The Infrastructure Investment and Jobs Act (IIJA) includes cybersecurity and will to hand out millions to state and local governments to help them improve their security posture and ward off future cyber threats.
Getting your entity’s share of the $185 million (for calendar year 2022), however, is more complicated than emailing the federal government or asking your state for some cash. With a deadline of Nov. 15 for states to establish a cybersecurity planning committee, it’s time for local governments and municipalities to prepare their organization, and budget, for the process ahead.
What is the State and Local Cybersecurity Grant Program (SLCGP)?
SLCGP is a part of the federal government’s Infrastructure Investment and Jobs Act, which is a monetary investment in various aspects of the country’s infrastructure. The program is designed to help entities “address cybersecurity risks and cybersecurity threats to information systems owned or operated by, or on behalf of, state, local, or tribal governments,” according to FEMA.
The funding total for 2022 is $185 million, with more money expected to come in 2023, and every state will receive some of the funds. The funds will be given to a state cybersecurity planning committee, and then that committee will disburse the funds among local and tribal governments.
Understanding the November 15 Deadline
The big date for this grant application process is November 15. That is the deadline for states to establish their cybersecurity planning committees and submit the membership of that committee to the federal government.
For the committee, Arctic Wolf recommends diversifying the membership so that many distinct roles are represented. In particular, states should make sure their committees include representatives from their various forms of local governments, including rural localities, as well as technical champions, education IT leaders, and more.
If you’re a local government entity hearing about this program for the first time, you’re not alone. Arctic Wolf polled attendees of a recent webinar and we found that 30% still didn’t know about the program, and 50% knew of it but hadn’t started working on their application or making plans. That’s okay — there’s still time.
What organizations need to do to prepare is:
- Put together your cybersecurity plan
- Sign up for CISA services including cyber hygiene services and the nationwide cybersecurity review
- Adjust your cybersecurity budget to be able to allocate for the 10% cost-matching portion.
None of this will be due until January 2023, but it’s important to prepare now to make sure your organization is ready.
In particular, keep that final item—budget matching, in mind. Many grants do have a cost-matching requirement, like the 10% mentioned above for this round of funding, but many organizations don’t always consider budget when applying for grants. And depending on your budget cycle, you may need to plan to allocate matching money well in advance of the grants being delivered.
We always encourage organizations to look at their budget as one piece of their cybersecurity architecture, and make sure they have funds set aside for items like this. It’s a one-time payment that could help your security posture many times over.
What Organizations Need to Do to Prepare for This Grant
There are a few action items that local governments need to consider for this program. We recommend:
- Identify stakeholders on the cybersecurity committee.
- Look for regional opportunities to connect the dots – multi-jurisdictional approaches will be encouraged.
- Track updated guidance. Leverage industry resources to help you track the funds and latest news.
- Start evaluating cybersecurity vendors who would support, implement and enhance your cybersecurity plan.
- Make sure your organization follows best practices for funding
For more on this grant process, we recommend viewing our webinar with GovTech, “Securing Your Organization’s Share of $1B in Cybersecurity Funding” with Joe Morris, Deputy Chief Innovation Officer at e.Republic.
How Arctic Wolf Can Help
As an established partner in the cybersecurity space, and one that works with local vendors and MSPs, Arctic Wolf understands how to make sure your government entity is not only in a strong position to receive the maximum amount of funds from these kinds of grants but can help your organization improve your security posture over time.
By combining cutting-edge technology with the human element, our solutions reduce cyber risk by highlighting vulnerabilities, improving security architecture, and working to monitor, detect, and remediate threats. We also have a history of working with local governments.
This round of funding is only the beginning of an ongoing flow of funding and program support that will transform how local governments secure their systems and their citizens. As you evaluate vendors to help build out your organization’s defenses, make sure you’re selecting a partner who will travel that security journey alongside you.
Learn more about our security operations.
Learn more about Arctic Wolf and government organizations.
And find detailed information on Securing Your Organization’s Share of $1B in Cybersecurity Funding.