detection Office and 43 percent of NPPD staff were furloughed,” said William Painter of the Congressional Research Service’s Government and Finance Division.
DHS Secretary Jeh Johnson said earlier this month that 30,000 employees would be furloughed in a shutdown, including 80 percent of the Federal Emergency Management Agency’s workforce. Additionally, DHS CFO Chip Fulghum said the shutdown also would mean the agency would have to send home contractors and subcontractors.