The federal government will be disbursing $1 billion in cybersecurity funds over the next four years through two grant programs — this one, and a separate, Tribal Cybersecurity Grant Program (TCGP). A separate NOFO is due out later for the tribal program, according to the Cybersecurity and Infrastructure Security Agency (CISA).
The federal government is making $183.5 million available under the SLCGP in FY 2022. Once states receive their SLCGP funds, they will need to deliver at least 80 percent of the monies to local governments, and at least 25 percent of that portion to “rural areas.”
CISA encourages states to register for an SLCGP award promptly, because “the registration process can take four weeks or more to complete.” Entities can submit applications at grants.gov.
Only state administrative agencies can apply for SLCGP grants, and CISA and FEMA will review the applications.
States cannot receive funds until they have established a statewide cybersecurity plan to guide their efforts, and ensure it meets certain criteria. The plans must be approved by the CIO, CISO or similar role and by a cybersecurity planning committee whose membership meets certain standards. For example, half of the committee’s members must have professional experience in cybersecurity or IT, and membership must represent key stakeholder groups like local government; public education; public health; and rural, suburban and “high-population” areas.
States’ grant applications “may include a completed cybersecurity plan, capabilities assessment and individual projects approved by the cybersecurity planning committee and CIO/CISO/equivalent,” CISA states.
Even so, lack of all these pieces should not hold back applications: “Entities without a completed plan are encouraged to apply and complete it in Year One.”
FIND OUT MORE