MS-ISAC® Membership FAQ

The shift to a fee-based model is necessary due to significant decreases in federal funding for the MS-ISAC. Historically, core MS-ISAC functions and services were supported by Congressional appropriations through a Cooperative Agreement (CA). Reduced federal funding makes it essential to adopt a sustainable, member-driven approach to ensure these vital cybersecurity services remain available to SLTT governments nationwide. Federal funding for the MS-ISAC is set to end on September 30, 2025. Services previously covered by the federal government — and temporarily funded by CIS since March 6 — will also cease on that date unless a transition to a fee-based membership model is implemented.

On March 6, the federal government cancelled funding to ten categories of work affecting MS-ISAC operations, including cyber threat analysis and threat distribution, incident response services, a wide range of member onboarding and account management support, and outreach activities including webinars, training, and virtual and in-person meetings. Numerous MS-ISAC services were not affected by the funding cuts and are still supported by the Cooperative Agreement administered by DHS/CISA through September 30, 2025, including federally funded Albert Network Monitoring and Management sensors, Malicious Domain Blocking and Reporting (MDBR), and cybersecurity advisories. For a full listing of how funding cuts have impacted MS-ISAC services, visit https://learn.cisecurity.org/ms-isac-value-impact-across-america.

MS-ISAC member benefits, including tailored threat intelligence, member engagement and support, 24x7x365 SOC services, and collaborative working groups, require dedicated staff, infrastructure, and technical resources. Without sufficient and predictable funding, we cannot continue delivering these services. A paid membership model ensures continued access, quality, and innovation to meet SLTT needs amid evolving cyber threats.

The model preserves CIS’s commitment to serving “cyber underserved” SLTT organizations. By offering affordable individual membership options scaled to budget at various pricing tiers, even the smallest or most resource-constrained entities can participate and benefit.

Membership options have been developed to enable all eligible U.S. State, Local, Tribal, and Territorial (SLTT) government entities to join the MS-ISAC. Eligibility generally includes U.S. state agencies, local governments, public education institutions, public utilities, public healthcare organizations, and tribal and territorial governments. Eligibility will be confirmed during the membership enrollment process.

No. Members will continue to engage with the MS-ISAC as they do today through established channels such as account managers, working groups, webinars, and the CIS SOC.

Access to CIS Benchmarks are provided to the global community including U.S. SLTTs at no cost regardless of any CIS memberships. This is not changing under the new membership model.

CIS Hardened Images will also remain a separate, fee-based product based on usage. There is no change to the CIS Hardened Images with the MS-ISAC membership model.

The no-cost CIS SecureSuite Membership that CIS provides to SLTTs will continue independently of MS-ISAC membership and will not be tied to the new fee-based membership structure.

Existing MS-ISAC members will need to sign up under the new fee-based membership model by Sept. 30, 2025, to receive continued access to MS-ISAC benefits.

To determine which Tier an organization belongs in, we will be using a self-attestation model. Given the wide variety of budget structures across the thousands of SLTT members in the MS-ISAC—including pass-through funding, budgets that include unrelated or semi-autonomous entities, and capital/project-heavy models—each organization is best positioned to determine which budget components most accurately reflect their operational scope. The Price Tier that you select should align with the Organizations and Entities that will be covered or supported by you and the services you receive from the MS-ISAC Membership.

If your organization’s budget includes separate or independent entities (e.g., school districts, libraries, utilities, or other departments with independent governance or funding), you may exclude those portions when determining your Tier. These entities are expected to register separately, using their own operating budgets.

If you feel there are areas of your budget that should not be considered when determining your membership Tier, you can and should exclude those when making your determination.

Pricing tiers for single organization memberships are based on the organization’s total overall annual operating budget, not just the IT or cybersecurity department’s budget. This approach ensures consistent, equitable tier placement across all eligible entity types, regardless of how budgets are structured internally.

Your Operational Budget is your annual financial plan that outlines the expected revenues and expenditures for the day-to-day functioning of the departments and organization to be supported via the MS-ISAC Membership.

It typically includes all of the recuring, day-day expenses of the organization, such as Salaries and Wages, Supplies, Travel, Facilities, and contracted services.

It would exclude any passthrough budget allocated to autonomous entities and capital expenditures which focus on long-term investments like infrastructure projects.

To determine if your elections office should have separate membership or be included under the county’s membership, consider the following:

1. Is the Elections office an autonomous entity from an IT infrastructure standpoint, or is it managed by the county?
   1. If it is not autonomous and the county oversees its IT infrastructure, the elections office can be included in the county’s membership.
2. If the elections office is autonomous, does its operating budget fall under the county’s budget?
   1. Yes: The elections office should apply for membership separately and their budget can be removed from your operating budget
   2. No: The elections office should apply for its own membership. 

