Skip to Content

The government shutdown has severely weakened cybersecurity in the US

January 8, 2019

In a stalemate over how best to secure America’s southern border, the Trump administration has endangered the integrity of one of the country’s even more important frontiers.

17 days and counting: Nearly 45% of employees at the newly established Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security, as well as 85% of staff at the National Institute of Standards and Technology (NIST), have been furloughed in the government shutdown, according to a report from Duo Security.

Playing with fire: There are still a lot of federal cybersecurity workers at their posts carrying out what have been deemed “essential” operations, like defending government networks from attacks and keeping confidential documents from being compromised. But experts warn that trying to thwart bad actors at less than full strength is risky. “Cyber threats don’t operate on Washington’s political timetable, and they don’t stop because of a shutdown,” Lisa Monaco, former assistant to the president for homeland security and counterterrorism, told Axios.

The long haul: The damage could last much longer than the shutdown itself. Workers won’t quickly forget that their jobs are subject to fickle political winds, and the best and brightest in cybersecurity positions could seek the comparative stability (and often higher pay) of a corporate gig. A similar thing happened after the 2013 shutdown, and the drain on talent was felt for years. Today was also supposed to kick off the DHS’s annual Cybersecurity and Innovation Showcase, a staple event for helping the government explore research and development of critical next-generation cybersecurity technologies. The event has now been put off indefinitely.

The list goes on: There are many more ripple effects, too, including those that reach beyond government. Many corporate teams, for example, rely on NIST’s standards and guidelines to set baselines for their security programs. With the majority of its staff gone, the agency is likely to miss its deadline for updating those standards. Several other programs and services meant to monitor and test for vulnerabilities have also been suspended or are operating at reduced capacity, according to the Duo report.

Deep Dive


A chip design that changes everything: 10 Breakthrough Technologies 2023

Computer chip designs are expensive and hard to license. That’s all about to change thanks to the popular open standard known as RISC-V.

Modern data architectures fuel innovation

More diverse data estates require a new strategy—and the infrastructure to support it.

Chinese chips will keep powering your everyday life

The war over advanced semiconductor technology continues, but China will likely take a more important role in manufacturing legacy chips for common devices.

The computer scientist who hunts for costly bugs in crypto code

Programming errors on the blockchain can mean $100 million lost in the blink of an eye. Ronghui Gu and his company CertiK are trying to help.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.