Cybersecurity Grant Program
The federal government created the State and Local Cybersecurity Grant Program to help state and local governments:
- Address cybersecurity risks
- Strengthen cybersecurity of critical infrastructure
- Ensure resilience against persistent cyber threats to services governments provide their communities.
Year 1
There are just 60 days between the Notice of Funding Opportunity and the application submittal date of November 15, 2022, that was set by the U.S. Department of Homeland Security.
Therefore, the focus of Year 1 will be on continuing and expanding the cybersecurity prevention tools/services already in place throughout the commonwealth. These prevention tools/services include:
- Intrusion detection systems placed on government networks and monitored 24/7 to identify intrusion attacks, alert key personnel, and report nationally on coordinated cyberattacks.
- Employee training on how to prevent cyber system breaches and phishing, and penetration testing services.
Currently, these services are made available to county governments through an expiring election security grant. Feedback from the counties taking advantage of these services has been positive, and the commonwealth has received requests to expand the services to school districts and municipal and city governments.
This approach will provide sustainability for preventative services already in place, and will allow the planning committee to focus on developing a competitive grant program for the second through fourth years of the State and Local Cybersecurity Grant Program.
Years 2-4
Local governments will be able to apply to the commonwealth to participate in cybersecurity projects identified by the committee. We will provide you with more information on how to apply at a later date.
Additional information regarding grant opportunities will be made available following federal approval of the commonwealth’s cybersecurity plan.
Background
Commonwealth agencies began planning in anticipation of receiving the Notice of Funding Opportunity months before its release and had formed an initial Cybersecurity Planning Committee, led by the Commonwealth’s Chief Information Security Officer.
With the release of the NOFO, the Cybersecurity Planning Committee was formed to include multiple state agencies and governmental associations.
The Cybersecurity Planning Committee will be responsible for:
- Ensuring that the commonwealth’s Cybersecurity Plan meets requirements
- Providing the framework to improve capabilities to respond to cybersecurity incidents
- Ensuring continuity of operations for government entities providing services to the residents of the commonwealth