Cybersecurity Grant Program
The federal government created the State and Local Cybersecurity Grant Program to provide funding over the next four years to help state and local governments:
- Address cybersecurity risks
- Strengthen cybersecurity of critical infrastructure
- Ensure resilience against persistent cyber threats to services governments provide their communities.
2023 Federal Award
The federal government has allocated about $374 million in funding, with up to $10.4 million for Pennsylvania.
The Commonwealth will continue to offer Intrusion Detection Service and Security Awareness Services, and will add the following:
- Security Incident and Event Management (SIEM): Software to help organizations identify, monitor, record, and analyze security events or incidents within a real-time IT environment.
- Vulnerability Management: A solution to scan, assess, and manage potential weaknesses in computer systems, networks, and applications that may be exploited by cyberattacks.
2022 Federal Award
The federal government allocated about $185 million in funding, with up to $5.2 million for Pennsylvania.
The Commonwealth will continue to offer Intrusion Detection Service and Security Awareness Services, and will add the following:
- Intrusion Detection Service: Systems placed on government networks and monitored 24/7 to identify intrusion attacks, alert key personnel, and report nationally on coordinated cyberattacks.
- Security Awareness Services: Employee training on information security best practices and identifying potential threats such as phishing attacks, the ability to send simulated phishing emails to employees, penetration testing services.
Previously, these services are made available to county governments through an expiring election security grant. Feedback from the counties taking advantage of these services has been positive, and the commonwealth has received requests to expand the services to school districts and municipal and city governments.
Federal Awards 2024-25
Local governments will be able to apply to the commonwealth to participate in cybersecurity projects identified by the committee. We will provide you with more information on how to apply at a later date. Local governments cannot apply directly to the federal government for funding.
Additional information regarding grant opportunities will be made available following federal approval of the commonwealth’s cybersecurity plan.
Background
Commonwealth agencies began planning in 2022 in anticipation of receiving the Notice of Funding Opportunity months before its release and had formed an initial Cybersecurity Planning Committee, led by the commonwealth’s Chief Information Security Officer.
The Cybersecurity Planning Committee will be responsible for:
- Ensuring that the commonwealth’s cybersecurity plan meets requirements
- Providing the framework to improve capabilities to respond to cybersecurity incidents
- Ensuring continuity of operations for government entities providing services to the residents of the commonwealth