Skip to content
National Association of Attorneys General
  • Issues
    • Issues
      • Anticorruption
      • Antitrust
      • Bankruptcy
      • Charities
      • Civil Law
    • Issues
      • Consumer Protection
      • Criminal Law
      • Cyber and Technology
      • Disaster Preparedness & Response
      • Elder Justice
    • Issues
      • Ethics
      • Human Trafficking
      • Medicaid Fraud
      • Opioids
      • Powers & Duties
    • Issues
      • Public Health
      • The U.S. Supreme Court
      • Tobacco
      • Veterans & Military
  • Our Work
    • Training & Research
    • Centers
      • Center for Supreme Court Advocacy
      • Center for Tobacco & Public Health
      • Center for Consumer Protection
    • Committees
    • Initiatives
      • Presidential Initiative
      • Strategic Partnerships
      • ConsumerResources.org
      • International Fellows
      • COVID-19
    • Bankruptcy
    • Policy & Advocacy
  • Events & Training
    • Event Calendar
    • Attorney General Symposium
    • Presidential Summit
    • Capital Forum
    • Region Meetings
    • CLE Credit
    • NAAG Trainings
    • Online Learning
    • NAMFCU Trainings
    • NAAG Faculty
  • News & Resources
    • Attorney General Journal
    • Reports & Publications
    • Newsroom
    • NAAG Policy Letters
    • Podcasts
    • Online Learning
    • Research & Data
    • Member Directory
  • Attorneys General
    • What Attorneys General Do
    • Who is my Attorney General?
    • Attorneys General Office 101
    • Research & Data
    • Awards & Recognition
    • Careers in Attorney General Offices
    • Careers in Medicaid Fraud Control Units
  • About NAAG
    • NAAG Staff
    • NAAG Leadership
    • NAAG Member Services
    • NAAG Regions
    • NAAG FAQs
    • SAGE
    • NAMFCU
    • Newsroom
    • Careers at NAAG
  • Find my AG
  • About NAMFCU
    • About the Medicaid Fraud Control Units
    • Reporting Fraud and Abuse
    • MFCU Member Hub
    • Careers with a MFCU
  • Contact Us
National Association of Attorneys General
  • Find My AG
  • Consumer Complaints
  • Member Benefits
  • Contact Us
Log In
  • Issues
    • Issues
      • Anticorruption
      • Antitrust
      • Bankruptcy
      • Charities
      • Civil Law
    • Issues
      • Consumer Protection
      • Criminal Law
      • Cyber and Technology
      • Disaster Preparedness & Response
      • Elder Justice
    • Issues
      • Ethics
      • Human Trafficking
      • Medicaid Fraud
      • Opioids
      • Powers & Duties
    • Issues
      • Public Health
      • The U.S. Supreme Court
      • Tobacco
      • Veterans & Military
  • Our Work
    • Training & Research
    • Centers
      • Center for Supreme Court Advocacy
      • Center for Tobacco & Public Health
      • Center for Consumer Protection
    • Committees
    • Initiatives
      • Presidential Initiative
      • Strategic Partnerships
      • ConsumerResources.org
      • International Fellows
      • COVID-19
    • Bankruptcy
    • Policy & Advocacy
  • Events & Training
    • Event Calendar
    • Attorney General Symposium
    • Presidential Summit
    • Capital Forum
    • Region Meetings
    • CLE Credit
    • NAAG Trainings
    • Online Learning
    • NAMFCU Trainings
    • NAAG Faculty
  • News & Resources
    • Attorney General Journal
    • Reports & Publications
    • Newsroom
    • NAAG Policy Letters
    • Podcasts
    • Online Learning
    • Research & Data
    • Member Directory
  • Attorneys General
    • What Attorneys General Do
    • Who is my Attorney General?
    • Attorneys General Office 101
    • Research & Data
    • Awards & Recognition
    • Careers in Attorney General Offices
    • Careers in Medicaid Fraud Control Units
  • About NAAG
    • NAAG Staff
    • NAAG Leadership
    • NAAG Member Services
    • NAAG Regions
    • NAAG FAQs
    • SAGE
    • NAMFCU
    • Newsroom
    • Careers at NAAG
  • Find my AG
  • About NAMFCU
    • About the Medicaid Fraud Control Units
    • Reporting Fraud and Abuse
    • MFCU Member Hub
    • Careers with a MFCU
  • Contact Us

