The Multi-State Information Sharing and Analysis Center run by the Center for Internet Security is searching for alternative funding models for providing cyber services, after a decision by the Cybersecurity Infrastructure Security Agency to reduce funding for their operations as part of budget cuts.
CISA's budget cuts in February to its contract with CIS resulted in the elimination of the Elections Infrastructure ISAC, followed by reduced monetary support for the MS-ISAC. As a result, the EI-ISAC was shut down and the MS-ISAC's executive committee and CIS are exploring other opportunities to maintain the state-focused information sharing hub.
CIS has decided to fully fund the operations of the MS-ISAC “for a short period of time...to continue services, to allow for coordination on alternative funding and reconsideration, and to allow state, local, tribal and territorial governments and their departments and agencies to manage their programs and the transition that is involved,” according to Carlos Kizzee, senior vice president for the MS-ISAC’s strategy and plan.
Carlos Kizzee, Senior Vice President, MS-ISAC Strategy and Plan
Kizzee spoke with Inside Cybersecurity about ways to continue funding critical cyber services for state and local governments.
He said, “There are probably very few entities or organizations that can turn on a dime when it comes to changes to their security protocols, their security activities and their security programs, so we wanted to make sure the reduction in funding did not adversely impact state, local, tribal and territorial governments and their departments and agencies.”
Kizzee said the CIS board of directors and elected leaders in the MS-ISAC’s executive committee are “looking at and coordinating the development of alternative funding models that would enable the MS-ISAC to continue to provide the value that state, local, tribal and territorial governments have received for over two decades.”
Kizzee noted the MS-ISAC has not always been funded by the Department of Homeland Security. It was launched in 2003 and its first “instantiation” was funded and run by New York state. “Very early in that MS-ISAC 1.0 single-state-funded model, multiple states recognized the value in participating – so one [state] became 10 relatively quickly.”
The info-sharing group was awarded a federal cooperative agreement in 2004 to support state, local, tribal and territorial entities, according to a blog post, and built a strong partnership with DHS starting in 2013 through collaborating on the annual National Cyber Security Review.
The MS-ISAC determined in 2010 that “one state should not own or manage” the massive undertaking of running an info-sharing organization, according to Kizzee, which led to a management transition from New York state to CIS. “That’s essentially our MS-ISAC 2.0 model,” he said, “where you have multiple states and political subdivisions within states and public sector departments and agencies being able to take advantage of services and participation.”
With the reduction in CISA funding, Kizzee said continuing to offer cyber services for the MS-ISAC’s over 18,000 members is “a bipartisan and apolitical concern” that is “shared between the public and private sectors.”
He said, “Organizations at the state, local, tribal and territorial government level depend on a collective service capability, [and] a shared service environment.” He noted the MS-ISAC is “an exceptionally efficient model of service delivery and an exceptionally efficient model of collaboration and coordination.”
Identifying the “appropriate balance of resources and allocation of resources” is an “ongoing concern” for stakeholders across the nation that “should remain an apolitical discussion,” Kizzee said.
Kizzee argued for the importance of supporting state and local entities in the asymmetric fight against sophisticated cyber attackers that could be funded by adversary nations.
“When a government attacks an entity like a state or a political subdivision within a state...it's not realistic to presume that state or political subdivision has the resources, the capability, the competence or the capacity to keep pace with sophisticated threat activity, especially when it's coming from a nation-state,” he said.
“Strong partnership” is needed, the MS-ISAC executive said, “because threat actors can leverage the same tools, techniques and capabilities to target a school district as well as a water treatment facility or the power apparatus, the power infrastructure or transportation infrastructure for a state.”
He said, “There needs to be ownership, and there needs to be a good collaborative model that enables the different communities of practice to coordinate cross-jurisdictionally and partner together for solutions.”
“This is a national security issue,” Kizzee added, “and there is a national equity as well as a state, local, tribal and territorial equity in responding to that.” -- Jacob Livesay (jlivesay@iwpnews.com)