U.S. Senator Bill Cassidy, chair of the Senate Health, Education, Labor, and Pensions (HELP) Committee, has raised concerns about cybersecurity vulnerabilities affecting Cisco, a major provider of network infrastructure. The warning follows an emergency directive from the Cybersecurity and Infrastructure Security Agency (CISA), which instructed federal agencies to disconnect certain Cisco devices due to an active threat.
Cassidy emphasized the broad impact of these vulnerabilities on both national security and the U.S. economy. He noted that such incidents could affect nearly every federal agency and business in the country, exposing sensitive data to potential attacks by foreign actors.
“As cyber incidents continue to increase, it is essential that the public and private sector take steps to safeguard the information of millions of patients, students, and employees across America,” Cassidy wrote. “These efforts also are critical to protect our national security interests.”
In a letter addressed to Cisco CEO Chuck Robbins, Cassidy referenced Federal Bureau of Investigation estimates that cyber crimes led to over $16 billion in losses in 2024. He highlighted that at least one federal agency has already been breached as a result of the recent vulnerability. The incident underscores growing threats from countries such as China, Russia, and Iran.
Cassidy outlined several questions for Cisco regarding its response to the situation. He asked whether Cisco had identified specific threats to customers and how it was communicating with them about next steps or security patches. Additional questions focused on whether Cisco was recommending that customers disconnect or upgrade unsupported devices—similar to CISA’s instructions for federal agencies—and how it was engaging with departments like Education, Labor, and Health and Human Services.
The senator also pointed out that many companies lack dedicated cybersecurity leadership: an estimated 45% do not employ a Chief Information Security Officer (CISO). Cassidy asked how Cisco is working with health care providers, schools, and small businesses to ensure they have up-to-date information on addressing vulnerabilities.
Cisco’s position as a key supplier means any weaknesses in its systems could disrupt access for millions who rely on its products for services ranging from health care delivery to education.
The HELP Committee continues its investigation into these challenges and efforts underway in response.
For more updates from HELP Republicans visit their website or Twitter at @GOPHELP
