CISA confirms it’s ending MS-ISAC support
The Cybersecurity and Infrastructure Security Agency on Monday announced that its cooperative agreement with the Center for Internet Security, the Upstate New York nonprofit that runs the Multi-State Information Sharing and Analysis Center, will conclude Tuesday.
The federal cybersecurity agency said that the end of the agreement, which had been planned for the end of the fiscal year at the close of the month Tuesday, marks a transition to “a new model” of supporting state and local government agencies in protecting their systems against digital threats.
“CISA is supporting our SLTT partners with access to grant funding, no-cost tools, and cybersecurity expertise to be resilient and lead at the local level,” CISA’s announcement reads.
CISA’s announcement also refers to the decision not to renew the Center’s funding as reflective of its “focused approach emphasizes CISA’s role as the nation’s leading cyber defense agency.”
The news confirms what many state and local cybersecurity officials had feared in recent months as CISA has incrementally diminished support not only for its own divisions, but also at the Center for Internet Security, which has for the past two decades provided state and local governments with free and low-cost cybersecurity services, along with access to a nationwide threat information-sharing network.
The nonprofit first saw its Elections Infrastructure ISAC lose all federal support last February, followed by cuts to the MS-ISAC in March, leading it to provide millions in gap funding. Unable to maintain such a financial arrangement, the Center updated its website in recent months in anticipation of CISA’s plan not to renew its funding: It will charge its members based on the size of their IT operating budgets, with large discounts or free membership available to those that can’t afford it.
According to CISA’s Monday announcement, it will “continue to collaborate” with MS-ISAC on “information sharing and joint products, consistent with its engagement across the broader ISAC community.” CISA recommended that state or local agencies using Albert sensors, devices that alert administrators of abnormal network activity on their elections systems, continue coordinating with MS-ISAC.
CISA listed in its announcement the services it will continue to provide state and local agencies, such as providing grant funding through the State and Local Cybersecurity Grant Program, which Congress is considering renewing (and expanding) beyond the initial four-year program, and the Tribal Cybersecurity Grant Program. CISA also cites other free offerings, such as cyber hygiene scans, phishing assessments, vulnerability management, performance measurement tools, regional advisers and bi-monthly security operations center calls.
