Tag Archives: CISA

Exploring the State of State and Local Cyber Resources

Posted on by

State and local organizations are highly targeted by cyber criminals due to the value of the data they hold and the criticality of the systems they operate. In 2024, there were over 40,000 potential cyber attacks targeting state, local, and tribal governments. Despite this very real threat, these same organizations are largely underfunded and understaffed when it comes to cyber protection.

The federal government has looked to fill this gap between risk and preparedness. The State and Local Cybersecurity Grant Program (SLCGP) was established under the Infrastructure Investment and Jobs Act of 2021, providing (when combined with the Tribal Cybersecurity Grant Program) $1 billion in funding available over four years for state, local, tribal, and territorial cybersecurity efforts. This program ended at the close of the 2025 government fiscal year but received a short-term extension under the stopgap funding agreement that reopened the government in November 2025.

Similarly, the Multi-State Information Sharing and Analysis Center (MS-ISAC) was also discontinued as of September 30, 2025. This center, established 20 years ago as a partnership between the non-profit Center for Internet Security (CIS) and the Cybersecurity and Infrastructure Security Agency (CISA), facilitated the sharing of critical cybersecurity intelligence across state lines, providing threat-monitoring services and other resources at free or heavily discounted rates.

Looking ahead, there are several initiatives underway to ensure states and localities get the support they need to secure the IT and physical infrastructure that the nation's citizens depend on.

PILLAR Act

The Protecting Information by Local Leaders for Agency Resilience (PILLAR) Act was passed by the House in November 2025. It reauthorizes the SLCGP through 2033 or 2035 (depending on final bill language) with some changes:

  • Adds "Operational Technology" (OT) and systems that leverage "artificial intelligence" (AI) to the list of eligible infrastructure that can be funded under the grant.
  • Sets federal cost-share, with incentives for strong security practices, with the base federal share at 60% for single entities and 70% for multi-entity (joint) applicants.
  • Incentivizes adoption of multi-factor authentication (MFA) by increasing the percent of federal cost share if MFA is implemented by a set date.
  • Adds long-term planning and accountability requirements, requiring grant recipients to report how they plan to assume ongoing costs after the grant ends. This is particularly important given the concerns that arose when MS-ISAC and SLCGP ended.
  • Requires CISA to conduct outreach specifically to local governments in rural areas or small populations to raise awareness about no-cost (or low-cost) cybersecurity services.

The bill has passed the House but does not yet have a funding amount attached to it.

New Grant Funding Model

With the cooperative agreement between the government and the Center for Internet Security ending, states and localities must pay a membership fee to access MS-ISAC services. Many underfunded states and localities are unlikely to pay these fees, reducing the reach of the program.

To compensate, CISA will now support state and local governments more directly, offering grant funding, no-cost cybersecurity tools/services, and support from regional cybersecurity coordinators/advisers utilizing SLCGP funding.

States are also looking for ways to expand cyber funding and support to more rural or underfunded areas. Arizona launched a $10 million Statewide Cyber Readiness Program to provide free basic security services to underfunded local and tribal government organizations.

To stay on top of efforts to ensure the security of state and local IT, check out these resources:

