As states grapple with sophisticated attackers, they are on their own to deliver answers. At the same time, they face harrowing budget and resource cuts.

Attackers have access to tools and services to help them craft sophisticated attacks, and ransomware gangs are becoming more relentless with their extortion demands — following through on data leak warnings. Despite the threat pile-on, states are receiving less federal help than ever.

The problem came to a head earlier this month during the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection hearing on “State and Local Cybersecurity: Escalating Threats, Federal Partnership, and the Resilience of America’s Communities.” Security leaders from the states of Tennessee, Florida, and New York urged lawmakers to restore funding to the Cybersecurity and Infrastructure Security Agency (CISA) and the Information Sharing Analysis Center (ISAC) ecosystem, particularly the Multi-State Information Sharing and Analysis Center (MS-ISAC). 

Related:Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026

The MS-ISAC is now a subscription model rather than free, which complicates the relationship between different levels of governments. Over the past year, the administration downsized CISA’s staff, resources, and funding. 

When Colin Ahern, New York’s director of security and intelligence, took the stand, he called the hearing “urgent” and pressed the federal government “to be a partner to all 50 states.”  

State leaders and CISOs also called on Congress to reauthorize and enhance the State and Local Cybersecurity Grant Program (SLCGP), which witness Kristin Darby, chief information officer for the state of Tennessee, described as “one of the most effective tools available to strengthen our collective defense.” 

States require more tools because, as Darby highlighted, rapid AI growth has accelerated attack scale and speed, threat actors increasingly rely on supply chain compromise, and exploitation of identity systems, cloud environment, and zero-days peaked.

At the same time, states face severe budget, staff, and resource cuts. 

“The federal government’s actions over the past year have led to the breakdown in trust with state and local officials, particularly with respect to election cybersecurity,” Darby said during the testimony

Federal Cutbacks Affect Everyone

When states need more help, it causes a trickle-down effect. Municipalities and small businesses are always running up against a lack of resources because of tightening municipal, state, and federal budgets, explains MassCyberCenter director John Petrozzelli. Faced with those shortages, it then becomes a matter of how to prioritize resources. 

Related:Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats

When you layer on cyber threats, it becomes even more dangerous, Petrozzelli tells Dark Reading, who has observed increasing risks across the identity surface, from credential stealing and threat actors’ breaking into user accounts. It’s continuing to grow, but that has been aided by AI, he says. 

“And then you have the AI tools that are on the market and tools that have been corrupted by state actors, like China or Russia, to use against critical infrastructure,” he says. 

Many federally funded services are still available to municipalities like CISA’s vulnerability and Web application scanning, says Petrozzelli, adding that municipalities can sign up for free. But he also echoed one significant change that the committee hearing looked to address.

“The change is there’s a cost to be a member of MS-ISAC and MS-ISAC isn’t a federal entity, but they were funded by CISA,” he says.

How To Prioritize Cyber With Limited Funding

As federal funding wanes, states are forced to take action on their own. Collaboration is a big component of what MassCyberCenter aims to do. Training programs are one prime example. MassCyberCenter tries to point municipalities and small businesses in the right direction, “especially if there’s a person who does something better than we do.” MassCyberCenter is a state-level initiative that focuses on workforce development for public and private entities, as well as boosting public cybersecurity awareness.

Related:Why a 17-Year-Old Built an AI Model to Expose Deepfake Maps

One source Petrozzelli points to is the Massachusetts Executive Office of Technology Services and Security (EOTSS), which provides KnowBe4 training. That means free cybersecurity awareness training and phishing tests for municipalities or school systems. MassCyberCenter and the Office of Consumer Affairs and Business Regulation also published a joint data breach report to provide residents with feedback on data breach trends. The report shows how crucial it is for organizations to patch vulnerabilities on Internet-facing devices. 

The center offers grants, mentorship programs, and a state-funded security operations center (SOC) that includes managed endpoint detection and response around the clock, vulnerability assessment, Active Directory, and software and asset inventory.

“If someone signs up for our SOC, they get MS-ISAC membership and another program, malicious domain blocking and reporting plus,” he says. “Someone with limited funding doesn’t have to prioritize, ‘Am I going to put money in this membership or this SOC?'” 





Source link

#

Comments are closed