Priorities Podcast – "State, Local Government Cyber's 'New Normal'"

Host: Colin Wood (StateScoop Editor in Chief)
Guests: Carlos Kazee (SVP, MS-ISAC Strategy & Plans, Center for Internet Security), John Cohen (Executive Director, Office of Strategic Programs & Initiatives, CIS)
Date: February 11, 2026

Episode Overview

This episode explores the transformative challenges and adaptations facing state, local, tribal, and territorial (SLTT) governments in the landscape of cybersecurity for 2026. Focused on the aftermath of the Center for Internet Security (CIS) losing federal funding and its shift to a paid membership model, the discussion highlights the evolving cyber "new normal" in government. The episode also delves into multidimensional threats, collective defense, funding realities, and the cybersecurity risks associated with large national and global events.

Key Discussion Points & Insights

The ‘New Normal’ in SLTT Cybersecurity

[01:23 - 03:45]

Greater Sophistication of Threats: Threat actors, both foreign and domestic (nation-states, terrorist groups, criminal organizations), now routinely leverage technology and Internet-based communications for complex operations.
Resource Constraints: Many SLTTs are adjusting to a “reduced funding” environment, requiring innovative prioritization and resilience (B: “Our members...are doing the absolute best they can with the resources that they provide to protect their data, their networks, their systems and their citizens' interests.” – Carlos Kazee, [01:42]).
Law Enforcement Lag: The pace of threat evolution has outstripped adaptation efforts. CIS is supporting education, tool provision, and awareness to bridge this gap.

"Law enforcement has been a little bit slow in adapting their investigative and threat mitigation activities... we’re working very closely to make them more aware of how the threat is evolving, often at Internet speed..." – John Cohen, [02:23]

CIS’s Shift to Paid Membership & Funding Realities

[03:45 – 11:31]

Federal Funding Loss Recap: The federal government ceased funding for SLTT memberships in MS-ISAC (Multi-State Information Sharing and Analysis Center), forcing CIS to require direct membership payments.
New Payment Models: CIS introduced a flexible fee structure:
- State-wide memberships cover all local constituents with one payment.
- Single-organization memberships remain, with hardship waivers for those under $25M annual budget.
"We’ve had just under 200 organizations take advantage of [the hardship waiver]... we'd encourage any organization...not covered by a statewide purchase to reach out to us." – Carlos Kazee, [09:46]
Continuity of Mission: Despite financial restructuring, CIS maintains a central coordination role and strategic partnerships.
Participation Rates: 24 states have already joined under statewide or state-only memberships; a significant success given abrupt funding changes.

Collective Defense & Community Resilience

[11:31 – 12:01]

Importance of Collaboration:

“The concept of collective defense where state, local, tribal governments, private sector entities working with the federal authorities has become fundamental to our ability to protect our nation as a whole, but our communities specifically.” – John Cohen, [11:38]

Evolving Threat Landscape: Beyond Technology

[12:01 – 14:27]

Multidimensional Threats: Not just “IT problems,” but integrated cyber-physical threats, information operations, and emergent tactics.
- Example: A denial-of-service cyberattack disabling a 911 center in tandem with a physical attack.
- Recognizing these causal links is essential for effective preparedness.
“From my perspective the biggest shift in focus is tying that which is taking place in the digital world to that which is occurring in the physical world...” – John Cohen, [13:22]

The Cybersecurity Challenges of Large Special Events

[14:28 – 21:48]

Comprehensive Risk Management:
- Sporting events, conventions, concerts (Super Bowl, Olympics, World Cup) as attractive targets for mass casualties, disruptions, and attention-seeking by threat actors.
- Threats encompass: physical attacks, drone intrusions, crowd disorder/hooliganism, cyberattacks, information warfare, social engineering, fraud, and infrastructural sabotage.
- Cyberattacks on the Olympics and other global events now run into hundreds of targeted attempts.
- Events pose risks not only at the venues but regionally—hotels, transit, critical infrastructure.
Key Considerations for State Cybersecurity Officials:
- Awareness and hardening of defenses against current tactics and vulnerabilities, especially for hosting regions.
- Collaborative preparation: law enforcement, election officials, emergency management, school networks, and more.
“It goes well beyond just the city where the event is taking place… it’s the region.” – John Cohen, [19:36] “We’re working in strong partnership with some awesome organizations... We’re all focused on the same problem set and we’re excited to be a part of that.” – Carlos Kazee, [21:33]

Expanding the Cybersecurity Mindset

[21:48 – 23:08]

