Schumer Urges DHS to Accelerate AI Cyber Defenses for State and Local Governments

TL;DR: Senator Chuck Schumer told DHS Secretary Markwayne Mullin that AI could enable hackers to breach critical infrastructure within a year and urged immediate action to strengthen state and local cyber defenses. He also criticized the recent cut to federal funding for the Multi‑State Information Sharing and Analysis Center (MS‑ISAC) as poorly timed given the rising AI threat.

Context: In a letter dated last week, Schumer asked Mullin to detail how DHS will coordinate with state, local, tribal and territorial governments on AI‑driven risk assessments, vulnerability sharing, and rapid patching. He cited Anthropic’s Claude Mythos Preview model, which demonstrated an ability to find software flaws with striking speed, as evidence that offensive AI tools are advancing faster than defensive capabilities. The senator warned that hospitals, power grids, water systems, schools and election infrastructure could be targeted before defenders can respond.

Key Facts: Schumer stated that AI may be capable of hacking critical systems within the next year, a statistic underscoring the urgency of his request. He quoted the need for DHS not to delay improving SLTT cybersecurity, emphasizing that waiting leaves communities exposed. He also noted that the federal decision to withdraw funding from MS‑ISAC is poorly timed because the center has historically served as the primary hub for sharing cyber threat intelligence with SLTT entities, a function now more vital as AI reshapes the threat landscape.

What It Means: For state and local IT teams, the letter signals an impending push for federal guidance on AI‑specific threat modeling and shared detection signatures. It also suggests that reliance on MS‑ISAC for alerts may diminish unless alternative information‑sharing mechanisms are funded, potentially increasing the burden on individual jurisdictions to monitor AI‑enabled exploits. The call for a CISA nominee and a coordinated response plan by July 1 sets a concrete deadline for federal action.

What Defenders Should Do: Prioritize patching of known vulnerabilities listed in CISA’s Known Exploited Vulnerabilities catalog, especially those affecting internet‑facing services. Deploy intrusion detection rules that target anomalous code‑generation behavior associated with large language models, using MITRE ATT&CK technique T1566.001 (Phishing: Spearphishing Attachment) adapted for AI‑generated lures. Establish regular tabletop exercises that simulate AI‑driven vulnerability discovery and rapid remediation, and participate in any emerging SLTT information‑sharing pilots that DHS may launch after the July deadline.

To watch next: Watch whether DHS releases a formal AI‑cyber coordination plan and nominates a CISA leader by the July 1 deadline, and how states respond to any new funding or sharing initiatives.