Applying for the State and Local Cybersecurity Grant Program: A step-by-step guide
Ben Arnstein
•
Sep 1, 2023
The new State and Local Cybersecurity Grant Program provides a unique opportunity for leaders to access funds to prepare for and prevent cyber crime at a time when cyberattacks continue to climb. With the October 6, 2023, application deadline approaching, what can you do to access these funds?
In this step-by-step guide, we’ll go over the basics of the program and what you need to do to apply.
What we'll cover:
What is the State and Local Cybersecurity Grant Program and why is it a big deal?
Pre-application preparations
Application process
Application submission
Post-submission steps
Additional resources
Conclusion
What is the State and Local Cybersecurity Grant Program, and why is it a big deal?
The State and Local Cybersecurity Grant Program, offered by FEMA, provides funding to state, local, and territorial (SLT) governments to address cybersecurity risks and cybersecurity threats to SLT-owned or operated information systems. All requirements and program guidance are established in the Notice of Funding Opportunity (NOFO). You can explore the full grant details over on Grants.gov.
In today's digital landscape, state and local organizations play a crucial role in delivering essential services. Remember the impact of the Colonial Pipeline ransomware attack in 2021? It highlighted the real-world consequences of cyber threats. Enter the State and Local Cybersecurity Grant Program: a lifeline to fortify your cyber defenses.
💡Enhance Your Defenses: This grant is your chance to bolster your Cybersecurity Plans and activities. Strengthen your resilience against cyber threats and safeguard the services your community depends on.
🔒 Invest in Security: With funding at your fingertips, you can empower your organization to stand firm against evolving cyber risks. It's an investment in the safety and stability of your digital operations.
Step up your cyber readiness with the State and Local Cybersecurity Grant Program and keep your community's digital domain secure. 🛡️🌐
This FEMA bulletin provides details about per-state funding allocations for FY2023.
When is the 2023 SLCGP application deadline?
The application deadline for this year is October 6, 2023.
Who can apply?
The 56 (State Administrative Agency) SAAs for states and territories submit applications on behalf of local entities for SLCGP funding. In addition, two or more eligible entities may jointly apply for assistance as a multi-entity group. Under SLCGP, a multi-entity group is two or more SAAs that apply for joint projects. However, each SAA must submit separate applications. Local governments interested in participating in the SLCGP should contact their SAAs.
Local governments can participate in the SLCGP as subrecipients to their state.
Must be a state, local, tribal, or territorial government entity.
Must demonstrate a clear need for enhancing cybersecurity capabilities.
Must submit the application through the State Administrative Agency (SAA) responsible for the program.
How do states apply?
1. Review the Reference Guide
Start by thoroughly reviewing the FY23 State and Local Cybersecurity Grant Program FAQS. This guide contains essential information about eligibility, application requirements, and evaluation criteria.
2. Determine Eligibility
To be eligible for the grant, your jurisdiction must meet specific criteria outlined in the reference guide:
As a condition of receiving the SLCGP grant, states will need to:
Establish a Cybersecurity Planning Committee;
Develop a state-wide Cybersecurity Plan, unless the recipient already has a state-wide Cybersecurity Plan and uses the funds to implement or revise a state-wide Cybersecurity Plan;
Conduct assessment and evaluations as the basis for individual projects throughout the life of the program; and
Adopt key cybersecurity best practices.
More details on eligibility can be found in the Notice of Funding Opportunity.
3. Identify Project Needs
Identify and document the specific cybersecurity needs of your jurisdiction. This could involve strengthening network security, enhancing incident response capabilities, improving employee training, or addressing other cybersecurity gaps.
As part of your Cybersecurity Plan, applicants are required to address in their applications how they will meet the following program objectives:
Objective 1: Develop and establish appropriate governance structures, including developing, implementing, or revising cybersecurity plans, to improve capabilities to respond to cybersecurity incidents and ensure continuity of operations.
Objective 2: Understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments.
Objective 3: Implement security protections commensurate with risk.
Objective 4: Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility.
As part of creating a Cybersecurity Plan, DHS recommends implementing certain cybersecurity best practices including:
Implement multi-factor authentication
Enable enhanced logging
Use data encryption for data at rest and in transit
End the use of unsupported/end of life software and hardware that are accessible from the internet
Restrict the use of known/fixed/default passwords and credentials
Ensure the ability to reconstitute systems (backups)
Engage in rapid bidirectional sharing between CISA and SLT entities to drive down cyber risk
Migrate to the .gov internet domain
4. Create a Detailed Project Plan
Develop a comprehensive project plan that clearly outlines the goals, objectives, budget, timeline, and expected outcomes of your cybersecurity initiative. For guidance on creating a project plan, check out the FEMA Project Worksheet User Guide.
