Sue Bergamo CIO & CISO at Episerver has provided the following commentary on the security risks with the government shutdown:
Sue Bergamo, CIO & CISO at Episerver:
What should be done
Separating the humanitarian issues from the security issues is paramount in resolving the conflict between the U.S. Congress and our President. Both the humanitarian and security issues are dealing with human life and these issues should take precedence over grandstanding for political gain. Human life is the ultimate sacrifice and is the most important aspect to this debate.
What cybersecurity risks exist and how can the U.S. be safe during a shutdown?
For our government, when we are faced with a political issue that impacts decision making, the workers of our government are the first to lose. With a shutdown that has been in effect for weeks, I find it difficult to believe that critical employees are allowed to go home and that government information on public sites is no longer available – due to the expiration of TLS certificates. These security certificates are a necessity to keep data safe and when they expire, it opens a pathway for cyber criminals to access confidential and even vital information. When government sites are left unsecured, a wide hole is opened into our national security and for those individuals that want to cause the U.S. harm.
During a government shutdown, only non-essential workers should be furloughed and critical employees; especially those that are an integral part of keeping us all safe, should remain employed. The leaders of our government should meet and agree on a policy that returns essential employees to work immediately, and to uphold the standard in keeping the United States safe from cyber criminals.