IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

DHS Announces State and Local Cyber Funding Opportunities

The Department of Homeland Security released the long-anticipated Notice of Funding Opportunity (NOFO) for the State and Local Cybersecurity Grant Program. A separate NOFO for the Tribal Cybersecurity Grant Program will follow.

Long-awaited federal cyber dollars are becoming available with today’s release of the Notice of Funding Opportunity (NOFO) for the State and Local Cybersecurity Grant Program (SLCGP).

The federal government will be disbursing $1 billion in cybersecurity funds over the next four years through two grant programs — this one, and a separate, Tribal Cybersecurity Grant Program (TCGP). A separate NOFO is due out later for the tribal program, according to the Cybersecurity and Infrastructure Security Agency (CISA).

The federal government is making $183.5 million available under the SLCGP in FY 2022. Once states receive their SLCGP funds, they will need to deliver at least 80 percent of the monies to local governments, and at least 25 percent of that portion to “rural areas.”

CISA encourages states to register for an SLCGP award promptly, because “the registration process can take four weeks or more to complete.” Entities can submit applications at

Only state administrative agencies can apply for SLCGP grants, and CISA and FEMA will review the applications.

States cannot receive funds until they have established a statewide cybersecurity plan to guide their efforts, and ensure it meets certain criteria. The plans must be approved by the CIO, CISO or similar role and by a cybersecurity planning committee whose membership meets certain standards. For example, half of the committee’s members must have professional experience in cybersecurity or IT, and membership must represent key stakeholder groups like local government; public education; public health; and rural, suburban and “high-population” areas.

States’ grant applications “may include a completed cybersecurity plan, capabilities assessment and individual projects approved by the cybersecurity planning committee and CIO/CISO/equivalent,” CISA states.

Even so, lack of all these pieces should not hold back applications: “Entities without a completed plan are encouraged to apply and complete it in Year One.”

  • View the State and Local Cybersecurity Grant Program’s Notice of Funding Opportunity here.
  • View the FY 2022 SLGP Fact Sheet here.