The application process
1. Coordinate with State Administrative Agency
Keep in mind that only the State Administrative Agency (SAA) is authorized to submit applications for the State and Local Cybersecurity Grant Program. Therefore, it's essential to work closely with your SAA throughout the application process.
2. Review Application Requirements
Work with your SAA to review the application requirements outlined in the reference guide and ensure that your proposed project aligns with the program's goals.
3. Provide Necessary Information
Collaborate with your SAA to provide all necessary information for the application, including project details, budget estimates, and any supporting documents.
Useful guides include:
4. Begin Application in Grants.gov
While your SAA will handle the submission, be prepared to assist in the process. They will start a new application in Grants.gov using the appropriate funding opportunity information.
Additional resources
There are lots of resources to help you get your grant application across the finish line. In addition to those linked above, you can use the following:
Conclusion
Congratulations on taking the initiative to enhance your jurisdiction's cybersecurity through the State and Local Cybersecurity Grant Program! By working closely with your State Administrative Agency and following this guide, you're taking important steps toward strengthening your cybersecurity capabilities and safeguarding your community's digital assets.
Twingate provides key functionality that help you satisfy a number of the grants requirement, including our universal MFA and network activity logs. You can try Twingate out for free, or request a demo from our team.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
Applying for the State and Local Cybersecurity Grant Program: A step-by-step guide
Ben Arnstein
•
Sep 1, 2023
The new State and Local Cybersecurity Grant Program provides a unique opportunity for leaders to access funds to prepare for and prevent cyber crime at a time when cyberattacks continue to climb. With the October 6, 2023, application deadline approaching, what can you do to access these funds?
In this step-by-step guide, we’ll go over the basics of the program and what you need to do to apply.
What we'll cover:
What is the State and Local Cybersecurity Grant Program and why is it a big deal?
Pre-application preparations
Application process
Application submission
Post-submission steps
Additional resources
Conclusion
What is the State and Local Cybersecurity Grant Program, and why is it a big deal?
The State and Local Cybersecurity Grant Program, offered by FEMA, provides funding to state, local, and territorial (SLT) governments to address cybersecurity risks and cybersecurity threats to SLT-owned or operated information systems. All requirements and program guidance are established in the Notice of Funding Opportunity (NOFO). You can explore the full grant details over on Grants.gov.
In today's digital landscape, state and local organizations play a crucial role in delivering essential services. Remember the impact of the Colonial Pipeline ransomware attack in 2021? It highlighted the real-world consequences of cyber threats. Enter the State and Local Cybersecurity Grant Program: a lifeline to fortify your cyber defenses.
💡Enhance Your Defenses: This grant is your chance to bolster your Cybersecurity Plans and activities. Strengthen your resilience against cyber threats and safeguard the services your community depends on.
🔒 Invest in Security: With funding at your fingertips, you can empower your organization to stand firm against evolving cyber risks. It's an investment in the safety and stability of your digital operations.
Step up your cyber readiness with the State and Local Cybersecurity Grant Program and keep your community's digital domain secure. 🛡️🌐
This FEMA bulletin provides details about per-state funding allocations for FY2023.
When is the 2023 SLCGP application deadline?
The application deadline for this year is October 6, 2023.
Who can apply?
The 56 (State Administrative Agency) SAAs for states and territories submit applications on behalf of local entities for SLCGP funding. In addition, two or more eligible entities may jointly apply for assistance as a multi-entity group. Under SLCGP, a multi-entity group is two or more SAAs that apply for joint projects. However, each SAA must submit separate applications. Local governments interested in participating in the SLCGP should contact their SAAs.
Local governments can participate in the SLCGP as subrecipients to their state.
Must be a state, local, tribal, or territorial government entity.
Must demonstrate a clear need for enhancing cybersecurity capabilities.
Must submit the application through the State Administrative Agency (SAA) responsible for the program.
How do states apply?
1. Review the Reference Guide
Start by thoroughly reviewing the FY23 State and Local Cybersecurity Grant Program FAQS. This guide contains essential information about eligibility, application requirements, and evaluation criteria.
