Schumer Presses DHS to Accelerate AI Cyber Prep After MS-ISAC Funding Cut

Schumer sent a letter to Homeland Security Secretary Markwayne Mullin last week, urging closer coordination with state, local, tribal and territorial governments on AI cyber risks. He noted that the world is coming to grips with AI systems that may soon outperform humans at finding software vulnerabilities. The letter follows CISA's decision to withdraw federal support from MS-ISAC, which had been designated in 2010 as the primary hub for sharing cyber threat intelligence with SLTT entities. Without the grant, MS-ISAC now operates under a membership model where participants pay for access.

Schumer emphasized that there is no time to waste in preparing governments for AI-enabled cyber threats. He warned that AI could be capable of hacking critical infrastructure systems within a year. The funding cut to MS-ISAC forces the center to rely on membership fees, limiting its reach for many smaller jurisdictions. In the letter, Schumer asked DHS to deliver a plan for coordinating the nation's response to frontier AI-enabled hacking by July 1 and to nominate a new CISA leader.

For state and local security teams, the loss of federal funding reduces access to timely threat intelligence and shared analysis tools that have historically helped them detect and respond to incidents. Without a centralized hub, SLTT organizations may need to duplicate efforts or rely on commercial services, increasing costs and potentially slowing vulnerability disclosure. Schumer's push for a July 1 deadline signals congressional pressure on DHS to close the gap before AI tools become more widely available to adversaries.

Security leaders should prioritize real-time information sharing by joining MS-ISAC's membership or establishing bilateral feeds with neighboring jurisdictions. Implement AI-assisted vulnerability scanning tools that map findings to MITRE ATT&CK techniques such as T1059 (Command and Scripting Interpreter) and T1210 (Exploitation of Remote Services) to accelerate detection. Ensure critical systems are patched against known vulnerabilities (e.g., CVEs from the KEV catalog) and maintain offline backups for ransomware resilience. Conduct tabletop exercises focused on AI-generated phishing and exploit generation to validate response plans.