Counting on US Government Cybersecurity to Protect your Business?

March 4, 2025

Guess Again.

Despite record high cybersecurity breaches, and 2024 cybercrime losses nearing $10T, many small & medium-sized businesses (SMBs) fail to establish cybersecurity best practices. There are many reasons why cybersecurity is a blind spot for SMBs, including beliefs in several convenient myths that remove all risk. One that we often hear is the belief that more is being done each day to help make American businesses more resilient, and altogether avoid these issues. However, the US Government is not responding as you might guess to increased risk and cyber warfare, and it’s creating bigger problems in an already tough industry.

The Struggle is Real

It’s hard enough being a full-time cybersecurity professional in today’s world of unimaginable threats. Long hours & job burnout are common issues amongst cybersecurity professionals, who are often compared to air traffic controllers. But now, new threats loom larger for Federal Employees; Reliable jobs.

The United States is shredding its cyber infrastructure. Well reported shock-and-awe firings are presently unleashing turmoil in the Federal cybersecurity workforce. These mass layoffs of public-sector cybersecurity professionals are big new issues that stack on top of broader industry problems of overworked and understaffed teams. 

• The continuing shortage of skilled cyber employees and high burnout rates for the employees who do have jobs add to the overwhelming air of uncertainty around who is currently defending U.S. networks. 
• Many leadership positions in federal cybersecurity teams remain unfilled.
• The aggressive downsizing of federal cyber employees will likely encourage nation-state hackers who already target American businesses, and will leave American companies less protected from attacks.
  • The Cybersecurity and Infrastructure Security Agency (CISA) placed key team members on leave last week. Jen Easterly, Head of CISA posted her thoughts on LinkedIn recently. “I rise to honor a team of highly skilled cybersecurity professionals for their invaluable service to the United States.”  Very few Americans may know their name or see their work, but the Threat Hunting team has saved millions of Americans from a devastating series of cyberattacks. 
  • Cuts at the Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), the National Institute of Standards and Technology (NIST), and the National Science Foundation all impact the nation’s cybersecurity.

Knowledgeable Talent Up For Grabs

There is increased risk concerning several industry experts that we’re opening up national intelligence to the highest bidder. Data rich federal systems are extremely lucrative targets of bad actors, who will pay enormous compensation for it. 

“Government databases are extremely complicated and also old, in addition to being full of people’s private information,” Meredith Broussard, research director at the NYU Alliance for Public Interest Technology, recently told the press.

Art Zeile, CEO of tech career jobsite Dice (DHI Group), told Axios there has been a deficit of cybersecurity professionals in government for the last 10 years. “There’s no reason to shoot ourselves in the foot by incentivizing them to leave,” he said. Federal cybersecurity work is also unique. Zeile claims that CISA told DHI in its first week to take all the open jobs off the platform “right now.” One of DHI’s hiring platforms specifically targets employees with federal security clearances. 

That type of knowledge and this particular skillset can be very lucrative to some government cybersecurity professionals. This is particularly true for those who have just seen an entire career implode,  and likely experiencing feelings of resentment. 

What About Patriotism?

It may feel strange that the US Government is not responding to increased cyber risk, and you may feel less safe. Some former government cybersecurity employees with strong feelings of American patriotism cite that as a motivator against the struggles they face. Today, many don’t fully understand what is happening with reshuffling of priorities and a new world order emerging. Overnight, the Cyber Operations of US Cyber Command was ordered to stand down operations against Russia. US Military Officials made the announcement, which has left several insider circles guessing where this is headed.

Uncertainty about where we are headed as a country isn’t entirely new. Flying solo is, so make sure you’re paying attention to this important problem. 

Private Sector Impacts 

Some security budgets are under scrutiny, and worker headcount is dropping. This may be leaving companies with increasingly unpatched, exploitable flaws in their systems. When a cybersecurity staff member leaves their job or a company freezes their headcount, the rest of the team have to pick up the slack. “This makes it difficult to get to everything”, said Mark Loveless, a security engineer at GitLab, during a recent press event. “It’s rough because, for those who are still doing this, the load is increasing,” Loveless added. “You’re going to end up with a little bit of burnout, and I’m seeing a bit of that already.” 

What Can You Do?

Because the US Government is not responding to increased cyber risk, that means you’re on your own. Don’t be surprised to see increased activity amongst cybersecurity bad actors, particularly their new favorite targets… SMBs. Phishing & ransomware have been on the rise in recent years. Organizations would be wise to consider the following;

Assess Your Cyber Risks

• • A fast, easy and affordable cyber risk assessment will help you to get started. You will be better able to understand where you are well protected, and what vulnerabilities you may need to address.

Remediate Your Risks

• • • Sometimes, you may need pragmatic, affordable solutions to mitigate the risks that others can easily exploit. 
    • Define your needs from Awareness Training, RMM, EDR, Password & Access Solutions, VPN & more.

Address Third-Party Risks

• • The companies you do business with can sometimes be an issue. Encourage them to take steps forward, and assess their strengths to ensure you are all minding your cyber ecosystem.

Seek The Right Insurance Coverage

• • Often, cyber coverage can help you respond to breaches properly. It also helps you comply with expensive obligations that could cost you your business. Its a bargain right now. 

Categories: Blog

Tags: Independent Cyber Risk Assessments, vulnerability, RMM, cyber insurance, Cybersecurity Best Practices, Define rmm