Operational, Not Just Technical, Preparedness:
- Cyber risk is now existential for SLTT government continuity and public safety, not just a concern for IT.
- Prolonged systems outages can paralyze emergency services.
"You can no longer afford to think of cybersecurity as something simply your IT department or your CISO is going to take care of. You have to understand that it threatens your ability to provide emergency and non emergency service." – John Cohen, [22:14]

Memorable Quotes & Timestamps

On the Adjustment to Reduced Funding:

"We're going through another cycle, another series of new normal… I'm just really proud of how our members...are doing the absolute best they can with the resources they provide to protect their data, their networks, their systems, and their citizens' interests."
– Carlos Kazee, [01:31]
Threat Evolution and Internet Speed:

"Threat actors are using these technological tools...carrying out a broad range of threat related and criminal activity, whether it's human trafficking, drug smuggling, terrorist attacks..."
– John Cohen, [02:14]
On the Hardship Model:

“We would encourage any organization that is interested in Ms. ISAC membership not covered by a statewide purchase to reach out to us, particularly organizations...under $25 million of annual operating budget.”
– Carlos Kazee, [10:20]
The Physical-Digital Nexus:

“The biggest shift in focus is tying that which is taking place in the digital world to that which is occurring in the physical world...”
– John Cohen, [13:22]
Cybersecurity Beyond IT:

“You can no longer afford to think of cybersecurity as something simply your IT department or your CISO is going to take care of.”
– John Cohen, [22:14]

Timeline of Important Segments

| Timestamp | Segment | |------------|-----------------------------------------------------------| | 01:23 | Introduction to SLTT “new normal” and threat environment | | 02:08 | Commentary on threat actor sophistication | | 03:45 | Shift to paid CIS membership; funding challenges | | 08:43 | Discussion of membership costs and hardship waivers | | 11:31 | Emphasizing collective cyber defense | | 12:24 | Evolving threat landscape: cyber-physical nexus | | 14:28 | Cybersecurity for large special events | | 21:48 | Expanding cybersecurity awareness in government | | 22:14 | Quote on cybersecurity as an operational concern |

Conclusion & Takeaways

The end of federal support for the Center for Internet Security's programs has catalyzed a rapid evolution in state and local government cybersecurity strategies, forcing resourcefulness, increased collaboration, and a hard look at what “collective defense” really means. Multidimensional threats and high-profile events compound the challenge, making cyber risk a central operations concern for every department—not just IT.

Final message: State, local, tribal, and territorial leaders must embrace shared responsibility, operational vigilance, and collective preparedness to defend citizens and infrastructure in this new era.

Priorities Podcast – "State, Local Government Cyber's 'New Normal'"

Episode Overview

Key Discussion Points & Insights

The ‘New Normal’ in SLTT Cybersecurity

[01:23 - 03:45]

Greater Sophistication of Threats: Threat actors, both foreign and domestic (nation-states, terrorist groups, criminal organizations), now routinely leverage technology and Internet-based communications for complex operations.
Resource Constraints: Many SLTTs are adjusting to a “reduced funding” environment, requiring innovative prioritization and resilience (B: “Our members...are doing the absolute best they can with the resources that they provide to protect their data, their networks, their systems and their citizens' interests.” – Carlos Kazee, [01:42]).
Law Enforcement Lag: The pace of threat evolution has outstripped adaptation efforts. CIS is supporting education, tool provision, and awareness to bridge this gap.

"Law enforcement has been a little bit slow in adapting their investigative and threat mitigation activities... we’re working very closely to make them more aware of how the threat is evolving, often at Internet speed..." – John Cohen, [02:23]

CIS’s Shift to Paid Membership & Funding Realities

[03:45 – 11:31]

Federal Funding Loss Recap: The federal government ceased funding for SLTT memberships in MS-ISAC (Multi-State Information Sharing and Analysis Center), forcing CIS to require direct membership payments.
New Payment Models: CIS introduced a flexible fee structure:
- State-wide memberships cover all local constituents with one payment.
- Single-organization memberships remain, with hardship waivers for those under $25M annual budget.
"We’ve had just under 200 organizations take advantage of [the hardship waiver]... we'd encourage any organization...not covered by a statewide purchase to reach out to us." – Carlos Kazee, [09:46]
Continuity of Mission: Despite financial restructuring, CIS maintains a central coordination role and strategic partnerships.
Participation Rates: 24 states have already joined under statewide or state-only memberships; a significant success given abrupt funding changes.

