Tribal-ISAC Cybersecurity Report Highlights for Tribal Nations

Tribal-ISAC cybersecurity report Tribal Nations cyber resilience CISA cyber risks tribal cybersecurity
Edward Zhou
Edward Zhou

CEO & Co-Founder

 
October 2, 2025 3 min read

Tribal-ISAC Cybersecurity Report Release

The Tribal Information Sharing and Analysis Center (Tribal-ISAC) released its first report, "The Pulse – The State of Cybersecurity Within Tribal Nations," during the annual TribalNet Conference and Tradeshow in early September. This report was developed with input from TribalHub and presents vital cybersecurity insights gathered from multiple sources including the 2025 "Tribal Cybersecurity" survey, TribalHub's "How Prepared is Your Tribe for AI?" survey, and Gate 15's CHIEF and NATIVE Reports.

Adam Gruszcynski, a Steering Committee Member of Tribal-ISAC and IT Director at Potawatomi Casino Hotel, stated, "The Pulse provides something we’ve never had before — data-driven insight into the real cyber risks facing Tribal Nations." This report aims to equip leaders with the information necessary to advocate for resources essential for safeguarding tribal sovereignty.

Key findings from the report include:

  • Over two-thirds of responding tribes have zero or only one dedicated cybersecurity staff member.
  • More than 60% allocate less than 20% of their technology budget toward cybersecurity.
  • 73% of respondents expect increased cybersecurity spending in 2026, while only 1% anticipate a decrease.
  • 74% of organizations reported no federal or state cybersecurity grants received in 2025.

Toni Pepper, another Steering Committee Member, emphasized the importance of these findings, saying, "By sharing these findings, we hope to raise awareness of the underlying risk factors that compromise tribal cyber resilience and collective solutions that strengthen cybersecurity for all tribal governments and enterprises."

For more information, visit Tribal-ISAC and learn about their initiatives.

CISA Tribal Affairs

The Cybersecurity and Infrastructure Security Agency (CISA) collaborates with partners to enhance the safety and resilience of critical infrastructure for Native American and Alaska Native tribes. CISA provides various resources and tools aimed at bolstering the resilience of critical infrastructure, including improved communications and enhanced cybersecurity posture.

CISA's services focus on technical assistance, advocacy, and coordination. The agency recognizes the diversity within tribal communities and aims to tailor its approach to meet individual needs.

Key CISA initiatives include:

  • Tribal Emergency Communications: This program supports tribes in strengthening public safety communications.
  • CISA Services: An all-in-one resource that provides access to information on various services offered by CISA.
  • Physical Security: Focuses on protecting communities by addressing a broad range of physical security threats.
  • Chemical Security: Aims to prevent the misuse of chemicals in terrorist activities.

For more details, access CISA Services and Tribal Emergency Communications.

Tribal-ISAC Mission and Objectives

The mission of Tribal-ISAC is to bolster the cybersecurity posture of tribes by fostering a cooperative environment for sharing threat information and best practices. As a division of the not-for-profit Tribal Share, Inc., it serves as a platform for Native American tribal governments to enhance their security measures.

Objectives of Tribal-ISAC include:

  • Facilitating secure sharing of security threat information among tribes.
  • Improving overall security posture to safeguard critical infrastructure.
  • Providing access to federal, state, and local resources that support tribal resilience.

For more information on the objectives and initiatives, visit the Tribal-ISAC Steering Committee and Tribal Share Board Members.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions.

Related News

CVE-2025-15467: Critical OpenSSL RCE and DoS Vulnerability Overview
OpenSSL vulnerability

CVE-2025-15467: Critical OpenSSL RCE and DoS Vulnerability Overview

Urgent: OpenSSL 3.x vulnerable to CVE-2025-15467, enabling pre-auth RCE. Learn affected versions, impact, and immediate mitigation steps. Protect your systems now!

By Divyansh Ingle March 10, 2026 4 min read
common.read_full_article
SolarWinds Patches Critical Web Help Desk RCE Vulnerabilities Now
SolarWinds Web Help Desk

SolarWinds Patches Critical Web Help Desk RCE Vulnerabilities Now

Critical RCE & Auth Bypass flaws in SolarWinds Web Help Desk are fixed! Don't risk it. Update to v2026.1 now to protect your systems. Learn more.

By Edward Zhou March 9, 2026 4 min read
common.read_full_article
AI vs Human Hackers: Who Prevails in 2026 Pen Testing?
AI hacking

AI vs Human Hackers: Who Prevails in 2026 Pen Testing?

Discover the results of a groundbreaking study comparing AI agents and human hackers in web vulnerability exploitation. See who prevails and what it means for your security. Read now!

By Jim Gagnard March 6, 2026 6 min read
common.read_full_article
Vulnerability Exploits Lead Cyber Intrusions in 2026 Trends
vulnerability exploits

Vulnerability Exploits Lead Cyber Intrusions in 2026 Trends

Exploits are now the top intrusion method, outpacing phishing. Discover why rapid vulnerability patching is critical and how to bolster your defenses. Read more!

By Edward Zhou March 4, 2026 4 min read
common.read_full_article