Web Analytics

fundsforNGOs

Grants and Resources for Sustainability

You are here: Home / Latest Funds for NGOs and Calls for Proposals and Calls for Applications / 2023 State and Local Cybersecurity Grant Program – United States

2023 State and Local Cybersecurity Grant Program – United States

Deadline: 6-Oct-23

Applications are now open for the 2023 State and Local Cybersecurity Grant Program.

Objectives
  • The goal of SLCGP is to assist SLT governments with managing and reducing systemic cyber risk. This goal can be achieved over the course of the four years of SLCGP funding as applicants focus their Cybersecurity Plans, priorities, projects, and implementation toward addressing the SLCGP objectives. Once CISA confirms that a recipient has met their objective requirements for each fiscal year, the recipient moves to the next set of program objective(s).
  • In FY 2023, applicants are required to focus on addressing the following program objectives in their applications:
    • Objective 2: Understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments.
    • Objective 3: Implement security protections commensurate with risk.
    • Objective 4: Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility.
Priorities
  • Cybersecurity Plans, Committees and Charter
    • The Homeland Security Act of 2002, as amended by the BIL, requires SLCGP grant recipients to develop a Cybersecurity Plan, establish a Cybersecurity Planning Committee to support development of the plan, and identify projects to implement using SLCGP funding. With the FY 2022 SLCGP, recipients were directed to accomplish the following:
      • Establish a Cybersecurity Planning Committee;
      • Develop a state-wide Cybersecurity Plan, unless the recipient already has a state-wide Cybersecurity Plan; and
      • Use SLCGP funds to implement or revise a state-wide Cybersecurity Plan.
  • Cybersecurity Activities, Best Practices, Investments and Projects Cybersecurity Activities
    • The State Administrative Agency (SAA) must consult with its Chief Information Officer (CIO) and the Chief Information Security Officer (CISO) (or an equivalent official of the eligible entity) regarding the plans for allocating SLCGP funds. To support the FY 2023 SLCGP requirements, Cybersecurity Plans must include the following activities:
      • Conducting assessment and evaluations as the basis for individual projects throughout the life of the program; and
      • Adopting key cybersecurity best practices and consulting Cybersecurity Performance Goals (CPGs).
      • The CPGs are a prioritized subset of information technology and operational technology cybersecurity practices aimed at meaningfully reducing risks to both critical infrastructure operations and the American people.
      • These goals are applicable across all critical infrastructure sectors and are informed by the most common and impactful threats and adversary tactics, techniques, and procedures observed by CISA and its government and industry partners, making them a common set of protections that all critical infrastructure entities – from large to small – should implement.
  • Multi-Entity Projects
    • Multiple eligible entities (states or territories) can group together to address cybersecurity risks and threats to information systems within the states and territories which are the eligible entities. There is no separate funding for multi-entity projects. Instead, these investments would be considered as group projects: each group member contributing an agreed-upon funding amount from their SLCGP award to the overall project. Each group member’s financial contribution is then funded from their individual SLCGP award. Each participating state or territory in the group should include the multi-entity project in their individual IJ submissions with their application. It is expected that IJs for multi-entity projects will be almost identical. Any differences should reflect alignment with the entities’ respective Cybersecurity Plan.
    • Multi-Entity Project Benefits
      • A multi-entity project is funded from each participating state or territory group members’ SLCGP award in accordance with their agreed-upon contribution amounts. Since the multi entity group may be comprised of state and territory governments, each can benefit from information sharing and awareness opportunities. Multi-entity projects may permit smaller state and territory entities to combine resources with larger state and territory entities to reap the benefits associated with larger acquisitions. At the same time, all parties to a multi-entity project may realize cost savings due to volume purchases.
  • Imminent Cybersecurity Threat
    • SLCGP is primarily a security preparedness program focused on reducing cyber risks by helping SLT entities address cybersecurity vulnerabilities and build cybersecurity capabilities. Over time, the program activities and investments reduce the potential impact of cybersecurity threats and incidents.
Award Information
  • Available Funding for the NOFO: $374,981,324
  • All 50 States, the District of Columbia, and the Commonwealth of Puerto Rico will receive a minimum of $4,082,282 each, equaling 1% of total funds appropriated to DHS in FY 2023.
  • Each of the four territories (American Samoa, Guam, the Northern Mariana Islands, and the U.S. Virgin Islands) will receive a minimum of $1,020,570, equaling 0.25% of the total funds appropriated to DHS in FY 2023. $79,310,190, 50% of the remaining amount, will be apportioned based on the ratio that the population of each state or territory bears to the population of all states and territories.
  • The remaining $79,310,190, equaling the other 50% of the remaining amount, will be apportioned based on the ratio that the population of each state that resides in rural areas bears to the population of all states that resides in rural areas.
  • Projected Number of Awards: 56
  • Period of Performance: 48 months
  • Projected Period of Performance Start Date(s): Dec. 1, 2023
  • Projected Period of Performance End Date(s): Nov. 30, 2027
Eligible Applicants
  • All 56 states and territories, including any state of the United States, the District of Columbia, the Commonwealth of Puerto Rico, the U.S. Virgin Islands, Guam, American Samoa, and the Commonwealth of the Northern Mariana Islands, are eligible to apply for SLCGP funds. The Governor-designated SLCGP SAA is the only entity eligible to submit SLCGP applications to DHS/FEMA.

For more information, visit Grants.gov.