US Slashes Funding for Key Cybersecurity Program
▼ Summary
– The US federal government is ending its funding for the Multi-State Information Sharing and Analysis Center (MS-ISAC) on September 30, terminating its agreement with the Center for Internet Security (CIS).
– MS-ISAC serves as the central cybersecurity resource for state, local, territorial, and tribal governments, offering services like threat alerts and intrusion detection to over 18,000 members.
– Funding cuts were announced in March 2025, including a $10 million reduction to MS-ISAC and termination of support for the Election Infrastructure ISAC.
– Multiple organizations and cybersecurity professionals have urged Congress to restore MS-ISAC funding through open letters, but these efforts have been unsuccessful.
– CIS plans to transition MS-ISAC to a paid membership model after federal funding ends, having temporarily covered costs at over $1 million per month since March.
A significant federal cybersecurity initiative that supports thousands of state, local, and tribal government entities is facing a major financial setback. The Cybersecurity and Infrastructure Security Agency (CISA) has officially confirmed the termination of its cooperative agreement with the Center for Internet Security (CIS), effectively ending federal support for the Multi-State Information Sharing and Analysis Center (MS-ISAC) as of September 30. This decision places the future of a program described as the central cybersecurity resource for non-federal government bodies in serious jeopardy.
The MS-ISAC was specifically created to serve state, local, territorial, and tribal (SLTT) governments across the nation. This broad category includes everything from state capitals and county administrations to city halls and Native American tribal governments. As a membership-based organization, it extends its services to a wide array of public sector bodies, including law enforcement agencies, public school systems, utility providers, and public transportation authorities. The program boasts a substantial membership, with the CIS website reporting over 18,000 participating entities.
Membership in the MS-ISAC provided direct access to a comprehensive suite of cybersecurity tools and intelligence. These resources included timely cybersecurity advisories and threat alerts, secure platforms for information sharing among members, structured tabletop exercises for incident response training, and a weekly report detailing malicious domains and IP addresses. A key technical service offered was the Albert Network Monitoring and Management intrusion detection system, which delivered automated alerts for a wide spectrum of network threats, from common intrusions to more sophisticated attacks.
The funding cuts impacting the MS-ISAC began earlier this year. In February, reports surfaced that an internal memo from the then-Acting Director of CISA indicated the federal government had terminated its financial backing for the related Election Infrastructure ISAC (EI-ISAC). This was followed by a formal announcement from the Department of Homeland Security (DHS) in March of a $10 million reduction in funding for the MS-ISAC itself, a figure later confirmed by a CISA spokesperson to media outlets.
Since the announcement of these cuts, a concerted effort has been underway to reverse the decision and restore the program’s federal funding. On August 7, the National Association of Counties joined forces with four other major intergovernmental organizations to send an open letter to the powerful Senate and House appropriations committees. The letter strongly urged congressional leaders to include funding for the MS-ISAC in the federal budget for Fiscal Year 2026. This plea was echoed in a separate letter sent to Congress on September 3, which was signed by a coalition of thirty prominent cybersecurity professionals.
The signatories of this second letter included several former high-ranking US government officials, such as Rob Joyce, the former cybersecurity director at the National Security Agency, and Camille Stewart Gloster, who previously served as the deputy national cyber director at the Department of Homeland Security. They were joined by other influential figures in the cybersecurity field, including Larry Clinton, the current president of the Internet Security Alliance. Despite these vigorous advocacy efforts from both government associations and industry experts, the calls appear to have been unsuccessful, with federal financial support for the MS-ISAC still slated to end.
In response to this loss of federal backing, the Center for Internet Security has signaled its intention to keep the MS-ISAC operational, but under a different financial model. While the non-profit organization decided to end support for the EI-ISAC immediately after its DHS funding was cut, its strategy for the MS-ISAC involves a more measured transition. Since the funding reduction in March, CIS has been covering the program’s operational costs, reportedly exceeding one million dollars per month, from its own resources. This temporary financial support is planned to be phased out in the coming months, at which point the program is expected to transition to a paid membership model to ensure its survival.
(Source: Info Security)
