In Brief:
- Election officials must fend off a wide array of cyber threats, some launched by sophisticated actors. Smaller jurisdictions often have little funding for cybersecurity and depend upon resources that offer free help.
- The federal government ended funding for information sharing and analysis centers (ISACs) that previously provided free and low-cost cybersecurity tools and threat intelligence to state and local governments and election officials.
- The ISACs plan to continue, but some services may be reduced and there is a new fee-based membership model.
Election officials frequently face all manner of cybersecurity threats. Cyber attackers may try to breach voter registration databases and steal information, take down websites that help voters find polls, spoof official websites and more. Just this November, Utah Lt. Gov Deidre Henderson issued a warning about AI-generated fake election results circulating online.
Across the country, public officials have often turned to trusted federally supported resources for help managing these dangers. The nonprofit Center for Internet Security (CIS) has traditionally provided no-cost and low-cost cybersecurity services and intelligence to state and local governments, in particular through its Multi-State Information Sharing and Analysis Center (MS-ISAC). For decades, the MS-ISAC has helped states defend against and respond to cyber attacks. States and localities that are ISAC members receive threat intelligence as well as one-on-one consultations with cybersecurity experts, some cybersecurity tools and a 24/7 security operations center.
In 2018, CIS launched another resource, the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) to provide states and localities with election-specific intelligence and security training. The EI-ISAC helps officials prepare against and respond to cybersecurity threats as well as physical threats like swatting, bomb threats and white powder mailing. Federal funding and a cooperative agreement with the Department of Homeland Security (DHS) have allowed the ISACs to provide these services for free or low cost.
But early this year, the federal government cut funding for the ISACs and ended its cooperative agreement with CIS. Now, officials have had to navigate the 2025 elections (and are preparing for the 2026 midterms) in a new cybersecurity landscape.
“The federal government has pulled the rug out from under the state and local election officials who came to rely on the excellent services provided by the EI-ISAC at no cost because of the federal support,” says Maine Secretary of State Shenna Bellows.
ISACs Lose Funding
Early this year, the White House cut funding for the EI-ISAC. A federal official from the Cybersecurity and Infrastructure Security Agency (CISA) said in a March 3 letter that this work “no longer supports Department priorities.” On March 11, CISA announced it was also heavily cutting MS-ISAC funding, and it fully ended funding support on Sept. 30.
But public-sector voices like the National Association of Counties and Washington Secretary of State Steve Hobbs sent letters insisting that state and local partners depend on the work of the ISACs. Their funding cuts come as turnover and shake-ups at CISA (fueled in part by ire over CISA’s role in combating election disinformation on social media during the 2020 election) have created new uncertainty about whether this federal partner will continue to provide the same level of election support.
In prior years, the EI-ISAC has provided states on Election Day with a situational awareness room — a Zoom-style meeting where members could share information in real time about emerging threats. In 2024, for example, the Maine secretary of state’s cybersecurity director received warnings about harmful websites in time to proactively block those sites from accessing and launching attacks against election-related IT systems. (While vote tabulation and election management systems should not be connected to the Internet, election agencies’ administrative systems and public-facing websites can face attacks.)
But that kind of situation room was only available using a platform that DHS had made available under its cooperative agreement.
“We had a statewide referendum election in 2025,” Bellows says. “This was the first time that the state didn't have a mechanism to participate in a nationwide situation room.”
While the ISAC could no longer rapidly share new information with its members in real time, or provide a space where participants could communicate back and forth, the EI-ISAC was able to send out updated reports every two hours. Now the EI-ISAC is exploring other potential options for sharing information during next year’s elections.
And while the federal government has stopped providing money, it’s still sharing its threat information, says John Gilligan, president and CEO of the Center for Internet Security, meaning the organization hasn’t lost one of its sources of insight.
ISACs Find a Way Forward
To plug its funding gap, CIS is now transitioning into charging state and local governments for membership in the ISACs, and providing a fee-based service to some non-government, election-related organizations.
The MS-ISAC paid membership funds the main services that members receive. The other fee-based service funds some additional costs of the EI-ISAC, like executive committee meetings and distributing election-related information to members.
It’s not a perfect solution, and it hasn’t yet been fully implemented. Federal funding had helped the MS- and EI-ISACs provide free services and reach cash-strapped, small local government entities like schools and towns, Gilligan says. CIS doesn’t want local governments to lose access due to membership costs.
As such, alongside launching a fee-based membership model in June and encouraging everyone to sign up, CIS is at least temporarily footing the bill for providing critical services to those who haven’t started paying: “We have not turned anything off,” Gilligan says.
The EI-ISAC is trying to figure out how to keep serving everyone, says Paul Lux, Okaloosa County, FL’s supervisor of elections.
“There are just a lot of these, what we call the ‘cyber underserved’ jurisdictions out there, who simply are not equipped to combat nation-state actors on their own,” and for whom finding an extra $1,000 in the budget for a membership is “nearly impossible,” Lux says. “We are encouraging them to go ahead and sign up anyway, and that we will argue about where the money comes from later.”
Gilligan is hoping states will cover the bill for their local partners by signing up for statewide memberships. But the introduction of a fee-based membership came after many states had locked in their budgets and as they have been confronted with assuming significant new costs of other formerly federally funded programs. Not all states can afford statewide memberships now. As such, CIS also offers cheaper memberships that cover just a single organization.
So far, about half of states and 3,000 local organizations have signed up for some form of paid membership, per Gilligan. And he hopes the switch to a statewide membership will encourage a positive change by encouraging states to work more closely with local governments on cybersecurity. Lux says 500 election offices have signed up for ISAC membership.
Eventually, CIS may reduce services to entities that have no real plans to become paying members, or may offer them only the most critical services, like threat information, for a lower price than a full membership, Gilligan says.
All in all though, “Through this pivot, MS-ISAC will continue,” Gilligan says. “There's sufficient uptake.”
