Another Department of Homeland Security shutdown would hamper the Cybersecurity and Infrastructure Security Agency’s ability to respond to threats, offer services, develop new capabilities and finish writing a key regulation, its acting director told Congress Wednesday.
Some of those activities would continue on a limited basis, while others would halt entirely, acting CISA leader Madhu Gottumukkala testified before the House Appropriations Subcommittee on Homeland Security.
“A lapse in funding would impede CISA’s ability to perform … good work,” he told the panel. “When the government shuts down, our adversaries do not.”
As lawmakers held the hearing, DHS was hurtling toward another potential shutdown as Democrats and Republicans clashed over Trump administration immigration policies and enforcement, with a focus most recently on the massive influx of DHS officers in Minneapolis, where those officers have killed multiple U.S. citizens.
Republicans said at the hearing the testimony should persuade Democrats to fund DHS, since its border operations are largely funded by last year’s budget reconciliation law and a shutdown would mainly harm DHS’s other agencies. Democrats said the hearing was “for show,” as they have put forward proposals to fund the rest of DHS as the immigration debate continues — and as 90% of DHS would continue operating under a shutdown, as the panel’s top Democrat, Henry Cuellar of Texas, asserted.
Gottumukkala said CISA planned to designate 888 of its 2,341 employees as “excepted,” meaning they could continue to work during a shutdown, albeit without pay.
“We will do everything we can to meet our mission during the shutdown,” he said. “Uncertainty and those missed paychecks are a serious hardship.”
CISA has reduced its personnel by a third under the second presidency of Donald Trump.
A shutdown “would delay deploying cybersecurity services and capabilities to federal agencies, leaving significant gaps in security programs,” Gottumukkala said in his written testimony. “CISA’s capacity to provide timely and actionable guidance to help partners defend their networks would be degraded.”
There’s a divide between activities CISA could continue in some capacity versus those they would have to shutter entirely during a funding lapse, he said.
“Limited activities include responding to imminent threats, sharing timely vulnerability and incident information, maintaining our 24/7 operations center, and operating cybersecurity shared services,” Gottumukkala said. “However, CISA would not perform any strategic planning, development of cybersecurity advice and guidance, or development of new technical capabilities.”
There would likely be delays in activities like issuing binding operational directives to federal agencies or completing the already-delayed regulations stemming from the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), the latter of which would require critical infrastructure operators to report major cyber incidents to CISA and would be paused during a shutdown, he said.
Gottumukkala’s testimony is the latest before Congress to focus on personnel at CISA. The chairman of the Appropriations subcommittee, Rep. Mark Amodei, R-Nev., chided Gottumukkala for what he said were delays in CISA providing a reorganization plan to the panel.
“We’ve been professional. We’ve been respectful,” Amodei said. “We expect exactly the same thing in return.”
The post Acting CISA chief says DHS funding lapse would limit, halt some agency work appeared first on CyberScoop.
–
Read More – CyberScoop
