MS-ISAC Report Finds Underfunded Local Infrastructure Barraged by Cyberattacks

Tightening security budgets, lack of available resources, and dwindling federal support for cyberattacks targeting critical infrastructure are a few of the challenges facing public sector officials.
Related To: 
Aug. 12, 2025
2 min read
689babb6957fcc051a4ce187 Highvoltageposthighvoltagetower

As state, local, tribal, and territorial (SLTT) governments struggle to defend essential utilities against hostile cyber actors, the Multi-State Information Sharing and Analysis Center's (MS-ISAC) latest "Strengthening Critical Infrastructure" report paints a grim picture.

Tightening security budgets, lack of available resources, and dwindling federal support for cyberattacks targeting critical infrastructure are a few of the challenges facing public sector officials, echoing statements made by organizations such as the National League of Cities (NLC) and the National Association of Counties (NACo) in an August 7 letter to the House and Senate Appropriations Committees.

“Cybersecurity is no longer just an IT issue; it’s a national security issue,” said Terry Loftus, Chair of the MS-ISAC Executive Committee. “This report highlights the resilience and innovation of SLTT organizations but also underscores the urgent need for sustained investment and collaboration.”

With the Trump administration's FY2026 budget proposal slashing CISA's budget by nearly $500 million, resource-constrained infrastructure could have difficulty maintaining a proactive defense against cyberattacks threatening to shut down operations.

These underfunded communities are disproportionately vulnerable to critical infrastructure cyberattacks conducted by foreign adversaries, which, according to the report, occur on a daily basis. Sixty-eight percent of SLTT organizations lack the funding to combat the deluge of threats targeting anything from public schools to local water systems. 

While the drought of sufficient cybersecurity funding makes locking down infrastructure significantly more difficult, MS-ISAC reported that cost-effective workforce development initiatives have successfully shifted the focus toward proactive cybersecurity.

Collaborative cyber navigator programs, for example, provide expert cybersecurity guidance to those without SMEs on hand or the resources to hire them. Shared services and regional security operations centers (SOCs) give smaller government entities a way to continuously monitor for threats with little upfront cost.

Access the full report here.

Sign up for SecurityInfoWatch Newsletters
Get the latest news and updates.

Related

Hybrid work trends 2025: Remote employees work longer, struggle with connectivity
Localization as a cybersecurity blind spot: Protecting regional data
Revolutionizing Security with the R&S®QPS Walk2000
Sponsored
Protecting People and Assets — Security Screening Solutions Brought to You by Rohde & Schwarz
Sponsored