MS-ISAC® Membership FAQ

The shift to a fee-based model is necessary due to significant decreases in federal funding for the MS-ISAC. Historically, core MS-ISAC functions and services were supported by Congressional appropriations through a contract with DHS/CISA. Reduced federal funding makes it essential to adopt a sustainable, member-driven approach to ensure these vital cybersecurity services remain available to SLTT governments nationwide. Federal funding for the MS-ISAC is set to end on September 30, 2025. Services previously covered by the federal government — and temporarily funded by CIS since March 6 — will also cease on that date unless a transition to a fee-based membership model is implemented.

On March 6, the federal government cancelled funding to ten categories of work affecting MS-ISAC operations, including cyber threat analysis and threat distribution, incident response services, a wide range of member onboarding and account management support, and outreach activities including webinars, training, and virtual and in-person meetings. Numerous MS-ISAC services were not affected by the funding cuts and are still supported by the Cooperative Agreement administered by DHS/CISA through September 30, 2025, including federally funded Albert Network Monitoring and Management sensors, Malicious Domain Blocking and Reporting (MDBR), and cybersecurity advisories. For a full listing of how funding cuts have impacted MS-ISAC services, visit https://learn.cisecurity.org/ms-isac-value-impact-across-america.

MS-ISAC member benefits, including tailored threat intelligence, member engagement and support, 24x7x365 SOC services, and collaborative working groups, require dedicated staff, infrastructure, and technical resources. Without sufficient and predictable funding, we cannot continue delivering these services. A paid membership model ensures continued access, quality, and innovation to meet SLTT needs amid evolving cyber threats.

The model preserves the MS-ISAC’s and CIS’s commitment to serving “cyber underserved” SLTT organizations. By offering affordable individual membership options scaled to budget at various pricing tiers, even the smallest or most resource-constrained entities can participate and benefit.

Membership options have been developed to enable all eligible U.S. State, Local, Tribal, and Territorial (SLTT) government entities to join the MS-ISAC. Eligibility generally includes U.S. state agencies, local governments, public education institutions, public utilities, public healthcare organizations, and tribal and territorial governments. Eligibility will be confirmed during the membership enrollment process.

No. Members will continue to engage with the MS-ISAC as they do today through established channels such as account managers, working groups, webinars, and the CIS SOC.

Access to CIS Benchmarks are provided to the global community including U.S. SLTTs at no cost regardless of any CIS memberships. This is not changing under the new membership model.

CIS Hardened Images will also remain a separate, fee-based product based on usage. There is no change to the CIS Hardened Images with the MS-ISAC membership model.

The no-cost CIS SecureSuite Membership that CIS provides to SLTTs will continue independently of MS-ISAC membership and will not be tied to the new fee-based membership structure.

Existing MS-ISAC members will need to sign up under the new fee-based membership model by Sept. 30, 2025, to receive continued access to MS-ISAC benefits.

To receive a quote for the MS-ISAC membership, please continue to the CIS Portal and register for the MS-ISAC membership. After selecting your organization’s tier, there is a “Edit Billing Information” drop down where there is a comment area. This is where you can request a quote or other information. Our Operations team will follow up with your organization after the registration is submitted.

To request specific forms to be filled out and completed for the MS-ISAC membership, please continue to the CIS Portal and register for the MS-ISAC membership. After selecting your organizations tier, there is a “Edit Billing Information” drop down where there is a comment area. This is where you can request a form to be completed or other information. Our Operations team will follow up with your organization after the registration is submitted.

At this time, membership is offered on an annual basis. Multi-year options may be available in the future based on member demand. Organizations will need to agree to the MS-ISAC Membership Agreement upon initial enrollment and will be required to reaffirm or update agreement terms upon renewal.

At this time, membership is offered on an annual basis. Multi-year options may be available in the future based on member demand.

The organization's primary contact, or their designee, may do so.

Yes. Standard payment terms (e.g., Net 30) will apply, though in some cases, extended terms may be offered based on SLTT purchasing processes.

Yes. The renewal process will include clear options for members to cancel or opt out, as needed.

There may be a short grace period following expiration. However, access to MS-ISAC services, will ultimately require an active membership.

Single organization membership subscriptions will begin on the date the invoice for your MS-ISAC membership is issued. State & Territory-Wide memberships will commence on October 1, 2025. You will have 30 days from the invoice date to submit payment. Your membership access will remain active during this period. If payment is not received within 30 days, your membership will be revoked until payment is completed.

Membership applies to the organization as defined at the time of enrollment. If major changes occur (e.g., mergers or restructures), MS-ISAC will work with members to appropriately align the membership under the new organizational structure.