  • CyberTalks (February 19, 2026; Washington, DC) - Hear from the leading voices at the intersection of government and the technology industry on the latest tactics to combat current and future cyber risks.
  • 3rd Annual Billington State and Local Cybersecurity Summit (March 9-11, 2026; Washington, DC) - Federal, state, local, and tribal government officials, along with industry experts, will share best practices, learn from one another, enhance current cyber operations, and bolster future defenses.
  • Harris County Regional Digital Government Summit 2026 (March 16, 2026; Houston, TX) - This summit empowers public-sector leaders to explore cutting-edge technologies, modernize operations, and solve pressing challenges. From cybersecurity and AI to data governance and digital service delivery, sessions are designed to spark insight, foster collaboration, and accelerate real-world results.
  • Navigating Challenges: How GovRAMP Empowers State and Local Governments (white paper) - State and local governments face mounting pressure from tight budgets, rising cyber threats, staffing shortages, and aging technology. This paper explores how GovRAMP provides a standardized, trusted framework that helps agencies modernize securely while navigating complex procurement and compliance demands.
  • Enterprise Architecture: A Guide to State Government Continual Transformation (white paper) - Enterprise architecture is more than an IT framework--it's a strategic discipline that helps state governments manage complexity and drive ongoing transformation. By aligning business processes, technology investments, and organizational goals, this approach reduces redundancies and boosts service efficiency.
  • Creating a Privacy Program: A Roadmap for States (white paper) - As states expand digital services and data-sharing partnerships, the demand for formal privacy governance is rising--prompting a sharp increase in the appointment of state Chief Privacy Officers (CPOs). NASCIO's roadmap offers a structured approach for states to launch or strengthen privacy programs, from establishing a mission to developing breach response plans.
  • IoT for the Public Sector: Moving from Risk to Reward (white paper) - The public sector is increasingly turning to IoT to enhance mission outcomes--from streamlining city traffic to improving classroom safety and enabling remote healthcare in rural areas. Security risks--from outdated firmware to lateral network attacks--are real, and discovery is the first step in addressing them.

For more on state and local cybersecurity efforts, visit and search GovEvents and GovWhitePapers.

How Cyber Basics Make a Big Impact

Posted on by

October is a fitting month for cybersecurity awareness. Phishing emails can be even more deceptive than a convincing costume and ransomware attacks can feel like a jump scare in a horror movie. Each year, the National Cybersecurity Alliance and the U.S. Department of Homeland Security spearhead an educational campaign to ensure everyone knows their role in protecting the vast amounts of online data we depend on for daily life.

The 2025 theme is "Stay Safe Online" with a focus on four key steps everyone can take to improve online safety:

  • Use strong passwords and a password manager
  • Turn on multifactor authentication
  • Recognize and report scams
  • Update your software

These tactics are important at a personal as well as enterprise level. Agencies across government have taken these best practices and implemented new security measures to protect data. Continue reading

DHS’s Commitment to Innovation

Posted on by

Under its umbrella mission of "securing the nation from the many threats we face," the Department of Homeland Security (DHS) defines several mission areas critical to meeting this goal. These include countering terrorism and preventing threats, securing and managing borders, administering immigration, securing cyberspace, building resilience, and responding to incidents, as well as combating crimes of exploitation. To support these areas, the DHS Innovation, Research & Development Strategic Plan defines eight scientific areas as focal points for research:

  • Advanced sensing
  • AI and autonomous systems
  • Biotechnology
  • Climate change
  • Communications and networking
  • Cybersecurity
  • Data integration, analytics, modeling, and simulation
  • Digital identity and trust

In a previous post, we looked at DHS's work with artificial intelligence (AI), digital identity, and climate change. In this post, we'll take a look at the activity happening in more of these eight areas. Continue reading

The State of Cybersecurity in the States

Posted on by

State and local agencies are some of the most attractive and vulnerable targets for cyber criminals. In 2023, malware attacks increased by 148%, and ransomware incidents increased by 51%. These agencies are targeted because they hold valuable personal data on citizens and control critical services--yet their security efforts have historically been underfunded and under-resourced. However, the tide may be changing.

A report on the ransomware experiences of state and local government in 2024 showed a dramatic decrease in the number of those organizations that were impacted this year. The report found ransomware attacks impacting 34% of state and local governments, marking a sharp decrease from the 69% affected in 2023. Let's take a look at some of the trends and activities that are fueling the improvement in state and local cybersecurity. Continue reading

How the Healthcare Industry Is Working to Become Immune to Ransomware

Posted on by

The first known ransomware attack occurred in 1989 and was targeted at the healthcare industry. The attention and attractiveness of healthcare organizations to ransomware hackers have not waned in the decades since. In fact, attacks are growing by 70-100 percent year over year. In 2023, there were over 460 ransomware attacks impacting U.S. health organizations, making it the most targeted industry.

This year, a major attack delayed prescription fillings and led to cash flow issues at facilities across the country. The American Healthcare Association said that 94% of hospitals have reported financial impact from the incident, with some losing upward of $1 billion per day in revenues. Continue reading