I hadn’t mentioned the US government shutdown as I didn’t see a tech angle… until I did. The recent shutdown of the United States federal government has resulted in the expiration of the Cybersecurity and Information Sharing Act of 2015, which has raised concerns about the future of global cybersecurity collaboration. This law provided essential protections for organizations sharing cyber threat intelligence, and its absence is expected to create barriers to effective incident response. James Faxon, Chief Information Security Officer at NukuDo, warns that organizations may become more cautious about sharing vital information without the legal protections previously afforded by the now-lapsed law. Security experts, including Kyle Dewar from Tanium, emphasize that the lack of information-sharing protections could significantly hinder cooperation between the private sector and government agencies, potentially prolonging response times to cyber threats. As the government shutdown continues, the risk of cyber attacks is likely to increase, with experts predicting that adversaries will exploit the disruption to target vulnerable organizations within the federal ecosystem.
And while I’m on government programs, The National Institute of Standards and Technology is developing a Cyber AI Profile to help agencies defend against artificial intelligence-enabled cyber threats. This initiative aims to provide a holistic understanding of how malicious actors utilize AI in their attacks and how organizations can leverage AI to enhance their cybersecurity measures. Yizheng Chen, an assistant professor at the University of Maryland, emphasizes that the Cyber AI Profile will aid organizations in recognizing both the risks and opportunities presented by the intersection of AI and cybersecurity. Daniel Kroese, Vice President of Public Policy and Government Affairs at Palo Alto Networks, notes that adversaries are now using AI to create custom malware and carry out ransomware attacks more effectively. NIST’s profile seeks to refine existing cybersecurity practices to better address these emerging AI-driven threats, providing new taxonomies for risk management and defense that reflect the capabilities of artificial intelligence.
Why do we care?
Here’s a tech angle to the U.S. shutdown you might not have noticed: the Cybersecurity and Information Sharing Act of 2015 just expired. That law gave companies protection when they shared cyber threat data. With it gone, businesses are going to clam up, and that means slower response times and more room for attackers. And you better believe bad actors will take advantage while the government is offline.
Meanwhile, NIST is working on a Cyber AI Profile — basically, a framework for understanding how AI changes both attacks and defenses. Adversaries are already using AI to write better malware and run smarter ransomware campaigns. NIST wants to give defenders a playbook, but let’s be real: by the time it’s published, attackers won’t be standing still.
For MSPs, this means don’t depend on the government for threat intel. Double down on your vendors and peer networks. And pay attention to NIST’s work — it’ll trickle down into compliance frameworks and the tools you use. The big picture? Government dysfunction makes us weaker, and AI makes attackers stronger. You can’t wait for Washington to fix it — you have to get ahead of it yourself.