2. Determine Eligibility
To be eligible for the grant, your jurisdiction must meet specific criteria outlined in the reference guide:
As a condition of receiving the SLCGP grant, states will need to:
Establish a Cybersecurity Planning Committee;
Develop a state-wide Cybersecurity Plan, unless the recipient already has a state-wide Cybersecurity Plan and uses the funds to implement or revise a state-wide Cybersecurity Plan;
Conduct assessment and evaluations as the basis for individual projects throughout the life of the program; and
Adopt key cybersecurity best practices.
More details on eligibility can be found in the Notice of Funding Opportunity.
3. Identify Project Needs
Identify and document the specific cybersecurity needs of your jurisdiction. This could involve strengthening network security, enhancing incident response capabilities, improving employee training, or addressing other cybersecurity gaps.
As part of your Cybersecurity Plan, applicants are required to address in their applications how they will meet the following program objectives:
Objective 1: Develop and establish appropriate governance structures, including developing, implementing, or revising cybersecurity plans, to improve capabilities to respond to cybersecurity incidents and ensure continuity of operations.
Objective 2: Understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments.
Objective 3: Implement security protections commensurate with risk.
Objective 4: Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility.
As part of creating a Cybersecurity Plan, DHS recommends implementing certain cybersecurity best practices including:
Implement multi-factor authentication
Enable enhanced logging
Use data encryption for data at rest and in transit
End the use of unsupported/end of life software and hardware that are accessible from the internet
Restrict the use of known/fixed/default passwords and credentials
Ensure the ability to reconstitute systems (backups)
Engage in rapid bidirectional sharing between CISA and SLT entities to drive down cyber risk
Migrate to the .gov internet domain
4. Create a Detailed Project Plan
Develop a comprehensive project plan that clearly outlines the goals, objectives, budget, timeline, and expected outcomes of your cybersecurity initiative. For guidance on creating a project plan, check out the FEMA Project Worksheet User Guide.
The application process
1. Coordinate with State Administrative Agency
Keep in mind that only the State Administrative Agency (SAA) is authorized to submit applications for the State and Local Cybersecurity Grant Program. Therefore, it's essential to work closely with your SAA throughout the application process.
2. Review Application Requirements
Work with your SAA to review the application requirements outlined in the reference guide and ensure that your proposed project aligns with the program's goals.
3. Provide Necessary Information
Collaborate with your SAA to provide all necessary information for the application, including project details, budget estimates, and any supporting documents.
Useful guides include:
4. Begin Application in Grants.gov
While your SAA will handle the submission, be prepared to assist in the process. They will start a new application in Grants.gov using the appropriate funding opportunity information.
Additional resources
There are lots of resources to help you get your grant application across the finish line. In addition to those linked above, you can use the following:
Conclusion
Congratulations on taking the initiative to enhance your jurisdiction's cybersecurity through the State and Local Cybersecurity Grant Program! By working closely with your State Administrative Agency and following this guide, you're taking important steps toward strengthening your cybersecurity capabilities and safeguarding your community's digital assets.
Twingate provides key functionality that help you satisfy a number of the grants requirement, including our universal MFA and network activity logs. You can try Twingate out for free, or request a demo from our team.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
Applying for the State and Local Cybersecurity Grant Program: A step-by-step guide
Ben Arnstein
•
Sep 1, 2023
The new State and Local Cybersecurity Grant Program provides a unique opportunity for leaders to access funds to prepare for and prevent cyber crime at a time when cyberattacks continue to climb. With the October 6, 2023, application deadline approaching, what can you do to access these funds?
In this step-by-step guide, we’ll go over the basics of the program and what you need to do to apply.
What we'll cover:
What is the State and Local Cybersecurity Grant Program and why is it a big deal?
Pre-application preparations
Application process
Application submission
Post-submission steps
Additional resources
Conclusion
What is the State and Local Cybersecurity Grant Program, and why is it a big deal?
The State and Local Cybersecurity Grant Program, offered by FEMA, provides funding to state, local, and territorial (SLT) governments to address cybersecurity risks and cybersecurity threats to SLT-owned or operated information systems. All requirements and program guidance are established in the Notice of Funding Opportunity (NOFO). You can explore the full grant details over on Grants.gov.
In today's digital landscape, state and local organizations play a crucial role in delivering essential services. Remember the impact of the Colonial Pipeline ransomware attack in 2021? It highlighted the real-world consequences of cyber threats. Enter the State and Local Cybersecurity Grant Program: a lifeline to fortify your cyber defenses.
💡Enhance Your Defenses: This grant is your chance to bolster your Cybersecurity Plans and activities. Strengthen your resilience against cyber threats and safeguard the services your community depends on.
