HomeMS-ISACMS-ISAC Services

MS-ISAC Services

Membership Overview

For more than two decades, the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) has provided foundational cybersecurity services to U.S. State, Local, Tribal, and Territorial (SLTT) governments. These services were historically funded through a Cooperative Agreement (CA) with the Department of Homeland Security (DHS), supported by Congressional appropriations. With DHS’s decision to end its support for the SLTT community through the MS-ISAC, SLTT leaders have taken proactive steps to ensure the continuity and resilience of these critical services. Beginning October 1, 2025, the MS-ISAC transitioned to a fee-based membership model — created for SLTTs, by SLTTs — to preserve and strengthen the cybersecurity collaboration that has protected communities nationwide for over 20 years.

The MS-ISAC Fee-Based Membership model ensures continuity of critical cybersecurity services your organization depends on, regardless of federal funding fluctuations, providing membership tiers designed to fit your size, budget, and unique needs.

As an SLTT organization, you are on the frontline of defense against cyber threats, and the MS-ISAC equips your organization with a robust cyber defense ecosystem to stay protected that cannot be replicated by commercial vendors or other government programs.

Don’t wait—Secure Your MS-ISAC Fee-Based Membership Today!

  • Attention: Current MS-ISAC Members: Your MS-ISAC benefits will expire as of October 1. Be sure to sign up for paid MS-ISAC membership by September 30 to maintain access to essential services and benefits you rely on.
  • Now - September 1st, sign up for a new MS-ISAC Single Organization Membership and get 18-month membership term for the price of 12.*

*Standard net 30 payment terms apply, meaning payment is due within 30 days of the invoice date. For single organization memberships only.

Enroll Now
For California, the Malicious Domain Blocking and Reporting (MDBR) service has been effective as an additional source of threat intelligence. This capability adds an additional element of automation in our security operations processes and playbooks, resulting in greater efficiencies. The preventive blocking and reporting provides metrics on true positive and high-fidelity events, allowing our internal teams to focus on more sophisticated attacks.”
Chief Information Security Officer
State of California

Threat Intelligence Distribution 

  • SLTT Specific Threat Intelligence Analysis Products and Reporting
  • MS-ISAC Threat Intelligence Platform STIX/TAXII and MISP Access
  • Virtual Threat Intelligence Briefings (SLTT threat brief)

Member Collaboration and Engagement

  • Exclusive access to a collaborative peer community
  • 1:1 service consultations with CIS cybersecurity experts
  • MS-ISAC Annual Membership Meeting
  • Monthly membership calls
  • Best practice webinars led by experienced peers and top experts
  • SLTT mentorship program

Incident Response & Forensic Services

  • MS-ISAC Incident Response & Forensic Services (as resources allow)

Security Operations Center (SOC)*

  • 24x7x365 SOC Access SOC Alerts, Advisories, Weekly Malicious IP/Domain List
  • Passive Threat Notification Service
    • Targeted Vulnerability Notifications
    • Initial Access Broker (IAB) Monitoring
    • Breached Credential Monitoring
    • IP and Domain Monitoring

Services and Programs*

  • Malicious Domain Blocking and Reporting (MDBR)
  • Annual cybersecurity self-assessment (NCSR)

* Member benefit currently funded by the federal government.

ms-isac logo


 

We value your questions and feedback

At CIS, we are committed to serving the greater IT security community.

Contact Us Today

Information Hub

MS-ISAC

Advisory10.24.2025
A Vulnerability in Microsoft Windows Server Update Services (WSUS) Could Allow for Remote Code Execution
Read More
Case Study10.22.2025
Guiding SLTTs Through the SolarWinds Supply Chain Attack
Read More
Advisory10.22.2025
Oracle Quarterly Critical Patches Issued October 21, 2025
Read More
Case Study10.15.2025
Monitoring and Support During the CrowdStrike Falcon Outage
Read More