On Monday, the Department of Homeland Security (DHS) announced its commitment to allocate almost $375 million to state and local governments, aiming to enhance their resilience against cyber threats, particularly ransomware attacks that have caused significant damage recently.
The State and Local Cybersecurity Grant Program (SLCGP), now in its second year, comprises a $1 billion fund distributed over four years. The program has a specific goal of strengthening cyber resilience efforts within state, local, and territorial governments. Interested parties can submit grant applications for this new round of funding until October 6, according to a DHS press release.
Highlighting the urgency of the matter, all states and territories except two applied for a portion of the initial year’s $185 million allocation. The program, administered by the Cybersecurity and Infrastructure Agency (CISA) and the Federal Emergency Management Agency (FEMA), aims to assist state and local governments in defending against recurring ransomware and cyber attacks.
DHS Secretary Alejandro N. Mayorkas stressed the significance of these grants in addressing the threat landscape. He stated in a prepared statement that these grants enable local communities to prepare for potential threats, regardless of their size, funding availability, or resources.
CISA will guide the overall process using its expertise, while FEMA will manage grant awards and oversee the allocation procedure, as detailed in the DHS press release. The funds can be used for various cyber resilience investments, including activities referred to as “planning and exercising,” as well as recruiting and compensating personnel with cyber expertise.
Over the past months, ransomware attacks have presented significant challenges to state and local governments, severely disrupting services across various scales of communities. Notable instances include a ransomware incident in a coastal Mississippi community, likened to a “digital hurricane.” Similarly, Spartanburg, South Carolina faced a ransomware attack in April that impacted IT and phone systems.
In May, Dallas had to temporarily shut down its municipal court system due to an attack. Furthermore, the fire and police departments encountered difficulties when a dispatch system used by 911 and 311 call centers became inoperative.