The shutdown would also slow ongoing revamps of a major cyber incident reporting rule that was signed into law in 2022, acting director Madhu Gottumukkala said this week.