NASCIO Perspective: The State and Local Cybersecurity Grant Program

Home / Cybersecurity and Privacy / NASCIO Perspective: The State and Local Cybersecurity Grant Program
July 5, 2022 Cybersecurity and Privacy
Share this

  • Alex Whitaker
    Director of Government Affairs
    National Association of State Chief Information Officers

The passage and signing into law of the Infrastructure Investment and Jobs Act (the Act) provided historic levels of funding to states, territories, tribes and localities to address pressing infrastructure needs. While “traditional” infrastructure priorities that include roads and bridges were a central focus of the bill, broadband expansion and cybersecurity concerns also garnered substantial attention.

Most important to state and local governments who are considering how to improve cybersecurity is the inclusion of the State and Local Cybersecurity Grant Program. This new program authorizes the appropriation of $1 billion between 2022-2025 for the Department of Homeland Security to award grants to state, local and tribal governments to address cybersecurity threats and risks to their information technology (IT) systems. The Act funds the program at $200 million in fiscal year (FY) 2022, $400 million in FY 2023, $300 million in FY 2024 and $100 million in FY 2025, with an increasing state match required for each year beginning at twenty percent.

The Act outlines some of the main provisions of the program, including the requirement that states submit a cybersecurity plan to the Cybersecurity and Infrastructure Security Agency (CISA). These plans must contain several elements, including an explanation of how the state will manage, monitor and track information systems, as well as an overview of how the state plans to enhance preparation, response and resiliency of IT systems against risks and threats and how it will utilize best practices. Additionally, state chief information officers (CIOs) and chief information security officers (CISOs) are designated as the primary officials to manage and allocate funding. Perhaps the most important requirement (and the one raising the most questions for states and localities) is the stipulation that 80 percent of funding go to local, tribal and territorial governments.

While the fundamentals of the program are outlined in the Act, key questions about its governance remain that cannot be answered until a Notice of Funding Opportunity (NOFO) and accompanying guidance is released by CISA. It is through this guidance that states will learn, among numerous other things, whether they can provide services to local entities as part of the program’s 80 percent pass-through requirement, what auditing and control measures will be implemented in connection with the funding, and whether extensions of key deadlines will be granted. While there is no firm date for issuance of the guidance, stakeholders are hopeful that it will be released sometime this summer.

In the meantime, states have not been simply waiting for federal action. Many have been proactive in the absence of this critical guidance and are already working on developing their cybersecurity plans. Most states are planning a “whole-of-government” approach to using the grant through which they hope to provide services to local entities that will strengthen cybersecurity infrastructure. They are working to identify the cybersecurity needs at the local level, bringing local governments and other stakeholders into the planning process and developing metrics and benchmarks to help ensure these grant dollars are used successfully. But until CISA provides guidance for the grant, it is unclear whether this approach will be allowed.

At a recent conference of the National Association of State Chief Information Officers (NASCIO) state participants were asked what a successful State and Local Cyber Grant Program would look like. Key factors for a successful program include:

  • Breaking down barriers between state and local government and fostering “the inertia of collaboration”
  • Eliminating—or at least significantly reducing—open cybersecurity workforce positions
  • Making localities aware of services offered by the state
  • Involving both the governor’s office and the legislature in plan development and execution
  • Developing metrics and data that can be used to establish how secure entities are from attacks
  • Cultivating a broader understanding of cybersecurity attacks as a business risk, where all stakeholders work to reduce intrusions and vulnerabilities
  • Planning for a program that is sustainable over the longer term and not focused solely on one-time investments

States don’t have time to wait to start thinking about how to keep their infrastructure and local governments safe from cyberattacks. They are forging ahead – coordinating across state agencies and with local governments to ensure that when the State and Local Cybersecurity Grant funds are made available, they’ll be put to immediate and effective use.

