The newly passed bill — which was stalled for months due to political disputes over immigration enforcement — includes funding for most of the agencies within Homeland Security, and it allocates about $2.6 billion to CISA, about $300 million less than its fiscal year 2025 budget. This marks a continued diminishment of CISA under the second Trump administration, which has decreased CISA’s workforce by about one-third, or roughly 1,000 employees since the start of 2025.
But a more pressing concern to leaders in state and local IT is the fate of the State and Local Cybersecurity Grant Program (SLCGP). The SLCGP was originally created in 2021 as part of the Biden administration’s Infrastructure Investment and Jobs Act, with a $1 billion allocation from Congress to be spread out over four years. The program enabled financial support for local agencies’ cyber efforts, funneled through states.
In April of 2025, a group of state CIOs directly asked Congress to build on the program, rather than let it expire. More recently, the National Association of State Chief Information Officers also asked Congress to resume funding the program this month in a letter, asking for $300 million for the program in fiscal year 2027.
Congress has reauthorized the SLCGP to continue through 2033 via the PILLAR Act, but it has not yet allocated new money for it. The U.S. Senate has also introduced its own bipartisan measure to reauthorize the program, and that action would include the one-year funding total of $300 million.
