Feds praise states’ progress in halfway mark of cyber grant program

March 21, 2024
1 min read

TLDR:

Two years into the $1 billion State and Local Cybersecurity Grant Program, state and local governments are better prepared for cyber attacks. However, funding remains a challenge as under-resourced cybersecurity budgets struggle to keep up with mounting threats.

Article Summary

As the State and Local Cybersecurity Grant Program reaches its halfway mark, federal agencies laud states’ progress in improving cyber readiness. The program, funded with $1 billion from the infrastructure law, aims to help state and local governments combat the increasing wave of cyber attacks. States have used the grants to invest in long-term cybersecurity planning and implementing a whole-of-state approach. Although the program has been successful in making governments think about long-term planning and cyber resilience, it faces challenges such as increasing cost-sharing requirements for states.

While the federal government initially covered 90% of the program’s costs, states will gradually need to pick up more of the expenses. This could strain state budgets, especially as tax revenues decline and federal pandemic aid ends. Despite the challenges, the Federal Emergency Management Administration offers other cybersecurity grants for state and local governments to access. The State and Local Cybersecurity Grant Program is set to sunset at the end of 2025, and it is unlikely to be reauthorized. Grant applicants should focus on showing the impact of the funded projects to argue for continued funding. The program will release another Notice of Funding Opportunity later this summer for year three, and requirements for a separate Tribal Cybersecurity Grant Program will follow soon.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and