The Price Tier that you select should align with the Organizations and Entities that will be covered or supported by you and the services you receive from the MS-ISAC Membership. If the services are utilized at the university system level and not the individual school level, you should use the Annual Operating Budget of the entire school system. If each school is looking to utilize our services in a unique capacity, each school would need to purchase their own membership.

Yes. All membership fees are assessed annually and provide access to benefits for a 12-month term unless otherwise noted.

At this time, memberships are offered on an annual basis. Multi-year options may be available in the future based on member demand.

The pricing tiers for MS-ISAC membership ensure all members receive the same high-value services. Membership fees are scaled to reflect each organization’s financial capacity, ensuring that cost is never a barrier to participation. Under MS-ISAC membership, all members benefit equally while contributing proportionally.

The decision to base the MS-ISAC Single Organization membership cost on an organization’s total annual operating budget—rather than solely on IT budget or staff size—was made to ensure a fair and scalable funding structure that reflects the overall capacity of each member organization, as the benefits to this membership will impact the entire organization.

While we understand that some entities may have modest IT departments or limited cybersecurity resources, the cybersecurity risks and responsibilities they face are often proportional to the scope and complexity of their overall operations, not just their IT footprint. By using the total operating budget as a baseline, we aim to:

• Promote equity among diverse member organizations
• Sustain critical services like 24/7 threat monitoring, incident response, and intelligence sharing
• Ensure long-term viability of the MS-ISAC’s support for all SLTTs, regardless of size

We recognize that this model may not perfectly align with every organization’s internal structure, and we’re committed to working with members to ensure they receive maximum value from their membership.

We understand that smaller organizations often operate with limited resources, and we’re committed to making our membership accessible and valuable regardless of size.  If your organization has an operating budget under $25 million and is unable to allocate the full $995 membership fee due to budget constraints, you may qualify for financial assistance. We offer several flexible options to support small organizations:

• 12-month membership with 6 months deferred billing
• 50% off a 12-month membership
• 12-month membership with no payment required

These options are designed to ensure that cost isn’t a barrier to accessing the cybersecurity support and resources we provide.

Any active user of an organization may do so.

Yes. Standard payment terms (e.g., Net 30) will apply, though in some cases, extended terms may be offered based on SLTT purchasing processes.

The continuity of the MS-ISAC depends upon members contributing to the community at the affordable, flexible pricing tiers outlined in the MS-ISAC membership model. We understand that the complexities of budget cycles and the necessary speed of this change will make it difficult for some organizations to gather sufficient funding to pay for membership. During sign-up, organizations with an annual operating budget below $25M can request financial assistance, and CIS will assess eligibility as part of the verification process.

The process we will be using to determine which Tier an organization belongs in will be a “self-attestation” model. For organizations with pass-through funding (such as the purchase of power and grant money being triaged through your organization), you should exclude those from your Annual Operating Budget, as they do not reflect core operating expenses.

To receive a quote for the MS-ISAC membership, please continue to the CIS Portal and register for the MS-ISAC membership. After selecting your organizations tier, there is a “Edit Billing Information” drop down where there is a comment area. This is where you can request a quote or other information. Our Operations team will follow up with your organization after the registration is submitted.

To request specific forms to be filled out and completed for the MS-ISAC membership, please continue to the CIS Portal and register for the MS-ISAC membership. After selecting your organizations tier, there is a “Edit Billing Information” drop down where there is a comment area. This is where you can request a form to be completed or other information. Our Operations team will follow up with your organization after the registration is submitted.

Yes. Similar to other CIS services, organizations will agree to the MS-ISAC Terms and Conditions upon initial enrollment and will be required to reaffirm or update agreement terms upon renewal.

Yes. The renewal process will include clear options for members to cancel or opt out, as needed.

There may be a short grace period following expiration. However, access to MS-ISAC services, will ultimately require an active membership.

Your membership subscription will begin on the date the invoice for your MS-ISAC membership is issued. You will have 30 days from the invoice date to submit payment. Your membership access will remain active during this period. If payment is not received within 30 days, your membership will be revoked until payment is completed.

Membership applies to the organization as defined at the time of enrollment. If major changes occur (e.g., mergers, restructures), MS-ISAC will work with members to appropriately align the membership under the new organizational structure.

If you are purchasing membership through CIS, you will receive an invoice within 1 business day. If your organization is purchasing membership through Carahsoft, you will receive a quote from Carahsoft within 1 business day. When recieving an invoice from Carahsoft, it will depend on how long it takes your organization to approve the Carahsoft quote. 

This depends on the process the organization followed within the CIS Portal. If the organization chose to go through our reseller Carahsoft, then the invoice will be from Carahsoft.

If the organization did not go through Carahsoft, then the invoice will come from:

Center for Internet Security, Inc.
PO Box 536014
Pittsburgh, Pennsylvania 15253-5902

CIS will honor the length of the contracted service and will continue to use their service until the end of that service term. When it is time for renewal, MS-ISAC membership will be required to purchase. Organizations will lose other MS-ISAC member benefits on 10/1 if they have not become members.

