State and Local Cybersecurity Grant Program

Through the Infrastructure Investment and Jobs Act (IIJA) of 2021, Congress established the State and Local Cybersecurity Improvement Act, which established the State and Local Cybersecurity Grant Program, appropriating $1 billion to be awarded over four years.

Funding for each state is calculated using a formula determined by the federal Cybersecurity and Infrastructure Security Agency (CISA). Georgia expects to receive approximately $9.8 million for FY 2023. The grant requires matching funds, set at 20% for FY 2023 and increasing to 40% by FY 2025.

For states, a majority of grant funding is focused on local government cybersecurity:

• At least 80% of grant funds must benefit local governments
• Of that 80% share, at least 25% must benefit rural areas.

These requirements can be met using a direct passthrough of funds and/or, with their consent, spent on cyber capabilities provided on behalf of local governments.

Grant funds can be used to meet four objectives:

• Develop and establish appropriate governance structures, including developing, implementing, or revising cybersecurity plans, to improve capabilities to respond to cybersecurity incidents and ensure continuity of operations.
• Understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments.
• Implement security protections commensurate with risk.
• Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility.

Applying for cybersecurity grant funds

 Applications will only be accepted on-line via the Georgia EM Grants Manager at ga.emgrants.com beginning October 28, 2024. All applications for this grant must be received by the deadline, November 28, 2024, to be considered.

To learn more about notice of funding opportunity for fiscal year 2023, click here.