Close

New Workspace Modernization Research from CDW

See how IT leaders are tackling workspace modernization opportunities and challenges.

Click Here to Read the Report
Feb 03 2026
Security

States Step Up as MS-ISAC Moves to Paid Model After Federal Funding Ends

Governments move to paid memberships to preserve shared cybersecurity defenses and threat intelligence.
Mickey McCarter
by

Mickey McCarter is the senior editor of StateTech Magazine.

Eleven states have committed to statewide paid memberships in the Multi-State Information Sharing and Analysis Center following the end of federal funding that had supported the organization for more than two decades. The shift marks a significant change in how state and local governments pay for shared cybersecurity services that have long been considered foundational to public-sector cyber defense.

MS-ISAC, which is operated by the nonprofit Center for Internet Security (CIS), officially transitioned to a fee-based membership model after federal funding from the Cybersecurity and Infrastructure Security Agency ended on Sept. 30, 2025. The new model took effect at the start of the federal fiscal year, requiring states and other government entities to pay membership dues to retain access to threat intelligence, monitoring and incident response services.

According to Government Technology, 11 states have already signed up for statewide MS-ISAC memberships, which typically extend coverage to state agencies as well as eligible local governments, school districts and other public entities. Several additional states are reportedly evaluating similar agreements as they weigh cybersecurity needs against budget constraints.

Click the banner below to consider how a partner can manage cyber risks.

x_security_q325_animated_click_desktop_02 x_security_q325_animated_click_mobile_02

 

States Prioritize Information Sharing in Membership Support

State officials have emphasized the value of MS-ISAC’s government-specific focus as they consider whether to invest in paid memberships. Mississippi CISO Jay White tells Government Technology that MS-ISAC’s ability to tailor intelligence and services to the public sector makes it difficult to replace.

“One of the strongest aspects of MS-ISAC is being able to focus on the government aspect of cyber and provide information that was tailored toward state government,” White said.

MS-ISAC has historically served as a central hub for cybersecurity collaboration across the state, local, tribal and territorial landscape, supporting more than 18,000 organizations nationwide. Services include 24/7 security operations center monitoring, incident response coordination, vulnerability scanning and threat intelligence sharing — resources that many smaller jurisdictions lack the capacity to provide on their own.

The loss of federal funding has raised concerns about whether smaller governments will be able to sustain access to those services. CIS leaders have framed the shift as a move toward a more sustainable, member-driven funding model, while stressing the importance of continued participation.

READ MORE: Investing in shared security is a top 2026 trend for governments.

MS-ISAC Eyes Sustaining Shared Resources

In an interview with Axios following the funding announcement, CIS CEO John Gilligan underscores the stakes for state and local governments if shared cyber defenses weaken.

“State and local organizations are literally on the front lines of defense for this nation,” Gilligan tells Axios, warning that reduced access to shared intelligence and response capabilities could leave governments more vulnerable to ransomware and other cyberthreats.

The funding change comes as cyberattacks against public-sector entities continue to rise, placing pressure on state IT leaders to maintain strong defenses amid tightening budgets. Complicating matters, federal State and Local Cybersecurity Grant Program dollars cannot be used to pay for MS-ISAC membership fees, forcing states to identify alternative funding sources.

White tells Government Technology that timing has been a challenge for some states, as the new membership structure emerged after budgets had already been set.

“Because the updated MS-ISAC membership models were introduced after our state’s budgeting cycle, we haven’t yet finalized a long-term budget strategy,” White says.

CIS officials say that no members have been removed during the transition and that the organization is working with states and localities to maintain continuity of services as funding decisions are made.

Igor Suka/Getty Images

More On

Related Articles