Related Posts

Related Posts

Data breach alert on laptop

Cybersecurity Fundamentals for Attorney General Offices

Hacking detected graphic, technology graphics, Ethical Duty of Technology Competence:

Tech Policy Year in Review

Ethical Hacking and State Cybercrime Laws: Legal and Policy Considerations for States

Connect with NAAG and the Attorney General Community

Create a NAAG account to subscribe to our newsletters or mailing lists.

Create Account
Subscribe
Marble columns and the top of a federal building

scroll to filters

White Logo for the National Association of Attorneys General

1850 M Street NW
12th floor
Washington, DC 20036

TEL 202-326-6000
EMAIL 

Youtube
  • Issues
    • Issues
      • Anticorruption
      • Antitrust
      • Bankruptcy
      • Charities
      • Civil Law
    • Issues
      • Consumer Protection
      • Criminal Law
      • Cyber and Technology
      • Disaster Preparedness & Response
      • Elder Justice
    • Issues
      • Ethics
      • Human Trafficking
      • Medicaid Fraud
      • Opioids
      • Powers & Duties
    • Issues
      • Public Health
      • The U.S. Supreme Court
      • Tobacco
      • Veterans & Military
  • Our Work
    • Training & Research
    • Centers
      • Center for Supreme Court Advocacy
      • Center for Tobacco & Public Health
      • Center for Consumer Protection
    • Committees
    • Initiatives
      • Presidential Initiative
      • Strategic Partnerships
      • ConsumerResources.org
      • International Fellows
      • COVID-19
    • Bankruptcy
    • Policy & Advocacy
  • Events & Training
    • Event Calendar
    • Attorney General Symposium
    • Presidential Summit
    • Capital Forum
    • Region Meetings
    • CLE Credit
    • NAAG Trainings
    • Online Learning
    • NAMFCU Trainings
    • NAAG Faculty
  • News & Resources
    • Attorney General Journal
    • Reports & Publications
    • Newsroom
    • NAAG Policy Letters
    • Podcasts
    • Online Learning
    • Research & Data
    • Member Directory
  • Attorneys General
    • What Attorneys General Do
    • Who is my Attorney General?
    • Attorneys General Office 101
    • Research & Data
    • Awards & Recognition
    • Careers in Attorney General Offices
    • Careers in Medicaid Fraud Control Units
  • About NAAG
    • NAAG Staff
    • NAAG Leadership
    • NAAG Member Services
    • NAAG Regions
    • NAAG FAQs
    • SAGE
    • NAMFCU
    • Newsroom
    • Careers at NAAG
  • Find my AG
  • About NAMFCU
    • About the Medicaid Fraud Control Units
    • Reporting Fraud and Abuse
    • MFCU Member Hub
    • Careers with a MFCU
  • Contact Us
  • Find My AG
  • Consumer Complaints
  • Member Benefits
  • Contact Us
  • Accessibility Statement
  • Privacy & Cookies Notice
  • Sitemap
  • Member Login

About the National Association of Attorneys General

As the nonpartisan national forum for America's state and territory attorneys general and their staff, NAAG provides collaboration, insight, and expertise to empower and champion America's attorneys general.
Learn More

© 2025 Copyright National Association of Attorneys General

Website by Yoko Co

Internal Feedback / Report an Error

Request an Update / Report an Error

The change you are requesting will be linked to this page. The URL for the page will be included in a hidden field when the form is submitted.
Please enter your change or describe your request. Be sure to reference where the error appears on the page and what needs to be done specifically.
Upload any files that need to be linked to this page. PDF only. Submit another request if you have more than five files to upload.
Drop files here or
Accepted file types: pdf, docx, xls, Max. file size: 50 MB, Max. files: 5.

    Who is requesting this change?(Required)

    Scroll To Top

    Insert/edit link

    Enter the destination URL

    Or link to existing content

      No search term specified. Showing recent items. Search or use up and down arrow keys to select an item.
        To provide you more clarity about how we collect, store and use personal information, and your rights to control that information, we have updated our privacy policy, which also explains how we use cookies. You consent to our cookies if you continue to use our website.I Agree