Key Cybersecurity Measures Again Hang in Balance Amid Partial Government Shutdown

The Cybersecurity Information-Sharing Act (CISA) of 2015 allows companies to transmit threat intelligence to government agencies exempt from laws prohibiting the disclosure of sensitive personal information, which can often be swept up in the course of cyber intelligence probes. Authorization for CISA expired during last year’s 43-day government shutdown despite last-minute efforts to extend it.

The continuing resolution that ultimately allowed the government to reopen in November renewed the authorization, but the CR expired at the end of January, leaving CISA’s authorization uncertain.

The National Cybersecurity Protection System, an intrusion-detection framework that monitors federal network traffic for known threats, similarly includes prevention and information-sharing provisions to help shield government IT infrastructure from hackers. It, too, expired Friday when its authorization again lapsed.

The programs authorized by the laws are housed withing the DHS. Reauthorizing provisions were included in a package of bills to fund various federal agencies through the end of September. But under a last-minute deal reached between the White House and Senate Democrats, the DHS funding measure was stripped from the so-called minibus package and instead made part of a standalone two-week continuing resolution while the rest of the minibus was approved.

The move was meant to buy time for the parties and White House to negotiate over Democratic demands that any funding for DHS be paired with new restrictions on the tactics used by Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) in U.S. cities following the killing of two American citizens by ICE and CPB agents in Minneapolis.

Related: ServiceNow to Acquire Cybersecurity Firm Armis in $7.75 Billion Deal

The reconfigured minibus must now go back to the House, which had passed the package previously with DHS funding included. The differences between the House and Senate versions of the minibus technically sent the government into a new partial shutdown until the differences can be resolved. The House has been in recess and with snow and other weather events around the country disrupting travel, it was unclear Monday morning when the House would be able to reconvene.

House Speaker Mike Johnson (R-LA) on Monday did not provide a timeline for when the House might vote on the Senate measure, telling reporters “the president is leading this.”

Some Republicans in the House have voiced objections to demands for reforms to ICE and CBP. House Minority Leader Hakeem Jeffries (D-NY), meanwhile, warned Johnson over the weekend not to rely on Democratic votes to pass the new minibus and DHS CR, noting some in his caucus believe the reforms hammered out by the Senate do not go far enough in reigning in the agencies’ aggressive tactics.

As a result of the standoff, the Departments of Commerce, Justice, Energy, Interior, and Homeland Security are technically shut down, along with related agencies and funding for various science and water projects, the Environmental Protection Agency, and other initiatives.

The two cybersecurity programs house within DHS also languish without funding or authorization. The State and Local Cybersecurity Grant Program, which had funneled roughly $1 billion into programs to improve local security against cyber attacks has also been suspended.