Tribal-ISAC Cybersecurity Report Highlights for Tribal Nations

Tribal-ISAC cybersecurity report Tribal Nations cyber resilience CISA cyber risks tribal cybersecurity
Edward Zhou
Edward Zhou

CEO & Co-Founder

 
October 2, 2025
3 min read

Tribal-ISAC Cybersecurity Report Release

The Tribal Information Sharing and Analysis Center (Tribal-ISAC) released its first report, "The Pulse – The State of Cybersecurity Within Tribal Nations," during the annual TribalNet Conference and Tradeshow in early September. This report was developed with input from TribalHub and presents vital cybersecurity insights gathered from multiple sources including the 2025 "Tribal Cybersecurity" survey, TribalHub's "How Prepared is Your Tribe for AI?" survey, and Gate 15's CHIEF and NATIVE Reports.

Adam Gruszcynski, a Steering Committee Member of Tribal-ISAC and IT Director at Potawatomi Casino Hotel, stated, "The Pulse provides something we’ve never had before — data-driven insight into the real cyber risks facing Tribal Nations." This report aims to equip leaders with the information necessary to advocate for resources essential for safeguarding tribal sovereignty.

Key findings from the report include:

  • Over two-thirds of responding tribes have zero or only one dedicated cybersecurity staff member.
  • More than 60% allocate less than 20% of their technology budget toward cybersecurity.
  • 73% of respondents expect increased cybersecurity spending in 2026, while only 1% anticipate a decrease.
  • 74% of organizations reported no federal or state cybersecurity grants received in 2025.

Toni Pepper, another Steering Committee Member, emphasized the importance of these findings, saying, "By sharing these findings, we hope to raise awareness of the underlying risk factors that compromise tribal cyber resilience and collective solutions that strengthen cybersecurity for all tribal governments and enterprises."

For more information, visit Tribal-ISAC and learn about their initiatives.

CISA Tribal Affairs

The Cybersecurity and Infrastructure Security Agency (CISA) collaborates with partners to enhance the safety and resilience of critical infrastructure for Native American and Alaska Native tribes. CISA provides various resources and tools aimed at bolstering the resilience of critical infrastructure, including improved communications and enhanced cybersecurity posture.

CISA's services focus on technical assistance, advocacy, and coordination. The agency recognizes the diversity within tribal communities and aims to tailor its approach to meet individual needs.

Key CISA initiatives include:

  • Tribal Emergency Communications: This program supports tribes in strengthening public safety communications.
  • CISA Services: An all-in-one resource that provides access to information on various services offered by CISA.
  • Physical Security: Focuses on protecting communities by addressing a broad range of physical security threats.
  • Chemical Security: Aims to prevent the misuse of chemicals in terrorist activities.

For more details, access CISA Services and Tribal Emergency Communications.

Tribal-ISAC Mission and Objectives

The mission of Tribal-ISAC is to bolster the cybersecurity posture of tribes by fostering a cooperative environment for sharing threat information and best practices. As a division of the not-for-profit Tribal Share, Inc., it serves as a platform for Native American tribal governments to enhance their security measures.

Objectives of Tribal-ISAC include:

  • Facilitating secure sharing of security threat information among tribes.
  • Improving overall security posture to safeguard critical infrastructure.
  • Providing access to federal, state, and local resources that support tribal resilience.

For more information on the objectives and initiatives, visit the Tribal-ISAC Steering Committee and Tribal Share Board Members.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions.

Related News

NIST Standards Drive 2026 Mandates for Securing AI Infrastructure and Model Context Protocol Deployments
NIST AI Risk Management Framework

NIST Standards Drive 2026 Mandates for Securing AI Infrastructure and Model Context Protocol Deployments

Prepare for 2026 NIST AI mandates. Learn how to secure autonomous agents and Model Context Protocol (MCP) deployments against evolving enterprise security threats.

By Alan V Gutnov June 11, 2026 6 min read
common.read_full_article
Active Directory Certificate Services Now Supports Post-Quantum Cryptography for Windows Environments
Post-Quantum Cryptography AD CS

Active Directory Certificate Services Now Supports Post-Quantum Cryptography for Windows Environments

Microsoft adds Post-Quantum Cryptography (PQC) to AD CS. Learn how ML-DSA and hybrid key exchanges protect Windows environments against Harvest Now, Decrypt Later.

By Edward Zhou June 12, 2026 4 min read
common.read_full_article
Enterprises Face 2026 Deadline for NIST-Compliant Post-Quantum Cryptography Migration and Infrastructure Readiness
NIST post-quantum cryptography standards 2026

Enterprises Face 2026 Deadline for NIST-Compliant Post-Quantum Cryptography Migration and Infrastructure Readiness

Is your enterprise ready for the 2026 NIST PQC deadline? Learn how to mitigate Harvest Now, Decrypt Later threats and update your infrastructure to quantum-resistant standards.

By Brandon Woo June 10, 2026 7 min read
common.read_full_article
Cloud and Zero Trust Architecture Adoption Accelerate Modernization of Industrial Control Systems Security
industrial control systems zero trust

Cloud and Zero Trust Architecture Adoption Accelerate Modernization of Industrial Control Systems Security

Explore how Zero Trust Architecture and cloud adoption are transforming Industrial Control Systems (ICS) security to mitigate modern cyber threats.

By Alan V Gutnov June 9, 2026 4 min read
common.read_full_article