Collective Defense & Community Resilience

[11:31 – 12:01]

Importance of Collaboration:

“The concept of collective defense where state, local, tribal governments, private sector entities working with the federal authorities has become fundamental to our ability to protect our nation as a whole, but our communities specifically.” – John Cohen, [11:38]

Evolving Threat Landscape: Beyond Technology

[12:01 – 14:27]

Multidimensional Threats: Not just “IT problems,” but integrated cyber-physical threats, information operations, and emergent tactics.
- Example: A denial-of-service cyberattack disabling a 911 center in tandem with a physical attack.
- Recognizing these causal links is essential for effective preparedness.
“From my perspective the biggest shift in focus is tying that which is taking place in the digital world to that which is occurring in the physical world...” – John Cohen, [13:22]

The Cybersecurity Challenges of Large Special Events

[14:28 – 21:48]

Comprehensive Risk Management:
- Sporting events, conventions, concerts (Super Bowl, Olympics, World Cup) as attractive targets for mass casualties, disruptions, and attention-seeking by threat actors.
- Threats encompass: physical attacks, drone intrusions, crowd disorder/hooliganism, cyberattacks, information warfare, social engineering, fraud, and infrastructural sabotage.
- Cyberattacks on the Olympics and other global events now run into hundreds of targeted attempts.
- Events pose risks not only at the venues but regionally—hotels, transit, critical infrastructure.
Key Considerations for State Cybersecurity Officials:
- Awareness and hardening of defenses against current tactics and vulnerabilities, especially for hosting regions.
- Collaborative preparation: law enforcement, election officials, emergency management, school networks, and more.
“It goes well beyond just the city where the event is taking place… it’s the region.” – John Cohen, [19:36] “We’re working in strong partnership with some awesome organizations... We’re all focused on the same problem set and we’re excited to be a part of that.” – Carlos Kazee, [21:33]

Expanding the Cybersecurity Mindset

[21:48 – 23:08]

Operational, Not Just Technical, Preparedness:
- Cyber risk is now existential for SLTT government continuity and public safety, not just a concern for IT.
- Prolonged systems outages can paralyze emergency services.
"You can no longer afford to think of cybersecurity as something simply your IT department or your CISO is going to take care of. You have to understand that it threatens your ability to provide emergency and non emergency service." – John Cohen, [22:14]

Memorable Quotes & Timestamps

On the Adjustment to Reduced Funding:

"We're going through another cycle, another series of new normal… I'm just really proud of how our members...are doing the absolute best they can with the resources they provide to protect their data, their networks, their systems, and their citizens' interests."
– Carlos Kazee, [01:31]
Threat Evolution and Internet Speed:

"Threat actors are using these technological tools...carrying out a broad range of threat related and criminal activity, whether it's human trafficking, drug smuggling, terrorist attacks..."
– John Cohen, [02:14]
On the Hardship Model:

“We would encourage any organization that is interested in Ms. ISAC membership not covered by a statewide purchase to reach out to us, particularly organizations...under $25 million of annual operating budget.”
– Carlos Kazee, [10:20]
The Physical-Digital Nexus:

“The biggest shift in focus is tying that which is taking place in the digital world to that which is occurring in the physical world...”
– John Cohen, [13:22]
Cybersecurity Beyond IT:

“You can no longer afford to think of cybersecurity as something simply your IT department or your CISO is going to take care of.”
– John Cohen, [22:14]

wavePod

State, local government cyber's 'new normal'

Get Free Podcast Summaries in Your Inbox

Pick Your Shows

Subscribe Free

Get Instant Summaries

Summary

Priorities Podcast – "State, Local Government Cyber's 'New Normal'"

Episode Overview

Key Discussion Points & Insights

The ‘New Normal’ in SLTT Cybersecurity

CIS’s Shift to Paid Membership & Funding Realities

Collective Defense & Community Resilience

Evolving Threat Landscape: Beyond Technology

The Cybersecurity Challenges of Large Special Events

Expanding the Cybersecurity Mindset

Memorable Quotes & Timestamps

Timeline of Important Segments

Conclusion & Takeaways

Summary

Priorities Podcast – "State, Local Government Cyber's 'New Normal'"

Episode Overview

Key Discussion Points & Insights

The ‘New Normal’ in SLTT Cybersecurity

CIS’s Shift to Paid Membership & Funding Realities

Collective Defense & Community Resilience

Evolving Threat Landscape: Beyond Technology

The Cybersecurity Challenges of Large Special Events

Expanding the Cybersecurity Mindset

Memorable Quotes & Timestamps

Timeline of Important Segments

Conclusion & Takeaways