CISA Navigates DHS Shutdown with Reduced Staff: Cybersecurity Challenges Ahead

Post Views: 14

CISA Operations Continue During DHS Shutdown

The US Department of Homeland Security’s (DHS) shutdown, which began on February 14, 2026, has not completely halted the operations of the Cybersecurity and Infrastructure Security Agency (CISA).

CISA’s Reduced Capacity

Despite being affected by the shutdown, CISA will maintain a reduced capacity, with 888 of its 2,341 staff members required to remain on duty without pay.

The Antideficiency Act prohibits federal agencies from spending money not appropriated by Congress, but it does not prevent staff from working in areas considered “excepted” by the Act. These excepted areas include activities necessary to protect human life, property, or national security.

Implications of the Shutdown

The shutdown has significant implications for CISA’s operations, including the potential delay or halt of new projects and the curtailing of existing ones.

The agency’s work on finalizing the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) rule will likely be put on hold, as it is considered regulatory work not directly related to national security or active cybersecurity threats.

KEV Catalog to Remain Online

However, the Known Exploited Vulnerabilities (KEV) Catalog, which lists vulnerabilities that federal agencies are required to patch, will remain online and may be updated if new vulnerabilities are discovered that pose a significant threat to national security or critical infrastructure.

The KEV Catalog is a critical resource not only for federal agencies but also for private-sector businesses, as it provides valuable information on vulnerability remediation.

Impact on Compliance Enforcement

CISA’s reduced capacity during the shutdown may impact its ability to enforce compliance with the KEV Catalog among critical infrastructure entities.

The agency’s analysts will need to prioritize their work, and reaction times to new vulnerabilities may be slower.

Acting CISA leader Madhu Gottumukkala has noted that the shutdown does not affect the activities of malicious actors, emphasizing the need for continued vigilance in the face of evolving cyber threats.

As the shutdown continues, CISA will need to navigate the complex landscape of excepted and non-excepted activities to maintain its operational capability and protect the nation’s critical infrastructure.