U.S. SLTTs Need to Adapt to a New Threat Environment
Foreign adversaries and other threat actors are targeting U.S. State, Local, Tribal, and Territorial (SLTT) systems and services. Unfortunately, over the past several years, this threat has significantly increased and almost certainly will continue accelerating at an unprecedented pace. We are entering a complex new threat environment. More than ever, SLTTs are on the front lines and must adapt to protect their systems, services, and citizens.
With threat actors increasingly using artificial intelligence and support from the federal government decreasing, SLTT organizations are prime targets for ransomware, disruption of both basic and critical infrastructure services, and efforts to undermine confidence in our government agencies. This is not a future issue; it is an urgent issue that demands immediate attention.
Why Whole-of-State Security Fulfills This Need
Whole-of-state security is a coordinated, statewide effort that aligns government, critical infrastructure, private sector and community stakeholders to strengthen security resilience across all entities in a state. The initiative provides shared governance, resources, standards, and support mechanisms to reduce risk, improve preparedness, and enhance the prevention, detection, response, and recovery capabilities for cyber, physical, and information operations threats.
Such an initiative emphasizes an all-hazards approach to collaboration across agencies, local governments, education systems, law enforcement, emergency management functions, healthcare, utilities, private industry, and nonprofit organizations, ensuring that security improvements are consistent, scalable, and equitable rather than fragmented or agency specific. This cross-sector approach typically includes centralized policy direction, common risk management frameworks, intelligence and information sharing, technical assistance, training, and funding support to elevate security maturity state or territory wide.
Every state and territory has unique governmental and security structures, political contexts, and resource constraints. Similarly, every state and territory is at a different point on their whole-of-state journey. Some have not started, some are in early implementation, and others are more mature. The whole-of-state offering of the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) is intended to meet states and territories where they are, accounting for different structures and progress on the journey, while providing tailored services and support designed to help them achieve their specific goals.
The MS-ISAC helps states and territories develop, implement, and improve their whole-of-state initiatives. Below are the core whole-of-state services available through the MS-ISAC. Specialized support is also available to address states and territories’ particular needs.
- Comprehensive Whole-of-State Assessment: Full-spectrum analysis identifying gaps, including resource and governance needs and risks.
- In-Depth, Tailored Program Support from Beginning to End:
- Joint development of a whole-of-state plan based on the whole-of-state assessment outlining priorities, near-term actions, and target outcomes.
- Highlighting governance structures, policies, legislative language, and more.
- Providing briefings and forums for executives and practitioners on the evolving threat landscape and the importance of whole-of-state security to generate buy-in across stakeholders.
- Supporting the development and management of whole-of-state surveys to enable nationwide benchmarking.
- Local organization outreach and support to provide tutorials, training, and tailored resources to help organizations at every stage of their security maturity journey while improving coordination and collaboration.
- Nationwide and State or Territory-specific Communities of Practice:
- Participation in a network of state officials focused on whole-of-state learning from peers, including those who overcame similar challenges.
- Targeted Support: Help states and territories facilitate adoption of security best practices and appropriate tools by “cyber-underserved” local and tribal organizations.
- Available as part of MS-ISAC State and Territory-Wide Membership:
- Forums for state and territory leaders and their localities designed to foster intra-state/territory relationships and facilitate information sharing.
- Dashboards: Insights based on the use of MS-ISAC services that help state and territory leaders understand what is happening in real time and align whole-of-state actions to current conditions affecting statewide or territorywide operations and other critical services.
- Coming Soon - Whole-of-State Clearinghouse: Access to whole-of-state case studies, best practices, and document templates derived from states and territories’ firsthand experience to accelerate and improve execution.
Implementing whole-of-state security strategies has never been more important. Whether your state or territory is just beginning this journey or advancing a well-established program, the MS-ISAC is committed to supporting your progress every step of the way. Our team can help you strengthen governance, accelerate maturity, and improve statewide coordination to better protect critical services and the communities you serve.