CISA Ends Agreement with CIS, Shifts to New Support Model for SLTT Governments

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced it will terminate its agreement and funding with the Center for Internet Security (CIS), effective September 30, 2025. This decision is part of CISA's "new model" to support state, local, tribal, and territorial (SLTT) governments through grant funding, free tools, and cybersecurity expertise. The move aims to enhance accountability, maximize impact, and empower SLTT partners. The MS-ISAC, operated by CIS, has been a critical resource for SLTT governments, and this transition will require careful management to ensure continuity of services. The new model suggests a shift towards more direct and tailored support, which could provide greater flexibility and effectiveness in addressing cybersecurity needs. However, the transition period may pose challenges, including potential gaps in service and the need for additional training and resources. SLTT governments should prepare for this change by familiarizing themselves with the new processes and resources offered by CISA. Clear communication and effective management from CISA will be essential to ensure a smooth transition and maintain robust cybersecurity support for SLTT governments.