If you are purchasing membership through CIS, you will receive an invoice within 1 business day. If your organization is purchasing membership through Carahsoft, you will receive a quote from Carahsoft within 1 business day. When receiving an invoice from Carahsoft, it will depend on how long it takes your organization to approve the Carahsoft quote.

This depends on the process the organization followed within the CIS Portal. If the organization chose to go through our reseller Carahsoft, then the invoice will be from Carahsoft.

If the organization did not go through Carahsoft, then the invoice will come from:

Center for Internet Security, Inc.
PO Box 536014
Pittsburgh, Pennsylvania 15253-5902

The new MS-ISAC Membership will apply tax exemption status by default.

All current MS and EI-ISAC members are eligible for MS-ISAC membership.  EI-ISAC member organizations are required to purchase MS-ISAC membership in order to retain their membership benefits.

If you are currently receiving our Endpoint Detection & Response service through federal funding, you will retain access to this service through September 30, 2026 at no additional cost if your organization purchases MS-ISAC membership,. After September 30, 2026, we cannot guarantee continued federal funding or that membership will still include this service. We will continue to update our current users, as more information on continuation becomes available.

Yes, starting October 1, MS-ISAC membership is required to be able to purchase any add-on services at cost.

If your organization is currently utilizing an add-on/paid service, CIS will honor the length of the contracted service and will continue to use their service until the end of that service term. When it is time for renewal, MS-ISAC membership will be required to purchase.

CIS will honor the length of the contracted service and will continue to use their service until the end of that service term. When it is time for renewal, MS-ISAC membership will be required to purchase. Organizations will lose other MS-ISAC member benefits on October 1, 2025, if they do not purchase MS-ISAC membership by that date.

At sign-up, if your state or territory has purchased the State/Territory Membership, you will be notified and given the option to sign up under that membership or proceed with a Single Organization membership. Questions outside of the purchase process should be addressed directly within your state or territory. 

If an organization pays for a Single Organization membership and then the state signs up for State/Territory-Wide membership, that organization can decide if they want a refund or if they want a credit towards other/future purchases. The amount will be based on time elapsed. For example, if an organization is halfway through their term and the state then signs up, we refund or credit 50% of their fee.

The NCSR is a product owned by CISA, that we are responsible for facilitating. As of today, it is unclear as to what decision will be made regarding the NCSR and its connection to MS-ISAC membership. As we hear more regarding the status of the FY 25/26 Cooperative Agreement, we will ensure all of our members are as up to date as possible. 

CIS SecureSuite will continue to be no-cost for SLTT community and does not require MS-ISAC Membership.

The only services that will remain no-cost are the following:

• CIS Benchmarks ®
• CIS-CAT ®
• Community Defense Model
• CIS Controls Navigator
• CIS CSAT Ransomware Business Impact Analysis Tool
• CIS RAM
• CIS SecureSuite©
• CIS Workbench
• TLP: CLEAR Threat Intelligence Feed (automated indicators derived from open sources or are no longer actively being seen in MS-ISAC member cases (i.e. reduced from TLP:AMBER down)
• TLP: CLEAR CTI Reporting (finished analysis from the CTI team delivered after it has been scrubbed for TLP:GREEN and above content (blogs, whitepapers, etc. provided approximately 2 weeks after being disseminated to members)
• SOC Advisories available via the CIS website or CIS Portal (typically within 72 hours following email delivery to members)

The Cooperative Agreement is the federal funding provided by the U.S. Department of Homeland Security (DHS) to the Center for Internet Security (CIS) to support the Multi-State Information Sharing and Analysis Center (MS-ISAC). On March 6, the federal government cancelled funding to ten categories of work affecting MS-ISAC operations, including cyber threat analysis and threat distribution, incident response services, a wide range of member onboarding and account management support, and outreach activities including webinars, training, and virtual and in-person meetings.

The fee-based membership model is designed to create long-term sustainability for MS-ISAC services. If further federal funding reductions occur, member fees will increase in order to fund the benefits no longer funded through the federal government. The increased cost without federal funding for all pricing tiers of the single organization membership can be found at: https://learn.cisecurity.org/MS-ISAC-Single-Org-Membership-Model.

Should federal funding be restored, the MS-ISAC will engage with the Executive Committee to establish a fair and equitable framework for revising pricing and addressing any implications for members who have already purchased a membership. CIS is committed to being transparent and responsive to changes in the funding environment, with the goal of reducing financial burdens on members when feasible.

MS-ISAC will regularly review offerings and pricing in coordination with members. Adjustments may occur to ensure sustainability, improve value, or respond to changes in funding or cybersecurity threats.