Cybersecurity help wanes due to government shutdown

The National Institute of Standards and Technology (NIST), assigned in February by executive order to lead information-sharing efforts for vital systems, has curtailed work groups, conferences and most other work, because of the government shutdown. That's bad news for the global cybersecurity community.

“A downed national security and best practices site signals to the bad guys that federal online properties have been abandoned, with no one to mind the figurative store. Who knows what information NIST and other shuttered agencies house on their Web servers, or what vulnerabilities are going unpatched that criminals can take advantage of,” said Jeff Hudson, CEO of digital certificate management company Venafi. He added that if the government shutdown lasts for an extended period, “there will be an effect on its ability to provide critical and timely guidance. If no one is available to observe, research and report on cybersecurity incidents and situations, then organizations could end up being at a loss when it comes to future standards setting.” He did say that outside resources will continue to have access to NIST’s papers and bulletins.