The impending US government shutdown is expected to severely weaken federal cybersecurity operations, as the Cybersecurity and Infrastructure Security Agency (CISA) prepares to lose about 65% of its workforce.

According to a Department of Homeland Security (DHS) planning document released before the shutdown, an estimated 1,651 of CISA’s 2,540 employees will be furloughed, leaving only 889 staff members on duty. This comes despite DHS projecting it will retain around 91% of its total workforce during the funding lapse.

CISA, which operates under DHS, safeguards federal government systems while sharing cybersecurity intelligence and guidance with state governments, private organizations, and international partners. It also supports and funds the Common Vulnerabilities and Exposures (CVE) program, which catalogs publicly known security flaws.

Details have not yet been released on which job positions will be affected. Additionally, CISA’s website will not be actively maintained until Congress passes a funding bill. A notice on the site reads: “This website was last updated on September 30, 2025 and will not be updated until after funding is enacted… Transactions submitted via this website might not be processed and we will not be able to respond to inquiries until after appropriations are enacted.”

CISA is not the only cyber-related agency hit by the shutdown. The Department of Commerce has indicated that the National Institute of Standards and Technology (NIST) will retain only 34% of its employees. NIST, responsible for globally used cybersecurity standards such as the NIST Cybersecurity Framework (CSF) and Post-Quantum Cryptography Standards, has also frozen website updates due to the funding gap.

Heightened Cybersecurity Risks

The suspension of CISA and NIST activities has sparked concerns that cybercriminals could exploit weakened defenses and reduced response capacity. This includes delays in patching vulnerabilities and responding to government network breaches.

Some federal agencies may also have to pause contracts with third-party vendors, including those providing cybersecurity services, while organizations and local authorities will lose access to timely alerts and guidance from CISA and NIST.

Brandon Potter, CTO of ProCircular, warned that both cybercriminals and nation-state actors may escalate attacks during this period. “Expect to see an increase in ransomware targeting critical infrastructure vendors, though many may pivot to data theft and extortion to heighten political tension,” he stated.

He added that sophisticated adversaries might use the opportunity to deepen their network access and strengthen long-term persistence.

Experts further cautioned that furloughed federal workers could become prime targets for phishing and fraud. “Credential-targeting phishing attempts will likely rise, especially as furloughed employees navigate HR and benefits sites. Coordinated attacks on both personal and professional email accounts should be expected,” Potter added.

Gary Barlet, Public Sector CTO at Illumio, noted that the shutdown’s cybersecurity impact will extend long after operations resume. “When the shutdown ends, IT doesn’t just switch back on. Workloads pile up, projects stall, and funding delays ripple through cyber initiatives,” he said. Long-term cybersecurity projects will likely be deprioritized in favor of urgent fixes once normal operations resume.

Duration of the Shutdown

The shutdown began at midnight EST on Wednesday, October 1, after President Donald Trump’s Republican Party failed to pass a government funding bill following a budget standoff with Senate Democrats.

White House press secretary Karoline Leavitt stated on October 1 that federal workers could face layoffs within two days. The Congressional Budget Office (CBO) estimates that 750,000 federal employees will be furloughed nationwide.

The duration of the shutdown remains uncertain. The longest to date—lasting 35 days from December 2018 to January 2019—also occurred during Trump’s first term.

Furloughed staff will go on unpaid leave but will receive back pay once a new government budget is approved.