DHS Cyber-Security Staff Won't Be Furloughed in Government Shutdown

Cyber-security personnel at the Department of Homeland Security are among the lucky few expected to be exempt from the government furlough if Congress doesn't resolve the budget crisis.

Department of Homeland Security personnel and contractors who work on cyber-security would be considered "essential" employees and would not be furloughed if the government shuts down, according to DHS officials.

Federal agencies and departments are trying to determine which employees will have to stay at home when the current stopgap spending expires April 8. Congress has been locked in a battle for the past few weeks trying to negotiate agency funding levels for the federal budget. If it isn't resolved by the end of the day, all non-essential government activities will cease.

Federal law states the government must stop all activities except those "necessary for the safety of human life or protection of property" during a government shutdown.

Neither the Office of Management and Budget nor the Office of Personnel Management would comment on how many IT staffers would be furloughed. The White House has estimated 800,000 federal employees may be affected.

Most cyber-security employees will likely be reporting for work as usual even if Congress can't come to an agreement. A bulk of DHS and its cyber-security operations will remain unaffected as the employees are considered exempt under statutory guidelines, DHS officials told NextGov. That includes incident-response personnel, network administrators, and security staff who monitor the network for potential intrusions.

Of the 222,500 DHS employees, about 85 percent have been identified as exempt employees, according to the DHS guidance available on the department's Website. About one-third of the exempt employees are considered law enforcement (such as border control) and another third are considered "necessary to protect life and property," according to the department.

There were concerns that cyber-attackers would view the shutdown as the perfect opportunity to infiltrate government systems because there will be less people monitoring the infrastructure.

All DHS Websites will remain up and running but will not be maintained during the shutdown period, according to the department's guidance. The availability of the agency Website is determined by each individual agency. While the Internal Revenue Service is expected to remain online, the transparency site Data.gov will not.

The department has the authority to bring back essential employees even during the furlough if there is an emergency situation that requires personnel support, according to the guidance. That may include strategy-oriented personnel who could develop new lines of defense during an attack.

The IT and cybersecurity operations for the Department of Defense and the military branches are also expected to be untouched.

While government employees responsible for IT security will be largely exempt from the shutdown, work on future IT projects and cyber legislation will have to stop. Cameron F. Kerry, the Commerce Department's general counsel, told the Judiciary Crime and Terrorism Subcommittee that a proposal for network defense legislation will be delayed despite the fact they are "very close" to finalizing it.

One of the things the proposed legislation would address is which agency would have control over certain "critical infrastructure" in case of a national emergency, among other issues.

"I hadn't thought of it in the context of the government shutdown--pretty significant national security cost to precipitate with a government shutdown," said the subcommittee chairman Sheldon Whitehouse.

Funding for a number of cyber-security projects have already been axed or drastically reduced from temporary spending bills as well as next year's budget.