The State CIO and CISOs have been provided with all available information on the Statewide option. At this point, we don't have anything additional to share.

Yes, starting October 1st, MS-ISAC membership is required to be able to purchase any add-on services at cost.

If your organization is currently utilizing an add-on/paid service, CIS will honor the length of the contracted service and will continue to use their service until the end of that service term. When it is time for renewal, MS-ISAC membership will be required to purchase. 

The NCSR is a product owned by CISA, that we are responsible for facilitating. As of today, it is unclear as to what decision will be made regarding the NCSR and it's connection to MS-ISAC membership. As we hear more regarding the status of the FY 25/26 Cooperative Agreement, we will ensure all of our members are as up to date as possible. 

CIS SecureSuite will continue to be no-cost for SLTT community and does not require MS-ISAC Membership.

If an organization pays for a single membership and then the state signs up for state wide membership, that organization can decide if they want a refund or if they want a credit towards other/future purchases. The amount will be based on time elapsed. Example, If an organization is halfway through their term, and the state then signs up, we refund or credit 50% of their fee.

The new MS-ISAC Membership will apply tax exemption status by default.

All current MS and EI-ISAC members are eligible for MS-ISAC membership.

MS-ISAC Membership is now available for purchasing via the CIS Portal.

Organizations that register for the new MS-ISAC membership before September 1, 2025, will be enrolled in an 18-month membership at a 12-month membership price. The price of the member will also be locked in regardless of what happens with the Cooperative Agreement funding. Once an organization is enrolled in membership, their services and membership will start immediately.

Starting October 1, 2025, services disruptions will occur to organizations who did not register for membership and will need to purchase membership to obtain MS-ISAC benefits and services. 

If you are receiving our Endpoint Detection & Response service through the current federal funding, with the purchase of MS-ISAC membership, you will retain access to this service through September 30th, 2026 at no additional cost. Beyond September 30th, 2026, we cannot guarantee (federal) funding/inclusion with membership for this service will continue. We will continue to update our current users, as more information on continuation becomes available.

The only services that will remain no-cost are the following:

• CIS Benchmarks
• CIS-CAT
• Community Defense Model
• CIS Controls Navigator
• CIS CSAT Ransomware Business Impact Analysis Tool
• CIS RAM
• CIS SecureSuite©
• CIS Workbench
• TLP: CLEAR Threat Intelligence Feed (automated indicators derived from open sources or are no longer actively being seen in MS-ISAC member cases (i.e. reduced from TLP:AMBER down)
• TLP: CLEAR CTI Reporting (finished analysis from the CTI team delivered after it has been scrubbed for TLP:GREEN and above content (blogs, whitepapers, etc. provided approximately 2 weeks after being disseminated to members)
• SOC Advisories available via the CIS website or CIS Portal (typically within 72 hours following email delivery to members)

The Cooperative Agreement is the federal funding provided by the U.S. Department of Homeland Security (DHS) to the Center for Internet Security (CIS) to support the Multi-State Information Sharing and Analysis Center (MS-ISAC). On March 6, the federal government cancelled funding to ten categories of work affecting MS-ISAC operations, including cyber threat analysis and threat distribution, incident response services, a wide range of member onboarding and account management support, and outreach activities including webinars, training, and virtual and in-person meetings.

The fee-based membership model is designed to create long-term sustainability for MS-ISAC services. If further federal funding reductions occur, member fees will increase in order to fund the benefits no longer funded through the federal government. The increased cost without federal funding for all pricing tiers of the single organization membership can be found at: https://learn.cisecurity.org/MS-ISAC-Single-Org-Membership-Model.

Should federal funding be restored, the MS-ISAC will engage with the Executive Committee to establish a fair and equitable framework for revising pricing and addressing any implications for members who have already purchased a membership. CIS is committed to being transparent and responsive to changes in the funding environment, with the goal of reducing financial burdens on members when feasible.

MS-ISAC will regularly review offerings and pricing in coordination with members. Adjustments may occur to ensure sustainability, improve value, or respond to changes in funding or cybersecurity threats.

Yes. Carahsoft is currently the exclusive authorized reseller for MS-ISAC single organization memberships. Additional resellers may be considered in the future and more details will follow.

No, you do not have to purchase membership through Carahsoft. This option is available for organizations who cannot purchase direct from CIS.

Yes, you can obtain a quote and purchase membership through Carahsoft via the CIS Portal. 

You can use the NASPO ValuePoint contract, and soon the GSA Schedule 70 will be available. Carahsoft accepts credit cards and ACH transfers, with a secure portal for credit card payments.

Pricing may be slightly lower due to contract-based discounts, but the services included in the membership are identical regardless of the purchase method.

Carahsoft typically provides a quote within one business day, and membership activates within one business day of order confirmation. The onboarding and renewal processes are the same as purchasing directly from CIS.