2022 Cybersecurity Grant Update

research-top

Springbrook Research Institute

2022 Cybersecurity Grant Update

The Springbrook Research Institute has been documenting the Cybersecurity Grant for months, and we’ve finally received the Notice of Funding Opportunity (NOF). This means that the process for applying for the $185.5 million under the State and Local Cybersecurity Grant (SLCPG) has begun.

“There is tremendous potential in this grant program for investments in sound cyber security practices, and we look forward to working with DHS, states and other stakeholders to deploy these resources in a timely, efficient and effective manner,” says Doug Robinson, Executive Director of NASCIO. A Springbrook Research Interview with Doug can be found here.

According to GovTech, “Once states receive their SLCGP funds, they will need to deliver at least 80 percent of the monies to local governments, and at least 25 percent of that portion to “rural areas.” CISA encourages states to register for an SLCGP award promptly, because “the registration process can take four weeks or more to complete.” Entities can submit applications at grants.gov. Only state administrative agencies can apply for SLCGP grants, and CISA and FEMA will review the applications.”

Fund disbursement begins at the state level and is dependent on a state establishing cybersecurity plan. According to the Cybersecurity and Infrastructure Agency (CISA):

“DHS will implement the SLCGP Grant Program through CISA and the Federal Emergency Management Agency (FEMA). While CISA will serve as the subject-matter expert in cybersecurity related issues, FEMA will provide grant administration and oversight for appropriated funds, including award and allocation of funds to eligible entities, financial management and oversight of funds execution.

The program is designed to put the funding where it is needed most: into the hands of local entities. States and territories will use their State Administrative Agencies (SAAs) to receive the funds from the Federal Government and then distribute the funding to local governments in accordance with state law/procedure.  This is the same way in which funding is distributed to local governments in the Homeland Security Grant Program.” This information can be found here.

 

Key requirements of this program include (source – CISA):

  • Understanding the application process and timeline: Eligible entities can submit an application via Grants.gov. Applications may include a completed Cybersecurity Plan, capabilities assessment and individual projects approved by the Cybersecurity Planning Committee and CIO/CISO/equivalent.  Entities without a completed plan are encouraged to apply and complete it in Year One.
  • Building a cybersecurity planning committee: Eligible entities can form their cybersecurity planning and can create Cybersecurity Plans (in accordance with the minimum requirements as stated in the State and Local Cybersecurity Improvement Act), which are a requirement for receiving grant funds.
  • Creating a cybersecurity plan: The Cybersecurity Plan is a statewide planning document that must be approved by the Cybersecurity Planning Committee and the CIO/CISO equivalent. The Plan will be subsequently updated in FY24 and 25.

The Springbrook Research Institute will continue to publish updates as they become available. Please contact your sales rep for additional information.