CISA Expands Direct Cybersecurity Support for State and Local Governments

State, local, tribal, and territorial (SLTT) governments continue to face escalating cybersecurity threats while managing limited internal resources and tightening budgets.

In response, the Cybersecurity and Infrastructure Security Agency (CISA) has announced a transition to a new operating model designed to provide more direct support, funding access, and hands-on cybersecurity expertise to public sector organizations.

According to a September 29, 2025 announcement on CISA.gov, the agency is shifting its approach to strengthen accountability, maximize impact, and empower SLTT governments to build cyber resilience at the local level.

Source: CISA.gov

What Is Changing?

CISA’s cooperative agreement with the Center for Internet Security (CIS) concluded on September 30, 2025, marking a transition in how federal cybersecurity resources are delivered to state and local entities.

Rather than reducing engagement, the shift aims to streamline support and provide more direct access to tools, funding, and advisory services.

The updated model focuses on expanding shared responsibility nationwide while equipping communities of all sizes with practical resources to defend against modern threats.

Key Cybersecurity Resources Available to SLTT Governments

1. Access to Federal Grant Funding

CISA is working in coordination with FEMA to facilitate funding through:

• The State and Local Cybersecurity Grant Program (SLCGP)
• The Tribal Cybersecurity Grant Program (TCGP)

These grant programs are administered by the Department of Homeland Security (DHS) and are intended to strengthen cybersecurity planning, modernization, and resilience initiatives across public sector organizations.

2. No-Cost Cybersecurity Tools and Services

CISA continues offering complimentary services that help public entities identify and reduce risk, including:

• Cyber Hygiene vulnerability scanning
• Phishing assessments
• Ongoing vulnerability management support

These services provide foundational visibility into security posture and help agencies prioritize remediation efforts.

3. Cybersecurity Performance Goals & Evaluation Tools

CISA provides structured guidance to help organizations measure and improve cybersecurity maturity, including:

• Cybersecurity Performance Goals
• The Cyber Security Evaluation Tool (CSET)

These resources help agencies benchmark progress and align efforts with nationally recognized standards.

4. Regional Cybersecurity Advisors and State Coordinators

CISA’s regional advisors deliver hands-on support, both locally and virtually. These professionals provide:

• Strategic cybersecurity guidance
• Technical assistance
• Risk mitigation planning
• Incident coordination support

This localized model helps bridge the gap between federal expertise and community-level implementation.

5. Incident Response Coordination and SOC Collaboration

CISA will continue collaborating with the Multi-State Information Sharing and Analysis Center (MS-ISAC) on joint cybersecurity products and information sharing. SLTT organizations using Albert sensors should continue coordinating directly with CIS/MS-ISAC for those services.

CISA also facilitates bi-monthly SLTT Security Operations Center (SOC) calls to deliver timely cyber defense updates and emerging threat intelligence.

Source: CISA.gov

Why This Matters for State and Local Governments

Cyberattacks targeting municipalities, school districts, law enforcement agencies, and public utilities continue to increase in frequency and sophistication. Many public sector IT teams operate lean environments, making federal collaboration and structured guidance essential.

CISA’s updated model reinforces its role as the nation’s cyber defense agency, emphasizing:

• Protection of critical infrastructure
• Secure communications across public systems
• Increased local-level empowerment
• Expanded access to funding and cybersecurity expertise

By providing direct pathways to grants, tools, advisors, and performance frameworks, CISA aims to ensure that every community—regardless of size—has access to resources needed to improve resilience.

What Public Sector Leaders Should Consider

While CISA’s support is expanding, it remains essential for SLTT organizations to:

• Review eligibility for SLCGP and TCGP funding
• Take advantage of no-cost cyber hygiene and assessment tools
• Align cybersecurity programs with recognized frameworks such as NIST
• Participate in regional coordination efforts and information sharing groups

Proactive engagement with available federal resources can help agencies reduce risk exposure and strengthen preparedness.

Looking Ahead

As CISA continues implementing this new support model, state and local governments have an opportunity to leverage expanded funding access and structured cybersecurity guidance.

With growing threat activity targeting public infrastructure, coordinated defense efforts at the federal and local levels remain critical.

For more information on CISA’s Cybersecurity Services for SLTT partners, visit CISA.gov.

Source: CISA.gov