MS-ISAC: Defending America’s Critical Infrastructure

The Multi-State Information Sharing and Analysis Center (MS-ISAC) provides vital cybersecurity services to more than 18,000 state, local, tribal, and territorial (SLTT) government organizations supporting our nation’s critical infrastructure including public hospitals, public utilities, K-12 schools, and law enforcement. Without these services, they will be increasingly vulnerable to cyber attacks by foreign adversaries.

Watch video to learn more about the ms-isac

MS-ISAC in the News

The MS-ISAC is the only initiative offering cyber threat intelligence, incident response support, and real-time information sharing programs not performed by the federal government.

Defense Against Costly Cyber Threats

As threats against state and local governments grow in volume and complexity, the average cost of a cyber attack for state and local governments can range from $2.83 million to $9.5 million, with some reports indicating even higher costs, depending on the type and severity of the breach.

In 2024, the MS-ISAC took the defensive measures below in an effort to protect SLTTs across the U.S.

Detected 40,000+ potential cyber attacks targeting SLTT networks

Impacted MS-ISAC members received alert notifications nearly twice as fast as commercially-available alternatives.

Detected and prevented 59,000+ malware and ransomware attacks

MS-ISAC members were supported with endpoint protection services that identify, detect, respond to, and remediate security incidents and alerts.

Blocked 25,000,000,000+ malicious domain connections for SLTTs

The MS-ISAC's protective DNS service blocked an average of 3.3M requests to known or suspected malicious domains per member organization.

How Members are Impacted

Learn how the MS-ISAC has supported the nations cybersecurity maturity across different sectors.

As a public school district with limited staff and resources dedicated to cybersecurity, the MS-ISAC has been nothing short of essential. With just a small team managing IT for hundreds of staff and thousands of students, we rely on the MS-ISAC to be our eyes and ears in an increasingly complex and dangerous cyber landscape.
Director of Innovation & Technology at K-12 | Member since 2019
We rely on reports, intelligence, and alerts provided by MS-ISAC to secure our $340 billion portfolio and protect the financial future of [state] teachers. Without the MS-ISAC we would not be able to react as quickly as we do to emergent threats across our environment. The MS-ISAC is a priceless service that we utilize every day.
Cybersecurity Specialist in Education Sector | Member since 2015
[Our city] is a small municipality with limited IT staff and a modest cybersecurity budget. For years, we have managed our own defenses. That changed the day we joined the MS-ISAC. The MS-ISAC doesn’t just give us tools—they help provide us time to respond, and a team watching our backs when we aren’t always able to.
Network Administrator at Small Municipality | Member since 2019
We find true value in the services provided by MS-ISAC, including annual intelligence meetings, education videos, webinars, IP and domain lists, threat reports, vulnerability scans, and passive threat notifications. Without these services, our cybersecurity posture will suffer, which is a huge win for the bad actors out there.
Sr. Information Security Analyst, Tribal Entity | Member for <1 year
Because organizations in the public sector range in size, budget, and cyber maturity, it is crucial to have an unbiased resource for all of our equally shared security challenges. Without [the] MS-ISAC, this for-public-sector-by-public-sector community would not exist.
Cybersecurity Operations Manager, County | Member for 13 years
The MS-ISAC has been an invaluable resource to our district and to the K-12 community. It would be difficult to find a replacement that offers the same quality services that districts receive from the MS-ISAC elsewhere.
Network Security Engineer, K-12 | Member for 2+ years
We had [a] security breach a year ago and in our time working to remediate the issue and institute changes in policies, procedures, and hardware, the tools and expertise available from MS-ISAC were available to us, when nothing else was. We would not have been able to recover as quickly and seamlessly in addition to improving our posture without the tools and expertise available to us from MS-ISAC.
IT Manager, Library | Member for 2+ years
I am gravely concerned...The MS-ISAC provides various cybersecurity services and threat analysis to organizations that are often not in a position to obtain these services because of budgetary or resource constraints.[Our] county takes advantage of some of the services that they provide and will definitely have some gaps to fill in the event that their organization is further deprecated.
Chief Information Security Officer, County | Member for 13 years
Being in a rural area, resources can be scarce and response to cyber incidents could be delayed...This service decreases our risk of cyber threats substantially and causes less stress on our employed IT technician that has other job duties outside of IT...MS-ISAC’s free services to local governments is important to agencies like ours that have limited resources and live in rural areas.
Systems Manager, Rural County Emergency Services | Member for <6 months
Our 40,000 students and 8,000 staff, will be severely affected if MS-ISAC services are lost. We would then be forced to fund and build this ourselves, which places an undue burden on an already strained system. This could potentially lead to a decrease in the overall quality of our cybersecurity, leaving our district vulnerable to attacks that could compromise sensitive student and staff data.
Security Analyst, K-12 | Member for 6 years