WASHINGTON — A looming shutdown of the Department of Homeland Security if more funding isn’t approved next week could hurt information sharing between private companies and the government after a cyberattack, top DHS officials told an American Bar Association meeting last week.
The DHS appropriation expires next week; the agency has asked for a full year of funding.
“I am gravely concerned about the impacts of cyber security efforts if there is a shutdown of DHS,” said Andy Ozment, assistant secretary of the Office of Cybersecurity and Communications within the National Protection and Programs Directorate at DHS. “What you’ll be seeing is a slowdown of operations that need to be happening in seconds.”
The operations he refers to are information sharing efforts between public or private entities. The DHS encourages its partners to immediately share the details of cyberattacks so the government can better understand how to prevent them.
The NPPD can pass the prevention information to other companies and create strategies to strengthen the networks of its clients. By sharing information companies do not have to build their security platforms from the bottom up but use a network of shared resources to create the strongest possible system.
“We are a customer service organization first,” Ozment said.
This means the DHS cybersecurity office works on behalf of government agencies, local governments and private companies to strengthen their cyber defenses. He also made it clear that the NPPD is not a law enforcement agency so it does do not enforce regulation standards or prosecute crimes. This allows it to have a close, confidential relationship with the private companies and other government agencies, he said.
“Public-private partnerships are the single most important development in homeland security today,” said Daniel Sutherland, associate general counsel for the NPPD.
The NPPD also has made a commitment to establishing privacy and civil liberties protections into operations within the DHS. These practices are important in gaining the trust of the private partners in order to help them defend against cyberattacks.
“These commitments to privacy have been written into strategy and daily operating procedure,” Sutherland said.
With a potential shutdown fast approaching, these cyber security protections would have to be cut back for partners of the NPPD. Ozment said during the last government shutdown in 2013 about half of his personnel were furloughed.
This could mean that any cyberattack during the shutdown would have less timely analysis and less timely responses, possibly endangering the security of governments and private companies.