Multi-State Information Sharing and Analysis Center (MS-ISAC) loses federal funding

Key Takeaways

On March 11, the Cybersecurity and Infrastructure Security Agency (CISA) announced a $10 million cut in funding for the Multi-State Information Sharing and Analysis Center (MS-ISAC), which provides critical local assistance for cybersecurity threat detection and analysis resources and support. The announcement was the latest development in a series of funding cancellations from CISA that have affected multiple cybersecurity sharing regimes that support county cybersecurity readiness initiatives. In February, CISA made a similar announcement to withdraw federal support for the EI- ISAC, which provides critical cybersecurity tools and technical assistance to election offices across the country. 

What is the MS-ISAC?

The Multi-State Information Sharing and Analysis Center (MS-ISAC) provides no-cost and low cost cyber threat prevention, protection, response, and recovery for state and local governments. CISA has provided funds to support the MS-ISAC under a cooperative agreement with the Center for Internet Security for nearly 20 years. Under this contract, the MS-ISAC provides more than 17,000 state, local, tribal and territorial entities with the following no and low-cost services:

• vulnerability management programs (low-cost),
• End point protection (no-cost and low-cost),
• IP and domain monitoring,
• notifications of possible compromises,
• incident response resources,
• tools for simplifying security updates,
• secure portals for communication and document sharing,
• cyber intel advisories & alerts,
• malicious code analysis platform and
• self-assessments for cybersecurity management.

The $10 million allocated by CISA accounted for just under half of the MS-ISAC’s funding. The Center for Internet Security is reportedly reviewing which operations they will continue and which they will discontinue under a scenario of no federal support for the MS-ISAC.

What is the EI-ISAC? 

The Election Infrastructure Information Sharing Analysis Center (EI-ISAC) supports local government threat prevention for election offices. EI-ISAC members have free access to technical support, threat monitoring, election security operations centers, and trainings to bolster election security. According to the EI-ISAC website, the $10 million cut in funding has effectively halted all operations for the program. 

The EI- ISAC served as an important information sharing center, allowing election officials to share cybersecurity threat and response tactics. As elections have rapidly become more automated, county election officials have had to become cybersecurity experts in addition to election administrators.  The EI-ISAC plays a unique role in cyber support and information sharing, and the loss of access to critical support staff at the EI-ISAC will have an impact on counties who do not have in-house staffing capacity and rely on EI-ISAC for up-to-date information and resources.

How does this affect counties?  

Rural and under-resourced counties have relied on free tools and technical assistance through both the MS-ISAC and EI-ISAC to bolster cyber-readiness and improve security practices at the local government level. Counties also utilize available resources from the MS-ISAC and EI-ISAC to coordinate with other localities, including cities and municipalities, on cybersecurity readiness and information-sharing. Counties support funding assistance for critical cybersecurity tools and resources required to adequately protect county security at all levels, including the cybersecurity of election infrastructures and election workers.   

NACo is urging Congress to re-instate federal funding for both initiatives to preserve an information-sharing ecosystem that can support county cybersecurity readiness across critical infrastructure areas and core functions, such as in the administration of the nation’s elections.