Cybersecurity Collaboration for the U.S. SLTT Community

For more than two decades, the Multi-State Information Sharing and Analysis Center^® (MS-ISAC^®) has functioned as the only nationwide cybersecurity community exclusive to U.S. State, Local, Tribal, and Territorial (SLTT) governments. A division of the Center for Internet Security^® (CIS^®), the MS-ISAC receives guidance from its Executive Committee and member organizations to preserve and strengthen the cybersecurity collaboration that continues to protect communities nationwide.

“Cybersecurity collaboration” is the key phrase here. Unlike fragmented or siloed cybersecurity efforts, the MS-ISAC provides the only nationwide network where U.S. SLTT organizations work together, share best practices, and coordinate around collective cyber defense — something no commercial vendor or federal entity can replicate.

Direct Engagement and Support Opportunities for MS-ISAC Members

Every MS-ISAC member can collaborate and learn from other members regardless of their membership type. Take State/Territory-Wide Members. MS-ISAC membership empowers them to lead a unified cybersecurity ecosystem, connecting their state agencies with county, city, and tribal governments to coordinate threat intelligence, accelerate incident response, and build collective cyber resilience. Membership also supports them in facilitating whole-of-state forums to share best practices, develop joint strategies, and showcase case studies across jurisdictions.

The story is similar for Single Organization Members. It connects local governments to a trusted peer network for real-time collaboration, shared services, and expert mentorship, and it fosters stronger ties with state and regional partners, boosting coordination and joint response capabilities. It also enables organizations to strengthen their cybersecurity posture by learning from peer experiences and leveraging CIS’s world-class security best practices, tools, and threat intelligence.

Let’s take a look at exactly how MS-ISAC members learn from one another on an ongoing basis.

Member Engagement and Support

MS-ISAC members receive personalized onboarding, virtual service reviews, and ongoing support to maximize their membership. This tailored guidance includes stakeholder engagement to understand member needs; connect organizations to tools, training, and peer networks; and manage other initiatives that empower members to strengthen their cybersecurity posture.

Access to Communities of Practice/Interest and Working Groups

When they join the MS-ISAC, member organizations have the option of joining Communities of Practice/Interest and working groups. These formal and informal peer groups bring together members who face similar challenges based on region; sector, such as water or public safety; or topic of interest, such as resiliency or artificial intelligence (AI). Members can then use these groups to exchange best practices, build relationships, and collaborate on actionable defensive measures.

Here's what one local government member of the MS-ISAC told us about their experience participating in a working group:

As a part of the Intel and Analysis working group, I had an opportunity this year to hear directly from several members and solicit their advice. There are many successful MS-ISAC members, each of whom is proud of what they’ve accomplished and excited to share their knowledge and support. Get connected so you can tap into the experience and expertise of your peers.

Monthly Membership Calls

In these monthly membership meetings, MS-ISAC members can network with their peers facing similar cybersecurity challenges, learn from each other's experiences, share information, as well as stay informed about the latest threats and best practices. Our monthly membership calls also function as forums where U.S. SLTT organizations can directly engage with the MS-ISAC, provide feedback on its services, and learn about upcoming initiatives.

Participation in U.S. SLTT Mentorship Program

The U.S. SLTT mentorship program pairs experienced U.S. SLTT cybersecurity professionals with those who are looking for career guidance and skill development. Mentees receive insights and support from experienced professionals, which strengthens the U.S. SLTT cybersecurity workforce, while mentors develop their leadership skills and give back to the U.S. SLTT community.

Webinar and Virtual Training Attendance

The MS-ISAC regularly offers webinars and virtual training sessions covering a range of cybersecurity topics relevant to U.S. SLTT governments. These online events provide accessible learning opportunities to members, conveying convenient, cost-effective training that organizations can use to keep their staff's knowledge and skills updated on the latest cybersecurity threats and best practices.

MS-ISAC Annual Membership Meeting

The MS-ISAC Annual Membership Meeting is an in-person event for U.S. SLTT cybersecurity collaboration. Every year, it draws cybersecurity professionals, policymakers, and industry leaders to engage directly with peers, experts, and MS-ISAC experts. Attendees gain actionable insights on evolving threats, explore new tools and strategies, share knowledge and best practices, and build relationships that enhance the U.S. SLTT community's resilience.

This aspect of building relationships is key to the success of the MS-ISAC Annual Membership Meeting. Greta Noble, Director of Member Engagement at CIS, agrees. Here's a clip of her from Episode 94 of our podcast, Cybersecurity Where You Are.

 

 

When a member joins the MS-ISAC or the EI-ISAC, we really are welcoming them to the community. And I think that's the biggest thing that happens at this ISAC Annual Meeting. It’s that this is where you really get to experience the community in person and connect and establish relationships that are really beneficial to your personal and professional lives moving forward. So I think that's just such an important part of what the outcome of this Meeting really is.

Don't just take our word for it. Dustin Stark, IT Director of Government at Choctaw Nation of Oklahoma and MS-ISAC member, shared his perspective with us at the 15^th ISAC Annual Meeting. Provided below is a snippet of what he had to say. (For our full conversation, listen to Episode 37 of Cybersecurity Where You Are.)

 

 

I've been to quite a few ISAC Annual Meetings, and I learn something every time. It's great to see what states, locals, tribes, and territories are doing. I get to connect with my peers, and the experience is something I always remember.

The people I meet are relationships that I tend to keep in touch with and grow. I've learned more about the relative maturity of our organization from this than I have at any other conference, and it's something that I look forward to every year.

The MS-ISAC: Your Essential Community for U.S. SLTT Cyber Defense

The MS-ISAC was historically funded by Congressional appropriations through a Cooperative Agreement (CA) with the Department of Homeland Security (DHS). This changed when the DHS ended its support for the U.S. SLTT community through the MS-ISAC.

But the MS-ISAC isn’t going anywhere. It transitioned to a fee-based membership model on October 1, 2025, to continue to partner with U.S. SLTTs on advancing their cyber maturity. In the process, it’s fulfilling what the MS-ISAC heard directly from members earlier in 2025.

Carlos Kizzee, SVP of MS-ISAC Strategy & Plans at CIS, provided the following insight on Episode 144 of our podcast:

 

 

At the [ISAC] Annual Meeting, there are several things we heard from our members. I mentioned we heard appreciation for what CIS has done and so on. But one thing we heard at least from almost everyone was, “This must continue.” This is not just something nice to do where you plug in to a training and educational webinar or attend the ISAC Annual Meeting. Their perspective is that cybersecurity is not optional. Cybersecurity is essential, and the MS-ISAC is a part of their risk management plan. It's a part of their processes. It's a part of their business practices.

Members recognize that cyber threat activity is increasing. So too is the complexity and sophistication of that threat activity, especially targeting U.S. State, Local, Tribal, and Territorial governments, which may not have the capability or capacity, as others might in the commercial market, compared to the range of data and information, citizen information, government information, and all sorts of sensitive information they handle. Think of what is in the hands of your school system, about your finances, or about you or your children's health.

So U.S. SLTT governments' budgets are shrinking, but the MS-ISAC, many of them recognize, is a part of their organization. It's not just a service. It's really an essential safeguard. So I would say investment in the MS-ISAC is investment in your organization's security maturity. It is essential.

Two decades and counting, the MS-ISAC continues to support U.S. SLTT collaboration around shared cybersecurity needs.

Ready to see the power of collective cyber defense?