Cybersecurity investments have been a critical need for governments and other organizations across the country. With the growing occurrence of ransomware attacks, it’s paramount that public sector entities ensure that their sensitive data and their critical operations are secure. The funding to make these necessary investments has often been difficult to find. Luckily, the Infrastructure Investment and Jobs Act (IIJA) will dedicate over $1.2 billion to enhance state, local and tribal governments’ cybersecurity preparedness. Each of these new programs is designed to fund different types of cybersecurity projects. Below, we detail some of these programs and highlight some additional funding opportunities that will support your organization’s cybersecurity needs.

 

It is exciting that the State of Michigan will have around $20 million dollars to direct towards new initiatives and programs. By putting these funds towards high-priority projects, we can quickly make a meaningful difference to the most important portions of our State.”

Kevin Hayes, CISO, Merit Network

 

IIJA Cybersecurity Funding

State and Local Cybersecurity Grant Program
The State and Local Cybersecurity Grant (SLCGP) is the first federal grant program dedicated exclusively to improving America’s cybersecurity posture. SLCGP will support projects that address cybersecurity risks and that implement plans to combat threats from foreign or domestic terrorists. A total of $1 billion will be available through this program over the next four years, with $200 million available in Fiscal Year 2022. The Federal Emergency Management Agency (FEMA) will distribute funds to states, territories and tribes by formula. Each recipient must then create a cybersecurity planning committee to determine how they will use their grant funds. Afterward, local governments will apply to their state to request funding for cybersecurity projects.

Ultimately, each state is responsible for deciding what kinds of cybersecurity solutions will be eligible for funding. SLCGP is expected to open to states, tribes, and territories in the third quarter (July, August, or September) of 2022.

Rural and Municipal Utility Advanced Cybersecurity Grant & Technical Assistance
The Rural and Municipal Utility Advanced Cybersecurity Grant & Technical Assistance program (administered by the Department of Energy), will provide funding and technical assistance to electric utility providers to prevent, respond to, and recover from cyber-attacks. A total of $250 million is dedicated to this program from 2022 through 2026. Eligible applicants include rural electric cooperatives, municipally owned electric utilities, other state-owned utilities, and small investor-owned utilities. This program is expected to open in the fourth quarter (October, November, or December) of 2022.

Cyber Response and Recovery Fund
The upcoming Cyber Response and Recovery Fund is not a traditional grant program, but rather an emergency response fund. A total of $100 million was allocated to this program over the next 5 years, with $20 million available in 2022. The Cybersecurity and Infrastructure Security Agency (CISA)  will distribute these funds to affected governments following an emergency declaration from the Department of Homeland Security (DHS). After the declaration has been made, these funds will be administered to states, local governments, tribal governments, and additional private and public entities as determined by CISA and DHS. As of June 2022, CISA has not yet announced when these funds will be available.

Other Cybersecurity Funding

Existing grant programs such as the State Homeland Security Program (SHSP), the Emergency Management Preparedness Grant (EMPG) also include cybersecurity as an allowable expense. Cybersecurity measures alone will usually not receive funding, but can be allowed as part of a larger project such as preparing for and preventing terrorist attacks on the country’s infrastructure.

Stimulus Funding

ARP: Coronavirus State and Local Fiscal Recovery Funds
Governments can also use their Coronavirus State and Local Fiscal Recovery Funds to implement much-needed cybersecurity measures. In total, $350 billion was dispersed to states and to local governments. These funds will support cybersecurity solutions as part investments in water, sewer, and broadband infrastructure. The Fiscal Recovery Funds will also support cybersecurity modernization that is aimed at modernizing and protecting government services.

Cybersecurity for Research and Education

Outside of grants for cybersecurity implementation, there are also several opportunities to support cybersecurity research and education. These programs focus on innovation in cybersecurity approaches and develop the future of cybersecurity strategy and workforce. Most of these grant programs are funded by the National Science Foundation (focused on basic science/engineering research and education) or the Department of Defense (focused on research and education connected to national security). Cybersecurity research projects should focus on the development of the next generation of cybersecurity tools and resources to protect a variety of different cyberinfrastructures. Cybersecurity education projects can focus on the development of skills for students anywhere from K-12 through graduate degrees and should help prepare them to explore cybersecurity topics or get the necessary training to have careers in cybersecurity fields.

 

Next Steps

Interested in learning more about the grant funding landscape for cybersecurity? Grants Office, LLC assists public sector entities in all aspects of their grant seeking efforts, from funder prospecting, grant writing, along with proposal review and editing. Contact [email protected] for more information.