Warner unveils bill to restore cyber information-sharing program funding

Sen. Mark Warner, D-Va., is introducing legislation to permanently fund a cybersecurity information-sharing program used by thousands of state, local, tribal and territorial governments, after the Trump administration ended federal support for the effort last year.

The measure would require the Cybersecurity and Infrastructure Security Agency to provide funding for the Multi-State Information Sharing and Analysis Center, or MS-ISAC, a nonprofit-run program that offers services like threat intelligence and incident response assistance to roughly 19,000 government entities nationwide.

Under former Homeland Security Secretary Kristi Noem, DHS terminated CISA’s funding agreement with the Center for Internet Security, which operates MS-ISAC, and barred certain federal grant funds from being used for membership fees. Critics argued the move weakened a key mechanism for sharing cyber threat information with smaller governments that often lack dedicated cybersecurity resources.

Warner’s legislation would direct CISA to enter into a new agreement with the Center for Internet Security to provide cybersecurity services and threat intelligence at no cost to state, local, tribal and territorial entities. It would also authorize $50 million annually beginning in fiscal year 2027 and require the cyberdefense agency to report to Congress on its efforts to restore and expand participation.

In a letter sent Thursday to Homeland Security Secretary Markwayne Mullin, Warner urged the department to restore support for the program and reverse broader cuts to CISA. The senator argued that eliminating MS-ISAC funding left communities with fewer resources to detect and respond to cyber threats and more vulnerable to attacks. 

“This is too important to let politics get in the way. I will stand alongside anyone committed to ensuring that when our adversaries test our critical infrastructure, it holds fast,” Warner wrote to Mullin. “I want to work with you to achieve that end and ask that you reach out to me directly to coordinate — because the question is not whether our critical infrastructure will be targeted, but whether we will be ready when it is.”

John Gilligan, president and CEO of the Center for Internet Security, did not directly address the bill but told Nextgov/FCW in a statement that MS-ISAC has supported cyber stakeholders for more than two decades and has received congressional funding for at least 20 years. 

“In fiscal year 2025, the appropriated funding was $27 million,” he said.

CISA and DHS did not immediately respond to a request for comment.

Warner also sent separate letters to governors nationwide warning that states may need to take a more active role in defending critical infrastructure as cyber threats grow and federal cybersecurity programs face continued uncertainty. He encouraged them to conduct infrastructure audits, expand participation in regional threat-sharing organizations and identify under-resourced operators that need cyber assistance.

The effort comes as some lawmakers continue to scrutinize staffing reductions, budget cuts and program eliminations at CISA. State and local officials, cybersecurity groups and former officials have repeatedly warned that reducing federal support leaves smaller governments more vulnerable to ransomware and other cyberattacks, especially with midterm elections coming in November.

MS-ISAC was established in 2003 and has long served as one of the core hubs for cyber threat information sharing between federal agencies and state and local governments. Smaller jurisdictions often lean on the center for services they can’t afford to finance on their own.