🔒 Invest in Security: With funding at your fingertips, you can empower your organization to stand firm against evolving cyber risks. It's an investment in the safety and stability of your digital operations.
Step up your cyber readiness with the State and Local Cybersecurity Grant Program and keep your community's digital domain secure. 🛡️🌐
This FEMA bulletin provides details about per-state funding allocations for FY2023.
When is the 2023 SLCGP application deadline?
The application deadline for this year is October 6, 2023.
Who can apply?
The 56 (State Administrative Agency) SAAs for states and territories submit applications on behalf of local entities for SLCGP funding. In addition, two or more eligible entities may jointly apply for assistance as a multi-entity group. Under SLCGP, a multi-entity group is two or more SAAs that apply for joint projects. However, each SAA must submit separate applications. Local governments interested in participating in the SLCGP should contact their SAAs.
Local governments can participate in the SLCGP as subrecipients to their state.
Must be a state, local, tribal, or territorial government entity.
Must demonstrate a clear need for enhancing cybersecurity capabilities.
Must submit the application through the State Administrative Agency (SAA) responsible for the program.
How do states apply?
1. Review the Reference Guide
Start by thoroughly reviewing the FY23 State and Local Cybersecurity Grant Program FAQS. This guide contains essential information about eligibility, application requirements, and evaluation criteria.
2. Determine Eligibility
To be eligible for the grant, your jurisdiction must meet specific criteria outlined in the reference guide:
As a condition of receiving the SLCGP grant, states will need to:
Establish a Cybersecurity Planning Committee;
Develop a state-wide Cybersecurity Plan, unless the recipient already has a state-wide Cybersecurity Plan and uses the funds to implement or revise a state-wide Cybersecurity Plan;
Conduct assessment and evaluations as the basis for individual projects throughout the life of the program; and
Adopt key cybersecurity best practices.
More details on eligibility can be found in the Notice of Funding Opportunity.
3. Identify Project Needs
Identify and document the specific cybersecurity needs of your jurisdiction. This could involve strengthening network security, enhancing incident response capabilities, improving employee training, or addressing other cybersecurity gaps.
As part of your Cybersecurity Plan, applicants are required to address in their applications how they will meet the following program objectives:
Objective 1: Develop and establish appropriate governance structures, including developing, implementing, or revising cybersecurity plans, to improve capabilities to respond to cybersecurity incidents and ensure continuity of operations.
Objective 2: Understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments.
Objective 3: Implement security protections commensurate with risk.
Objective 4: Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility.
As part of creating a Cybersecurity Plan, DHS recommends implementing certain cybersecurity best practices including:
Implement multi-factor authentication
Enable enhanced logging
Use data encryption for data at rest and in transit
End the use of unsupported/end of life software and hardware that are accessible from the internet
Restrict the use of known/fixed/default passwords and credentials
Ensure the ability to reconstitute systems (backups)
Engage in rapid bidirectional sharing between CISA and SLT entities to drive down cyber risk
Migrate to the .gov internet domain
4. Create a Detailed Project Plan
Develop a comprehensive project plan that clearly outlines the goals, objectives, budget, timeline, and expected outcomes of your cybersecurity initiative. For guidance on creating a project plan, check out the FEMA Project Worksheet User Guide.
The application process
1. Coordinate with State Administrative Agency
Keep in mind that only the State Administrative Agency (SAA) is authorized to submit applications for the State and Local Cybersecurity Grant Program. Therefore, it's essential to work closely with your SAA throughout the application process.
2. Review Application Requirements
Work with your SAA to review the application requirements outlined in the reference guide and ensure that your proposed project aligns with the program's goals.
3. Provide Necessary Information
Collaborate with your SAA to provide all necessary information for the application, including project details, budget estimates, and any supporting documents.
Useful guides include:
4. Begin Application in Grants.gov
While your SAA will handle the submission, be prepared to assist in the process. They will start a new application in Grants.gov using the appropriate funding opportunity information.
Additional resources
There are lots of resources to help you get your grant application across the finish line. In addition to those linked above, you can use the following:
Conclusion
Congratulations on taking the initiative to enhance your jurisdiction's cybersecurity through the State and Local Cybersecurity Grant Program! By working closely with your State Administrative Agency and following this guide, you're taking important steps toward strengthening your cybersecurity capabilities and safeguarding your community's digital assets.
Twingate provides key functionality that help you satisfy a number of the grants requirement, including our universal MFA and network activity logs. You can try Twingate out for free, or request a demo from our team.